Business, writing, Writing Business

Safety For Writers Part 1: Online Security

Image via Pixabay

I wrote this article because of the uptick in hackings targeting small and medium-sized businesses. Since many countries have entered their respective COVID-19 quarantines, it’s made things worse because most people are either continuing their education or working on the same networks that aren’t well protected. Most home networks are designed with convenience and not safety in mind which can open the door to malware, scams and identity theft.

It’s no secret that we are in a worldwide recession which has thieves and con artists coming out of the woodwork making life difficult. Sadly, this doesn’t look like it’s going to be a short-term event either. In fact, the NSA, in a series of public reports, warned U.S. business owners to be vigilant about hackers targeting certain software systems. This is unusual for them and it has me rethinking how I secure my data. 

Now before I go on, I want to inform you that I am in no way affiliated with any of the products or services I mention in this post.      

The Elephant In The Room  

Ask any security expert and they’ll tell you that people are their own worst enemy when it comes to online safety. They use terrible passwords, or worse, they just stick to factory default ones. So, what kind of password should we be using? Well, according to former NSA contractor and whistle-blower Edward Snowden, we should be using passphrases not passwords. His example of a good passphrase was: MargaretThatcherIs110%Hot. Now I won’t judge his taste in women but his passphrase is pretty solid, it has numbers, upper- and lower-case letters, and even includes a symbol so this isn’t going to be easy to guess.    

Poison All Unnecessary Data   

Do you find it absurd how much information sites like Google and Microsoft want from users? When a user creates an account, they ask for your gender, age, and even your location. They claim it helps them personalize your experience when using their services but the fact is, they use this information to sell to 3rd parties. My one tip is to never give your real name or age, the only thing they need to know is that you’re an adult and won’t use their services illegally. Also, turn off all GEO tracking and ad customization, these things can lead to your personal information being exposed.  And if you’re using Google services be sure to delete not only the cookies on your Chrome browser frequently, but your search history as well.  

Are Your Devices Unsafe?  

Did you know that most software companies like Apple, Microsoft, and Google stop servicing their products after a specific number of years? They do this because they can’t afford to keep updating and patching older software however, users are often unaware of this. That means you could be using an unsafe phone or computer which could be vulnerable to hacking. So be sure to check that your devices have the latest software to keep them running safely. If your device is obsolete and not being serviced anymore then, you’re going to have to upgrade to a new one.      

Antivirus Software       

When I first started using the internet years ago, security experts scoffed at the idea of purchasing antivirus software. They reasoned, the one provided by Windows or Apple were sufficient enough. However now, since most home business owners share an internet connection with family members, they are changing their tune. Before experts figured if users were responsible, then there would be no need for extra protection. But the reality is children and teens are often not responsible. If they access a shady website in order to download music or look at something naughty, your business will be affected if they inadvertently install malware. And no, Windows and Apple products aren’t the best when it comes to protection, don’t believe me? Check out this Youtube video by PC Security where they test Windows Defender against several different types of ransomware. To make a long story short, it inspired me to upgrade the software on all of my devices.

The most popular antivirus software on the market today are:

  • Kaspersky
  • Bitdefender
  • Norton

Email Hacking 

Recently, I revealed that my email had been hacked twice in the past 15 years and the woman that I was speaking to exclaimed, “Oh, I’ve never been hacked!” which is unbelievable. In fact, it’s a flat out lie, everyone and their mother has been hacked, every social media site, major retailer, banks, and even governments have been hacked. The media often calls them data breaches and that means if you’re employed or do business with any of these types of institutions then you’ve been hacked.   

However, most people associate hacking with viruses and trolling on their personal devices. But the word hacking just means to compromise a device to steal data, corrupt files or commandeer a device. Sadly, you can’t control how companies and governments protect your data which will always make you vulnerable and that’s why you have to be vigilant.        

If you want to know if your email account has been compromised, just head over to: https://haveibeenpwned.com/ and type in all of your email addresses.  

