These smart strategies can lessen your chances of falling victim to the next data breach
Though there’s plenty of uncertainty in the early days of 2019, here’s one sure bet: Keeping your personal data private and secure will be even more of a challenge.
In 2018, we learned that millions of consumers had been affected by cyber threats at the Mariott hotel chain, as well as tech giants such as Facebook and Google, once considered to be all-but-invulnerable to data breaches.
Smaller-scale attacks by hackers and malware harmed consumers, too.
And those are just the cases involving bad actors or software bugs.
Marketers have continued to get better at intruding on your digital privacy as well, finding ways to collect and monetize the personal data you generate every day as you navigate the web, use your phone, and even watch TV.
Unfortunately, the monetary incentives to target your personal data—whether legally or illegally—remain strong.
However, there are quick and easy changes you can make yourself, right now, to protect your digital privacy. And the more consumers take these steps, the more it tells companies that privacy matters.
Here are five simple strategies to boost your digital privacy and security.
Update Your Devices
One of the easiest and most effective ways to protect the security of your computers and mobile devices is to keep the software up to date, says Maria Rerecich, senior director of product testing at Consumer Reports.
Updates help manufacturers patch security vulnerabilities quickly. Just this month, for example, Apple released a patch for a bug that allowed eavesdropping on FaceTime conversations.
After installing an update, it’s a good idea to double-check your digital privacy settings to make sure nothing has changed in the process. To do that, look in the Settings or System Preferences menu on most digital devices.
Though phone and computer manufacturers are usually vigilant about informing you of updates and even offering you the chance to automatically update your devices—a smart option—that’s not always the case with devices such as routers, security cameras, and baby monitors.
So take a moment every few months to check for software and firmware updates for those items. (For instructions on how to launch updates, search online or check the user’s manual for the device.)
Use Two-Factor Authentication
What if you could find a way to make your password all but useless to a hacker? That’s what two-factor authentication does.
Instead of relying solely on a password, user accounts secured by two-factor authentication require an additional level of proof of ID before granting access.
This may involve the use of a physical device (like your phone, a card, or a fob) or some biometric marker (like a fingerprint, a voiceprint, or facial recognition).
How two-factor authentication typically works
When you log in to an account on a new laptop or smartphone, you’ll be asked for your password, but once you enter it, you won’t immediately get access to your account.
Instead, the website will ask for a one-time code sent by text to your phone.
The second “factor” is your phone; without it and the password, you’ll be denied access.
Almost every major online service offers some form of two-factor authentication as an option.
To find out how to enable it, just search for “two-factor authentication” online (or “2FA,” for short) with the company name, such as Amazon, Apple, Gmail, or the name of your bank.
Freeze your credit
There’s not much you can do to stop the next data breach, but you can minimize the financial risk with a credit freeze, says Justin Brookman, director of consumer privacy and technology policy for Consumer Reports.
That prevents most lenders from looking at your credit history, which keeps them from issuing a credit card or approving a loan to an unauthorized party.
The one problem is that a freeze also locks out vendors you are doing business with.
That might include obvious ones—like a mortgage lender or a carmaker’s finance company—and not-so-obvious ones—such as a cell-phone company or even a potential employer.
You need to initiate a freeze with each of the four major credit services: Experian, Equifax, TransUnion, and the lesser-known Innovis.
And when you do file an application that requires a credit check, you’ll have to contact them individually to lift the freeze.
A bit of good news: Though there used to be a small fee associated with placing a credit freeze, a law passed in mid-2018 makes it free with the three biggest credit reporting bureaus.
Install a Password Manager
A password manager is essentially a virtual vault that creates and then stores complicated, hard-to-hack passwords for all your online accounts, letting you access them with one simple-to-remember password.
Dashlane, 1Password, KeePass, and LastPass are among the most popular password managers, and they’re either free or inexpensive ($2 to $5 a month).
Using a password manager certainly beats using “Password2019” for everything and hoping for the best. But what if you have a slew of accounts, each currently with its own less-than-secure password?
Though password managers are superb at helping you generate an effective new password and remember it, they can’t automatically replace all your existing passwords.
To lock down all your accounts, you have to log in to each one individually, opt to change your password, then let your password manager do the rest.
If that sounds like a colossal headache, try triage.
Focus on your most important accounts—your email, bank, and healthcare accounts—and change the rest whenever you log in to them.
Before winter’s over, all your accounts should be secured with new, stronger passwords locked away in your password manager.
Make Privacy a Priority
There’s a lot to be said for choosing strong privacy protections whenever you sign up with a fresh online service or set up a new device.
Some of these settings can protect you from hackers. But others, like turning off location tracking on your phone, can also slow the erosion of your digital privacy that happens when tech companies collect and share information.
At a very basic level, retailers and social media companies rely on consumers to volunteer information. When making a purchase or setting up an affinity account, they’ll ask for your phone number or email address.
But just because they ask doesn’t mean you have to answer.
And if the vendor does require you to authenticate your email address, set up a burner account that you use for shopping and other inconsequential online activities, while reserving your main email address for important tasks like banking and healthcare.
Your devices ask for your information too, often without your knowledge. Start by checking your smartphone settings to determine what permissions each mobile app is asking for.
Does it want access to the phone’s microphone? Location data? Your contacts? If you’re not sure why an app needs that information to function, turn off the permission.
If that keeps the app from working the way you want, you can always switch it back on later.
Using these strong digital privacy settings will help preserve your privacy while encouraging companies to pay more attention to consumer privacy.
And don’t be shy about letting companies know that the issue is important to you. Tell customer-service reps and raise the concern in online surveys.
Companies take customer feedback seriously, and if they get enough complaints about tracking, data breaches, and other privacy problems, they just might change the way they do business.
Protecting Your Online Privacy
It doesn’t matter if you’re on your phone or your laptop, your personal information can leave a digital trail of where you go online.
On the “Consumer 101” TV show, Consumer Reports’ expert Thomas Germain explains to host Jack Rico what to do to protect your online privacy.
Source: Consumer Reports