1) Use strong passwords
A password is a basic way to protect your data. Its choice should be approached carefully. Primitive sets of numbers, words, including modified ones, any of your personal data contained in your password, and persons interested in hacking are selected quickly enough using special software.
It is recommended to use a combination of letters in different cases, special characters and numbers in the password. Even better, the password must be longer than 16 characters (P#$$M>Rd_wR1443N_c0Wpl1c4^3D). It will take attackers with state-of-the-art software tools more than 200 years to find such a password.
Another option is not to invent passwords yourself, but to use services like Genpas. They generate strong passwords from a random set of characters.
It is quite difficult to remember all complex passwords from dozens of accounts. So you can use a password store like KeePass or LastPass. They also act as password generators.
Passwords for the most important accounts - frequently used social networks and mail - will have to be remembered.
In addition, it is recommended to disable password saving in browsers.
Change your passwords periodically. You should not enter usernames and passwords in public places where video surveillance is installed.
It is not recommended to use the same password for different accounts.
2) Encrypt your data
You can encrypt information on hard drives and removable media. This will be useful if outsiders take your computer away from you or remove the hard drive from it. Without entering a special password, they will not be able to read the contents of the disks. All the information on Yandex. Disk will look like gibberish to them.
On Apple computers running OS X: Use FileVault, which has full-disk encryption. On the official website of the company, you can find instructions for its operation.
On Windows computers: Professional versions of the operating system (Enterprise, Pro, Ultimate Edition) from Microsoft have a built-in BitLocker program. For all other cases, there is a VeraCrypt program. With the current development of technology, it will take at least 40 years for the special services to decrypt the data protected by it.
3) Encrypt your email
To encrypt emails in an email, you need to use PGP technology, which encrypts messages before sending and allows them to be read only by the owner of a special password. Even if your email is intercepted, it will be impossible for outsiders to read its contents. The resulting text will look like gibberish for them.
To learn more about how PGP works, see the section about email encryption. So far, neither the FBI nor the CIA has been able to decode data from PGP correspondence.
4) Install additional protection against unauthorized access to your accounts
To do this, enable two-factor authentication wherever possible. This is an additional protection for accounts in social networks, instant messengers, email, Apple, Google, etc.
5) Stay anonymous online
To do this, you will need to use a VPN (Virtual Private Network). This technology allows you to access Internet resources ostensibly from other countries, without anyone knowing about your current location. This is important if you want to keep your location secret or use a service that is only available in a specific country. This is useful if you decide to make a transaction in a bank from abroad or connect to the service to watch Netflix series.
VPN services are provided by VPN providers. There are two criteria for the quality of such services: it should not store your data and it should have many external servers so that you can choose which country you are "visible" from for the site you decide to visit.
The most common and popular VPN services are TunnelBear and Hideman. They meet the quality criteria described above. Both have apps for iOS and Android, and versions for personal computers. Launch the program, select a country, and now all your connections from this device are encrypted. TunnelBear also has separate extensions for the Chrome and Opera browsers.
6) Use remote (cloud) data warehouses
If you lose any of your devices, you will not lose any information.
Google Drive storage is linked to your Google account. You can set up two-factor authentication on it, view the session log, and enable notifications about logging in from unknown devices. Google Drive itself does not encrypt data. This requires third-party services - such as Boxcryptor or VeraCrypt.
Apple hardware users have iCloud data storage. Access to it can also be protected by two-factor authentication.
Among the popular cloud storage services, data encryption is provided by Mega. Even the service administration cannot find out what is stored on its servers. Your account password is a unique decryptor key, the loss of which will result in the loss of all your data.
7) Enter important information only on sites with a secure connection
Any information from entering your username and password to your bank card number and your last name - should only be sent from resources that have HTTPS enabled. This is an encrypted method of transmitting information. It differs from the regular HTTP protocol in that any data that you send to the site is encrypted and cannot be intercepted.
