Whether you’re a start-up or freelancer, managing both your own data and that of your clients is a responsibility of increasing importance. As technology rapidly becomes faster, more accessible, and increasingly convenient, good practice around security, encryption and privacy often struggles to keep up. Here are some of the easiest steps with the biggest impact that you can take to help secure the tools of your trade today.
Whether you’re a start-up or freelancer, managing both your own data and that of your clients is a responsibility of increasing importance. As technology rapidly becomes faster, more accessible, and increasingly convenient, good practice around security, encryption and privacy often struggles to keep up. Here are some of the easiest steps with the biggest impact that you can take to help secure the tools of your trade today.
{{divider}}
1.Keep Software Up To Date
{{divider}}
The first step is to ensure that applications such as desktop and mobile are frequently kept up to date, and set to automatically download the latest software updates as soon as they become available. These are designed to constantly fix new bugs and weaknesses in the system that are being targeted by hackers as they arise. According to Apple Support services, turning the computer off and on similarly scans for malware and removes any dubious bugs that may have been installed from online activity. So while it can be more convenient to simply shut the screen or send your laptop to ‘sleep’, regularly making a habit of closing all windows and properly shutting the system down can have a more positive difference.
{{divider}}
2. Use A Secure Browser
{{divider}}
Apple’s default browser is Safari - and the upside to using this as your default browser is that if you encounter a problem, this is the only browser that Apple support will be able to help you fix. However, it is debatable as to whether or not this is the most secure browser available, and there are an increasing number of alternatives that advertise themselves as more customisable and secure, for example Chrome and Brave are some popular contenders. Brave browser markets itself as a browser that enables greater levels of advertising and cookie customisation and privacy, and also allows you the option to earn digital ‘tokens’ for any adverts that you do engage with. Ultimately what browser you use is a matter of personal preference but some of the modern alternatives certainly seem worth investigating.
{{divider}}
3. Configure + Cleanse Cookies
{{divider}}
In an increasingly time-pressed environment most of us are privvy to simply selecting the ‘accept all’ for cookie configurations - especially when they now present themselves on every single website that’s visited. However the best option is obviously to configure the settings for each page, allowing only those that are essential to use. On the other side of the table, some may argue that they would rather have advertisements that are more tailored towards their tastes if they’re going to have to view them. In both circumstances the next best option is to set your browser to automatically clear cookies and the cache upon closing so that your activity is only tracked for a limited amount of time.
{{divider}}
4. Set-up Two Factor Authentication
{{divider}}
For each of your devices and applications (including social media apps, icloud, Linkedin etc) make sure that an added layer of protection such as 2-FA is turned on. This means that even if your password does become compromised, a login will not be enabled without a code that is sent to your mobile. Alternatively you can choose to use a code generated by an authenticator application, instead of receiving a text message. The downside to this is that if you lose your phone, it will be more difficult to log into these accounts. However many applications also supply you with a backup code that you should keep somewhere safe in this eventuality. You should also turn on settings that send you a message when a new or unauthorised device has logged on from another location.
{{divider}}
5. Lock Sensitive Files
{{divider}}
Regarding data protection for files on your desktop, icloud or other third party software service, sensitive files should be anonymised or pseudonymised as soon as possible, along with security measures that restrict access. This means using coded labels that do not make any sensitive details immediately obvious, and encrypting access with a password. On your mobile, you can also use apps that store documents or information behind an extra password layer and delete them from other areas of your device.
{{divider}}
6. Register With The ICO
{{divider}}
If you are a business handling customer data and information, you’ll be familiar with the process of registering with the ICO for a small annual subscription fee. You can find out more about your obligations and how to comply, including protecting personal information and providing access to official information via the ICO website. When using third party software to store details and information it is also worth investigating with whom the responsibility lies. No method is 100% safe and secure as all services require storage and backup to be located somewhere. However taking small steps to understand how security can be maximised is often worth the added layer of time in order to regain peace of mind.
{{divider}}
7. Consider Third Party Software
{{divider}}
Just as some doctors are obliged to store patient details using third party software applications on their home devices, your line of work may be able to offer a recommended industry standard equivalent. When it comes to third party software designed to scan and monitor devices for threats and bugs, Malwarebytes is currently the only programme endorsed by Apple, however it is not free to use and does come with an annual subscription fee. Other popular options include recognised services such as Norton Anti-virus.
{{divider}}
8. Regularly Check Device Activity
{{divider}}
On both mobile and desktop you can regularly check and manage the number of devices that are currently logged onto your accounts and services. Via a mobile simply visit the settings and view your apple ID, and on desktop you can review the settings in applications such as your email accounts. If you have two factor authentication and device recognition setup as suggested above, the risk of this should be limited. Sometimes device recognition can also be glitchy - even if you are using your own device, it can often be the case that the tracked or last login location comes up wrong. However if you are still concerned it is always safer just to change the password. You should also review apps such as twitter and linkedin, and check which applications you have granted access to these accounts. Make it a regular habit to clear the apps that you no longer use via these logins, otherwise they will continue to use, sell and monitor your data.
{{divider}}
9. Password Protection
{{divider}}
While it is safer to use a different password for each account, no one has the memory or attention span of an elephant on a laptop. It is also not a good idea to allow your device to ‘remember passwords’ for you as they are then stored somewhere that could compromise their security. Just as if an account is being used by multiple people within a company, one option is to use a password manager which can store passwords in an encrypted way that allows for greater security with multiple means of password generation access.
{{divider}}
10. Consider A VPN
{{divider}}
Although not a necessity, some people prefer to use a Virtual Private Network which masks their personal computer IP and online browsing activity by re-routing this information through another server. There are added benefits to this such as greater accessibility to services independent of geolocation. However finding a good VPN can be surprisingly difficult, and there are other possible drawbacks such as slower service and pricey subscription fees. As with all the other recommended steps, it really boils down to the level of your individual priorities when it comes to balancing these opportunities and trade-offs.
{{divider}}
Many hackers and data breaches do not employ techniques that are as sophisticated as most people or Hollywood movies imagine. It is more often the case that as with email and mobile phishing scams, we are mislead into actively participating in giving up too much information ourselves. It is often safer to be sceptical - if a link looks suspicious or is unexpected, ignore it and go directly to the source instead - even if it is from someone you know! If you feel uncomfortable about the amount of information that is being asked of you, stop the process and return to the task later with a calm and clear head.
{{divider}}
For most of us, going digital is no longer an option when it comes to participating in society, and we place a large amount of trust in third parties when it comes to handling and managing our data and privacy on a daily basis. However actively taking the steps necessary to ensure that the way such information is handled as one of collaboration and customisation, requires a certain level of individual input. Exploring some of the steps above could help to give you greater peace of mind when it comes to navigating the world wide web, whether you’re surfing the web 2.0 of today, or the emerging ‘metaverse’ 3.0 of tomorrow.
{{divider}}
