To help you understand the words protecting online privacy and how to achieve it, we offer 10 actionable tips. By following our practical advice for low or no cost protection, your online digital footprint is much less likely to be exploited, and serious problems can be avoided.
Protecting your online privacy is more important than ever because the World Wide Web now polluted by social media scandals, security breaches, intentional and unintentional falsehoods, threats, slander in social media, and even doxing (publishing your personal information on the internet for all to see). Like it or not, the Web affects all facets of our lives (even if we never go online). Our online presence—our digital footprint—can impact everything from careers to relationships with family, friends, and peers, so becoming educated about the dangers on the Web and proactively protecting yourself is wise. Ignorance in this case is not bliss, and clinging to denial really is unwise.
Managing your online identity might seem inconvenient and too time consuming, but this effort is far easier than fixing a stolen identity, being the focus of a social media scandal, losing a job, or worrying about what will happen now that someone has doxed you—published your personally identifiable information on the Internet for all to see).
At Presence Global, we know the importance of managing online identity and personal, private information. We have years of security knowledge in addition to a deep concern that much the public is either naïve, uninformed, or in denial about the seriousness of the dangers on the Web. Our blogs are intended to help make you an informed on-line consumer, one with control over personal privacy. The following sayings describe the aim of our blog posts:
“There is no knowledge that is not power.” – Ralph Waldo Emerson
“An ounce of prevention is worth a pound of cure.” – Benjamin Franklin
Download and Use Antivirus Software
Antivirus (AV) software can be one or a set of programs designed to prevent, search for, detect, and possibly remove viruses and malicious software. Malicious software can be ransomware, worms, trojans, adware, spyware, and more. Using antivirus software on computers and phones greatly helps to keep information secure and immune to hacking. Many vendors of good AV software exist. Not sure where to begin? McAfee and Norton are some great, inexpensive options.
Many companies have a free AV version that protects your device but lacks the additional robust features that come with a paid service, the so-called bells and whistles. Check the website of individual companies for a free version. With a free version, you might have to accept occasional emails that urge you to buy the basic or premium version. (Possible free versions might be visible only after you click a Downloads tab to get to that part of their site.)
AV companies must frequently update their security intelligence on your computer because criminals frequently update their methods. If an AV program does not automatically download new AV intelligence to your device, it might alert you when an update is needed, or else you should check every day or two for updates to AV intelligence. Also, keep the operating system (OS) and all apps on your device updated. Some AV programs can alert you to critical updates to the OS and to apps.
Autofill for forms is convenient when you’re in a hurry, but for online autofill to work, your information and a password must be stored online. Online storage of passwords can leave you vulnerable to online security breaches. So, disable autofill and take a little extra time to fill out your forms or use a more secure solution or alternative. For an alternative that secures online autofill, see LastPass in our 7th tip, “Optimize Your Passwords.” (For more information about LasstPass and other password managers, see our post, The Case for a Password Manager.)
To deactivate a smartphone’s autofill service that requires online storage of a password and other information, open the Settings area on your device. In Settings, you might have to search on “autofill” to locate the services that support autofill. Not all of them require online storage of a password. For example, one device OS has Settings–>Tools–>Autofill service, which asks you to create a password, but the Personal dictionary service does not.
Turn Off Your GPS
Turning off your phone’s and computer’s wireless use of location services, which relies on global positioning data (GPS), helps to protect your online privacy. Typically, when you are using social media, by default your device broadcasts its geographic location as a precise longitude and latitude tracked by a GPS satellite.
By disabling location services on your phone or just for the apps that have no need for your location, you will prevent companies and people from tracking your location. (A security issue that most consumers do not know is that even if you do not use an app, it can be hacked and used to compromise you.)
For details about managing location services, see Protect Your Privacy on a Smartphone.
Use Private Browsing Modes
Browsing in private mode will improve your online privacy and help to protect your identity. Most browsers (Mozilla Corporation’s Firefox, Google Chrome, Apple Safari, Microsoft Edge, etc.) have a private browsing mode you can choose in the browser’s Settings.
Some search engines, such as DuckDuckGo, Qwant, and Startpage, do not retain your browsing history. Even if you delete browsing history in your browser, others might keep it, so take advantage of these additional options to minimize the possibility of data breaches.
Clear your browser’s cache and cookies every day. The reason is that a browser cache can contain malware and undesirable cookies that have somehow gotten into the cache during your online activities. This chore might seem tedious and annoying because websites will repeatedly ask you to accept cookies (after you clear them from the cache), but it is a simple addition to protecting your online presence.
In addition to the security benefit, clearing the cache avoids the browser performance problems that come with a bloated cache (sometimes, a browser does not work correctly until you clear an overly full cache).
