What Is Digital Security?
Digital security is about keeping your personal online presence safe. If you pay attention to digital security, you’ll protect yourself from hackers and remain a less attractive target for cyberattacks.
In the real world, there are many kinds of security. There’s the external security a country gains from a standing army and the internal security a city gains from having a police force. But there are also more personal kinds of security: the safety of locking the door to your house or having your wallet in a front pocket where nobody can grab it.
Those same layers are present in the online and mobile world. The conversation around cybersecurity often happens at the level of systems, with big million-dollar breaches getting most of the news coverage. But the personal sphere is much more relevant to the average internet user.
In this article, I’ll be talking about digital security: how you can live a life online without fear of being compromised. We’ll discuss your biggest digital security risks, how you can address them and what weapons you have at your disposal.
What are examples of digital security?Some of the best strategies for digital security include choosing strong passwords, enabling two-factor authentication, applying all software updates and using a VPN.
How does digital security work?Digital security is about taking measures to prevent hackers from entering your personal systems and stealing sensitive data.
How many types of digital security are there?Digital security protects five general categories of data: your personal identity, your location, your passwords, your financial information and your health care information.
Digital Security vs Cybersecurity
Before going any further, I need to shed light on a murky part of the conversation: the difference between digital security and cybersecurity.
Many people will tell you there is no difference. They’re correct that the terms are often used interchangeably. But there is one set of definitions I find useful for illuminating how internet security is a multifaceted problem.
Under this definition, cybersecurity (or cyber security) refers to the technology that keeps online transactions safe. That’s encryption, anti-malware programs, VPNs, onion routing and so forth.
By contrast, digital security refers to the ways average internet users interact with that technology, using it to protect their own devices and identities. And that’s exactly what we’ll be learning today.
What Personal Data Is a Digital Security Risk?
The best way to be entirely safe on the internet is to never go on the internet at all, and never talk to anybody who might go on the internet.
If that sounds too inconvenient (quitter), you’ll need to decide what information is the highest priority to protect. Not every piece of information is a digital security risk. You don’t have to jealously guard your favorite season of Babylon 5 unless it’s the answer to one of your security questions.
Instead, focus your digital security measures on a few specific categories:
- Data that verifies your identity
If hackers get their hands on this, they can pose as you online. This can include anything from your social security number or driver’s license number to the information you use for account security questions.
- Data that reveals your location
The biggest risk here is your real IP address. If anybody gets a hold of that, they can figure out where you are, how to contact you, and even what your house looks like from the street.
- Your passwords or anything that can be used to deduce them
You should never share your login credentials with anybody. But if your passwords are too weak, hackers might not need them — it’s pretty easy to find out someone’s birthday online.
- Financial information
It’s all a liability: online banking information, such as bank account numbers, routing numbers, credit card information, debit card numbers, financial transactions, expiration dates, security codes, and card ZIP codes.
- Health information
People don’t often think of this one, but it’s a big risk. If a criminal knows anything about your medical history or health insurance, they can file false claims and use your identity to score expensive drugs.
So that’s what you need to protect. But how do you actually protect it? Read on.
What Can Internet Users Do to Protect Themselves?
The good news about digital security is that you’ve got as many ways to protect yourself as hackers, scammers and advertisers have to try and compromise you. This section lists a few of the most effective. Do all these, and you’ll be a harder target than 99% of people online.
1. Lock your devices
Almost all of us have had a nightmare about our phone or laptop getting stolen by a sinister villain who uses the information inside to steal our identity. Yet, despite how scary that sounds, 28% of smartphone users in 2017 reported that they didn’t lock their screens.
It’s the same with laptops. Keeping them locked and password-protected is so easy and effective that there’s no reason not to do it. Set all your devices to lock automatically after a certain period, and get in the habit of locking them whenever you leave them unattended — even at home.
2. Choose strong passwords
Let’s say a cybercriminal has stolen your laptop and is trying to break in. How do they try to guess your password?
They’ll start by trying every word or phrase that could be associated with you, along with all the most common substitutions: 4 for A, 3 for E, 1 for I, etc. Passwords derived from your life are the weakest. They’re like leaving the keys under the sun visor.
If that doesn’t work, the hacker will move on to a dictionary attack, using a program to rapidly try every word in the dictionary. This will catch any password that’s a real word or common phrase. If that fails, they’ll try a brute force attack, trying every possible combination of characters until they hit the right one. That takes more time the longer your password is.
Important Traits of a Strong Password:
- It can’t be guessed from information about your life
- It isn’t a word or phrase in the dictionary
- It is at least 15 characters long
Remembering these keyboard-vomit passwords is the worst. Luckily, you don’t have to do that. Think of a series of randomly chosen dictionary words placed end-to-end. I’ll use a Random Word Generator to come up with four right now:
The best mnemonic is the first one you come up with, no matter how silly, so here’s what I got: a pair of giant Groucho Marx glasses with a cowboy hat, smoking a cigarette as they stride toward the OK Corral for a showdown. Boom, remembered.
Digital tools can also help you out here. With a password vault (see “use digital privacy software”), you can randomly generate strong passwords and save them locally.
3. Use multi-factor authentication
Two-factor authentication (2FA) and multi-factor authentication (MFA) adds a layer of security to sensitive online accounts. Any account with 2FA or MFA requires multiple steps to log in. For example, one is the password, and the other requires access to a separate account or device.
This makes it much less likely that anybody will access your highest-value data, like anything related to finance or health. A hacker may be able to steal your bank password, but it’s much less likely that they also stole your physical phone at the same time (remember that most cybercriminals never see their victims).