Look at the beginning of your site's URL in the browser bar. Do you see the green lock and the abbreviation HTTPS? If not, the data transfer from your device to the site is not encrypted and the information can be intercepted.
Google Chrome automatically enables HTTPS on all sites where it is provided. It also works by default on most banking sites. On Facebook, too. But in "VKontakte" you will have to set up everything yourself.
8) Minimize the possibility of spying on you and eavesdropping on you
Intruders or special services, using special software and vulnerabilities of your software, can connect to the microphone and camera of your computer, phone or tablet. The webcam on the laptop can be closed and sealed. You can't break out the microphone, so it's best to have important conversations when the device is turned off. To make your location harder to detect, disable geolocation services on your smartphone. You can also switch it to airplane mode or turn it off altogether.
9) Keep track of who logged in to your account and when
Social networks, email services, and instant messengers can inform users about all the facts of logging in to their accounts. For example, if you have the VKontakte app on your smartphone, messages about logging in to your account will be sent automatically. In Facebook and Google, you need to configure this option.
If there are no automatic notifications, you can usually view a list of recent sessions (logins to your account) in your account settings and end them if there are any suspicious ones. Such a log of visits is available in Facebook, VKontakte, GMail, and the Telegram messenger.
10) Follow the rules of information hygiene
To perform important operations (financial transactions, ticket purchases, etc.), you need to use a computer that you are sure is secure. It's best not to use someone else's device. Remember that the computer you use at work does not belong to you, but to your employer.
Your computer must have licensed software, including operating systems. Pirated copies may contain malware and spyware. If you don't want to buy licensed programs, you can use free analogs. Although before downloading, it is best to check what they write about their security on respected IT resources (CNews, Geektimes, VC) and in Wikipedia.
The software on your device must be constantly updated. This increases the likelihood that developers have already fixed the main vulnerabilities.
You should not connect unknown media (flash drives, SD cards, smartphones) to your device, even for recharging. Do not connect any unknown USB devices to your computer. Even a USB-powered flashlight may have a storage medium containing malicious software.
You should disable autorun for external devices. This will help you avoid automatically launching malicious programs contained on them.
Don't charge your phones and tablets anywhere. You can connect your device to an infected computer that can access data on your device or download malware to it. Do not use public chargers that look like a kiosk or a box of wires unless absolutely necessary. It is not known what exactly you will connect to in this way. It is better to look for a regular electrical outlet and plug your own charger into it.
If you are working with a laptop or computer in a public place and need to move away for a while, you should put the device in sleep mode or lock the computer screen. You can only return to work by entering your password. If there are video surveillance cameras in a public place, you should not enter any passwords, and in general, you should use Internet services very carefully.
In a public place with unsecured Wi-Fi, you should use a VPN. This technology not only hides your real location from the administrators of the sites you visit, but also encrypts the information you transmit. There are cases when attackers tried to intercept information from computers on public Wi-Fi. If VPN is enabled on your computer, they probably won't succeed.
If your device has been in the hands of special services - for example, it was seized when crossing the border or during a search-it is no longer safe for important correspondence and financial transactions. The same applies to the repair of your equipment. There is a high probability that after these manipulations, a virus, spyware, or an additional chip will appear on your mobile, tablet, or computer. It's best to get a new device - sometimes data security is more expensive than money.
On a Windows computer, you should not work under an account with administrator rights. It is better to use a regular user account. Then, if the malware tries to install without your knowledge, Windows will notify you that you need to enter a password from the administrator account.
You should not give your computer to strangers who need to make a Skype call or check their email. If you still had to do this, it is better to log in to the guest account in advance, from which the installation of new software is not available. Also, be careful when handing over your phone to a third party.
Beware of emails that ask you to provide your personal information, including registration data. Otherwise, you may become a victim of this type of Internet phishing.
Use an antivirus program. Many common antivirus programs have a free license, the capabilities of which are quite sufficient for the average user. For example, this is AVG or Avast. Don't forget to update it regularly.
