You have access to sensitive data. Whether it is your personal data or your company’s data or your company’s customers data, you have access to a lot of information that probably should not be made public. In this day and age, preventing data leaks is quite the challenge.
In this blog post, we’ll iterate a number of steps that you can (and should!) do to make life a little bit more difficult for the hackers out there. If you are like me, there are many things that you probably should do some day. Well, that day can (and should) be today!
- For starters, have a look at your desk: how much information can the cleaning staff find out from your old notes and post-its laying around?
- Do you lock your screen when you leave your laptop?
- Do you have your screensaver locking your screen?
- Have you encrypted your hard disk? Or at least your /home?
- Do you have a backup?
- Is that one encrypted?
- And where is your master password for your encrypted disk and/or encrypted backup stored?
- You do have a password manager, right?
- Do you have different, random, strong passwords everywhere?
- An online or offline one? Have you checked the credentials of the company making your password manager? Is it open source?
- Is your phone encrypted? Most (modern) iPhones are encrypted by default. For Android you might need to press some buttons but be aware that the encryption scheme isn’t perfect *).
- Why not use Signal instead of WhatsApp?
- Maybe enable your private or company VPN on your phone to have safer internet access on public WiFi’s?
- Have you enabled 2FA (two-factor authentication) on Google, Facebook, Github, Bitbucket, …?
- Check your back-up e-mail address which most services allow you to set: how safe is that account?
- Do you use the same (Google) account for e.g. games like Pokémon GO? Probably not a good idea. Check which apps have access in your social network(s) settings (Google, Facebook).
- How about that laptop or old phone you donated to your nephew?
- Did you wipe the hard disk properly?
- USB sticks and SD cards, how many have you floating around and shared with other people?
- Where’s your e-mail hosted? Do you have both cloud and local copies?
- Consider using PGP/GPG, or better yet, do not use e-mail for sensitive stuff.
- Try out e.g. Keybase for safe(r) communication with stronger identity