Suppose I asked you this question: “How many websites possess a piece of your personal data, from your last name to your email to your credit card number?”
Do you think you could name them all? My guess is most of you couldn’t write out a list on the spot and get them all right. But that’s completely understandable. Still, it’s important to practice good cybersecurity habits, even if you’re a beginner.
We live in a digital-first age, where so much more of our life is spent online and it’s become mind-boggling to keep track of it all. We experience the world through a digital lens. We purchase things online, share memories online, read the news, subscribe to creators and curate our digital experiences to match our real-life ones, if even just aspirationally. All of that creating, absorbing and sharing takes a lot of data — data we voluntarily, and involuntarily, share.
As the amount of personal data that’s collected by third parties continues to expand, so do the threats surrounding that information. The more we share, the more data becomes susceptible to hacking, theft and extortion. In 2020, there were 1,001 data breaches that resulted in the exposure of private data for over 155,000,000 individuals. Some of these breaches had to do with organization-level mismanagement of data during cloud migrations. But many of them also had to do with human error and weak cybersecurity knowledge and follow-through, such as individuals falling prey to phishing email scams. In fact, one of the top seven cybersecurity threats of 2020 consisted of social engineering attacks which trick people into giving over their sensitive information willingly.
Some of 2020’s biggest data breaches happened at well-known companies and big brands many of us have trusted with our information — from Microsoft to Walgreens, J-Crew and T Mobile. The bigger the brand, the bigger the target on their back for user data including email addresses, credit card info and other sensitive information. Some of this is out of your control, as it’s not realistic to avoid sharing your information with anyone. But these are attacks we can learn to avoid, and there are a fair amount of proactive and preventative measures you can take to mitigate the risk.
Tech users can decrease the risk to their personal information by continually monitoring their data, controlling who has access to their everyday tech behavior and keeping their most private information as private as possible online, just to name a few strategies. I’m going to walk you through a bunch of tips for protecting yourself online, and include top-rated software and security services you can start using to keep yourself safe. I’m also going to walk you through some of my favorite privacy and security products you can buy to keep your devices as guarded as possible. And so consider this to be cybersecurity for beginners, a guide to the best steps you can take to keep your data safe in 2021.
Licensed From Adobe
Tip 1: Back Up Your Data, and Do It Well
Humans are data, and data is human. Every time you log in with a password, type in a website, purchase something, send an email or take a picture you’re creating data. This data is yours, it belongs to you, and there are many people who are aggressively looking for it. It’s up to all of us to keep track of who has access to our data and where it’s being stored, to make sure it lives in a safe place. There are numerous security checks you can do within settings on an iPhone and Android phone to make sure your scrolling is as safe as possible. You can also do the same on a Mac and PC by making sure you’ve got a strong password set up, and enable a few other preventative measures we’ll discuss later in this piece.
One of the best ways to ensure your data is safe is by backing it up in a secure location. That way, if something does happen and you lose access to your computer, you’ve still got all your files backed up in another place that the hackers don’t have access to. It’s kind of like making a photocopy of your grandma’s famous cookie recipe and putting it in a fireproof safe, just in case.
Spy has a whole piece on the best Cloud services for backing up all your data, so if you prefer to go more in depth I highly recommend checking that out. Here are a few of my favorite ones from that piece that are highly applicable and easy to use.
iDrive
iDrive was rated as the best Cloud service by Spy’s tech editor Adrian Covert, and it’s easy to see why. They’ve got by and far the best Cloud backup for an affordable price, and have bundles to suit every need from personal to team and business. They include backups for multiple devices in their packages, have a seamless online file sync system and if you lose your data and don’t want to use the bandwidth required to get it all back they’ll send you a hard drive with everything on it at no additional cost. Seems pretty trustworthy to me.
Security is at the heart of all of SpiderOak’s product offerings, and they deliver on their promises. Thanks to end-to-end encryption, your data is protected by SpiderOak before it even leaves your computer. They protect all your data in one reliable backup that syncs files across your different devices, and will even store historical versions and deleted files with zero restrictions or time limits for how long they’ll be kept. Plus, if you are the victim of a malware attack, their One Backup’s Point-in-Time recovery system can also restore the data from the moment before the attack. It’s available on Mac and Windows operating systems, and they offer a 21-day free trial to get started.
