We use dozens of online services and apps every day to send and receive emails and text messages, make video calls, read news and watch online videos, and more. Plus, it’s extremely difficult to track and secure the insane amount of data we generate and consume every day.
And if you think, “I have nothing to hide,” you are wrong. Every piece of data that you post online that you cannot protect can be used against you. In the wrong hands, these data points can be collected and collated to create a digital profile, which can then be used to carry out fraud, spoofing and phishing attacks against you.
Your digital profile can also be used to invade your privacy in annoying and creepy ways, such as displaying ads that are personalized based on your innermost preferences and information.
However, it’s never too early to start protecting your digital information from prying eyes. In this regard, your best friend is encryption, the science of scrambling data using mathematics. Encryption ensures that only certain people can read your data. Unauthorized parties who gain access to your data will see nothing but a bunch of non-decrypted bytes.
This is how you can encrypt all the data you store on your devices and in the cloud.
Encryption of data on the device
First, the easy part. You should start by encrypting the data that you physically store. This includes content that you store on your laptop, desktop PC, smartphone, tablet, and removable drives. If you lose your devices, you risk passing confidential information into the wrong hands.
The safest way to encrypt data on a device is full disk encryption (FDE). FDE encrypts everything on the device and makes the data available for use only after the user provides a password or PIN.
Most operating systems support FDE. On Windows, you can use BitLocker to enable full disk encryption on your PC. On macOS, Full Disk Encryption is called FileVault. You can read our step-by-step guide to using BitLocker and FileVault
Windows BitLocker also supports encryption of external drives such as memory cards and USB flash drives. On macOS, you can use Disk Utility to create an encrypted USB drive .
Alternatively, you can try hardware-encrypted devices. Hardware-encrypted drives require users to enter a PIN on the device before connecting it to a computer. Encrypted drives are more expensive than their unencrypted counterparts, but they are also more secure.
You should also encrypt your mobile devices. Encryption on the device ensures that outsiders cannot access your phone’s data, even if they gain physical access to it. Both iOS and Android support full disk encryption. All Apple devices running iOS 8.0 and later are encrypted by default . We suggest leaving everything as it is.
The Android landscape is a bit fragmented as default OS settings and interfaces may differ depending on the manufacturer and OS version. Make sure you are encrypted .
Encrypt your data in the cloud
We rely on cloud storage services like Google Drive, DropBox and Microsoft OneDrive to store our files and share them with friends and colleagues. But while these services are good at protecting your data from unauthorized access, they can still access the content of the files you store in their cloud services. They also won’t be able to protect you if your account gets hacked.
If you are uncomfortable with Google or Microsoft having access to your sensitive files, you can use Boxcryptor . Boxcryptor integrates with most popular storage services and adds a layer of encryption to protect your files before they are uploaded to the cloud. This way, you can be sure that only you and the people with whom you share your files will know about their content.
Alternatively, you can use an end-to-end encrypted storage service (E2EE) such as Tresorit . Before storing your files in the cloud, E2EE storage services encrypt your files with keys that belong to you, and even the service that stores your files cannot access their contents.
Encrypt your internet traffic
Perhaps just as important as encrypting your files is encrypting your internet traffic. Your Internet Service Provider (ISP) or an attacker who might be lurking on the public Wi-Fi network you are using will be able to eavesdrop on the sites you browse and the services and applications you use. They can use this information to sell it to advertisers or, in the case of hackers, use it against you.
To protect your internet traffic from prying and malicious individuals, you can register with a Virtual Private Network (VPN) . When you use a VPN, all of your internet traffic is encrypted and goes through the VPN server before it reaches its goal.
If an attacker (or your ISP) decides to monitor your traffic, all they see is a stream of encrypted data exchanged between you and your VPN server. They will not be able to determine which websites and applications you are using.
Keep in mind that your VPN provider will still have full visibility into your internet traffic. If you want absolute privacy, you can use The Onion Router (Tor) Tor, which is both the name of the darknet network and the browser of the same name, encrypts your Internet traffic and routes it through several independent computers that have special software installed.
None of the computers on the Tor network have complete information about the source and destination of your Internet traffic, which ensures you complete privacy. However, Tor has a significant loss of speed and many websites block traffic coming from the Tor network.
Encrypt your emails
I guess I don’t need to tell you about the importance of protecting your email. Just ask John Podesta whose emails could cost his boss his chance to become president. Email encryption can protect your sensitive messages from people getting unwanted access to them. They could be hackers who hacked into your account, or the email provider itself.
To encrypt email, you can use Pretty Good Privacy (PGP) . PGP is an open protocol that uses public and private key encryption to enable users to exchange encrypted emails. With PGP, every user has a public one, known to all, which allows other users to send them encrypted emails.
A private key that is known only to the user and stored on his device can decrypt messages encrypted with the public key. If an unintended party intercepts a PGP-encrypted email, they cannot read its contents. Even if they hack your email account by stealing your credentials, they won’t be able to read the contents of your encrypted emails.
One of the advantages of PGP is that it can be integrated into any email service. There are many plugins that add PGP support to email client applications such as Microsoft Outlook. If you are using a web client such as the Gmail or Yahoo websites, you can use Mailvelope , a browser extension that adds easy-to-use PGP support for most popular mail services.
Alternatively, you can subscribe to an end-to-end encrypted email service such as ProtonMail . ProtonMail encrypts your emails without any additional steps. Unlike services like Gmail and Outlook.com, ProtonMail will not be able to read the contents of your emails.
Encrypt your messages
Messaging apps have become an integral part of our lives. There are dozens of messaging services that you can use to communicate with family, friends, and colleagues. But they provide different levels of security.
It is desirable to use an end-to-end encrypted messaging service. The most popular messaging services currently provide end-to-end encryption. Some examples include WhatsApp, Signal, Telegram, Viber, and Wickr.
However, those that enable E2EE by default are more secure. WhatsApp, Signal and Wickr include end-to-end encryption by default.
In addition, messaging services based on open source protocols are more reliable because they can be verified by independent industry experts. Signal Protocol, the E2EE technology that WhatsApp and Signal run on, is an open source protocol approved by many security experts.
–