#7 - Improve your online security
A checklist of sensible ideas.
Welcome to a new edition of the Hatchet. We share career advice for new managers working at fast-growing companies, directly to your email inbox.
Interested in receiving these stories too? Sign up here.
#7 - Improve your online security
On average some 30.000 websites get hacked each day, many of which fall victim not to any kind of sophisticated high-tech hacking, but simply because employees of the company that was hacked weren't applying basic online security measures.
While researching this topic I found an overview in the UK Cybercrime Report of 2019 showing the most common passwords revealed in cyber breaches worldwide. The fact that 23 million hacked accounts used the password ‘123456’ kind of says it all.
As business professionals, I believe we have an obligation to ourselves, our family members and our employers to take care of our online security. Today I am sharing a list of tools, advice and precautions I've taken to improve mine:
1. Anti-theft software
A few years ago I started using Prey, which allows you to track your phones or laptops in a way that is best compared to ‘Find my iPhone’, but with much more functionality.
The service lets you add up to three devices for free, or more if you upgrade. Some of the best features include the ability to remotely activate your phone's front and back camera to take pictures of the thief, the fact that it keeps a log of recent location history and that you can lock as well as remove data from your device. I also get these email warnings whenever my laptop has been offline for longer than usual.
2. Use a password manager
Why is it a problem if you use the same password for multiple online accounts?
Because it won't be Facebook, Gmail or your local bank that gets hacked, but that silly Farmville-type game or the Hunkemöller loyalty program you made an account for.
Suddenly, the combination of email address and password you used for these accounts will be circulating on the dark web and all hackers need to do is run an automated script to see whether you used that same combination for services like Facebook, Outlook or Gmail. You'd be surprised how badly people with the wrong intent could ruin your life by getting access to a few of your most important online accounts.
I use a paid service called 1Password that allows me to create impenetrable passwords that are auto-completed into my browser when I login to online services. All I'm required to do is remember my one master password. The password-generator feature makes creating new accounts a very smooth experience.
3. Subscribe to a VPN, Ad-blocker & activate 2FA
Whenever I am using the WiFi in a public location like a coffee place, an event or a train station, I make the effort of turning on my VPN to ensure that all of my internet activity stays encrypted and can't be hacked remotely.
I use a service called Encrypt.me which works great, because you can teach it to recognise which WiFi networks (i.e. at home) are deemed safe and leave it to automatically activate when connecting to new networks. It's a paid service, but there are plenty of free VPN services you can subscribe to that will work just as well.
I also recommend installing an adblocker, like Adblock Plus. You'd be surprised how often ads place malicious malware on your computer without your knowledge.
Finally, a growing list of online services will now allow you to use two-factor authentication. By needing a code from your phone to unlock your online account for services like Facebook, Gmail or Slack, you make it virtually impossible for a hacker to access your account without your knowledge.
4. My emergency folder
Have you ever thought about what would happen if your house were to burn down without you being able to save your laptop, phone or any of your most important documents?
I have and hidden in my Dropbox cloud storage account is a folder called ‘Emergency Scenario’ that contains several important files I would need should this ever happen.
Since it's saved in the cloud, I don't need to worry about losing my phone or laptop, I just need to make sure I memorise this password by heart. Some of these files are particularly useful in claiming back insurance for lost property.
What's in the file?
A systems report of my Macbook Pro listing the serial number and type
A screenshot of my iPhone's serial number and IMEI-code
A backup file for restoring my 1Password account
A copy of my passport
A copy of my most important insurance policies
4. My ‘What-To-Do-If-I-Die’ email
This one may be a bit grim, but it's useful nevertheless.
Two years ago I wrote an email to my wife titled “what do do if I die”, in which I outline how and where she can access the most important financial accounts I use.
I don't add any secure/compromising information in the actual email; the point is simply to help my wife understand where the information she needs is located. Some of the explanations I've added to the email include:
How to access or restore my 1password account (she knows the password); I also store a list of all of my banking passwords and backup codes in here
A list of which banks I have accounts or investments with that she can retrieve
Which life insurance policy and pension fund she's entitled to
How to access my cryptocurrency funds; and who of my friends she can ask to help her access funds from a cold wallet
Of course, let's hope it never comes to that 😄