Following on an earlier discussion on the changing perception of privacy, “Giving up the ghost”, this post, the final of our two-part series, suggests options that could be implemented to improve your privacy online.
In Part 1 of 12 steps to improve your privacy online, we identified six steps that could be implemented. Most of those options require continuous vigilance and awareness to ensure that they are properly implemented whenever computing devices are used. For example, users must be mindful to: avoid 3rd party sharing options, limit their activity on public PCs and unsecured Wi-fi connections; and clearing their browse history on public PCs. Now, we move on to the final six steps.
7. Choose secure server capability. When confidential information is being transmitted to over the Internet, make sure that Secure Socket Layer (SSL) protocol is used. A SSL connection is indicated when web addresses start with “https:” instead of the usual “http:”.
Many web browsers flag any inconsistencies in a site’s security certificate. Users are then advised that the site cannot be trusted, but they are usually still given the option to complete the access. Use of SSL capability generally causes web pages to load more slowly. However, with increasing broadband speeds this consequence is becoming less of a hindrance, and when balanced against protecting your private details online, it should be considered a small price to pay.
8. Encrypt your messages. Most of us depend on websites that we frequent to provide secure connections when we need to log in to accounts and to perform certain transactions. However, every now and again, and especially in our own private communication, it might be necessary to send sensitive information over the Internet. Standard email is not secure – the analogy is often made that it is a postcard, not a letter. To limit unauthorised access, a personal email certificate can be included in your emails.
Certificates, some of which are available for free, can be obtained from a number of sources including Comodo, Thawte and Verisign. Typically, the encryption certificate provides the owner with a public and private key. The public key is given to anyone who will receive your messages, and is in turn used by them to encrypt messages that are being sent to you. Upon receipt of such messages, you would use your private key to open them.
9. Use spyware detection/antivirus software from reputable sources. Although many of us are conscientious about ensuring that our security software is kept up to date, the subscription price can seem a bit expensive, especially to us in the Caribbean. Consequently, we might be prepared to use freely available applications, but this option should be exercised with care. Some of the free software or sites that offer to perform free scans for malware and spyware download those threats onto your machine. If you must, choose instead free software from reputable sources.
10. Select more stringent security settings in your web browser. The more popular web browsers allow users to select their desired level of Internet security. Security can be based on a scale of low, medium or high, or by grouping sites into zones, or by activating specific features. In most cases, a combination of options is provided. To the extent possible, but based on the sites that will be accessed, the highest security settings should be selected. Furthermore, if your browser allows, the following settings are advised:
- disable Active X
- disable Active Scripting
- activate the pop-up blocker
- activate the phishing filter
- block access to sites that are known to host malware.
11. Be selective of the cookies that you accept. “Cookies”, also known as “web cookies” or “browser cookies”, are small files placed on a user’s PC by the web browser, usually unbeknownst the user. They are used for a number of purposes, such as for authentication and for storing the user’s browsing and shopping history on a particular site. In general, cookies are automatically saved on PCs and they transmit information to the parent site. Although cookies are required for the proper functioning of some websites, they can also be used to track your browsing habits online and to transmit that information to data miners and advertisers.
Occasionally websites will notify you when cookies must be saved on your hard drive and may even give you the option to accept them. When those opportunities arise, it is important to consider whether you need to explore that site any further. Moreover, most cookies can remain on your PC indefinitely. Hence from time to time, it could be beneficial to delete all cookies and wipe the slate clean.
12. Carefully decide what info you post online. The Internet is a public medium. You, the user, no longer have full control of your information once it is posted online, and the information that is uploaded is almost impossible to completely delete. It is therefore imperative that you careful consider what you choose to make available over the Internet. This mindfulness should also be applied with respect to private posts, since the site can release that information to others if required to do so (again see “Giving up the ghost”).