Also, on that same site, you can check to see if your passwords have been stolen. It’s worth finding out.     

What To Do If Your Email Address Has Been Hacked?  

The best thing you can do after you’ve been hacked is to get a new email address. I know the experts say that you only need to change your password which is correct, you should boot out the person and regain control of the account. However, you have to think about the long-term consequences, once your email address is on the dark web, it will be sold to shady marketers (a.k.a. spammers) and other hackers who may try to break into your account again. If this is a business account or official channel of communication, then it’s best to start over.   

That’s because a hacker may use your account or even spoof it to send spam or malware which will get your email address reported and blocked. This is why some people find their emails being sent directly to the spam folder because their email address has been officially blacklisted.

In Closing… 

Before you unplug your modem and swear off the internet, just know there are steps you can take to prevent much of the scenarios I’ve discussed. The odds are in your favor if you are educated and are willing to put in the effort.

I hope you learned something new and if you have a tip to share then let me know in the comments section.  Next week, I move on to part two which involves protecting your network and communicating privately online.

Business, writing, Writing Business

Safety For Writers Part 2: Internet Safety

Image via Pixabay

Last week, I discussed basic internet safety for writers, and this week, I’m going to go a little further into the subject with more tips to help you protect your business and your clients from theft. But before I go on, I need to announce that I am not affiliated with the products and services mentioned in this post. So use them, or don’t use them, I don’t care.

Resetting Your Device

If your device is older or just not working efficiently, then most tech experts recommend resetting the device to the factory default. However, that’s not the only reason to reset a device, if you suspect that your computer or phone has been hacked, you may want to completely reset it to clear any malicious software. I started doing this years ago, and it is rather annoying, because it takes hours but if you value privacy, it’s a necessary step. According to tech guru and Youtuber Rob Braxman, “computers aren’t permanent” and he’s right, we have to change our mindset and go the extra mile if we want to protect our privacy and the privacy of our clients.

Wi-Fi Dangers  

Wi-Fi is a blessing because it makes communication effortless and convenient, however, it can also be a point of entry for hackers. Most home devices are hacked through routers with passwords that are either weak or nonexistent. Also many people working from home share a Wi-Fi connection with family members. If your router is capable, I would recommend trying to create a separate Wi-Fi network for your business devices and don’t mix it up with any personal network. Also, make sure this business network has a strong password that is changed frequently.   

Another tip to protect your online communication is to use a virtual private network or VPN. This type of service encrypts your connection and gives you some protection from prying eyes. VPNs are normally used by people using public Wi-Fi networks in cafes, libraries, or airports and are effective if used correctly. Today, most companies that have employees working from home are insisting they use VPNs. However not all VPNs are created equal, some are free and share your data, while some are just plain slow. It would be wise to learn the ins and outs of VPNs before putting any money down on a service.    

The ideal solution for most business owners would be to use a VPN router which will encrypt your data without the need to remember activating an app. They are a bit more expensive but worth the investment if you work from home and do business online.  However, if you’re going to do this please make sure that you understand how to properly set one up because the NSA has sent out a warning this month about the potential vulnerability of VPNs that are not set up properly.

Browser Danger  

One simple way to protect yourself from prying eyes is to make sure you use a secure browser. Your browser is constantly leaking data such as passwords, email addresses, and possibly even your I.P. address which is why you should never allow your browser to memorize your passwords or login info. Hackers can easily access this info because most browsers don’t encrypt the data.         

Chrome, Edge, and Firefox are the most popular browsers around but they’re not all the same. Chrome and Edge, for example, are both fast and easy to use but not necessarily private. Firefox, on the other hand, gives you some privacy but you have to know how to use the settings and install the right apps to keep people out. Below I list some of the more popular secure browsers:   

⦁ Tor   

⦁ Firefox  

⦁ Brave  

Branding Blindness   

Did you know there’s a prevailing myth that Apple products are safer than Microsoft and Android devices? This of course is false. The reality is Apple products are less likely than others to be hacked because they have a smaller share of the market. Microsoft’s Windows operating system runs on 80% of the world’s PCs. The same goes for Android phones which run on 75% of smartphones. They’re just bigger targets, and no less safe than Apple.    

