7 Steps to Reclaiming Your Online Privacy
The internet has evolved into a tool that many in the 21st century have become accustomed to having at their disposal. Whether it’s to purchase and listen to the newest Beyoncé album, submit an important homework assignment, or share a picture with friends, the internet has played a key role in transforming and making more convenient the way in which individuals perform various everyday activities. Conversely, the increased convenience the internet offers does not come without a cost. Internet users often sacrifice privacy in exchange for convenience. One example of this is the increased use of targeted advertising on popular websites like Amazon, Facebook, and YouTube, which leverage their users’ browsing data to enhance their ad placement tactics.
Moreover, the deterioration of privacy on the internet also gives rise to more efficient surveillance and intelligence gathering techniques and technologies. With so many players in the internet ecosystem stockpiling user data and leveraging the cloud, big data, and machine learning technologies to capitalize on the data gathered, there is no shortage of opportunities and avenues for both good and bad actors to gather information and surveil unsuspecting users.
Nonetheless, regardless of whether online information gathering or surveillance is being conducted by a lawful or unlawful actor, many users of the internet would likely prefer to not be secretly followed or watched while browsing the internet for a myriad of legitimate reasons. Unfortunately, the only foolproof way to ensure privacy on the internet and thwart internet surveillance is to refrain from using the internet all together. However, there are a few steps internet users can take to begin to reclaim their online privacy and frustrate those looking to monitor them. This guide informs internet users, at a high-level, of various steps they can take before, during, and after using the internet to remain secure and get closer to reclaiming their online privacy.
Four Ground Rules Before Taking the First Step
Before taking the first step on the journey to reclaiming your online privacy, there are a few important ground rules that will be extremely important and relevant throughout the journey.
1. Implement Password Best Practices
- Always use strong passwords. A strong password consists of at least 12 characters, mixed with numbers, letters, symbols, and does not include personal information. Using these complex combinations of characters will make it tougher for a perpetrator to uncover your passwords.
- Never use the same password across multiple accounts. If a perpetrator is lucky enough to uncover the password to one of your accounts, you do not want to end up ultimately giving the perpetrator the keys to the proverbial kingdom by allowing the them to use that one password to access all of your accounts.
- Change passwords often and don’t reuse. Although frequently changing passwords may seem cumbersome, it can really go a long way in frustrating a perpetrator. Given enough time, a bad actor can uncover a password with various password cracking tools that run through millions of possible password variations before eventually arriving at the correct password often times. By changing your passwords often and not reusing them, you can render the perpetrators use of these tools worthless.
2. Employ two factor authentication whenever possible
- Applications are increasingly offering users two-factor authentication as a means of verifying themselves with “something they know” and “something they have” before granting them access into their accounts. This comes in various forms such as confirmation emails to users’ verified email addresses and text messages to users’ verified phone numbers. Two factor authentication adds an extra layer of security to user accounts and since added security will ultimately help in securing privacy, two factor authentication should be implemented when offered.
3. If you can’t verify it, don’t trust it
- Often times perpetrators will attempt to trick internet users by sending them emails that look realistic, too good to be true ads, temptingly cool software applications, links to sites that seem interesting, and many other enticing smoke screens with the hopes of convincing the user that they are legitimate. If a user clicks these links or downloads these applications, they are more than likely exposing themselves to malicious software otherwise known as malware that can siphon their information and diminish any attempt at reclaiming and retaining their online privacy.
4. Less disclosure of personal information is ideal
- In a world where there is endless computing power and enough cutting-edge technology to capture, store and analyze millions of gigabits of data, carelessly giving away data is the last thing you want to do. Privacy is all about you being in control of your information and selectively sharing only what you want to share. Don’t betray yourself by disclosing more information than you are comfortable with sharing.
The Journey to Online Privacy Begins
Now that the important ground rules have been laid out, you are now ready to embark on the journey to reclaiming your online privacy.
The following seven steps take you through an exercise that begins with securing the less thought about but extremely critical home network all the way to securing the more recognized and highly coveted methods of online communication.
Step 1: Securing Your Home Network
Devices: Wireless Routers
Getting untethered access to an individual’s internet wireless connection access point –more simply known as their private home network - is considered hitting the jackpot for perpetrators looking to surveil and gather information on an individual. This is largely because, behind your home network sits all of your sensitive unencrypted network traffic and access to all of your internet connected devices, which will be discussed in steps two and three. If a perpetrator were to gain access to your home network, they could conceivably view all of your data and, in some cases, take control of your devices connected to the network. Your home network is your first line of defense against perpetrators. Below is a checklist of tasks you can carry out to protect and secure your home network.
