Fresh start: 5 simple things you can do today to protect your privacy online
This is Part 2 of our “Fresh Start” series, a collection of straightforward guides to help you rebuild your personal cybersecurity from the ground up. Read Part 1.
Every day, we pay for the cost of digital convenience with our privacy.
The currency, of course, is personal data. Sometimes, it’s a reciprocal transaction, like when we install a social media app on our phone. We install the app knowing that our information will be harvested, aggregated, and likely sold off to marketers and advertisers.
In other scenarios, the erosion of privacy is less obvious, like when governments quietly conduct mass surveillance on the population; or, at the other end of the scale, like when someone plugs in your USB drive and starts snooping through your vacation pics.
It’s easy to think that we’ve all but relinquished our right to privacy. But by making a few simple changes to your devices and rethinking how you interact online, it is still possible to maintain a good level of control over your privacy.
Here are five things you can do today to start taking control of your online privacy.
1. Secure your browser
Why: Your online activity is constantly being tracked and used by marketers to measure website performance and create targeted ads. Through the use of cookies and pixel trackers, websites can collect a wide range of information about you, including your location, what you click on, how long you spend on a page, the devices you use and more. Over time, as more of your browsing activity across different sites is aggregated, advertisers can get a startlingly accurate view of your interests, shopping habits and personal life.
How: Installing the following browser extensions can dramatically increase your privacy and reduce your online footprint.
- HTTPS Everywhere: Created by the Tor Project and Electronic Frontier Foundation, HTTPS Everywhere is an open-source browser extension that automatically makes websites use the more secure (encrypted) HTTPS protocol instead of HTTP. HTTPS Everywhere is available on Firefox, Chrome, and Opera.
- Emsisoft Browser Security: Emsisoft Browser Security protects your privacy by blocking access to phishing websites and websites that are known to distribute malware. Unlike many other security browser extensions, Emsisoft Browser Security does not send visited website addresses to the cloud for verification, which means it can’t see the websites you visit or track your online activity.
- uBlock Origin: uBlock Origin (not to be confused with uBlock) is an open-source content filter that is capable, among other things, of blocking ads and preventing them from collecting your data. The adblocker can easily be disabled if you want to support specific sites that you know are secure. uBlock Origin is available on all the major browsers, including Chrome, Chromium, Edge, Firefox, Opera, Pale Moon and older versions of Safari.
- Privacy Badger: Instead of blocking content based on lists, Privacy Badger uses heuristics to identify and automatically block invisible third-party trackers. Privacy Badger complements uBlock Origin nicely (provided uBlock Origin is running on default settings) and is available on Chrome, Firefox, Edge and Opera.
2. Avoid invasive tools and software
Why: Privacy and data management policies vary significantly between vendors. Many web-based tools will attempt to collect your data under the guise of providing a personalized experience, while some developers of free software will often try to recoup their costs by selling your data to third-party advertisers or bundling their applications with potentially unwanted programs (PUPs).
How: Before you use an online service or install software on your device, read the fine print to ensure you understand what you’re getting yourself into. Switching from your usual services to one of the more privacy-conscious solutions below can help you keep your data where it belongs.
- Private search engine: All the mainstream search engines, including Google, Bing, Yahoo and others, collect extensive amounts of user data to create detailed user profiles, which marketers use to create targeted ads that follow you around the Internet. The good news is that there are a number of search engines that don’t collect or share your personal information. DuckDuckGo is the most well known, but there are other options, including Qwant and Startpage.
- Private web browsers: You can take the use of private search engines one step further by using privacy-focused browsers. Mainstream browsers such as Chrome still collect information about your online activity. Privacy-focused browsers such as Brave block data-harvesting ads and trackers. If you access your social media accounts via your desktop browser, we recommend using a separate browser for those accounts, and another for your personal and business accounts.
- Privacy-conscious antivirus: While antivirus software plays a critical role in keeping your devices safe, some solutions are a little overzealous in how they protect your system. Some security solutions will automatically upload your files to the cloud for analysis, while others might decrypt encrypted web traffic to check that it’s safe. Take the time to look for a privacy-conscious antivirus solution that will handle your files responsibly, ethically and securely.