A password is a basic way to protect your data. Its choice should be approached carefully. Primitive sets of numbers, words, including modified ones, any of your personal data contained in your password, and persons interested in hacking are selected quickly enough using special software.
It is recommended to use a combination of letters in different cases, special characters and numbers in the password. Even better, the password must be longer than 16 characters (P#$$M>Rd_wR1443N_c0Wpl1c4^3D). It will take attackers with state-of-the-art software tools more than 200 years to find such a password.
Another option is not to invent passwords yourself, but to use services like Genpas. They generate strong passwords from a random set of characters.
It is quite difficult to remember all complex passwords from dozens of accounts. So you can use a password store like KeePass or LastPass. They also act as password generators.
Passwords for the most important accounts - frequently used social networks and mail - will have to be remembered.
In addition, it is recommended to disable password saving in browsers.
Change your passwords periodically. You should not enter usernames and passwords in public places where video surveillance is installed.
It is not recommended to use the same password for different accounts.
2) Encrypt your data
You can encrypt information on hard drives and removable media. This will be useful if outsiders take your computer away from you or remove the hard drive from it. Without entering a special password, they will not be able to read the contents of the disks. All the information on Yandex. Disk will look like gibberish to them.
On Apple computers running OS X: Use FileVault, which has full-disk encryption. On the official website of the company, you can find instructions for its operation.
On Windows computers: Professional versions of the operating system (Enterprise, Pro, Ultimate Edition) from Microsoft have a built-in BitLocker program. For all other cases, there is a VeraCrypt program. With the current development of technology, it will take at least 40 years for the special services to decrypt the data protected by it.
3) Encrypt your email
To encrypt emails in an email, you need to use PGP technology, which encrypts messages before sending and allows them to be read only by the owner of a special password. Even if your email is intercepted, it will be impossible for outsiders to read its contents. The resulting text will look like gibberish for them.
To learn more about how PGP works, see the section about email encryption. So far, neither the FBI nor the CIA has been able to decode data from PGP correspondence.
4) Install additional protection against unauthorized access to your accounts
To do this, enable two-factor authentication wherever possible. This is an additional protection for accounts in social networks, instant messengers, email, Apple, Google, etc.
5) Stay anonymous online
To do this, you will need to use a VPN (Virtual Private Network). This technology allows you to access Internet resources ostensibly from other countries, without anyone knowing about your current location. This is important if you want to keep your location secret or use a service that is only available in a specific country. This is useful if you decide to make a transaction in a bank from abroad or connect to the service to watch Netflix series.
VPN services are provided by VPN providers. There are two criteria for the quality of such services: it should not store your data and it should have many external servers so that you can choose which country you are "visible" from for the site you decide to visit.
The most common and popular VPN services are TunnelBear and Hideman. They meet the quality criteria described above. Both have apps for iOS and Android, and versions for personal computers. Launch the program, select a country, and now all your connections from this device are encrypted. TunnelBear also has separate extensions for the Chrome and Opera browsers.
6) Use remote (cloud) data warehouses
If you lose any of your devices, you will not lose any information.
Google Drive storage is linked to your Google account. You can set up two-factor authentication on it, view the session log, and enable notifications about logging in from unknown devices. Google Drive itself does not encrypt data. This requires third-party services - such as Boxcryptor or VeraCrypt.
Apple hardware users have iCloud data storage. Access to it can also be protected by two-factor authentication.
Among the popular cloud storage services, data encryption is provided by Mega. Even the service administration cannot find out what is stored on its servers. Your account password is a unique decryptor key, the loss of which will result in the loss of all your data.
7) Enter important information only on sites with a secure connection
Any information from entering your username and password to your bank card number and your last name - should only be sent from resources that have HTTPS enabled. This is an encrypted method of transmitting information. It differs from the regular HTTP protocol in that any data that you send to the site is encrypted and cannot be intercepted.
