Personal Security - Compartmentalization
This post is the first in a series about personal security focusing on compartmentalization.
This series is intended to be a practical low-stress guide to improving your personal security online without going to the extent that the Snowdens of the world require. This should protect you against data breaches and attempts to compromise your security from individuals. It probably won’t protect you from a targeted attack from a government organization.
For the purposes of this series, we’re going to use an imaginary person. Avery is a graphic designer working at a marketing firm who also has a side business doing art commissions under the brand Arya. She also has a blog called AvArt where she draws fan art and releases it for free.
What Is Compartmentalization?
The general idea behind compartmentalization is to divide up the different parts of your life into separate compartments.
You generally want to do this to prevent a compromise in one compartment from affecting another. The Ashley Madison data breach was a great demonstration of this. Had these politicians only applied proper compartmentalization, the leaks would’ve been meaningless. By using their government or publicly-known email accounts, their careers were largely destroyed.
Another benefit is separating your data. For the average user, this primarily prevents accidental leaks, such as sending a contract from work to your friends or sending a picture of that weekend you don’t remember to your boss. I’m sure if you think hard enough you can remember a time that happened.
Given the description of Avery above, she could split her accounts into the following four compartments:
- Personal - Email with family and friends, Facebook, Spotify
- Work - Passwords and email relating to her work at the marketing firm
- Arya - Web hosting account, email for accepting comissions, PayPal
- AvArt - Twitter account, Tumblr, email
If Avery doesn’t care about her fan art and her commissions being related, she could reasonably reduce this down to three.
Since the nexus of a person’s digital life is typically an email address, Avery should start by making an email account for each of her compartments.
Avery created the following email accounts to service each compartment:
- Personal - firstname.lastname@example.org¹
- Work - email@example.com¹
- Arya - firstname.lastname@example.org¹
- AvArt - email@example.com¹
Avery has all her existing accounts using her old email. Unfortunately, there’s no quick way to fix this besides going through and updating every single one to compartmentalize them properly.
Once Avery completes that work, she’ll have her compartments properly split. Only personal content will be going to her personal email account, etc.
How Should You Compartmentalize?
The answer to this will change for every person, but here are some common compartments you can choose from, or create your own as your needs dictate.
- Side Businesses
- Social Media Accounts
For example, I have four primary compartments: Personal, Career, Company, and Travel. My Travel compartment contains accounts and services I use only when traveling such as airline apps, flight trackers, hotels, etc. Company is data and accounts related to and protected by my current employer’s data protection policies. Work contains things related specifically to my career, such as LinkedIn and professional societies, and Personal is everything else.
The extent to which you compartmentalize is largely up to you. The more compartments, the better, but this can get out of hand pretty quickly.
There’s one important note here: Use a different master password for every compartment. If one password is compromised, you don’t want it to compromise your other compartments. Further, you should be using a password manager for all of your websites to mitigate this risk, but I’ll be getting to the benefits of a password manager in another post.
Both Chrome and Android support different user profiles. Creating profiles for each compartment can contribute to your overall security.
 Don’t worry about these specific email addresses. Contoso and Fabrikam are example domains owned by Microsoft and are commonly used as examples.