How To Stay Secure On Internet

Author Message

Date sent: 2020/07/01 04:23:13
At this point, remarking that people now are more concerned about online privacy than ever before is not a novel observation. What's fascinating, though, is that interest in personal digital security has remained high since the issue exploded about seven years ago. In other words, instead of experiencing a short-lived spike, digital privacy awareness has been sustained.

This is especially encouraging to me, since I gained my background in technology precisely out of the desire to know on how to stay secure on internet.[b]

I know as well as anyone that it's not always clear where to turn to improve one's digital security. Getting a handle on the subject can seem like trying to jump onto a moving train. To extend the metaphor, this article may give you a running start.

My hope is that a guide from the perspective of someone who not long ago probably knew less than you do now, you will develop enough of a foundation to journey forth on your own.

[b]Gluing Together Your Threat Model

So where do you start? Quite simply, with yourself. The whole purpose of security is to protect what is valuable, and what is valuable is different for everyone. Consequently, security is possible only after you determine the object of value. Only then can you assess how far to go to safeguard it.

Before you can think about the means, you must select the end. In the case of digital security, you need to figure out what it is you are trying to protect. This could be as straightforward as certain files on your devices, or the contents of your communications with associates.

It could be more abstract. For example, as a consequence of your behavior, certain personal details about you -- while not contained in files as such -- can be inferred and automatically captured as data streams akin to files, called "metadata."

In the context of digital security, everything essentially takes the form of information, so you need to think long and hard about what information you're guarding, and all the forms it can take or ways it can be accessed. This can be quite a task at first, but it gets easier with practice.

Defining the information you want to protect gives you the first component that comprises what is called a "threat model" -- basically your high-level strategic view of how to keep your information safe. In the context of your threat model, your valued information goes by the more succinct name of "asset."

Once you have defined your asset, it's time to identify your "adversary," which is the glorified name for entities who want to take your asset. This exerts a strong influence on what your threat model ultimately will look like -- your strategy for holding onto your asset will look very different depending on whether your adversary is your nosy neighbor or a hostile government.

When contemplating your adversary, it is critical to enumerate realistic threats. It may seem counterintuitive but, as you will see by the end of this primer, it actually doesn't help to overestimate your enemy.

The word "adversary" may evoke a diabolical nemesis, but that doesn't have to be the case. Though you shouldn't inflate your antagonist, neither should you overlook it. While it's very easy to single out an adversary like a criminal hacking collective (if that is indeed yours) for its overt ill intent, your adversary could be a service you willingly use but do not fully trust. The point is, you need to catalog every player that wants your asset, no matter the reason.

With those two pillars in place, it's time to finish the tripod: Accounting for your asset and adversary, you need to size up the means the adversary has at its disposal and, most importantly, the means you have and lengths you are willing to go to protect your asset. These last two things are not always the same -- hence the distinction.

Fortunately an abundance of tools are available to keep your asset secure, if you know how to use them. Even better, the most effective ones are all free. The real limit in practice is that of self-discipline. Keep in mind that a powerful safeguard is useless without the resolve to utilize it consistently without relenting.