Virtru Security Insights

Join 10,000+ Security Professionals Who Receive Our Content Every Month

A Complete Guide to Protecting Your Online Privacy

March 2, 2015

The end of 2014 was marked by a constant barrage of news stories showing how important it is to protect your online privacy. While the Sony Pictures hack gave everyone front-row seats to a showing of how damaging a corporate hack could be, we can’t forget the devastating impact of the iCloud hack that leaked the private pictures of hundreds of celebrities.

The reality is that we’ve entered a new era in online privacy. The prevalence of the cloud, the sheer number of accounts we all have, and the ease of accessing personal information on the Internet has put all of us at risk. If we’re going to protect ourselves against threats to our privacy, we need to be proactive. Follow our guide to protecting yourself online, and you’ll be able to keep hackers — and nosy government officials — locked out of your digital activity.

A 5-Step Guide to Locking Down Your Accounts

Step 1: Find Your Vulnerable Accounts

What accounts might make you vulnerable? There’s a good chance they all might, if you’re not careful. That isn’t to say that they all present the same risks, or that they all threaten your online privacy in the same way. No one hacking into your Twitter account is going to immediately see your bank account info (we hope), but, that doesn’t mean that one account can’t be a potential gateway into another.

It’s generally smart to treat all of your accounts as if they’re your bank account, using separate usernames (or emails) and passwords with each. If that seems a tad extreme, though, feel free to create a “tier list” of which accounts are the most vulnerable, or which ones could cause the most damage if they fell into the wrong hands.

Step 2: Create Solid Passwords

So, first the bad news: a lot of us still don’t know what a good password is. Now, chances are if you’re reading this, you don’t need to be told that “password” or “123456” is a bad password. While you know that having a complicated password is a good thing, there’s still a few best practices you might not be engaging in to protect your online privacy.

You should have unique credentials for each account you have, and all of your passwords should be as complicated as you can stand to make them. The absolute most secure practice is to use a password manager. Password managers use the maximum number of allowed character to generate extremely long, complicated passwords, and then they store them for you. While this might sound risky, password managers encrypt these passwords for you on your computer.

Usually, when you access a site that requires you to log in, you’ll only need to enter one password into your password manager. It’ll then find your proper credentials, enter them, and log you in.

Step 3: Give the Wrong Answers to Security Questions

Security questions are annoying – we get it. Worse, they often act as a backdoor to your password more than as a nifty feature for you to get your password back. Considering how much of our lives are online, it isn’t exactly difficult to find out what your mother’s maiden name is, or when your birthday is.

If you want to protect your online privacy, you’ve got to think outside the box a little. Try doing what Danah Boyd suggests, making your own security algorithm. Something along these lines:

[Second word of sentence] + [Favorite Animal] + [What the institution is]

Therefore, if my bank was asking me “What my first car was,” I’d answer “My Whale Bank.”

Of course, if you have the option of writing your own question, you should always do that instead. If you do choose to do that, though, make sure that you’re creating a unique question that only means something to you.

Step 4: Don’t Get Doxxed

If you mess with the wrong people on the Internet, you just might end up getting doxxed. Doxxing is the process of releasing a large amount of private information about someone, often publishing it in a very public, very visible place. While you might not think you hang around in particularly dangerous circles on the Internet, there’s always the chance that you might anger someone that takes things a little more seriously than you do. Not everyone is going to appreciate your one-star review of Waterworld on Amazon.

So, how vulnerable are you to getting doxxed?

Google yourself — as narcissistic as it might make you feel, it is an essential step you need to take to protect your online privacy. There’s a good chance you’ll find a lot about yourself, from where you went to high school, who your alma matter is, what city you live in, to your cell phone number.

To clean up your presence, start by pruning your old accounts. Next, consider removing yourself from data brokers (like Spokeo) who are willing to sell your information to anyone who is willing to pay for it (and no, you don’t have to give them your permission to sell that information). For future accounts, always make sure to use fake names, numbers, and addresses, unless you absolutely must give your real information.

Step 5: Re-evaluate Your Social Media Presence

Facebook, Twitter, Instagram, regardless of what your preferred poison is, every social media outlet is a potential goldmine for attackers, if you aren’t careful. To protect your online privacy, you need to be judicious about what you share, when you share, and exactly who can see what you are sharing.

Unless you’re a celebrity, or you otherwise have a need to have a front-facing web presence, there is no reason why you should have any of your social media profiles visible to the public. At the very least, your profiles should be locked down so that only friends (or approved users) can see their contents. For social media sites that have advanced settings, like Facebook, you should go a step further, blocking users from seeing information like where you live, your pictures, or even most of your posts by establishing “close friends only” lists.