Two-factor authentication is usually easy to turn on from the “settings” or “preferences” menu of any web app.
4. Apply all software updates
I get it: updates are a pain. They interrupt your business, take forever to download, and half the time they add new features you don’t want. But you should apply them anyway.
Why? Because developers release new updates when they’ve discovered security flaws that need fixing. Updates frequently patch holes discovered by security audits or independent researchers. Unless you’re up to date, you’re not getting full protection.
5. Don’t click suspicious links
I love the kind of “hacking” in movies that’s just the character typing really fast, but most cyberattacks don’t look like that — any more than any real person would ever leave their keys in the sun visor.
The truth is, a “hacker” doesn’t need to know much about technology if they can trick you into giving them what they want. With the right software, a hacker can steal all the data on your laptop just by getting you to click a single malware-downloading link.
They’ll do that by assuming the online identity of your great aunt on Facebook. Or sending you an email that says you’ve won the Jamaican lottery. Or buying a domain name that’s one letter away from a popular site.
Bottom line: If you aren’t sure about a link or the message it’s a part of, don’t click.
6. Avoid social engineering scams
Social engineering is the broad category that includes the tricks I described above, like posing as a relative to make a victim download malware. It’s any kind of hacking that relies on psychology as much as technology.
There are many extremely low-tech social engineering attacks, like:
- Breaking into a building by carrying a stack of heavy boxes and asking someone to hold the door for you
- Posting your phone number on a bulletin board labeled as “the new IT helpline,” then asking everyone who calls for login credentials
- Calling the parents of a college student, impersonating a police officer, claiming the student is in jail and demanding money for “legal fees”
The list is as long as the list of human foibles, which is to say, endless. But most social engineering attacks are easy to foil with just a bit of resistance and skepticism. Con artists rely on their victims acting on gut instinct. If you challenge them — say, by calling your child yourself in the third case above — they’ll usually move on to the next victim.
7. Use digital privacy software
Of course, some attack vectors are harder for the average person to defend against. That’s where technology comes in handy. If you’ve got a virtual private network (VPN), an anti-malware program and a password vault, most hackers won’t be able to touch you.
See the section “types of digital security tools” for a list of tools that can help you secure your devices and connections.
How to Get Protection in the Online and Mobile World
Most pieces of general digital data security advice also apply to your smartphones, tablets and other mobile devices. Lock your screen. Apply software updates. Don’t click suspicious links.
But some aspects of digital security are unique to the mobile experience. Here are a few tips for dealing with those pitfalls.
1. Don’t leave your phone or tablet lying around
A stolen mobile device is a huge security risk, and theft can happen in a second. If you remove your smartphone or tablet from your home, it should be on your person at all times. It’s not hard to carry them around; they’re called mobile devices for a reason.
2. Don’t use fingerprint or face ID
Most smartphones now have the option to lock with your face or fingerprint instead of a code. Don’t use these features. Fingerprint and face locks can be fooled with widely available technology. A six-digit code is harder to crack than either one, as long as it’s truly random.
To make your passcode impenetrable, use an alphanumeric code if your phone offers it. A six-digit alphanumeric code has 36^6 possible combinations (well over 2 billion).
3. Be careful on the App Store
Malicious apps on the iOS App Store are a known problem, and there’s only so much Apple can do about them. The Google Play Store isn’t exempt either.
Don’t expect Apple and Google to keep you safe here. You’ll need to sharpen your own BS detector before downloading any apps. Read the reviews in-depth. Any time you plan to get an app, research it to make sure it’s not connected to any scams.
Types of Digital Security Tools
These programs will help bolster your personal digital security. Each category has options that are affordable, easy to use and effective.
Virtual Private Network (VPN)
A VPN is one of the best all-around investments you can make for your digital security. Using a VPN gives you two layers of protection. It hides your IP address by running your internet connection through a proxy server and encrypts all information you send so only the intended recipient can read it.
VPN services aren’t foolproof. The VPN provider itself can still see your data, so it’s imperative to choose a trustworthy service with a clean record. But with the right VPN, such as ExpressVPN or NordVPN, you’ll be essentially untraceable online.
Antivirus & Anti-Malware
“Antivirus software” is a misnomer these days, since the original self-replicating computer viruses don’t really exist anymore. More modern attacks take the form of malware, a catch-all term for programs that sneak onto your computer for any nefarious purpose.
A good antivirus program checks any suspicious file on your computer against a massive database of known potentially unwanted applications (PUAs). It can also use machine learning to identify malware that isn’t in the database.
Weak passwords may be the biggest hole in data security worldwide. Every time you read about a big company suffering a ransomware attack, odds are it started with some nitwit whose password was 12345.
A password vault is a secure place to keep every password for every account you use. Instead of remembering 50 strong passwords, you only need to remember the one master password that opens the vault.
Apps like LastPass can also generate strong passwords for you and save them automatically, so you don’t even need to think about them.
Conclusion: Digital Security
The technology we have to fight back against hackers and protect our digital security is more sophisticated than ever. Thanks to machine learning, we can anticipate malware attacks before they happen. We can use VPNs to browse without fear due to nigh-impenetrable encryption.
As always, the biggest weak link is people. We have the most important job in data security: learn how to protect ourselves with skepticism, dedication and curiosity.
Thanks for reading! Now it’s your turn — how do you practice data security every day? What is the biggest digital security risk you face? Let me know in the comments.
Leave a Reply