Frustrated woman

Now is not the time to take a nap in your security blanket

8 practical guides to secure the digital you

Privacy and data security are becoming more and more personal. Quite literally. Because safeguarding your private digital data is increasingly your own responsibility. 

The challenge is that recent data suggests people are taking fewer precautions, not more, to protect their digital identities—a trend called “security fatigue.” And this is a trend that we all need to resist. Researchers at the National Institute of Standards and Technology (NIST) published an informative cyber privacy study late last year. Interestingly, its findings around “security fatigue” were accidental, not an intended goal of the original study. 

Here’s what happened: NIST is the U.S. government’s measurement standards laboratory, responsible for setting standards in areas like quality control benchmarking, information technology guidelines, and even time itself through its atomic clock. NIST researchers wanted to investigate computer security behaviors, so they conducted a qualitative study focused on understanding a broad range of views on cyber security and online privacy. The study’s 40 test subjects ranged in age from their 20’s to 60’s and represented multiple professions and geographies. Questions covered topics like e-commerce, online banking, and familiarity with cyber security terms. 

While analyzing the interview data, a surprising pattern emerged: “We weren’t looking for fatigue in our interviews, but we got this overwhelming feeling of weariness throughout all of the data,” said one of the study’s co-authors. That weariness is what the researchers called “security fatigue,” describing it as:

“…weariness [with online security] leads to feelings of resignation and loss of control. These reactions can lead to avoiding decisions, choosing the easiest option among alternatives, making decisions influenced by immediate motivations, behaving impulsively, and failing to follow security rules.”

You may be tempted to ask: If major corporations can’t protect themselves from hackers, how can I? It’s a reasonable question. Especially when we read again and again about trackers collecting your sensitive private data without permission and countless other assaults on your privacy. But it’s the wrong question to ask. After all, doing nothing about your data security can jeopardize your personal finances, health data, and social shares—the many areas of your life that create digital data. 

To help you combat feelings of hopelessness and recklessness when it comes to online privacy, we’ve collected a roundup of guides that describe practical steps to protect the digital you. Here it goes:

1. This guide to setting up a Virtual Private Network “in 10 minutes for free” describes the steps you can take to install the secure Opera browser, evaluate VPN providers and products, and start using the Electronic Frontier Foundation’s HTTPS Everywhere browser plug-in.

2. The consumer privacy nonprofit Fight for the Future created an interactive guide to protecting smartphones, laptops, and desktops. This resource is designed to be accessible to computer users of any knowledge level.

3. Following the revelations about C.I.A. hacking, the New York Times produced a guide to protecting iPhone and Android smartphones as well as smart TVs, routers, and personal computers. 

4. Consumer Reports magazine produced a guide with 66 actionable tips for protecting your privacy, covering steps to prevent personal data collection, select better passwords, and even protect your data after death. They published a 10-minute digital privacy tune-up as well.

5. Quick tip from the FBI: cover your laptop’s webcam camera.

6. Famed hacker Kevin Mitnick shared his tips on how to secure your smartphone and laptop.

7. Here is a roundup of 10 low-tech ways to guard your online privacy, covering tips like plugging your headphone jack to thwart hackers from hijacking your smartphone’s mic.

8. Understand more about what encrypting your Internet activity from your ISP does and doesn’t do.

And, because a little levity is a good thing, here’s an article about how the founder of Cards Against Humanity intends to buy and publish Congress’ browser history.

Reading through these guides and articles, 3 suggestions appear again and again: 

Use a unique, strong password for every account. Because that becomes difficult fast, help yourself by using password management software and two-step verification, where available.

Update software frequently. Be vigilant about updating and patching the operating system software on all of your devices as well as all of your apps. Turn on auto-update options wherever possible.

Evaluate whether cloud services protect your data sufficiently. Not all cloud services are created equal. Evaluate the security of the cloud services you use on a one-by-one basis, in terms of policies and technical capabilities. Understand the risks of storing important personal data in the cloud, and consider local, encrypted storage options as alternatives to cloud services. 

Given all that’s happening with online privacy these days, now is not the time for anyone to be nodding off in their digital security blanket.