There is no cloud, its just someone else’s computer.

We have to trust the owner of the server to secure our information and respect or privacy.

Can we?

Every cloud service or app stores your data on a central computer system designed to store and share data over a network a.k.a “server”.EvA server can host many users often many millions for example Facebook and Google. It is much more lucrative for criminals to gain access to a server and steal the data from many users rather then going after individual computers.

We should assume that all servers at one point will be breached and criminals will harvest and sell the data on the dark web. Unfortunately the owner of the server might use your data for marketing purposes or share this with others for financial gain.

With a few steps you can make your data less valuable or even useless for others.

Passwords

Use a strong password that is unique for every account. When your password is compromised it will be useless on other accounts. As bonus you don’t have to run around changing the password on every other website you have used it.

Good passwords:

  1. Are unique!

  2. At least 12 characters!

  3. Combination of lower and upper case, numbers and special characters

  4. Can be a string of random words (MargaretThatcher=100%Sexy)

  5. Computer generated (.Y7c9NU7*RtVr!8y2K-34upa7nR.V7yqbWs)

This is not a good idea either:

  • MySecretPasseord98%AZ (Amazon)

  • MySecretPasseord98%WF (Wells Fargo)

  • MySecretPasseord98%FB (Facebook)

  • MySecretPasseord98%EB (Ebay)

  • MySecretPasseord98%YA (Yahoo)

Usernames

The username if the name of your account. By using a different username for every account it wil be much harder for criminals and marketing firms to associate your other online accounts. Unfortunately most websites only use an email address as a user account making it easy to be found.

If possible use random names for your user name to register with every online service. Use different email addresses for various services.

Alias email addresses

It’s very impractical to create and maintain many email accounts for all the websites you register with. Alias email accounts make this much easier to manage.

Using Alias email addresses will cut back on SPAM and Phishing attacks!

Two factor authentication (2FA)

Is a system where you have to provide a code that is only valid for a short amount of time using a device that you own. Its a little bit more hassle but will dramatically increase the security of your account!

2FA examples

  1. Code by email (least secure)

  2. SMS

  3. Authenticator app

  4. Confirm access via app on your phone (for example banking app)

  5. Passkey

  6. Hardware key (Yubikey)

Keeping track of Passwords, Usernames, etc

Avoid using the password manager in Google Chrome.

The web browser is at the frontline of the battle with the bad actors on the internet. If you store all your passwords in with your Gmail account in Google Chrome you take a big risk of being compromised. Apple Safari doesn’t store the passwords inside the browser but in a separate secure application “Keychain” / “Passwords” app.

Use a password manager!

Not only to generate and store passwords. It will be a database with all the different usernames, answers to security questions etc etc. A good password manager that is well integrated in your computer, smartphone or tablet will make logging in much easier.

Properly maintained a password manager will be a very valuable database for all your important information like iD papers, important documents, medical notes etc etc

I highly recommend www.1password.com* Apple’s Password application is also a good alternative that is less comprehensive then 1Password but easier to use.

*Family and business plans with sharing options available

No more passwords with “Passkey’s”!

Is the most sophisticated and secure system that is currently available that is becoming more popular. There is still a limited number of websites offering “Passkeys”. I recommend to store the passkeys in a platform independent password manager like 1Password. This allows you to be flexible in your choice of operating system.

https://www.passkeys.com/

YOU ARE THE WEAKEST LINK!

Rather than breaking into the computer criminals are approaching the users to compromise themselves.

Various methods criminals deploy

  • Phishing: emails pretenting a trusted relationship (Bank, Amazon, Ebay, Government, etc) that your account has been compromised etc

  • Compromised website pretending to be the official site

  • Tech Support scams initiated by Google search adds showing when searching for help, web browser pop-up pretenting you have a problem etc

  • Contacting the website pretenting to be you with the information collected from the dark web and social engineering

  • etc

Seniors are prime targets!

Security questions are your blindspot!

Never answer these questions truthfully but give random answers. The answers to your “security questions” can be found online or wil sooner or later be stolen from a server and traded on the dark web. That’s why you should give random answers and keep note of what the answers are in case you ever need them.

NEVER CLICK THE LINK, EMAIL OR CALL THE PHONE NUMBER FROM AN UNSOLICITED EMAIL OR BROWSER POP UP!

Always use the bookmark to access the website, and call the known phone number from the business or bank you have a concern about.

Senior citizens are primarily targets!

Watch and learn from the YouTube videos by Jim Browning!

https://www.youtube.com/@JimBrowning

Browser pop ups

Sometimes a computer starts screaming bloody murder and tells you that your computer has been hacked. This is always a scam, never call the phone number. Seek help by calling someone you trust.

Computer hygiene

  • Keep the operating system and applications Up-To-Date

  • Most Anti Virus programs are up noxious and give a false sense of security

  • Install the free version of www.malwarebytes.com no need to buy or register!!!!!

  • Be extremely careful with web browser plugins!

  • Only install software from trusted sources (app stores) avoid hacked software, movies, games and music from file sharing sites (bit torrent)

Protect your internet connection

Secure your network


  1. Change the password on your internet modem and router!!!

  2. Put the Internet Service Provider (ISP) in bridge mode or DMZ and use your own network equipment.

DNS filter

This will block all bad websites including the links in phishing emails etc. It will also dramatically improve your privacy online. Its one of the most useful protections you can apply on your home network, computer, smartphone or tablet.

VPN

A Virtual Private network can help but its not a panacea. Not all VPN providers are equal. Avoid the free and cheap ones with the biggest marking budgets.