- Purchase a Trusted & Well Supported Wireless Router
- Change the Default Name and Password Initially Set on the Router
- Activate the Highest Level of Wi-Fi Encryption the Router & Your Devices Can Support
- Separate Wi-Fi Into Two Wireless Access Points for Use By Guest
- Place Wireless Router in a Central Location to Limit External Transmission
- Disable Remote Access to Wireless Router
- Keep Wireless Router Firmware Up to Date
- Turn off Wireless Router When Not in Use
Step 2: Securing Your Internet Connected Devices’ Hardware & Firmware
Devices: Internet of Things (IoT) Devices, Desktop Computers, Laptops, Tablets, Smart TVs, Game Systems, Smart Speakers, Networked Printers, etc.
To further frustrate perpetrators’ attempts at data gathering and surveillance, you should secure your internet-connected devices’ hardware, firmware, and native software. Keeping your device secure in the physical world is just as important as keeping it secure in cyber space. Below is a checklist of several tasks you can do to physically protect and secure your internet connected devices.
- Do Research on a Device’s Overall Security Before Making Any Purchase
- Secure Your Devices Immediately After Purchase
- Keep Devices’ Firmware & Native Software Up to Date
- Use Trusted Anti-Virus and Intrusion Detection Products to Protect Your Devices
- Fully Disk Encrypt Devices When Possible
- Turn Off or Disconnect Devices When Not in Use
Step 3: Secure Your Internet Connected Devices’ Software Applications
Applications: Web Browsers, Word Processing Software, Presentation Software, Spreadsheet Software, Multimedia Software, Data Base Software, Content Access Software, Application Suites, Gaming Software, Utility Software, etc.
Now that your internet-connected devices are all up to date and sitting behind a secure home network, it is now time to turn to ensuring that the various applications running on your devices are necessary and if so, secure. Below are the several basic tasks you can carry out to protect and secure the applications running on your internet-connected devices.
- Delete All Unnecessary & Unused Applications Running on Internet Connected Devices
- Only Download Applications from Trusted Sources
- Delete and Do Not Allow Third Parties to Connect to Your Accounts
- Add A Pin Code to Access Your Accounts
- Keep Applications Up to Date
- Set Application Setting to Maximize Privacy & Security
- Shut Down Applications When Not in Use
Step 4: Practice Secure Online Browsing
Applications: Virtual Private Networks (VPNs), Web Browsers, Anonymous Web Browsers, Search Engines, etc.
One of the more highly-acclaimed features of the internet is the ability to use it to access and browse the World Wide Web. However, as mentioned in the introduction, this highly coveted feature of the internet is also the most monitored, tracked, and surveilled. Tracking an individual’s movement across the web, particularly in a non-passive fashion, is considered by many to be an invasion of privacy. A lot can be accurately or erroneously deduced about a person based on the sites they visit, how often they visit them, and how long they visit them. Below are several basic things you can do to browse more securely online.
- Use a Virtual Private Network (VPN)
- Only Interact with Sites that Use HTTPS not HTTP
- Use Privacy Browsers for Anonymous Browsing
- When Not Using an Anonymous Browser
- Default to Browser’s Private Browsing Mode
- Use an Anonymous Private Search Engine
- Install a Trusted Ad Blocker
- Block & Delete Third Party Cookies
- Turn Off Browser Location Tracking
- Don’t Login When Not Necessary
Step 5: Secure Your Online Accounts
Applications: Bank Accounts, Social Media Accounts, Email Accounts, Music Streaming Accounts, Cloud Storage Accounts, Online Retail Accounts, etc.
At this point, you have built up a pretty strong defense against surveillance, intelligence gathering, and hacking with regards to things in your control. Now it is time to further strengthen defenses of your online accounts that are mostly under the control of third party companies.
- Set Privacy Setting to Most Restrictive Setting
- Use Strong Security Question that No One Else Knows
- Limit What You Share Online
Step 6: Implementing Secure Online Communication
Applications: Email, Messaging, File Sharing
Securing your private communication is the last step before reclaiming your online privacy and also one of the most critical defensive measures you can take when it comes to protecting yourself for online surveillance.
- Use Point to Point Encrypted Communication Services
- Encrypted Email Services
- Encrypted Messaging Apps
- Secure File Sharing App
Step 7: Reclaim Your Online Privacy
Applications: Your Online Privacy
You have come quite the distance since you started this journey and now it is time to reward yourself with the peace of mind that comes with knowing you have raised your online defenses.
- Reclaim Your Online Privacy !
***Opinions stated in this article are the opinions of the author and do not necessarily express the specific views of The Cyber Security Intellects or the author's employer***