For most of us, information security is so convoluted and difficult to understand that we choose to ignore it until something bad happens to your personal information and your identity is stolen or your bank account gets drained. There are ever emerging threats and bugs in software and hardware that create loopholes or vulnerabilities for hackers to exploit. Here are 5 ways you can be more secure in our uber-connected world.
1. Be Careful Who You Give Your Information To Online - This seems like a no-brainer but many of us divulge our name, birthday, email address and more without batting an eye. We tend to sign up for newsletters and other websites with little or no regard for who will be storing your information. Ask yourself, how are they storing my personal information? Is it in a database? Is that database encrypted? The likely answer is no the data is not encrypted and you are trusting the website you signed up for. So what do you do if you want to sign up for something? I personally use a separate email account to sign up for things online. I also do not give them my real name, phone number, age, or anything else. If you plan on purchasing something online that's another story. When buying things online use a separate credit card that you only use for online purchases and one that will protect you if there are any fraudulent transactions. Also try to buy from reputable websites and don't buy things from just anyone online.
2. Use Two-Factor Authentication When Possible - Most websites that we visit give us an option to use two-factor authentication or multi-factor authentication but it's not turned on by default. What does that mean? It means that each time you login from a different computer or different device, you will be prompted for a one time pin that is texted or emailed to you, security questions, or a passphrase and custom image that you have selected. Facebook, Gmail, Twitter, and LinkedIn all have two-factor authentication but you have to turn it on. Most if not all bank websites require two-factor authentication to login to your account. Why just use it for your bank account? Use it for any and every website you can. Yes it's another step that you have to take, but if your password gets stolen and someone tries to login to your account from another computer, they will be prompted for the one time pin or security questions.
3. Check for HTTPS - Before you enter your username and password on a website, make sure it has HTTPS in front of the URL. What is HTTPS? It's the encrypted form of HTTP which, to get geeky, is the hypertext transfer protocol used to display web pages. So if the page you are logging into does not have HTTPS in front of the URL, your username and password are being submitted in plain text. Anyone with the right tools can intercept your username and password if the website is only using HTTP. If you must login to a site without HTTPS, make sure you don't use the same username or password on any other websites. This is when a spare email account for registering or signing up on websites comes in handy. Use that account as your username and create a different password than any others you use.
4. Public WiFi - Starbucks WiFi? Airport WiFi? Sure! Most people don't even think about connecting to public WiFi, nor do they consider what they are doing might be intercepted by someone else on the public WiFi. Many hacking tools can capture traffic on WiFi networks for an attacker to use. To correlate tip #3 to public WiFi, if you login to an HTTP website with a username and password and you're on public WiFi, a hacker can intercept the username and password. So how do you protect yourself on public WiFi? Using a VPN connection is the best option but not all of us have that capability. There are several open-source VPN products you can download for free as well as VPN products you can purchase to encrypt your traffic while on public WiFi. There are even apps you can use for your phone or tablet that create VPN tunnels for safe browsing. General browsing around on public WiFi is no big deal but if you need to login to a website make sure it's secured with HTTPS. When using public WiFi, always assume someone is watching.
5. Set Personal Social Media Pages to Private - Social media can reveal way too much about someone if their profile is not set to private. Facebook, for example, has your birthday, current city you live, email address, phone number, and your name for an identity thief to steal. If you make your Facebook page private, only your friends can see what you post and see your personal information. Facebook is just one example and the majority of social media sites have the same privacy options. Make use of it and don't unnecessarily expose yourself to identity thieves or even burglars.
There are many other ways to stay safe online and I could probably write a 60 page essay on the topic. These are just a few tips to help stay safe.