Securing your digital activities can be a daunting task, particularly if you use multiple devices and services to manage your files and sensitive data. A single overlooked vulnerability could allow a potential hacker to invade your online privacy or gain access to your financial information. For example, leaving your desktop computer open to spyware infections could expose your password to interception, and without proper password management, that stolen password could then be used by a third party to access your e-mail account or cloud storage. Thus, the only way to truly protect your data and privacy is to assume a multi-pronged approach to security.
Read on to learn everything you need to know about securing your digital life.
Tips for enhancing safety and privacy
- Never open e-mail attachments sent by people you don’t know.
- Don’t click on links embedded in e-mail messages from unknown sources.
- Use strong passwords – 15 random characters are more than enough for all practical purposes.
- Enhance your browser using security extensions, such as AdBlock and NoScript.
- Never keep your passwords on a digital storage medium in unencrypted form.
- Keep your applications and programs updated.
- Enable automatic updates whenever possible.
- Don’t leave your computer on when unattended.
- Avoid using Java, Adobe Flash Player, and other common software unless it’s necessary.
- Use anti-virus software and at least one dedicated anti-malware program.
- Use a VPN with strong encryption to enhance online privacy.
- Use both a software firewall and a hardware firewall.
- Never use the default administrator password.
- Be aware of the risks associated with social media.
- Protect your VPS and smartphone like you would protect your desktop or laptop.
- Be very cautious about sharing your personal information with anyone online.
- Have more than one backup of your most important data.
- Encrypt sensitive data, including your backups and cloud storage.
Operating system security
An operating system (OS) is a program that provides a platform for other types of software. It assigns resources and provides services to all programs running on your machine. Any software you install needs to be compatible with your operating system. This also applies to security applications and other programs which may have a direct impact on the safety of your data, such as web browsers, e-mail clients, messengers, and word processors.
Desktop computers typically ship with an operating system already installed, which in the case of PCs and laptops is usually the latest version of Microsoft’s Windows. As of 2018, the most current version of this OS is Windows 10, but some older machines might come with Windows 7 or 8. Modern Apple computers on the other hand ship with the latest version of macOS – 10.13 High Sierra.
The popularity of Windows computers means that most malicious programs are designed specifically to target them. According to an AV-Test security report, 67.21% of all malware detections in the first half of 2016 had to do with Windows-specific threats . To put this in perspective, Android infections accounted for 7.48% of all detections, while macOS and Linux infections accounted for 0.07% and 0.02% of threats, respectively.
This is why many security experts believe that working with a lesser-known operating system is a security measure in and of itself. However, there’s no denying the fact that assuming this approach can lead to software compatibility issues, particularly when it comes to professional software, such as Autodesk 3DS Max or CAT programs. If you believe this won’t be a problem for you, consider giving Ubuntu a try as a free and open-source Linux operating system. It was designed with beginners in mind and is simple to operate and maintain.
Keep your system up to date
Updates are crucial to the security of your computer because they fix flaws in the software that can be easily exploited by hackers. Regardless of the operating system you’re using, make sure to update it at least once a month or, preferably, enable automatic updates. Turning on automatic updates is a simple process on both Windows PC and macOS machines:
- – A Windows 10 computer will automatically download important and critical updates by default; you can manage your update schedule by adjusting the automatic maintenance settings found by opening up the Control Panel and navigating to System and Security, followed by Security and Maintenance.
- To turn on automatic updates on a macOS computer, click on the Apple menu, followed by System Preferences > Automatically Check for Updates.
If your computer uses Windows XP or Vista, you won’t receive any future software updates, which unfortunately includes security patches. Support for Windows XP was discontinued on April 8, 2014, while support for Windows Vista ended on April 11, 2017.
Use a Secure Internet Browser
An internet browser is a program that determines how your computer accesses information on the World Wide Web. Much like in the case of operating systems, the less-popular browsers are least likely to be targeted by hackers.
What’s more, picking a niche browser shouldn’t involve compatibility-related compromises, as most contemporary browsers are designed to handle all types of content found online.
According to Global Stats , the market share of modern browsers breaks down as follows (data for April 2018):
- Google Chrome: 57.36%
- Safari: 13.96%
- UC Browser: 7.88%
- Firefox: 5.45%
- Opera: 3.83%
- Internet Explorer: 3.21%
- Samsung Internet: 2.69%
- Edge: 1.98%
- Android: 1.59%
Unlike Internet Explorer or Google Chrome, Firefox has the added benefit of being an open-source program, which means that anyone can inspect its code to find bugs and help introduce new security features.
