Chapter 6

Ten Things You Can Do Today to Protect Yourself

The fact is, hackers are always trying to break down the security of personal and public security technologies that protect companies, governments, other organizations, and thus you and your data — and the bad news is that sometimes they succeed. The good news is that you can do lots of things today to make sure that your digital activities are as safe as possible.

If you’re an action-oriented person, this chapter is for you. Here we describe ten things you can do, starting now, to help you stay safe online.

Use Two-Factor Authentication

Use two-factor authentication where available, as discussed in Chapter 3.

warning.eps Make sure to write down temporary codes for all services in case your smartphone is stolen, or else you may be temporarily locked out of all services that require you to have a smartphone to receive a text.

Stay Safe While Gaming

Make sure you’re using a reputable gaming site or software, and if you want to interact with other players but don’t personally know all of them, set up a safe profile with nicknames, usernames, and gamer tags that don’t identify you. Take care when chatting with other players: Do not give them your real name, and do not buy gold offline from them. Just don’t trust them with any information at all by default until you have good, solid reasons to trust them.

tip.eps If you’re into video chatting with other players, watch what appears in the field of view on your walls or bookshelves — anything they can see should be benign in nature in regard to identifying you. Even seeing religious books on your shelf might be enough to help identify what church you go to, and having your personal to-do calendar, appointments, or bills to be paid visible in the background is also a bad idea for obvious reasons.

Secure Your Public and Private Wi-Fi Connections

The three major types of wireless security are WPA, WEP, and WEP2. Use WEP2 because it’s the latest and most secure of the three. Use extremely strong passwords (see Chapter 3) and when in public, either don’t even mess with any secure data while on the public network or use smartphone tethering to give your devices access to a WEP2-secured connection. Public Wi-Fi networks are absolutely unsecure, so act as though a thief is looking over your shoulder in such places, because one may well be doing so.

Understand and Use Privacy Settings on Social Media Sites

Even if you select the Private setting on a social networking site or discussion forum, your profile settings are typically public. When you sign up for a service and provide the required information, selecting the private mode may not prevent others from viewing your photo, name, URL, city, state, and date you last logged in. Check your public profile after you sign up to see what’s exposed. If you’re not comfortable with the exposure, remove some information or close your account. The information can be used to help ID thieves, cyberbullies, scammers who pretend to share your interests, and other criminals.

Protect Devices with Passwords

It can be tempting to not require a password or PIN for your smartphone or tablet to more quickly get into it, but if your device is stolen, you may well regret not having protected it with a login password. Use a password or PIN on your devices for security.

tip.eps This advice can be a lifesaver if you have children in the house: If you use a password for your device and require a password for purchases through your device’s online store, you don’t have to worry about games with in-app purchases racking up huge bills on your credit card.

Choose Carefully Whom You Share Personal Info with Online

The easiest way to protect yourself online is to never tell anybody anything. A pair of glasses and a cape might be helpful as well. Seriously, though, you’re going to have to share some information if you want to interact on the Internet. So you’re not looking for a secret identity as much as you’re looking for a trusted and limited identity. You want to share only the information necessary and with only those who really need it. So maybe you’re okay with giving your full name to a social network, but not to a site you’ve never heard of. And you’re okay with putting a PIN into a banking website, but you certainly wouldn’t post it on that social network.

Give Up On Safe Ways to Back Up Your Files Online

If you’re using cloud storage services such as Google Drive, Microsoft’s OneDrive, DropBox, or Apple’s iCloud, bear in mind that at present you can only protect that data from being seen by anyone other than that company and the government. Given recent revelations about the U.S. government’s National Security Administration having broken online encryption and gaining access to all major online services, including Google (and thus Google Drive), Microsoft (and thus OneDrive), and Apple (and thus iCloud), online backups really aren’t secure from everyone — only people outside of the government or that corporation. Some start-ups in other countries are capitalizing on “data not stored in America” at this point, but no major forerunners in the market are evident yet. To avoid losing valuable data to a data thief, you should know how to make backup copies of your files and folders on a recordable CD/DVD, flash drive, or portable external hard drive.

tip.eps Consider storing the data in multiple geographical locations to avoid having a single copy be all that’s between you and having no data. A bank safe deposit box can be a secure second location, for example.

Consider Location Settings on Devices

Be aware of the locations settings on your smartphone and tablet. Google and its Android operating system require location settings to be active to effectively get navigation, directions, and other local features. So does Apple, so no matter which device you have, if you’re going to use geolocation services on your devices, use strong passwords and encryption, and keep your device’s operating system up to date.

Create a Google Alert for Your Name

Put a Google alert on your name so that if any new postings with your name show up in Google’s search results, they’ll let you know and you can assess the potential impact of the information, if any, immediately. Simply go to www.google.com/alerts to set up your alert request.

Surf Privately in Public

Remember to use In Private Browsing, Private Browsing, or Incognito Browsing features in Internet Explorer, Firefox, and Chrome, respectively. These features, which were built to ensure privacy, don’t remember (or offer to remember) passwords, usernames, or browsing history.

For additional privacy when browsing, consider the WhiteHat Aviator web browser (https://www.whitehatsec.com/aviator). WhiteHat Aviator includes a variety of built-in activated security and privacy safeguards.

Be sure to sign out of all websites when you’re on a public computer.