Security is broken down into measures put into place for the protection of your data. Many people think simply having antivirus means that you are secure. In fact, antivirus actually ranks at the #3 thing you can do to secure yourself. Let’s check out a few options here.

Important:

1: Update update update. Does Windows have (important) updates? Install them! Does your program have a new update? Install it! You can have the most secure information around but that doesn’t matter if you haven’t installed the updates needed to fix whatever new vulnerabilities have been discovered. Optional updates are not as important and should only really be installed if that particular update does something of particular importance to you.

2: Use your computer as a standard user rather than an admin user. Does this create more hassle sometimes? Sure. It’s an extra step whenever you need to do something requiring that admin privilege level. But you know what it also does? It stops 94% of all critical Windows exploits from being able to happen on your machine. What’s worse? Having to enter your admin password when you want to install a program or having your computer taken over?

3: Antivirus. And not just any antivirus but one that actually does its job. I won’t get into this one too much as we already have an antivirus Article covering the subject.

4: Strong/unique passwords. At least one is needed but both are obviously recommended. Strong passwords are harder to guess. If you use unique passwords for each site requiring login, you only lose a small portion of data should one site ever be breached. Whereas if you only have one password, an attacker then gains access to every account you own.

Optional:

This is where it gets trickier. Can you increase security beyond those important steps? Yes. Does it start becoming burdensome or impacting privacy and anonymity? Yes.

1: Website screening services. This actually ties a bit into antivirus too but really encompasses anything that verifies websites are safe before you visit them. This increases your security but also sends your browsing data to external companies (including incognito browsing… not that incognito really hides all that much anyways).

2: Cloud file/service scanners. Like #1 here but more widespread to include files and services running on your computer. In order for them to be assessed by a program or company, they must first be uploaded to that program/company. This typically means a log is created of what you are doing with the computer.

3: Use a VPN (we talked about this a bit in a previous privacy post). The traffic encryption offered by a VPN works to protect you (to an extent) from web-based attacks like would be performed on open networks. This is due to the fact that your traffic is encrypted and can no longer be manipulated. The person who owns the server your information is passing through, however, could still manipulate it on their end. When picking a VPN service, it is important to understand what information the company keeps, where they are physically located (so you know what laws they are forced to follow) and their stance on privacy. Please do ask us if you are interested in this. We have done all of this research already and would be happy to help.

4: Utilize virtual machines. This one is pretty unique and handy in more than one way. Virtual machines are entire computers being emulated by your computer. They are actually fairly easy to set up (we can help). They boost your security by isolating attacks against your physical computer. The idea is that what is in the virtual machine stays in the virtual machine. Did it get infected? Not a problem, just reset it. Also of particular interest is that the more advanced malware will actually delete itself if it detects that it is running in a virtual machine. This is a defense mechanism to stop it from being analyzed by cybersecurity labs.

Privacy is different than security in that you are now trying to control access to data. Privacy measures are those you put in place to limit who can access information which is important to you. This includes both information which you possess such as your files and documents and information which third parties are trying to gather about you.

1: Know what companies do with your data. We’ve mentioned Facebook a few times in the past for how much information they harvest and share with others. Google loves to track you as well (online and offline). You can see our online privacy Article for a few measures to help against online tracking. Better yet, before you give your data to a company, head over to tosdr.org (Terms of Service – Didn’t Read) and see what they say about how that site uses your data.

2: Tune your computer and program settings. Windows 10 is a pretty good operating system but has standard settings to share your information. Open up your privacy settings and turn off all of the sharing settings you don’t need. Many programs have usage monitoring agreements as well for “improvement studies.” Watch for those check boxes while installing. And remember, any time a program has to go online to retrieve information, that means it is sending out information as well. For example, Windows Media Player, while capable of retrieving song/album info online, also calls back to Microsoft at the same time to update them on your music.

3: Cloud storage… not near as secure or private as you might hope. There are actually encryption programs you can pair with your cloud storage to keep everything private and only accessible to you. You can also even host your own cloud storage from your own network. Interested in either one of these but don’t know where to start? Give us a shout.

4: Use a VPN. While great for security, it also provides an amazing boost to privacy. Did you know your ISP actually harvests and sells your browsing history? With a good VPN running, they can only tell you are using the internet but lose the capability to monitor what you are doing.

5: Encryption. I listed this for cloud storage but it goes much further. In fact, encryption is pretty well your #1 tool when it comes to privacy. Want to keep your computer’s data private? Encrypt the hard drive. Want to keep emails private (and insure people know only you could have sent them)? Encrypt the emails. Anything encrypted using a secure password and algorithm pretty well insures privacy.

Having anonymity means your online actions do not trace back to you. Anonymity can function with or without privacy. Consider a Facebook profile (we’ll assume you are doing something to stop Facebook from tracking your IP here). You can create an account using a fake name and fake email address. This makes your posts from that account anonymous as they no longer tie back to you. They are not private however; anyone on Facebook can still read them. If you then set that account to private so that only select people can find it and read posts, it is both anonymous and private.

Anonymity can be harder to achieve online being that so many different services try to track your every action. And the truth of the matter is, you can’t really be anonymous online if you aren’t somewhat anonymous offline as well. These tracking systems are simply so advanced that they can pair related behaviors online and offline in order track people. But here’s a few things you might consider:

1: Have I mentioned a VPN? Security, privacy, and anonymity. I put this under privacy but realistically, it’s keeping you private by anonymizing your traffic. That said, if you use a VPN and then sign into Facebook or some other account, it’s still pretty easy to trace your actions during that internet session back to you…

2: Use virtual machines. There are virtual machines designed purely for anonymity. They definitely aren’t for everyone but they are relatively easy to install and work with. Also, actions taken within the virtual machines aren’t really recorded by your actual computer. Have an issue with the virtual machine or think it may have been compromised? Not a big deal… a brand new one can be implemented in minutes.

3: Tor. I touched on this at the end of our online tracking article. Tor is an internet browser based off of Firefox. It is set up for security and connects you into the Tor network to anonymize your traffic. What this network does is bounce your traffic around multiple relay nodes before it gets to its destination. This prevents the traffic from being tied back to you. It’s slower than traditional browsers because your traffic is moved between nodes and not as full featured as normal browsers but does serve to allow for an anonymous connection. You can read more about how it works here.

4: Fake accounts. In my short intro to anonymity I mentioned creating a Facebook account using a fake name (note that this does violate their policies and they may delete the account if they decide it is fake… but if you are using like legitimately as you would a normal one, this is not likely to happen). Having your online presence functioning under a pseudonym provides you a layer of anonymity.