We often think of security as something we can buy. While some code and computers are more secure than others, staying safe has more to do with our behavior.
Here are some ways you can change the way you use your computer to reduce risk to your data, privacy, and personal life.
1. Encrypt Your Computer
A password prevents other people from logging into your computer when you’re away, but this doesn’t offer as much protection as it seems. Someone who knows how to take your hard drive out of your computer can access all of the data that you’ve created. That’s why you also want to encrypt your drive, so that others can’t access your data in this way.
Device encryption is usually a built-in option now, including on Windows 10. There are also free tools available that can do the job for you. VeraCrypt is one option that’s available for Windows, macOS, and Linux alike. But if you find this too complicated a job, many newer computers already come encrypted.
Your easiest option might be buying ones that does.
2. Encrypt Your External Storage, Too
Encrypting the data on your computer is important, but you almost defeat the purpose of the entire exercise if you backup your machine to an unencrypted portable hard drive or carry files around on an unencrypted flash drive. You want to encrypt these forms of external storage too, that way gaining access to these drives take as much effort as breaking into your encrypted PC.
You can sometimes encrypt external storage using the same method you use for your computer. Linux users can do this by reformatting their drives into the encrypted LUKS format, which you can usually do without having to install any additional software.
On Windows and macOS, you can again turn to programs like VeraCrypt. There are also some external drives that come with software to handle the encryption for you.
3. Power Off Encrypted Devices
Encrypting our data provides us with more security, but this is easier to circumvent while our machines are on and running. There are ways to acquire or bypass your password and gain access to decrypted data while your laptop is asleep.
To maximize your defenses when you’re not at your computer, power it all the way down. When your machine is fully powered down, someone must go through the effort of breaking encryption or attempting to guess your (hopefully longer) encryption password. These things are possible, but they take more effort or resources than many people are willing to put in.
4. Keep Your Data Offline
At the rate data breaches occur, we have much to be anxious about today. Purchasing an electronic device often means facing pressure to create another account for another service, where we will give someone else our personal contact information, maybe share our credit card, and generate a lot of revealing data.
One way to reduce this anxiety is to actively choose to keep your data offline. Popular wisdom right now may be to backup all of your files online, but you have other options. Portable hard drives and USB flash drives are more affordable than ever (and it’s easier now to encrypt them).
You can also choose not to purchase devices that require online accounts. You don’t need to buy a smart thermostat when a programmable one and knowledge of your own behavior can achieve a similar end result.
You don’t have to avoid all online services, but you reduce your risk if you don’t allow yourself to fall into the habit of signing up for every account you’re prompted to.
5. Turn Off Wi-Fi and Bluetooth
We live in what is in what is increasingly called an always-connected world. But just because you can live your life with an ever-present connection to the internet already established, that doesn’t mean you have to. You have the option to turn off your Wi-Fi connection. Better yet, tell your computer or phone not to auto-connect.
Manually connect to the internet whenever you’re ready to get online.
By only going online when you want to be online, and disabling your connection otherwise, you reduce a company’s ability to monitor what you do on your device and make it more difficult for someone to remotely gain access to your computer (while also cutting down on distractions).
If you purchase a model with privacy switches, you can physically sever the networking component, preventing remote access until you flip the switch again.
Treat Bluetooth the same way you do Wi-Fi. If you don’t have any devices currently connected, then turn it off. In both cases, you may improve your battery life in the process.
6. Disable Your Webcam and Microphone
Now that our devices come with webcams and microphones, there are more ways to compromise our privacy. People can not only view what we’ve saved to our computers or the websites we visit, they can see our faces and the rooms we’re in. They can hear our voices and those of our loved ones.
By default, your webcam and mic aren’t always on, but they’re lying dormant waiting for an app or command that triggers them to wake up. If you disable them, they won’t wake up even if a command comes in.
You can disable these devices at the software level. If your computer has privacy switches (or you use a desktop where the camera and mic have to be plugged in), you can do so at the hardware level. If nothing else, you can put a sticker over the webcam
7. Use Fewer Apps
The more complicated a piece of software is, the more likely someone will find an exploit. That’s because there are so many components and lines of code for developers to write in a secure way. A single flaw in any aspect of the system is all it takes to break in.
Many times, the vulnerability someone exploits isn’t in the operating system itself but in a separate program that we chose to install. Think your web browser, office suite, or email client. Sometimes the risk comes via supposedly innocent apps like PDF readers.
If you install fewer apps, you not only reduce your likelihood of downloading malicious software, but you reduce your chances of being vulnerable to an exploit found in an otherwise legitimate app. You also protect yourself from being dependent on software that could go away once a developer or company loses interest.
8. Download Free and Open Source Apps
Everything that’s on your computer exists somewhere as a line of code. Whether we’re writing a document, watching video, or playing a game, we’re interacting with language. With most commercial software, we can’t view the code behind what we’re doing and we don’t have the freedom (or permission) to try.
We have to trust that nothing shady is going on.
Fortunately there are alternatives available in the form of free and open source apps like Mozilla Firefox, LibreOffice, and VLC. You can even purchase computers that come with open source operating systems from companies like System76, Purism, and ZaReason. Or you can replace the OS on a computer you already own.
Free software doesn’t restrict what we can see. You can keep this code on your computer, have it audited, modify your copy however you wish, and share it with others. This mitigates your risk of software going away overnight, as often happens with cloud services.
I’m not saying that free software is inherently more secure than proprietary software (there’s a lot to that debate). But using free software on your desktop is the only way I’m aware of to have true control over what’s on your computer, trust that a company isn’t monitoring what you do, and maintain access to the programs that you rely on.
What Steps Have You Taken?
Remember, absolute security is a myth. We put locks on our doors not to make our homes impenetrable but to make the job difficult enough to dissuade others from making the effort.
Often, improving your security isn’t about adding more, it’s about using less. Less time connected means fewer times your computer is accessible remotely. Using fewer online services means fewer sites that can leak your data. Creating less data means you have less information to safeguard in the first place.
Some companies will collect and leak your data without your control, but there’s still a lot of power that’s in your hands. And there are steps you can take to counter data breaches when they happen.