Recommended Firefox Security Extensions
Firefox also makes it possible for users to install extensions, which can be used to enhance web-browsing security and privacy even further. Some of the most useful extensions include:
- AdBlock – this extension prevents your browser from displaying intrusive ads or pop-up windows, which can be used to infect your device with malware when clicked. Other than keeping your system protected, this extension will make your web browsing experience more pleasant, too.
- HTTPS Everywhere – this extension will force your browser to connect to a website through an encrypted connection whenever the possibility exists. If HTTPs is not enforced, any data that you share with a website through a form or otherwise can be intercepted by a third party, putting your personal information and passwords at risk. Keep in mind that not all websites support HTTPs connections.
- Disconnect – this extension blocks certain websites from tracking your web browsing activities and history. It is currently capable of blocking more than 2,000 confirmed tracking sites.
Regardless of the browser you end up choosing, updating it on a regular basis is just as important as keeping your operating system up to date. According to Malwarebytes Labs, browser exploits used to account for 80% of all malware found on people’s operating systems  – and while this percentage has improved in 2018, using an outdated browser is still an extremely prevalent security risk.
Software Security Tips
Browser and operating system vulnerabilities account for the majority of malware infections, but nowadays security experts tend are becoming concerned with other popular applications.
When downloading any piece of software, try to do so from the developer’s official website. Don’t assume that a file must be safe and free of malware just because its download link appeared in a Google search. Always double-check the download source. Finally, avoid installing any of the extra software that’s commonly bundled with the primary application.
The following apps present a particularly serious security risk:
– Java: Java security flaws were responsible for countless malware attacks in the past, some of which can still be exploited by hackers even today. The Department of Homeland Security recommends never enabling Java unless necessary, which shouldn’t be an issue for most computer users. You can disable Java from the Java Control Panel, which on a Windows 10 machine can be accomplished by navigating to All Apps > Java > Configure Java.
For instructions on how to disable Java on other operating systems, follow these instructions from Java.com.
– Adobe Flash Player – older versions of Adobe Flash contain multiple security vulnerabilities. If your computer has Flash installed, it’s critical to enable automatic updates. Additionally, it’s worth noting that Flash content is considered outdated and is being actively replaced by HTML5 across the web. Modern browsers tend to block Flash code by default and require user consent before loading it.
– Adobe Acrobat Reader and other PDF readers – Adobe Acrobat Reader is a popular application used to load portable document files (PDF). Its popularity caused it to become a target for hackers, which is a serious issue considering Adobe is very slow to fix vulnerabilities found in their code. It’s worth noting that both Firefox and Chromium have integrated PDF readers, which eliminates the need for installing Adobe’s unsafe package. Alternative applications are available as well and include Nitro reader and Foxit reader.
Much like your web browser and operating system, any programs which connect to the internet should be regularly updated or blocked using a firewall. You can also use a risk-assessment program to scan your system for applications in need of updating.
Common types of computer viruses and malware threats
Malicious software is often abbreviated as “malware.” There are many kinds of potentially harmful programs out there, and dealing with each requires a slightly different approach. Following are brief overviews of the most common threats:
- Adware: adware is a type of malware that displays unwanted, intrusive pop-ups and advertisements on your screen. Many free applications will try to install adware on your system.
- Bots: bots are programs designed to automatically perform predetermined tasks. Not all bots are created with malicious intents. However, some bots can run on your computer without your knowledge and perform data collection, clog up your computer’s resources, and even carry out denial of service attacks (DoS).
- Ransomware: a particularly harmful kind of malware that encrypts your files without your consent. Access to these files can only be regained by paying ransom to the creator of the malware.
- Rootkits: a rootkit allows the hacker to remotely access your computer without detection. The hacker can then execute more malicious code on your machine or to steal your files, including potentially sensitive information.
- Spyware: a spyware program tracks your digital activities without your knowledge and sends reports of these activities to a third party. Spyware programs can harvest your data, including account information, passwords, and financial details. It can even log mouse movements and use them to determine what the user clicked on.
- Trojan horses: a Trojan is a type of malware that pretends to be a harmless file, often an executable (exe), in order to trick users into downloading and installing other, more dangerous types of malware.
- Worms: digital worms spread from one computer to another by exploiting OS vulnerabilities. They are one reason why you should keep your operating system permanently up to date. It’s worth noting that worms often contain additional harmful code designed to steal your data, delete your files, and even add your machine to a bot network (botnet).
- Viruses: a virus is a piece of malicious code capable of copying itself and spreading from one file to another, often across computers. Viruses attach themselves to legitimate programs and execute their destructive code when those programs are launched. Some viruses can spread via scripts, or even documents and web applications. The least harmful viruses won’t do anything beyond spreading, while the most harmful ones will damage your files, steal your credit card details, and display unwanted ads on your screen.
