For individuals inside of an organization, maintaining your privacy is one key to becoming more secure. Organizations need to be very cautious with what data they inadvertently leak into the public. Many organizations are good at maintaining public statements, however, it’s the data that leaks through the computers which tells the real story.
I am a strong believer in privacy. So much that it feeds my drive to build more secure solutions. I do not advocate for living a life of paranoia, robbed of all joys, missing connections with others, and scrambling radio signals. Maybe someday, but I sincerely doubt it. What I do advocate for, is for our information to stop being leaked to others whom we do not intend it for.
We can limit the amount of information that we put into the world by controlling what we allow our computers to disclose. Consider how easily information is leaked through Gmail accounts. When you signup for offers from an online retailer, notice what ads are then presented to you in your inbox. That isn’t convenient, it’s creepy. The email was read by a computer, and you were tagged as being interested. Perhaps you bought something for your spouse, or a child who was sick, maybe you made a political donation that you don’t want your employer knowing about, or maybe you helped a relative that was in need. You did not necessarily want that information shared. Remember as the saying goes, if the product is free, then you are the product.
These little things happen every day and you can limit them by making some simple changes as to what applications and settings are utilized. Here are 6 simple tips for increasing online privacy and keeping the information within your organization safer.
Change Your Browser
The world has come to love Chrome. This browser first gained popularity because of its speed and offered an alternative to Safari and Internet Explorer. But the Google Chrome project was actually a giant data grab. Google is an advertising company that has technology, not a technology company that sells advertising. Chrome sends your browsing history to Google for storage and analysis. If you want to keep the speed and compatibility the solution is to switch to a Chrome-based browser called Brave. This browser is extremely fast and strips out ads while letting you control your privacy settings. This browser was built by the founder of Mozilla, who has done a great job and works with a variety of platforms. Check it out at https://www.brave.com.
Stop Downloading Images in Email by Default
Most modern email clients such as Outlook or Mac Mail have a setting that enables you to either automatically download images or prevent them. I recommend never downloading images by default and instead selecting the option to download when the email arrives. Here is why, images in email, especially marketing or sales-based emails, use images to track opens and clicks. This data gives marketers insight into what you’ve opened, how many times, and what you may or may not have clicked on. This is especially an issue with unwanted or unexpected emails because you confirm your existence. Blocking image downloads by default gives you control, allowing you to choose what images you wish to see, reducing those that are sent by unexpected SPAM messages.
Switch Your Search Engine
Despite popular opinion, there are other search engines out there. And the best one is actually DuckDuckGo. This is a privacy-based search engine that doesn’t track or sell your information like others. More so, every major browser has DuckDuckGo as an option for your default search engine. The results are as good as anything that I have seen. In fact, this search engine is actually more genuine because it is not tied to a pay-for-play scheme that Google uses to increase ad rates and give preferential treatment to top payers. (If you want to read more on the manipulated Google Results don’t take my word for it, read the Sparktoro BLOG from Rand Fishkin). Check out DuckDuckGo at https://www.duckduckgo.com
Password Manager
There is nothing quite as appealing to an identity theft than a reused password. In fact, when we do penetration testing we scan the darkweb for these reused passwords and we then try to gain access into corporate systems. The best thing you can do is use a password manager. I won’t go into which one specifically because I think a number do good. But I would start with 1Password, LastPass, or if you have a Mac the one built in. They all do a good job and as a business you can get them for the company and your employees get one for free. This eliminates the worry. If you do this with MFA you are set. Speaking of MFA…
Multi-factor Authentication
Possibly the best thing you can do, strike that, IT IS the best thing that you can implement to prevent stolen passwords from affecting you. When you enable MFA on all of your logins, you require a third piece of information; the MFA is not something that can be easily hacked. Describing how MFA works is a bit long for here. But in short, it uses a one-time password to access your account each time. Effectively locking out anyone who has your password. Without the MFA code, the password is useless. Getting started with MFA is not complicated. Just grab an app on your phone. I recommend the WatchGuard AuthPoint app because it can seamlessly integrate into a business and allows for Push Approval of logins instead of just codes.
DNS Protection
DNS is the service that translates names into numbers and allows you to easily surf the web, read email, connect to other businesses, and really makes the world connect in todays markets. Most internet connections are setup to use whatever the default ISP DNS servers are. These services are unbiased, in that they really don’t provide any protections in the event of a malicious URL being clicked on or entered and many of them actually track your activity. This is why you need DNS protection. This service scans the URL’s and has a database of known malicious or dangerous sites and does not keep a record. It protects your users while outside of the office, while working at home, and it gives you another layer of protection from malicious attacks. There are a number of great options for this, contact us for more detailed information as each situation is different.
Implementing these six tips will bring you one step closer to managing your privacy. You will limit your expose and information that has the potential to be leaked.