The Obligatory Post on Data Security
Security has been dubbed “everyone’s favorite topic” for the fact that everyone needs to talk about it, but no one wants to. And as long as massive data breaches continue to trend on the news, you will continue to be hounded with reruns of these conversations, especially on data security.
If you want to do your due diligence to protect your personal data, this post will be your guide. There is no need to reinvent the wheel when contemplating where to start — just take a page from Radius’s playbook. Radius is a SaaS company with SOC 2 certification, which means that third-party auditors have deemed us capable of securely managing our data to protect the interests of the company and the privacy of our customers. Therefore, if you implement our security practices in your personal life, you can get the same level of protection at home as a security-conscious business like Radius.
The following security standards are required to be SOC 2 compliant, and conforming to them in your personal life will significantly reduce your chance of ending up like this woman.
Here’s what you need to do:
Encrypt your Laptop
In a nutshell: Encryption converts the data on your machine into unreadable code that cannot be deciphered without the proper authentication key, which renders your data inaccessible if your laptop is lost or stolen. Full-disk encryption (FDE) happens at the hardware level and encrypts even your operating system. With this enabled, every bit of data that goes into your hard drive is encrypted and then decrypted automatically when you unlock your machine with the password. Once encryption is enabled, the encrypt/decrypt process will happen in the background without any action required from the user.
The how: Both Mac and PC’s offer FDE. While Microsoft machines running Windows 8.1 or higher have FDE automatically enabled, Mac users need to manually enable it.
The caveat: The encryption process can take up to an hour, and encrypting your machine can slow down the system’s overall performance, but these disadvantages do not outweigh the risk of having your data stolen. Keep in mind though that your data is essentially lost if you forget your password. If this happens, the last ditch effort is to reset it using your recovery key (a random series of numbers and letters provided to you after encryption). This means that you must protect your recovery key like your social security as well. If this is lost as well, you are pretty much toast.
Set up two-factor authentication
In a nutshell: Two-factor authentication (also known as multi-factor authentication) adds an extra layer of security to your online accounts. In order to access an account with two-factor enabled, you will need “something you know” (your password) and “something you have” (e.g. authentication token generated on your mobile device). It goes without saying that the latter requirement should be something that you and only you have access to like your personal cell phone. Do not borrow your grandma’s phone for this!
The how: Not all sites have this option available, but most major banks and cloud services do. To find out if a service you are using allows you to enable two-factor, you can review this handy list, which also provides instructions on how to set up.
The caveat: If you do not have your second piece of authentication on you, you will not be able to access your accounts with just your password, and this is the whole point of two-factor — you need both! If you are stuck in a predicament where you have lost your phone, it will be very difficult to regain access to your accounts if possible at all. For certain sites, you may be able to disable two-factor to log in again, but some sites require you to be signed in already to do so. Given the ramifications, you should always keep a copy of your backup codes if your service provides them, or better yet, protect your second factor with your life!
Use a virtual private network
In a nutshell: When you connect to wi-fi at a public coffee shop or airport, your connection is never secure and always open to interception by hackers. By connecting to a Virtual Private Network (VPN) before accessing the web, your pubic session turns into a private one. A VPN is usually a paid service that allows your machine to connect to a VPN server, which then creates an encrypted tunnel between your machine and the web, allowing only you, the VPN provider, and the website you’re visiting to know what you’re browsing. This makes it harder for hackers to steal your login credentials or send you to a spoof site.
The how: Companies with proper security measures make it mandatory for employees to connect to a VPN before they are able to access any of the company’s sensitive data. Corporate VPN’s are usually set up and configured by network administrators, and unless you work in the industry or are technically-savvy enough, most people do not have the skills to setup their own VPN server at home, which is where paid services come into play. There are multiple options for VPN providers, but I personally recommend ExpressVPN, which is available for both Mac and PC. As their name suggests, they are quick to setup and use. After the initial installation process, all it takes is literally a click of a button to secure your network.
The caveat: I still can’t accept that I have a monthly Adobe subscription bill, so imagine a bill for my VPN service. While it is a bit of a nuisance to pay for, VPN services are generally pretty cheap and teeters around the price of 2 iced coffees at Blue Bottle ($5 — $10). In short, if you can afford your daily fix of hipster coffee, you can pay for a monthly VPN service.
Turn on your firewall
In a nutshell: When I think about firewalls, I like to imagine a fiery wall that sets any unauthorized intruders on fire upon contact. Unfortunately, reality isn’t as vivid as my imagination, and a firewall in real life is simply a network monitoring device that filters out malicious software downloaded online from the safe ones (a barrier) and prevents them from entering your computer system.
The how: Firewalls can be either software or hardware. Turning on the software-based firewall on your Mac or PC requires only a few clicks of the mouse. You can also turn on the hardware-based firewall built into your wireless router at home for added security. Doing so requires logging into the administrative console of your router. It is a straightforward process if you know where to look, and most router models have downloadable manuals online where you can find out how to change your firewall settings. If you do not have your router’s login credentials, contact your internet service provider.
The caveat: Sometimes your firewall can erroneously mark software as malicious, and it can be frustrating when a legitimate download is blocked. Nonetheless, these cases are rare, and under no circumstance should anyone leave their firewalls turned off.
Install an antivirus software
In a nutshell: Antivirus software have been around for quite some time, and everyone should have some familiarity with their purpose. As the name suggests, it is software that detects and removes malicious software on your machine. While there are free software available for download online, the more comprehensive ones require payment.
The how: Do your research on the number of antivirus software available to you for your Mac or PC, and pick one that best fits your needs. After paying for your subscription, the next steps should be straightforward: download and install the software. Don’t bother looking into the free software online as they are mostly freemium products that do not offer the same capabilities as their paid counterparts. A decent antivirus software will detect and remove a threat before it even reaches your system, and this is the level of protection you want to secure your machine.
The caveat: Like firewalls, antivirus software can sometimes mistake harmless software for malicious ones, but this should not discourage you from using them. Software licenses are usually a one-time payment for a few years of protection. This can cost anywhere between a week to a month’s worth of coffee ($20 — $40), but the benefits of having a reliable detection system in place cannot be refuted.
Conclusion
You cannot control how corporations handle your data, but you are certainly in control of how your data is managed at home. Although adding layers of security to your life means losing certain conveniences, it is better to be safe than find out that a “JD Bigglesworth” has been using your SSN. Don’t be that guy. Trust me, it won’t be fun.
Bonus: Update your operating system
Apple and Microsoft have both released updates to address the KRACK vulnerability recently discovered. Always check for patches and keep your operating system updated.