According to the Anti-Phishing Working Group, almost one-third of all computers in the world were infected with some type of malware as of 2014 .
To protect your computer from viruses, you’ll need a dedicated anti-virus program. Anti-viruses are designed to scan any opened files for harmful code and to prevent your computer from executing that code if it is found. They can also remove existing viruses and perform complete system checks.
Modern anti-virus programs are capable of detecting and removing other types of malware, but most security experts recommend running at least one additional dedicated anti-malware program to remove adware and spyware that doesn’t share typical virus characteristics.
Examples of such programs include Malwarebytes and Adware Removal Tool.
To further reduce the risk of infection, avoid clicking on pop-ups, as malicious websites often use them to trick your web browser into downloading malware. You should also read the End User License Agreements (EULA) for any new software you decide to install, particularly if it’s free. This is because some companies may use their software to “legally” spy on your activities, and the only clues to this can be found in the EULA. Fortunately, this does not apply to the best free anti-virus packages.
According to Tom’s Hardware Guide, you don’t need to pay for an anti-virus software to protect your computer in 2018 – the free version of Avast is more than capable of protecting most Windows machines . That said, users looking for a premium package should consider BitDefender or Kaspersky as excellent paid alternatives.
Remember that new viruses and malicious programs are being constantly developed. This is why it’s critical to keep your anti-virus and anti-malware programs up to date. Failing to do significantly increases the risk of a piece of malware avoiding detection and finding its way onto your device.
Keep Your Firewall Enabled
A firewall is a network security system that restricts incoming and outgoing traffic based on predetermined security rules. Firewalls can be grouped into two categories: (1) the ubiquitous software firewalls and (2) the less-common hardware firewalls. Malicious bots are constantly scanning the internet in search of computers with an unsecured internet connection. This is why a properly-configured firewall should be enabled on all internet-connected computers at all times.
The latest version of the most popular operating systems, Windows and macOS, have built-in firewalls. However, these can be replaced by third-party solutions if deemed necessary. It’s important to never run two software firewalls at the same time as this could lead to conflicting behavior that results in frequent connection losses and even system crashes.
The above restriction does not apply to running a software and a hardware firewall simultaneously. In fact, this setup is the best way to properly secure a connection. If you decide to buy a broadband router with a built-in firewall, the first thing you should do is change the default password.
Regarding firewall configuration, consult our guides and manuals for details.
Social engineering and physical security
Even the best security software won’t protect your data if an unauthorized third party gains physical access to your machine. Make sure to assess the likelihood of this happening and then take appropriate measures to restrict physical access to your device if necessary. You may also want to consider encrypting your hard drive (see next section for details).
It’s worth noting that hackers can gain access to secured systems without using malware. In fact, some of the most successful hackers, such as Kevin Mittnick and Susan Headley, used social engineering and psychological manipulation to pull off successful attacks on computer systems.
Avoiding such attacks requires constant vigilance, particularly when handling sensitive data. Be on the lookout for anyone who claims to represent a certain entity and then proceeds to request your private information, such as passwords or credit card numbers. This is even more important in an office environment, where potential damages can be even more severe. Always follow your company’s security protocols.
Encryption keeps your data safe in case someone gains unauthorized physical or remote access to your device. The only way to read encrypted files is to enter a decryption password, which should be strong enough to resist any brute-force attacks. Remember that a short password can be brute forced within hours, but a strong password would theoretically take a hacker billions of years to crack. A 15-character key is considered sufficient for most applications.
Encrypting an entire hard-drive is typically not recommended, as it could have adverse effects on computer performance, particularly if the computer is not equipped with an SSD drive. For most private users, encrypting sensitive files including photos, financial records, tax returns, and medical history should provide ample protection.
If you’re interested in encrypting your data, see our recommendations for the best encryption software. Also, make sure to read our guide on how to properly encrypt files and avoid the most common mistakes that could potentially render your encrypted data vulnerable.
Social media privacy
Using social media platforms puts your personal information at risk. This is true even if you take advantage of on-site privacy settings. The reason behind this is that social platforms are generally not held to high standards when it comes to handling potentially sensitive information. This, in turn, increases the chances of a security breach or data leak. Furthermore, social platforms’ terms of service are purposefully convoluted and make it very difficult to understand how your data is being used and shared.
As revealed by the recent Cambridge Analytica-Facebook scandal, data collection companies continually scrape social media sites for personal information of their users. This data can then be used for political and marketing campaigns, or worse – identity theft and fraud.