3. Take control of your mobile devices
Why: Some apps play fast and loose with device permissions and may collect more data than they need to function correctly. Meanwhile, failing to secure your mobile device could result in an unauthorized user gaining access to your online accounts and personal data stored both locally on the device and in cloud-based services.
How: Hope for the best, plan for the worst. The following best practices can help you secure your mobile devices and prevent your personal data from falling into the wrong hands.
- Only install reputable apps: Every app you install requires certain permissions to function. Some are reasonable, like a navigation app that requires access to your location; others less so, like a flashlight app that wants access to your contacts. Check app permissions in your phone’s settings, disable any permissions that seem excessive and consider uninstalling any apps that look overly intrusive.
- Use remote erase: In the unfortunate event that your phone is lost or stolen, use remote erase to ensure that nobody will be able to access the data. Both iPhone and Android devices can be remotely erased provided certain functions are enabled.
- Enable device encryption: Enabling encryption ensures that your data can only be read when your device is unlocked, meaning that even if someone gains physical access to your device they won’t be able to see what’s on it. Most modern Apple and Android devices have encryption enabled by default, while Windows 10 devices can be encrypted via Start > Settings > Update & Security > Device encryption.
4. Protect your digital social life
Why: One of the biggest threats to your online privacy is… you. The amount of personal information we willingly divulge on social media poses a serious privacy threat as it gives attackers an easy way to collect sensitive information that could be used to commit identity theft or fraud. A motivated attacker could potentially use the information you share online to open new accounts in your name, hack your accounts or send highly personalized phishing scams to your friends and work colleagues.
How: A combination of smart privacy settings and limiting what you share online can help protect your privacy on social media. Start with the following practices:
- Change your social media settings: Every social media platform offers a range of privacy settings that enable you to configure who can see your posts, online activity and contact information. How you tweak these settings will vary depending on your needs, but as a bare minimum we recommend deselecting location tracking, restricting who can find you online and disabling targeted ads where possible.
- Limit what you share: Protect your digital identity by limiting what you share online. Avoid filling out “About Me” fields in your social media profiles and avoid sharing personally identifiable information such as your full birthday, place of birth, address and phone number.
- Encrypt your messages: Encryption keeps your communications secure and ensures that only you and the intended recipient can read your messages – even if they’re intercepted. Signal, an open-source secure message service is a good option. WhatsApp offers end-to-end encryption, but requires access to your contacts list if you wish to see your contact’s names. Apple’s iMessage also provides end-to-end encryption, but only for messages sent between iPhones. Facebook Messenger is not encrypted, although its “Secret Conversations” feature is (available on iOS and Android, but not on the regular web domain)
5. Set up guest accounts
Why: As a hospitable host, you probably don’t think twice before giving out your Wi-Fi password to guests. What you may not realize is that connecting new users to your home network could pose a serious privacy and security risk. While your guests probably aren’t going to intentionally be snooping around your files, there’s a chance they could accidentally stumble upon your personal documents or inadvertently spread malware to your network.
How: Setting up guest accounts allows you to restrict access to your network and your devices. It’s free and easier than it sounds.
- Set up a guest network: A guest network allows your visitors to connect to your Wi-Fi but prevents them from accessing the rest of your network and the devices connected to it. To create a guest network, open up your router settings and dig around in the Wi-Fi section for a setting called something like ‘Allow guest access’ or ‘Guest network’ and follow the setup instructions to completion. Check the web or your user manual for help if you get stuck along the way.
- Create a standard user account: Similarly, you can create a standard user account to allow your visitors to use your devices without giving them access to your private files or your system’s settings. See this page for more information on adding or removing accounts on your Windows 10 device.
Everyone has the right to privacy. While intrusive data collection practices have made it more challenging to protect your digital identity, it’s still possible to maintain a good level of privacy online. Utilizing privacy-conscious tools, avoiding overly intrusive software and being mindful of how you communicate online can go a long way toward keeping your private life just that – private.
Emsisoft Enterprise Security + EDR
Robust and proven endpoint security solution for organizations of all sizes. Start free trial