With the majority of our personal and business activities taking place online, it’s easy to get complacent about what information we access and when. However, if you’re signing in to online services to deal with sensitive personal or financial data, there are specific steps you should take to help keep your information and identity safe.
Safely Using Public WiFi
Most of us feel totally secure when we’re on a personal device such as our cell phone or laptop—but the truth is that your device is only as secure as the network it’s logged into. If you’re using a public WiFi network, your data could be at risk.
You don’t always know if a public WiFi network is secured. If it’s not, this means that your data can be seen by another user if you log into an unencrypted website. Vulnerable data includes personal documents you share via email, photographs you download, or even your log-in and password details.
Because it’s not possible to secure a public network as you would your home internet, it’s always a good idea to take extra precautions when working at the library, your favorite coffee shop, or any time you use the internet via a public WiFi network. Firstly, try to avoid accessing sensitive information, logging into social media, or making any purchases that require you to input your credit card details.
If you do need to conduct activities such as online banking over a public network, only do this via websites which are fully encrypted—in other words, those sites which have https in the URL. Using your mobile data instead of WiFi is another smart move, so consider logging out of WiFi and creating a mobile hotspot instead.
When a Device Isn’t Yours
Sometimes, you need to access the internet from a device that doesn’t belong to you. Maybe you’re checking email in the library or a hotel lobby, or using someone else’s phone to download a concert ticket.
When handling data via a device that isn’t yours, follow the same protocol as you would when using public WiFi. Avoid sharing or downloading sensitive data, and be wary of visiting any sites that aren’t encrypted. If you do download any information onto the device, make sure this is permanently deleted once you’re done—which usually means going into the device’s recycling bin to delete the data. And, when you’re done on the device, make sure to log out! It’s easy to forget this as we often remain logged in to our email, social media and other accounts when on a personal device.
Protecting Your Devices from Fraud
Even if you’re on a personal device, and even if you primarily use encrypted networks, it’s still a good idea to understand and use best fraud-protection practices when accessing data.
The most important step you can take to protect your data is to use robust antivirus software. Of course, simply installing software isn’t enough—you also need to keep it updated! Speaking of updates, make sure the operating system on all your devices is always up-to-date, because if it’s running behind the times, this can make your online activities more vulnerable to malware.
If you often access sensitive data and spend a lot of time on public WiFi networks, look into getting a VPN, which enables encrypted browsing. Most VPN services offer multi-device access, so you can log in on your laptop or a phone.
There are many web extensions and apps that can offer even more protection. HTTPS everywhere, for example, is an open-source browser extension that makes your browsing more secure by automatically switching sites to be https-encrypted, as needed. Another useful app is a password manager like LastPass, which securely saves your passwords so you can keep your online data safer without needing to memorize multiple passwords.