Still not convinced? In 2013, Apple revealed a new biometric sign in option where users could simply use their fingerprint to log into their iPhone 5s device. Within 48 hours, hackers were able to break into those devices. So much for safety, huh? According to security experts, biometrics are actually worse than passwords because if your device is ever compromised, you can always change a password but you can’t change your face or fingerprints.    

So What Do We Do To Protect Ourselves?     

If you want to prevent a hacker or thief from taking over your device or accessing your online accounts, you do have options. There are encrypted, hardware devices that can be plugged into your computer or phone that offer 2-factor authentication or 2FA. Often called security keys, these products prevent most unauthorized users from gaining access to your devices and online accounts since they are a physical object rather than a traditional phone number or email address which is normally used for two-factor authentication. So if an unauthorized person tries to log into your device or online account even if they have the correct password, they won’t be allowed access, because they still need the physical key.          

Listed below are just a few popular options:         

⦁ YubiKey   

⦁ NitroKey   

⦁ TitanKey    

Stop Syncing Your Devices    

I know this isn’t going to be very unpopular but syncing your devices can make you vulnerable in the event you are hacked or your device is stolen. I understand the love of convenience but if you have a business where your or your client’s data needs protection then syncing isn’t the way to go unless, it’s encrypted.     

Prepare to be Hacked   

Recently, I purchased a computer that runs on Windows 10S and even though they claim to have enhanced security (try not to laugh), they still advise users to store files on their cloud service OneDrive. In fact, most paid anti-virus software also offer cloud storage (for a price) just in case your device is ever compromised. They understand nothing is 100% effective and having a backup plan makes you less likely to suffer any significant losses after a security breach.   

Popular cloud services include:

  • Dropbox
  • GoogleDrive
  • Apple iCloud Drive
  • Amazon Drive

However, the best way to secure your business files is to save them offline to an external hard drive or server that is encrypted or password protected.              

Privacy   

It’s no secret that privacy is a thing of the past for most people. Emails, social media, as well as phone calls, are all being monitored and if your work depends on anonymity, then you will need private ways to communicate. Say you’re a writer who interviews government officials, whistle-blowers, or even criminals, then you need to keep prying eyes away from your work. There are a few apps that offer private, encrypted email services as well as messaging apps and you should definitely know about them.            

Sadly, these email services need to be used between other users for the messages to be 100% encrypted. So if you’re sending your email from an encrypted service like ProtonMail to an Outlook recipient, the email won’t be encrypted let alone private. However, if you’re paranoid or you’re interviewing someone who is, then these services are a Godsend. Here are just a few well-known ones, keep in mind these are all paid services:        

⦁ ProtonMail   

⦁ Tutanota    

⦁ CounterMail   

If you are live messaging a subject or recording footage, you might need something more than encrypted email. Here’s where encrypted messaging apps come to the rescue. Recently, in the U.S., journalists, and protestors have been using these apps to record the Black Lives Matter protests as well instances of police brutality. There is a concern that phones will be taken by law enforcement who may try to either access or delete the content.    

What makes these apps different than typical social media apps is they don’t save your data on their servers so even if someone sues you or law enforcement tries to obtain the data directly from the company, they won’t get anything that identifies you. Here are some of the more popular ones:   

⦁ Signal    

⦁ Briar   

⦁ Matrix   

I didn’t include the popular apps WhatsApp (owned by Facebook), or Snapchat, even though they offer encryption and private messaging because of the numerous scandals surrounding these two companies.   

In Closing…  

I didn’t write this post to alarm anyone, I wrote it to educate writers on how to protect themselves, and their businesses from those wishing to do harm. We’re living in a world that is quickly changing and the old tips and tricks just don’t work anymore. I hope you learned something new and if you have a tip to share then let me know in the comments section.