Use a VPN to Make Web Browsing Anonymous
Protect your online privacy with a virtual private network (VPN). This technology sends and receives information across an unsecured internet connection without disclosing your online identity or location. A VPN encrypts your data to create a secure virtual tunnel between your computer and the far end of your communication.
You should turn on the VPN as soon as you go on the internet. Some VPNs have an option you can set for automatically starting up the VPN when you go onto the Internet, but you might have to manually start it up when you go on the Internet—but a VPN is worth the effort!
You have multiple VPN providers from which to choose. Refer to CNET’s list and rankings of VPN providers. Some providers of anti-virus software include a free VPN with their paid service but limit it the daily amount (for example, 200 megabytes of download per day through the free VPN).
Use Public Wi-Fi and Hotspots with Caution
Public Wi-Fi and hotspots are open networks, so unauthorized parties can intercept traffic of nearby users. Your online identity and the name of your device can be exposed. We advise that you:
- Use your own private hotspot when possible.
- If you must use public Wi-Fi, use a VPN to secure your traffic.
- Use complex passwords (see next tip, Optimize Your Passwords).
- Disable auto-complete forms (see also the 4th and 7th tips).
- Be sure that the sites you access are using HTTPS (Hypertext Transfer Protocol Secure), not just HTTP.
- Always use the latest version of your browser.
- Avoid logging into sites that have critical information (like bank accounts) from public Wi-Fi.
- Use two-factor (or multi-factor) authentication for any web site
sthat offers it. (See also LastPass in next tip, “Optimize Your Passwords”.)
Optimize Your Passwords
To protect your online identity:
- Use a strong password for your passwords and update them frequently.
- Do not use the same password for all your accounts.
You can also use a password vault and random password generator to create passwords. We endorse LastPass as a secure vault for storing passwords (which are accessible through a master password or passphrase that you create). In addition to randomly generated passwords for all your applications and login information, LastPass offers regular security checks, secure autofill for forms, multi-factor authentication, and other valuable services. LastPass offers a free version (so you have no excuse!); a premium version at a reasonable price, with excellent tools such as advanced multi-factor authentication (MFA), dark web monitoring, and a security dashboard for you; and a family-size deal. In addition, like our Presence blogs, LastPass blog posts are a great source of knowledge for your online self-defense.
Do not Open Suspicious or Obvious Spam Email
This advice is common knowledge yet a worthwhile reminder: “think before you click.” A suspicious email or obvious spam can be a phishing or spear phishing attack (a phishing attack that specifically targets you). (“Phishing: The act of sending email that falsely claims to be from a legitimate source.”) A phishing email often contains a threat of legal or financial liability or requests your personal information. For example, an unexpected or puzzling email claims that your account is “locked” or will close, a balance is due, or information is missing from an account.
When you receive an email that appears to be spam (for example, if it has an uncharacteristic Subject or addresses you by your entire email address), mark it as spam immediately. Do not open or even download attachments in any suspect email or click on links in a spam mail. (Your email program might automatically put it in a Spam folder, which you should periodically check and empty.)
If email from someone you know seems unusual coming from that person, contact them to confirm. If a phone call is not convenient, Forward the email to that person and manually type their email address—do not Reply to the suspicious email—and ask if they sent it. Even if they sent it, did they create it or just forward it from a known or unknown source?
Monitor Your Social Media
Social media are a significant risk factor for online identity theft and hacking, so it is crucial to be vigilant with your social media usage. Avoid oversharing and sharing personally identifiable information (PII). PPI can be your maiden name, address (even the city), children’s names and schools, and locations. This PII can give online identity thieves what they need to answer security questions for your bank account or use personal information for other criminal or harmful activity, such as doxing you (maliciously publishing all your PII on the Internet). Also, if you receive a connection or “friend” request from a total stranger on a social platform, know that accepting the request from a hacker can open the door to downloads of malware to your device.
In a 2018 study, the Identity Theft Resource Center found that approximately 52 percent of respondents shared personally identifiable information through social media sites. The same survey found that about 48 percent of respondents shared information about their children, while nearly 33 percent shared their location information. A total of 42 percent of respondents shared information about their travel plans through social media. Do not become a statistic. Monitor, audit, and control your social media accounts.
Manage Your Online Footprint
Download the Presence app to manage your online identity (and see our post on digital footprint). Presence offers a visual tool to help you see and manage your online privacy on social media and across the entire Internet. Presence Global gives you the ability to detect, protect (by auditing security and privacy settings), and control your online identity—download the Presence Global app to get started at Apple Corporation’s App Store or the Google Play Store.
Join the movement #privacyfirst
See also the following from the National Cybersecurity Alliance: