Back in May when I made a call for suggestions on what to write here, one of the good ones was from Steve, who wrote: “Any thoughts or concerns you might have related to cyber security. Potential tips/processes you employ to protect yourself.” Ten years ago, when I was writing my Going Paperless series, I wrote a piece on securing your digital filing cabinet (in Evernote). With Steve’s prodding, I’ll write about three ways I protect myself and my data–not just Evernote but all my data.
1. LastPass for password management
I began using LastPass as my password manager of choice in the spring of 2013 and I’ve been happily using it ever since. The service has gotten better as the years have gone by. It integrates seamless with browsers, and it also integrates seamlessly with iOS making it simple to access passwords when I need them. These days, I use LastPass’s Family Plan, so that I can share passwords with the family as needed.
It was no small effort to get set up initially. It took me a full weekend, back in 2013, to go through all my services, and change my password, giving each one a unique, strong password. But once that initial work was done, it has been easy to manage ever since.
Here is how I used LastPass today:
- I create a unique, strong password for each service or account that I have. I use LastPass to generate strong passwords. It integrates so well with browsers and with iOS these days that I rarely have to remember a password. Having a strong password means it is harder to crack. Ensuring I have a unique password for every service means that in the unlikely event a password is cracked, only one service will be breached.
- I always enable 2-factor authentication if it is available. Two-factor authentication (2FA) is a mechanism that forces a service to confirm your identify by a second method after a password has been entered. Typically, this will send a text message to your mobile device with a code number. That way, if someone does crack my strong password, the person will still need the code number sent to my phone in order to get the password. I also use LastPass’s Authenticator as another type of authentication. Two factor authentication adds a layer of security, so it takes a few seconds longer to access whatever service I am trying to get into, but it worth the added security.
- I always use random words for challenge questions. You know how some services will have you provide answers to 3 questions like “Your mother’s maiden name?” or “The model of your first car?” I never answer those questions with real information. Instead, I wrote a little shell script that gives me a random word, and I use that word as my answer to the question. I then go to the LastPass entry for the account, and in the Notes field, I jot down the challenge question and the random word answer so that I can refer to it when I need to. This adds one more layer of security so that if someone happens to know my mother’s maiden name, or the model of my first car, that information will be useless to them.
One nice side-effect of all of this is that it provides a ready database of all of the services I have, all of the subscriptions, etc. I often use the Notes field for a service or subscription to record how much I paid for it and when it expires or if it auto-renews. So if I ever need to cancel a service, I have all of the information at hand to do it.
With the family plan, it makes it easy to share passwords for services. You can ever share the password so that it can be used but not viewed. And anyone else in the family can use LastPass for their own accounts and services as well.
I think LastPass Family costs me about $48/year, and for me, it has been well-worth the price.
2. CrashPlan Pro for data backups
I began using computers in the 1980s when it was much easier to lose data than it is today. That manifested itself in many ways, but most common was the proliferation of backups to floppy disks. Years of working in I.T. has taught me the important of backups, especially backups that are immediately available.
I have been using CrashPlan for my backups since 2013. At some point, CrashPlan did away with their family plan, but I liked their service so much that I continued with their business plan. The plan gives you unlimited backups for as many devices as you need. You pay per device. These days, we three computers on our plan that our backed up. CrashPlan is one of those tools that just works seamlessly–or, at least, it does for me. You don’t even know it is there. It does realtime backups in the background as files are changed. But it also does incremental backups so that the backup sets are always up-to-date.
I think of backups as a kind of insurance policy for our data. If a disk goes bad, or a folder gets deleted by accident, it takes only a few mouse clicks to have it restored. No panicked moments, no stress about losing work. I’ve probably restored one-off files dozens of times using CrashPlan. But CrashPlan has also been great for bigger disaster recovery, like when a whole machine died unexpectedly. For instance, early this year, I was upgrading the OS on Kelly’s laptop and something went wrong with the upgrade. I couldn’t get the machine to boot and had to do a clean install. CrashPlan came to the rescue and all of her data was restored shortly after the clean install had been completed.
CrashPlan pro costs me about $10/device/month, which comes to around $360/year. But like any insurance policy, it provides peace of mind that our data is safe. And when we’ve had to actually restore data, CrashPlan has never failed us.
3. Express VPN for secure connections
Last, but not least, I try to maintain secure connections when I am not on my home network. For this I’ve been using Express VPN for several years now. When I leave the house, I enabled Express VPN so that my devices connections (phone, iPad, laptop) go through a secure virtual private network. The data is encrypted at the source and can’t even be read by whatever service provider I happen to be using. This is particularly uses when in airports and hotels where the WiFi connections are usually not secured.
Using a VPN adds a layer of security that, like strong passwords, 2-factor authentication, and backups, gives me peace of mind that I am using best practices to protect myself and my data.
Express VPN costs about $100/year.
Do you have suggestions for cyber security tools? Let me know about them in the comments.
Did you enjoy this post?
If so, consider subscribing to the blog using the form below or clicking on the button below to follow the blog. And consider telling a friend about it. Already a reader or subscriber to the blog? Thanks for reading!