Another Facebook-specific note: you can access fairly granular controls for Facebook apps under the “Settings” menu. Under each app, you can see what information it is accessing and what information it is sharing. Likewise, you can also deny permission to an app if you aren’t happy about it sharing something particularly sensitive.

As a final golden rule to protect your online privacy on social media, never share anything you’d be uncomfortable with wearing on a shirt out in public. Remember, even your friends are a potential security hazard, as they could share something you only wanted them to see.

How Encryption Protects Your Online Privacy

Encryption is a method to secure your data, making it unreadable to anyone except for people you explicitly allow to access that data. When you encrypt something, you are passing it through a cipher, an algorithm that jumbles up your data, making it look like nonsense to anyone who doesn’t have a specific key.

Modern encryption keys are virtually uncrackable. The Advanced Encryption Standard (AES), which most forms of encryption are based off of, provides 128, 192, or 256-bit keys. The longer the bit length, the harder it is for a potential intruder to crack they key. In order to crack a 128-bit key, it would take a supercomputer more time than the universe has actually been around for.

Encryption works to protect your online privacy by acting as a last line of defense against hackers. Even if someone were to break in to your account (or your house) and steal your files, they still wouldn’t be able to access them without your key. This is the reason why the government requires healthcare providers and financial institutions to use encryption. Even in a worst case scenario where your physical property is stolen, your information is secure.

Using Encryption to Protect Your Cloud Files

Cloud storage is great — not only can you access your files from anywhere in the world, but you can quickly edit and save them as well. The flexibility that cloud storage gives the average user is impressive, but it’s also potentially a security hazard. After all, while hackers do frequently target individuals, DropBox and Google have a much bigger target on their backs than you do.

On top of that, all of the same hazards that threaten your other accounts potentially threaten your cloud storage accounts. What happens if someone snags your password, or if they steal your phone? To protect your online privacy, you’ve got to think ahead of the criminals trying to snag your data.

The best solution is to encrypt your most sensitive files with a program like 7-Zip. 7-Zip allows you to create secured archives using AES that can then be uploaded to whatever cloud storage service you use. Alternatively, a service like BoxCryptor allows you to setup a secure, encrypted drive which then can be synced to the cloud storage service of your choice.

Protect Your Online Privacy by Protecting Your Inbox

Email, for most of us, is still a cornerstone of our digital lives. This means that our inboxes are a potential goldmine for hackers. This is a lesson that Sony learned the hard way, having the digital lives of their executives spread all over the internet due to their poor security practices. If Sony’s executives had only encrypted their email, it’s likely the breach wouldn’t have been nearly as big.

Of course, that isn’t to say that we don’t understand why they weren’t using encryption. Most forms of email encryption are difficult to use. Methods such as PGP and S/MIME require a key or certificate exchange, and other methods, such as portals (or dedicated email providers) require everyone to adopt entirely new systems, ditching their old email addresses in the process.

Luckily, there is a much easier alternative that can give you true client-side email encryption, allowing you to protect your online privacy without struggling through difficult protocols: Virtru.

Virtru utilizes a plugin that works with Gmail, and Outlook, meaning that you don’t have to sacrifice your current account to ratchet up your security. Likewise, it also works with Android and iOS, meaning that you can still access your email anywhere — you just don’t have to worry about anyone else accessing it.

There’s no key exchange, there’s no need to login to a portal, and there’s no need to contact the IT department. All you have to do is download the plugin, and you’re ready to send secure email.

It isn’t difficult to protect your online privacy, it just requires a little extra effort. Take a few minutes to go over your accounts, making sure you’re doing everything you can to prevent hackers from gaining access to them. While it might seem like a hassle to come up with a longer password, or to create your own algorithm for security questions, these small steps could potentially save you from a huge headache down the line.

That’s especially true considering how easy it is to implement some of these steps, such as encrypting your email. All it takes is a single plugin, and you never have to worry about hackers, or government officials, snooping around your inbox.

Want to take the first step toward protecting your online privacy? Try Virtru for free today, and see how easy securing your inbox can be.

BEFORE YOU LEAVE

Stay Up to Date With the Latest in Digital Privacy

Subscribed! 

You're one step away from a personalized walkthrough.

Thank You for Your Interest

Which product are you interested in?

REQUEST A DEMO

REQUEST A DEMO

We'll reach out to schedule a time.