Tip 2: Make Sure You Keep You Pick The Right Apps for Browsing, Messaging and Emailing
Before your data is synced up and stored to any sort of backup service it’s created by you, and you also want to make sure your privacy and security is protected in real-time. As you browse the internet looking for the latest in, oh I don’t know, men’s swim trunks, Bitcoin wallets or wireless headphones, you want to make sure nobody is spying on you, especially if you’re on a public WiFi.
Firefoxis by far the best browser when it comes to user privacy and security, as it’s end-to-end encrypted and has a private browsing mode that includes all sorts of protection. With the private browsing mode activated, Firefox protects against malware, phishing and tracking, blocks pop-ups and guards against fingerprinting.
The email service Protonmail is also known for prioritizing user security, and is totally free. Zero personal information is required to start an email account with them, and their encryption is so extensive that even they don’t have access to your most secure emails.
Signal is our recommendation for a secure messaging service that sets privacy as the default option, and can’t read your messages or listen to your calls, let alone share that data with anyone else.
But to take this all one step further, one of the best ways to keep your browsing data secure is to use a trustworthy browser and establish a VPN, or a Virtual Private Network. These provide you with a private, secure tunnel through which your online traffic information can flow and no one can see it. The best VPN services basically hide your IP address so your data and behavior can’t be tracked. They’re easy to install, simple to use and will give you the peace of mind you’re looking for so a mindless scroll doesn’t become a creepy opportunity for your data to be used against you. Whether it’s the number of times you visit a certain website every day or your credit card information, a VPN mitigates the risk to your data through a secure, encrypted connection. Here are some of the best ones to try out.
NordVPN
NordVPN is one of the best VPN servers to use if you’re frequently on public WiFi but want assurance you’ve got a secure, encrypted connection. You can keep your browsing information private and get online securely, quickly via their easy-to-install VPN. They’ve got applications for all computers and operating systems, including Windows and MacOS, and with over 5400 NordVPN servers in 59 different countries you’ll be able to search and stream with minimal buffering.
ExpressVPN is another great option, especially if you’re a streamer who wants access to shows around the world no matter where you are. You can use it to keep every one of your devices safe, and they offer fast connectivity and reliable encryption so your privacy is secure. They’ve got 160 different servers in 94 different countries with virtually unlimited bandwidth so you can avoid restriction while staying safe, and they offer a 30-day money-back guarantee for first timers.
Another piece of the data privacy puzzle (more like never-ending, always-changing maze)? Using your best judgement, and trying to avoid being hacked. Avoiding falling for phishing schemes that come through your inbox or text messages is crucial, along with setting your phone to not automatically connect to public WiFi. Think before you click, always, and if something seems off it probably is.
Opening links in texts or emails from unknown numbers or addresses is a big no-no, as is wiring money in almost any scenario that’s been marked “urgent!” Hackers are getting more and more sophisticated all the time in their tactics for duping people into handing over their personal information, posting as bosses, colleagues and even family members on occasion.
It’s also a great idea to check a site’s security before typing in your credit card information or social security number. Being wary of pop-ups, updating your browser often and having firewalls set up are also all great plans. Sometimes it happens, and even the most enlightened among us can fall for a trick — but educating yourself on how to avoid it and protect yourself is a great cybersecurity step.
Tip 4: Have a Robust Password, and Change it Often
Having a strong password is also essential. Chances are you’ve got quite a few passwords racked up by now, and many websites require they be robust nowadays through including both numbers and letters, capitals and lowercase and “special characters” like %,$,#, etc. This is a great step in the right direction, but unfortunately large-scale data breaches can still leave this information vulnerable to hackers. If one password is stolen, you want to make sure all of them don’t go down with the ship by having different ones for different websites. Use slight variations of the same thing so you can remember, and regularly change them if you can.