Look at the beginning of your site's URL in the browser bar. Do you see the green lock and the abbreviation HTTPS? If not, the data transfer from your device to the site is not encrypted and the information can be intercepted.
Google Chrome automatically enables HTTPS on all sites where it is provided. It also works by default on most banking sites. On Facebook, too. But in "VKontakte" you will have to set up everything yourself.
8) Minimize the possibility of spying on you and eavesdropping on you
Intruders or special services, using special software and vulnerabilities of your software, can connect to the microphone and camera of your computer, phone or tablet. The webcam on the laptop can be closed and sealed. You can't break out the microphone, so it's best to have important conversations when the device is turned off. To make your location harder to detect, disable geolocation services on your smartphone. You can also switch it to airplane mode or turn it off altogether.
9) Keep track of who logged in to your account and when
Social networks, email services, and instant messengers can inform users about all the facts of logging in to their accounts. For example, if you have the VKontakte app on your smartphone, messages about logging in to your account will be sent automatically. In Facebook and Google, you need to configure this option.
If there are no automatic notifications, you can usually view a list of recent sessions (logins to your account) in your account settings and end them if there are any suspicious ones. Such a log of visits is available in Facebook, VKontakte, GMail, and the Telegram messenger.
10) Follow the rules of information hygiene
To perform important operations (financial transactions, ticket purchases, etc.), you need to use a computer that you are sure is secure. It's best not to use someone else's device. Remember that the computer you use at work does not belong to you, but to your employer.
Your computer must have licensed software, including operating systems. Pirated copies may contain malware and spyware. If you don't want to buy licensed programs, you can use free analogs. Although before downloading, it is best to check what they write about their security on respected IT resources (CNews, Geektimes, VC) and in Wikipedia.
The software on your device must be constantly updated. This increases the likelihood that developers have already fixed the main vulnerabilities.
You should not connect unknown media (flash drives, SD cards, smartphones) to your device, even for recharging. Do not connect any unknown USB devices to your computer. Even a USB-powered flashlight may have a storage medium containing malicious software.
You should disable autorun for external devices. This will help you avoid automatically launching malicious programs contained on them.
Don't charge your phones and tablets anywhere. You can connect your device to an infected computer that can access data on your device or download malware to it. Do not use public chargers that look like a kiosk or a box of wires unless absolutely necessary. It is not known what exactly you will connect to in this way. It is better to look for a regular electrical outlet and plug your own charger into it.
If you are working with a laptop or computer in a public place and need to move away for a while, you should put the device in sleep mode or lock the computer screen. You can only return to work by entering your password. If there are video surveillance cameras in a public place, you should not enter any passwords, and in general, you should use Internet services very carefully.
In a public place with unsecured Wi-Fi, you should use a VPN. This technology not only hides your real location from the administrators of the sites you visit, but also encrypts the information you transmit. There are cases when attackers tried to intercept information from computers on public Wi-Fi. If VPN is enabled on your computer, they probably won't succeed.
If your device has been in the hands of special services - for example, it was seized when crossing the border or during a search-it is no longer safe for important correspondence and financial transactions. The same applies to the repair of your equipment. There is a high probability that after these manipulations, a virus, spyware, or an additional chip will appear on your mobile, tablet, or computer. It's best to get a new device - sometimes data security is more expensive than money.
On a Windows computer, you should not work under an account with administrator rights. It is better to use a regular user account. Then, if the malware tries to install without your knowledge, Windows will notify you that you need to enter a password from the administrator account.
You should not give your computer to strangers who need to make a Skype call or check their email. If you still had to do this, it is better to log in to the guest account in advance, from which the installation of new software is not available. Also, be careful when handing over your phone to a third party.
Beware of emails that ask you to provide your personal information, including registration data. Otherwise, you may become a victim of this type of Internet phishing.
Use an antivirus program. Many common antivirus programs have a free license, the capabilities of which are quite sufficient for the average user. For example, this is AVG or Avast. Don't forget to update it regularly.
