Life isn’t just in the real world anymore.
We hang out in virtual chat rooms, our “friends” on various social networks are often people we’ve never seen in person, and we can build entire communities that span the globe with just the click of a mouse.
It’s pretty fantastic what technology has allowed us to do, both as social creatures and as authors. Our writing can reach people on the other side of the planet and we can interact with friends, fans, and supporters anywhere, at any time.
But with great power comes great responsibility—the need to take care of all the usernames, passwords, logins, files, and other digital detritus that has popped up like mushrooms surrounding our online lives.
We’ve been talking recently about how to spring clean your computer files and your author website, and today we’re going to dig into cleaning up your online footprint and making sure that you’re safe and secure wherever your digital life takes you.
1. Be Alert
You are your own first line of defense in the digital age. A recent major hacking incident proved the value of staying alert when it comes to your online activity. The WannaCry exploit spread when people clicked on an infected attachment in their email.
Most of us know to forward phishing spoofs to PayPal and not to click on suspicious attachments, but hackers get more clever every day, using psychological tricks and faked web addresses to convince us that an infected PDF is really the memo we need from Phil in Accounting.
If you’re not sure where an email originated, don’t open it. If you weren’t expecting an attachment, really don’t open it!
Always check the URL of a link you’re about to click by either hovering over the hypertext to reveal the web address information or by copy-pasting the URL into a plain text editor or other document before going to the site. If anything looks fishy, like that eBay link actually pointing to www.ebay.ru instead of www.ebay.com, for instance, don’t do it!
If a file attachment’s type doesn’t match up with what the file’s supposed to be, don’t click. For instance, a PDF document should end with .PDF—it should be, for example, Royalty_Report.pdf. If you instead see Royalty_Report.exe, delete it immediately!
2. Stay Updated
Another easy tweak to stay safe online is to stay updated. Enable automatic updates for your operating systems on your computer and phone. Tech companies are constantly patching holes in their software that Big Bads like to use to try to take over your devices.
If you wait to install the updates and patches that they issue, you’re putting yourself at risk of getting hacked. That’s what happened with the WannaCry exploit—it took advantage of unpatched computers running older operating systems. With the newest releases and newest updates applied, there was much less danger of being hacked.
Now, you don’t necessarily have to be running the absolute latest OS to stay safe—you can be using an OS that’s one or two versions older and still be okay as long as you apply updates regularly. So if your laptop is a couple years old and still running, say, Windows 8 or Mac OS Snow Leopard, you’re not throwing the door open to hackers…if you update and patch regularly (or automatically). But if you hold off on those updates for a year? Yeah, you’re in trouble.
The same goes for all your software. Hackers can take advantage of loopholes in your word processor, your email program, and any of the apps on your phone to take over your system…often without you ever knowing.
So be sure to update all your software regularly. Android and Apple app stores push updates out to your smartphone devices, and both Windows Store and the Mac App Store also help you keep your software up to date.
For an added level of updating security, add a good virus scanner and security manager. You can get suites of software that protect multiple devices against all kinds of threats for a good price these days.
Kaspersky Labs makes Total Security, which can protect your smartphones, tablets, and computers, as well as adding an extra layer of protection to your online activity for $60/year.
For $50/year, Norton’s Security Premium protects 10 devices and offers 25Gb of secure online backup in case things go wrong. It also helps secure your online experience, managing passwords and protecting against spam.
For $45/year, Bitdefender Total Security protects five devices, manages your passwords, permanently destroys sensitive files you’ve deleted, and checks up on your WiFi network security.
You can also get either a basic free security system or an upgraded paid version from AVG. Their suite of tools can help you stay safe regardless of whether you’re using a PC, Mac, or Android mobile device.
3. Manage Logins
First and foremost, set up a device login. Everywhere. On everything.
Your laptop, your phone, your tablet—they all need logins, and they all need to be different, just in case. You can use built-in security like the Windows facial recognition login, or you can just type in a password. But you need to have this security option enabled, rather than just having your computer automatically start up and let you start working.
Otherwise, anyone who steals your device—or picks it up while your back is turned—can start poking around and potentially find your login information and other key data. The most secure password management system and security suite on earth can’t protect you if someone just picks up your laptop and automatically gets access to your bank account.
You’ve undoubtedly heard this a thousand times, but you need to stop using your pet’s name and your birthday as your password on every site you use.
Each and every site needs to have a unique username and password to make it hard for a hacker to get access to your entire life from stealing one login or making a single lucky guess.
But it’s really easy to fall into bad habits just because remembering a billion different unique usernames and passwords is a pain in the butt. So take this opportunity to do a clean sweep and set up good habits that you can maintain without fuss!
Strong passwords are ones that aren’t just hard to guess, they’re hard to brute-force crack using random number generators running on fast computers. These best-practices passwords use a random string of 10 or more letters, numbers, and punctuation marks that have nothing to do with anything else and use a variety of patterns and capitalization.
They’re also friggin’ impossible to remember.
That’s where password managers come in. Instead of having a list of umpty-billion random passwords written down (and updated constantly), you have a single Master Password to remember.
And honestly, it’s okay to write down that one password in a secure location, like in a file on your phone called “Cats” or in a sticky note in your wallet with no other information on it about what the string of gobbledegook means. Just be sure that if your wallet or phone is stolen, you immediately change that master password.