Two-factor authentication is another excellent way to keep your accounts secure, so if an app or device includes that feature make sure it’s turned on. What two-factor authentication does is send a code to your phone or email account to verify it’s you logging in. Alternatively, you can use an authenticator app which generates the codes for you. Many phones also have biometric features built in nowadays which are also excellent protection — way harder for a hacker to replicate your face than a few words and numbers.
But if you really want to max out on password security, you can’t beat a password manager. These services will generate passwords for all your different online accounts, and then store them for you in a secure, encrypted place so you don’t have to remember 40 different wild, wacky passwords with entirely different characters. Typically these services are both a website that you can log into and have a browser extension with an auto-fill option so logging into websites securely becomes a breeze. Here are the two password managers we recommend trusting with the keys to your most precious accounts.
LastPass
Lastpass is one of the best password vaults available out there, and they’ve got an option for personal and business use depending on what your needs are. It has a built-in password generator of strong passwords that subsequently get stored in your database so you don’t have to remember them or worry about your account’s security. They send alerts if your data has been breached or shared on the dark web, and they’ve got storage options for secure cards, documents and IDs if you need a safe digital place to put them.
1Password is another comparable password manager to LastPass that provides very similar services in a secure, trustworthy way. It provides a vault for families, businesses and developers to share passwords and other secure information with each other. As their name suggests, all you have to do is remember one password, your Master Password to access your 1Password account, and the rest is taken care of.
Tip 5: Know What To Do If and/or When You Get Hacked
Despite your best efforts, there will come a time when you will be hacked or sensitive information will otherwise be compromised. Whether you find out via the news because it’s a large scale data breach like the famous Capital One incident, or your Facebook account has started sending weird messages to all your friends, you might be inclined might be to panic. Don’t. There are actionable steps you can take to mitigate the damage, and many resources for remedying the situation.
If you notice your banking information has been stolen through fraudulent credit card charges, call your bank and have your card cancelled right away. If your bank is on top of their stuff, they’ll most likely refund you the money and issue you a new card. Problem solved.
If your email password, social media passwords or other secure login information has been compromised you’ll want to change your passwords on all affected accounts right away. Also, if a hacked account shares passwords with other, non-affected accounts you’ll want to change those as well. If the hacker has changed your email password already, you’ll need to contact the email provider and prove you’re the rightful account holder. This may take several steps, and is unfortunately a headache.
If hackers have sent out messages with phishing links or other potential malware to your friends and family, reach out to them and warn them not to open any links sent from your email recently. This way, you’ll protect their data from also being compromised and the situation snowballing.
If you’ve had your entire identity stolen, we’re so sorry. This could be a months-long process in reclaiming your name, salvaging your credit and restoring rightful ownership and control over your accounts. The FTC has a very helpful advice site for what to do in this scenario. They recommend ordering your credit reports to assess the damage and filing an official identity-theft report with the FTC to start. Good luck.
Having the right antivirus, anti-malware and hacking protection software installed on your computer can help prevent your computer from being hacked via your internet connection or other means. This stuff is a no-brainer for huge organizations that store swaths of sensitive data, but it can also be quite beneficial for individuals who want to rest assured knowing there are forces at work protecting their computer, even when they’re not on it. Here are a few great anti-malware software choices for your personal computer.
Bitedefender
Bitedefender is one of the most trusted antivirus services in the business, as over 500 million systems are currently running it to protect their data. It uses AI technology to detect and block new threats before they can cause any trouble, and can anticipate them coming and prepare. Their protection is multi-layered so everything from your documents and pictures down to your browsing data is covered from ransomware and malware attacks. They’ve got anti-phishing protection built in so even if you fall for something, you won’t take the fall, and their program works on Windows and Mac computers.
McAfee is another great option for PC users looking to protect their computer from viruses, malware, ransomware and other attacks. Their service works top to bottom from providing web protection online to a personal VPN service built into the antiviral software. They’ve got a web advisor that will alert you to suspicious websites and provide personalized protection based on your activity. Their software also scans any document accessed on your computer for potential malware and you can do on-demand and scheduled scans of your entire drive for signs of trouble as well.
