Key Takeaways
- Weak passwords increase vulnerability, especially if reused, which can lead to breaches across multiple accounts.
- Tracking by tech companies and ISPs endangers your privacy.
- Improper storage of documents in the cloud can put your data at risk.
You’ve been warned over and over that you’re at risk while online, but what are those risks exactly? Let’s go over how you’re vulnerable online and how you can fix it.
How You’re Vulnerable
There are a lot of ways you’re leaving yourself wide open to attack by online criminals and the manipulation of marketers. Some of them aren’t under your control: for example, events like the Dropbox Sign data breach couldn’t have been prevented by regular users. That’s all on the service you’re using.
However, there are ways in which many people are practically inviting online cybercriminals to do their worst. Below are the most common.
Weak Passwords
Probably one of the ways we make life easier for cybercriminals is using weak passwords, or, worse yet, reusing passwords. Weak passwords are a problem as a dictionary attack—which is a hacker trying to gain access to your account by running through a dictionary of common passwords and their variants—can easily “guess” what the password is.
Reusing your password is even worse, as you’re compounding the danger posed by breaches. If your password is leaked in a breach, the account with that company is compromised. However, if you’ve been reusing your passwords, then other accounts are vulnerable, too. The breach may have nothing to do with you, but your password hygiene is your responsibility.
Tracking
Another way you’re vulnerable is through tracking. While some of this is done by criminals, most of it is done by more respectable institutions, like big tech and, in the United States, your internet service provider (ISP).
This tracking is done through several avenues. ISPs can simply monitor any traffic you generate, while the sites you visit can use tracking cookies or even browser fingerprinting. Any and all data hoovered up this way is then packaged and used to create a profile of you, which can then be sold to advertisers to target ads at you. It’s not very sophisticated, but it makes technology companies a lot of money.
Improper Storage
Another important security issue people don’t always pay attention to is how they store their data online. For example, many people will scan documents (tax, SSN, health insurance) for backup purposes, which is a good thing. Less good is when they then put those files into cloud storage without making sure the provider they’re using is secure.
Thing is, cloud storage security isn’t as simple as it’s made out to be. Most services will encrypt your data when it’s being sent and when it’s being stored, but this isn’t the same type of encryption. There is a brief moment where your data isn’t encrypted, meaning it’s vulnerable to the service itself as well as anybody that has gained access—like if an employee reused their password.
How to Protect Yourself
All these are pretty serious risks, but there are ways you can protect yourself. Some things are obvious, like not using social media too much and being careful what you store and which sites you visit. There are also programs that can help you; let’s look at three types.
Password Managers
Fixing your weak passwords is the biggest issue, so let’s deal with it first. You need to create strong passwords that can withstand dictionary attacks. This means that they need to be random, use different kinds of characters, and need to be long. This increases what’s called password entropy, or the strength of a password.
Of course, remembering these passwords is next to impossible for most people. This is where password managers come in. These programs generate, store, and autofill passwords for you. They effectively replace your memory with their own, meaning you no longer need to remember passwords and can use strong passwords for all your sites. The very best password managers will even alert you if you’ve duplicated passwords.
VPNs
Tracking isn’t as easy to fix as password issues are, sadly. On the modern internet, tracking is ubiquitous and almost inescapable. However, virtual private networks (VPNs) can do a lot to make your browsing more anonymous.
They do this by rerouting and encrypting your connection, effectively replacing your IP address with that of a server run by the VPN provider. While this does not stop tracking, it will associate your online behavior with the server, not with you—especially if you also engage your browser’s incognito mode.
While VPNs can’t protect you from everything, they are a great step toward thwarting unwanted tracking by marketers and cybercriminals alike. The bad news is that the best VPNs usually charge for their services, meaning this protection doesn’t come free—though there are good free VPNs, too.
Cloud Storage
As for fixing storage issues, the best way to do so is by using cloud storage that makes use of end-to-end encryption. This method bypasses the encrypt-decrypt-encrypt system we mentioned above, thus fixing a huge security loophole. Sadly, not every cloud storage service thinks this is important, so you need to shop around a bit to find one that does.
For example, IDrive and Sync.com, both of which feature on our best cloud storage roundup, offer end-to-end encryption, as do several other major players. Both offer limited free plans that should be more than enough for most of your important documents.
Protecting Yourself Online
While using these types of software won’t render you invulnerable online, they will do a lot to make the likelihood of a successful attack a lot smaller. Add some common sense security measures, and you can lower the chances of being victim of an attack even further. As a bonus, all three types of software also come with some nice benefits for your quality of life: password managers’ autofill is wonderful, and VPNs can help unlock Netflix libraries.