Next steps to ensure the security of your digital data and that of your clients

More steps to improve the security of your digital data

1. Do not publish your cell phone number or the email address associated with your cell phone anywhere on the web. For example, do not publish them on company sites when shopping online or booking tickets, because all companies can be easily hacked and your data stolen. Use another email address and another phone number (see points 2 and 3).
2. Create a new email address that you will not share with anyone and associate it with your cell phone. No need to delete your data; simply log in to your account and change the email address associated with your account. This is to prevent someone who manages to hack your email account from also gaining access to all your contacts and all the photos on your phone.
3. Create a public phone number for yourself. There are tools like Fongo Works that let you create a phone number and forward the calls to your cell phone. Share only this public phone number.
4. Enable two-factor authentication (2FA) on every site you can, especially your banks. You can use your cell phone or have a code sent by email so as not to disclose your cell phone number.
5. In case your data is deleted by a virus or some kind of failure, keep a paper copy of all your contacts. Store it in a safe place.
6. In case of death (I know we don’t like to think about it), keep a paper copy of the list of accounts you own and the credentials of the most important accounts (electricity, phones, insurance, bank accounts, email, Facebook, password manager). Store it in a safe place for your family.
7. Do not take nude photos of yourself on your cell phone; if the email account associated with your cell phone gets hacked and your photos are automatically saved to a Cloud, they could be stolen.
8. Encrypt your hard drive. For Windows Pro versions, use BitLocker; for the others (Windows Home, Mac) use VeraCrypt. For Windows 10 and 11 versions, it is done automatically.
9. For PC, if you still use Windows XP (2001), Vista (2006), Windows 7 (2009) or Windows 8 (2012), it’s time to move to Windows 10. For Mac, if you use a version earlier than High Sierra (2017), Mojave (2018) or Catalina (2019), it’s time to update your operating system. All operating systems have security flaws, but only recent versions are kept up to date and have their security flaws patched. Keeping your operating system up to date is essential.
10. Never leave the default credentials on the devices you buy: modems, routers, computers, servers, etc.
11. On modems and routers, disable the following settings: UPnP, DLNA, SIG ALP. Close all unused ports and make sure the firewalls are enabled.

For your organization’s buildings and premises

1. In your organization, do not use magnetic cards to secure office doors or to access your company’s main door. These cards are easily clonable and offer virtually no security. Use fingerprints or facial recognition to lock your offices, cell phones or computers. For larger companies, do not secure only your main door. All building access points should be equipped with cameras and a security guard.
2. All of your organization’s network ports should require authentication to prevent a hacker from connecting a malicious device and gaining access to your entire network.

As an organization, we hold a lot of client data, and it is our legal responsibility to do our best to protect your data. That said, I know that most of my clients and friends don’t think they are interesting targets and don’t feel concerned by this issue. A few examples: the fappening gate, where several celebrities had their iCloud accounts hacked, on which their photos were stored. Several celebrities had taken nude photos of themselves, and these photos were published. On revenge porn sites you can find a ton of photos of nude people (mostly women), with several people claiming to have never shared their nude photos with anyone. Their iCloud accounts had been hacked and, without even knowing it, their photos were published on these sites, where the owners make their money from the advertising generated by the traffic they receive.

Other interesting things

• 1Password free for journalists https://1password.com/for-journalism/?cjevent=143377a7f81f11e980e7024e0a240610
• An interesting article on the use of password managers and company choices. https://www.cnet.com/tech/services-and-software/best-password-manager/
• Your Bell modem and your router must be secured. References: Darknet Diaries – 31. Hacker Giraffe

In your Bell modem, go to Tools and advanced settings. Disable UPnP, DLNA, SIG ALP. Then, to be safe, test the connection of your various devices (Google Home, Philips Hue, ChromeCast, Apple TV, etc.) to make sure you can still use them.

In your router, disable UPnP and check that you have no open ports and that your firewall is enabled.

Recap

Use a password manager and create for each site a password of at least 12 characters, 24 is better (with accents, special characters, numbers, uppercase, lowercase), never use the same password twice, never click on ads (neither on your computer nor on your phone), do not share your cell phone number online, do not share the email address linked to your phone online.