If you’re highly concerned about your online privacy, consider avoiding social media platforms altogether. This is obviously easier said than done, so at the very least try and limit the data you share with the service.
Using a VPN
A VPN, or Virtual Private Network, is a “tunnel” protecting your connection from prying eyes. It achieves this by routing your connection through the VPN provider’s servers. As a result, any website or online application you interact with will see the VPN’s IP address instead of yours, which helps keep your identity confidential.
Using a VPN will inevitably lower your upload and download speeds. The fastest (and usually most expensive) VPNs will reduce your connection speed by anywhere from 10% to 20%, while the poorest of services can cause as much as an 80% reduction. To achieve the best possible performance, always connect to a VPN server located in your own country. Take a look at our best VPN services list for recommendations.
Note that a VPN can only be as effective as the encryption protection. The least useful VPNs either use no encryption at all or employ encryption methods that are easy to crack even by inexperienced attackers. On the flip side, the best VPNs employ tried-and-tested encryption protocols, such as OpenVPN, IPSec, and L2PT.
Another factor to consider is the data retention policy of your VPN company. If you’re interested in maximum privacy, check that your VPN provider is not required by law to store your data indefinitely or to actively share it with certain institutions. See our VPN reviews for the details.
Securing your online business
Securing a business involves creating and enforcing security protocols that must be followed by all company employees. The security of a system is only as strong as its weakest link. It is therefore critically important that the entire team understands the consequences of a lackluster attitude towards security.
Other than making sure all company computers are protected as specified in this guide and that access to sensitive data is only provided on a need-to-know basis, there are a few extra things business owners should be aware of as pertaining to the security of their online activities:
If you’re using a Virtual Private Server (VPS) to manage your online business, make sure it is at least as well protected as any other computer in your network.
Start by disabling the default Administrator account and creating a new account with administrator permissions to protect your VPS from bots trying to crack your password using the brute-force method. Remember to use a strong password for your new account and to restrict unknown IP addresses from accessing your VPS.
The next step is to install an antivirus and firewall on your VPS and to make sure they are properly configured. Keep your VPS operating system up to date and enable automatic updates for all software installed on the server. You may also want to consider full hard-drive encryption as performance considerations are likely to take a back seat to top-notch protection.
Finally, it’s important to choose a qualified provider. Never underestimate the role that proper service and network management plays in improving the security of your private server. Check out our best VPS recommendations for details.
Domain name privacy protection
Domain name privacy is a service offered by some domain registrars. It prevents other people from accessing your information using the WHOIS registry. Under normal circumstances, the WHOIS service allows anyone to view the name, e-mail, and address of a domain owner. With WHOIS protection enabled, however, this information is hidden from the public, and a private e-mail address is provided for anyone who may wish to contact the domain owner.
The best domain name registrars offer WHOIS protection for around $10 a year per domain. Note that WHOIS privacy protection is forbidden in certain countries, including India, Switzerland, and Italy.
Cloud data storage
Cloud data storage is a convenient solution for many modern businesses. It allows for theoretically unlimited scaling while providing easy ways of accessing data from any device and any place.
However, cloud storage introduces new security risks.
Business owners who want to store sensitive data in the cloud must remember to encrypt their files before uploading them to the service. They should also introduce several levels of confidentiality to make sure access is only available on a need-to-know basis.
The best cloud data storage services offer complete logs of all account activities including uploads, download, and file access. They also provide administrators with tools for creating rule-sets that limit who, how, and from which device can interact with the data.
Your storage and backup devices should be protected using strong encryption and safe storage practices. Securing a USB device or a DVD is very similar to securing a desktop hard-drive – refer to the general encryption section above for more information or check out our detailed encryption guides.
Keep in mind that external hard-drives and DVDs can malfunction or get lost. As such, it is a good idea to make more than one backup of your most important data. A good strategy is to have one physical backup, and one encrypted backup stored in the cloud.
Keeping your smartphone safe is also imperative. Most smartphone users tend to remain permanently logged on to their e-mail and social accounts without giving security a second thought.
Fortunately, securing a mobile device isn’t all that different from securing a desktop or laptop. Keep your system updated, install an antivirus program, use a firewall and a VPN, and encrypt your sensitive data. Avoid installing apps that weren’t downloaded from the Google Play store or the App Store – they are far more likely to include malicious code or, at the very least, introduce new vulnerabilities which can later be abused by attackers.
Privacy-minded users should probably be wary of Apple’s products, as the latest version of their operating system, iOS 11.1, was cracked a day after its release . Cracked systems provide malicious third parties unlimited opportunities for finding weaknesses in the code and for devising effective attacks.