Tip 6: Set Up a Secure Home Network, and Buy Your Own Router
Speaking of secure networks, make sure you’ve got one at home. Most of the time, you’re going to be accessing the internet from one of two places: your office, which probably has a secure network, and your house. Setting up a secure home network is a great step to take in maintaining your cybersecurity, and requires only a bit of extra legwork.
When you first set up your WiFi connection, change the name of your network as well as your internet password. Both of these steps make it harder for hackers to access your information, through hiding the identity of your internet service provider and not using the generic password they give you. You should also activate network encryption to increase your WiFi’s security, and make sure it’s using an encryption standard like WPA2 for maximum safety.
Turning off your WiFi router and network when you’re not at home and making sure it’s at a central location in your home can also both help protect you from hackers if you feel like you’re particularly vulnerable. If your router’s reach stretches far beyond the walls of your home, that just gives hackers more space to operate within. You should also disable remote access where applicable, and update your router’s software regularly to keep it as up to date and strong as possible.
You should also buy your own router when possible, as routers that come directly from internet service providers can be old and feature outdated firmware that could put your network at a higher risk of intrusion.
TP-Link Archer AX50 Smart Router
One of the best routers for a secure home network you can buy in 2021 is the TP-Link Archer AX50 Smart Router. It meets all the latest encryption standards, including support for WPA3 encryption and comes with a lifetime subscription to TP-Link HomeCare that protects your entire network from viruses, malware and other attacks. But it’s also is an excellent router when it comes to fast wireless speeds, and thanks to its OFDMA support, is able to juggle dozens of wireless devices at once without suffering from speed bottlenecking.
Alright, up until now, we’ve covered software and security tips. But now it’s time to talk hardware. While much of your work keeping yourself safe online is going to come from safe digital habits, there are a few accessories you can buy to deter others from spying on you, stealing data directly from your computer and taking what’s yours altogether. These devices range from webcam covers to privacy screens, laptop locks and secure briefcases so your gadgets are safe in transport.
CloudValley Webcam Cover Slide
This is a no-brainer when it comes to cybersecurity. These small, sleek, simply-designed covers are perfect for most laptops and are easy to use. They quickly, seamlessly stick on to most Mac and PC computers and tablets, and don’t interfere with web browsing or camera indicator lights. In my opinion, $7 is worth avoiding your privacy being compromised.
If you’ve got an external webcam, this cover is perfect for maintaining your privacy. It’s compatible with a variety of Logitech models and those with similar designs. It slides on easily and can be flipped up or down depending on when you’re using it.
This filter screen provides a blackout filter to your monitor’s screen when viewed from the side, so it’s perfectly clear for you but inaccessible for others. This is a great option for public or high-traffic areas where spyers may be lurking. This particular screen can fit a 24-inch monitor with a 16:9 aspect ratio, which is one of the most common sizes for a monitor. As a result, it can fit a wealth of models from HP, Lenovo, Dell, Acer and more. It also doubles as an eye protector as it filters out 96% of UV light and 65% of blue light. Best of all, it’s easy to install, and you can even change the privacy angle from 30 degrees to 60 degrees by adjusting your screen’s brightness.
An important part of practicing good cybersecurity is making sure your physical devices don’t get stolen. This cable gadget lock works with smartphones, laptops, tablets and even digital notebooks. It has a durable lockhead built with extra strength and hidden pin technology so it can’t be picked. The cable is made with twisted steel and is cut-resistant, loop it around something stable in public and you’re good to go.
This is another way to keep your devices, and data, safe on the road. This backpack comes with anti-theft features built in like a password zipper lock, similar to a TSA-approved lock on luggage, that’ll deter thieves trying to swipe your valuables. The backpack also comes with many compartments for your devices and a USB interface with spots to charge your devices via your own power bank. If someone decided to snatch the whole bag you’d be out of luck, but for the casual pickpocketer it would provide solid protection.