In honor of National Data Privacy Day, I’m going to feature some things that folks should do to protect their privacy online. Most of these are not new; in fact they’ve been highlighted many times by folks and organizations more qualified in technology and security than I am. However, just like when we’re given the expert advise to “get enough sleep, eat healthy, drink in moderation, and exercise”, it doesn’t hurt to be reminded of the kinds of things we should do to help us better preserve our online privacy.

1. Social Media

If you post information, pictures, etc. on social media assume they are no longer private.  Even if data is deleted can be retained and used in other places. Review the site’s privacy policy to make sure you know what they can do with your data.

When posting things, use the front-page test. If you wouldn’t want it published on the front page of the local paper, don’t post it.

Don’t connect with people you don’t know or are not sure about. They may be hackers or spammers looking for access to your data.

Many websites use challenge questions to verify identity and reset passwords. If you publish things like “where you were born”, “your first pet’s name”, “where you met your spouse”, or other personal data in your social media accounts, they can be used to satisfy those challenges and compromise your identity. Keep your personally identifiable information off social sites as there are hackers and companies that will use your information to their benefit, not yours.

2. Passwords 

Many people use easy-to-remember passwords that are also vulnerable to attack.  Check out this article on “bad” passwords.

http://blogs.wsj.com/digits/2016/01/19/qwerty-and-123456-top-list-of-2015s-worst-passwords/. If yours is on the list, change it now.

I know coming up with strong passwords is hard, but try to at least use a mix of capital and lowercase letters, numbers, and special characters if the website or application allows.

Change your passwords on a routine basis and make sure to use different passwords on each site. When passwords are reused, a hacker can gain access to many accounts of their victim. Good password hygiene will pay off in the long run.

Finally, try not to use email accounts or social IDs to log into websites. They make life easier, but if those identities are ever compromised, the hacker can access a lot of your online assets. Try to keep site account identifiers unique so that losing one doesn’t compromise them all.

3. Email

Speaking of email, malware and viruses are often distributed via email.  Never, repeat never open a link or attachment to an email that looks suspicious. Even if it came from someone you know, always verify that he/she actually sent the email by contacting your friend/acquaintance to see if it is legitimate.

Keep multiple email addresses: one for social media, one for shopping and another for important accounts for things such as banking.  This keeps spammers from getting the addresses used for your important accounts. If one of your email addresses get too “spammy”, you can always close the account and start a new one without impacting the others.

4. Privacy Policies 

The average website privacy policy has more than 2,400 words, takes 10 minutes to read and is written at a university-student reading level, according to the TRUSTe Privacy Index. That’s not user-friendly by any means.

Even if you don’t read the privacy policy word for word, try to skim the document to find the answers to these questions.

  • What information is being collected?
  • What other companies might be getting the information?
  • Does the site collect specific location data?
  • How long is your data kept and what happens to it if you leave the service?

If you can understand these aspects of the company’s privacy policy, you can at least make an informed choice to accept or reject the service.

5. Use separate devices for different things 

If you can, think about partitioning your activities across the different devices you have. That way, if one aspect of your digital life gets compromised, it won’t affect the others. Use your tablet or smartphone for shopping and social media. Use your laptop when accessing dedicated web sites such as banking, healthcare, and investments. Keep a separate device for the kids to play Internet games and watch videos.

6. Secure websites

Never submit a credit card number or other highly sensitive personal information without first making sure your connection is secure (encrypted). In your browser, look at the URL (Web address) line. A secure connection will begin “https://” instead of “http://”. If you only see “http://”, anything you send is unprotected. If a company doesn’t offer this simple protection for your sensitive data, maybe you should be doing business elsewhere.

7. Cookies and Web trackers

According to Cookiepedia, The average web site has 36 cookies attached to it. Cookies stay with your browser until you clear them. Because few people clear their cookies, the average cookie lives in your browser for 1,819 days. Most browsers allow you to clear your cookies and web data. Think about doing this occasionally. You’ll have to log into your sites again, and lose some preset preferences, but you’ll get rid of those cookies that track you even though you aren’t using the services anymore.

You can get a good idea of who is tracking you by using browser plug-ins (apps) that help you identify the cookies and activities that are being used by companies to see what you’re up to online. I use Privacy Fix http://privacyfix.com/ to see what’s going on across my web and social media accounts. Ghostery http://www.ghostery.com helps show you on each website you visit, what companies are watching your activity. Both of these browser plug-ins help you fix problems they highlight as well.

You can also get ad blockers that keep ads from popping up in your browser. These not only get rid of annoying and irrelevant ads, they help improve browser performance. Ad blockers are browser specific and many are free.

8. Keep work and home separate

In most US states and many countries, employees have little privacy protection from employers. An increasing number of employers are monitoring and recording employee Web usage, as well as e-mail. This could compromise your personal banking passwords and other sensitive information. Keep your personal data and personal browsing private, by using personal devices outside of the office.

9. Do not reply to spam for any reason

By even clicking a link in a spam email to unsubscribe, you are letting the spammer know there’s a live body at the end of the line. Notify your email provider of spam messages and let them take care of it.

In case you missed it earlier, never, repeat never open a link or attachment to an email that looks suspicious. Even if it came from someone you know, always verify that he/she actually sent the email by contacting your friend/acquaintance to see if it is legitimate.

10. Turn off devices when not in use

“Always on” means always vulnerable. If you are connected to your Internet service provider (ISP) via DSL, Fiber, or Cable, you are on the network 24/7. Hackers are constantly searching active IP addresses for vulnerabilities. If you aren’t on the network, they can’t find you. So turn off your devices when not in use to prevent compromise.

When you are on the network, make sure the basics (antivirus and malware protection, operating system patches, etc.) are up to date. Hackers look for known system vulnerabilities so don’t give them the chance.

10.5 Be careful with cloud storage:

Cloud storage is great for keeping your devices free of clutter and for accessing your content from anywhere. Be careful to limit sensitive information in the cloud. If your cloud account is compromised, that information can be taken. Repeated attacks against centralized cloud storage companies to steal credentials confirm the value of the data they contain. If you can, keep financial records and other sensitive personal data on local storage devices. 

Taking simple precautions like these can help you stay safe in an increasingly digital world.  You don’t need to be afraid to use the vast array of services and connected devices that are available to make your life more enjoyable.  You just need a little bit of healthy paranoia to keep your digital self safe. We at the Respect Network are building a transformative secure communications and data sharing network that addresses many of these issues including proper privacy policies, spam reduction, secure cloud storage and computing, and rock-solid online identity. Stay tuned for more information on our progress throughout 2016.