A great password management tool is LastPass. You can start out for free and upgrade to premium for just $1/month—totally worth it to lock down all your usernames, passwords, and accounts! Even the free version is available on all your devices, so there’s no excuse not to use it. It’ll even generate strong passwords for you, eliminating the risk of repeating yourself or accidentally creating a pattern hackers can exploit.
Lots of banks and other companies now make you change your password every 30 to 60 days. This is a great practice for any website, not just your banking login—you should switch up your Facebook password, Twitter password, and others on a regular, rotating basis.
With a password manager, this is simple. Just generate a new password, save it to the manager, and you’re good to go.
Put it on your calendar to do every month or so—spending a few minutes once a month generating new strong passwords (and yes, changing your Master Password for your password manager) can prevent a lot of hassle and heartache down the road.
Many companies are now offering two-factor authentication in their logins. You may have seen this pop up on your Gmail account or elsewhere.
If you always have your smartphone on you, this is an amazing way to add a level of security to all your activity.
Basically, in two-factor authentication, whenever you try to log into the two-factor account, you’re sent a one-time-use code to your phone. Enter that code to the site and you’re in.
It’s not foolproof—if a thief gets your phone and logs in, they can log in to your two-factor account and start breaking into other areas of your life. But odds are, if you’ve lost your phone for any period of time, you’re already taking other steps to batten down the hatches and prevent any damage.
Rethink Your Hints and Security Questions
It can be tough to remember all your logins and other information. Using a tool like LastPass can take care of your logins for you, but most sites also require you to set up hints and security questions these days.
And hackers can take advantage of the vast troves of personal data we share openly online to guess at the answers, gaining access to your accounts even if they don’t have access to your strong passwords.
Think about it: if the password reset hint is “Pet’s name” or “first car” and you’ve ever written on Facebook about this, a savvy and persistent hacker can track down that public information.
Instead of answering the question straight up, either code your answer (changing letters for numbers or adding symbols) or develop a personal cipher to protect yourself.
You’re a writer—how about answering your security questions from the point of view of one of your characters? Instead of putting down the street where you grew up, answer with the street your favorite character grew up on. As long as you remember which character’s POV you’re working from, it’s now a lot harder for anyone other than you to guess the answers to these questions.
4. Secure Your Phone
All the computer safety measures in the world won’t help you if you haven’t also secured the other essential pieces of tech in your life! Most of these tips and tricks can be applied to using your smartphone or tablet, too—install security software (try Lookout Mobile if you don’t have a complete security suite that protects multiple devices).
Just like with your laptop, you need to have a login enabled on your phone. Whether you choose to use a password, PIN, drawing pattern, or fingerprint is up to you, but your phone needs to be locked down when you’re not actively using it.
Otherwise…well, you know that great password manager you’ve got? And that two-factor authentication? Someone who picks up your phone now has access to all that key data. Oops.
5. Be Smart about WiFi
One of the easiest ways to invite a hacker to take over your computer or steal your sensitive information is to use unsecured WiFi. Whether at home or working from the coffee shop, always make sure your internet connection is trusted, safe, and protected!
At home, add a password to your WiFi. Most of us have this set up out of the box, using whatever password came with the router, so we’re already protected. For an added level of security, change that default password to something stronger and harder to guess.
Oh, and don’t leave the password sticker on the router! If someone breaks into your home, they can simply jot down all your login information, then pop onto your network and start snooping around your online activity. Next thing you know, they have your bank login…and a lot more damage has been done than if they just stole your new TV.
Surf Securely Outside the House
When you’re out and about, only use trusted WiFi networks, not random open hotspots. Sure, they seem convenient, especially if you’re at the airport and need to get some work done on your book while you’re waiting.
But who’s really operating that hotspot? Is it the airport, the coffee shop you’re in, or the hacker with an open laptop sitting a few tables down?
If you log onto an unsecure network, particularly one set up by a hacker to bait people into using it, you’re handing over the keys to your online identity…and maybe even to your bank account.
Your best bet is to use your 3G or 4G network on your smartphone if you need to do any work online when you’re out of the house. If you need to use your laptop, turn on the Hotspot feature on your phone (being sure to password-protect it) and tether your laptop to that instead of using WiFi wherever you are.
And try not to log onto your bank or credit card account over WiFi—again, use 3G/4G for more secure transmission.
If you need to use WiFi when you’re out and about, consider investing in a VPN subscription. A Virtual Private Network is exactly what it sounds like—a private group of computers all strung together within the larger boundaries of the internet.
What’s important is what it does: secures your internet activity against people outside the VPN group. All the data you send and receive over the VPN is encrypted, so it’s much safer to log on from a coffee shop or airport and get your writing done and your emails sent.
There are a lot of different factors that play into what makes a good VPN, and most of them are highly technical. Bottom line, you want a service that has a bunch of servers, doesn’t log your activity (or clearly spells out what gets logged), and allows you to log on from a variety of operating systems and devices. PC Mag has a helpful breakdown of great VPN services, including their key features and what kind of user they might be best for.
Staying safe and secure online seems like a huge challenge, especially when we hear about hackers taking over millions of computers across the world in big, scary incidents. But there’s a lot you can do to manage your online security without a lot of hassle.
Be smart, take advantage of key software and tools, and play it safe when you’re working away from home. We can’t ever be 100% protected, even inside a plastic bubble, but with a few smart strategies, you can live your online life to the fullest!
Use smart strategies and key tools to protect yourself and your data online.
For more on managing your digital life, read on: