Monday, 15 September 2014 18:51

Taking Security Seriously

Written by

I want to take a brief moment to write up some important points to consider when dealing with securing digital communications.

Many of these items have come to light after Edward Snowden (bravely) came forward and contradicted what Obama told Leno: “We don’t have a domestic spying program.”  As you are (hopefully) well aware, this is 100% false.

Further reading:
http://en.wikipedia.org/wiki/Edward_Snowden#Global_surveillance_disclosures

With all of this in mind, I am compiling a list of 4 things that anyone, not just industry-professionals, can do to protect themselves against such spying:

1. Be careful posting things on social media.  Even ‘private’ messages. 

There is no such thing as a “private message” (on Twitter, this is called a direct message).  Don’t assume that other people cannot read what you send privately!  All it would take is a guessed password to see what you’ve sent.  Or worse, if a provider like Facebook could get hacked, then EVERYONE’s private messages would be at risk.

http://rt.com/usa/169848-pentagon-facebook-study-minerva/
http://online.wsj.com/articles/facebook-friends-its-city-pays-for-officer-1405304615?mod=yahoo_hs

2.  Use PGP to encrypt your email.

Before Snowden would provide his media outlets with his leaked information, he required first that they use PGP encryption.  This says a lot - think about it: Snowden used his knowledge of security and encryption to successfully transmit his information without being caught!  To get started with PGP encryption, you’ll need to install some software:

PC:
http://www.gpg4win.org

Mac:
https://gpgtools.org

Use the software you installed to create your own “Private Key.”  You can search for your key after it is uploaded to make sure others can find your key:
http://pgp.mit.edu/

Of course, the other party will also need to use PGP encryption in order for this to work.  Each party has their own PGP key, and the keys are managed by the GPG software.  PGP encryption is a requirement for PCI compliance, so if you’re looking to go after bigger clients, or clients in the healthcare industry, PGP encryption is almost a requirement.

3.  Use a VPN service to anonymize your traffic

One of the easiest ways to be tracked online is using the IP address assigned to your modem (cable, fiber).  With a VPN service, your modem’s IP address is cloaked, making it even more difficult to trace things online.  Why make it easy for them?

4.  If you own or operate a website, consider adding SSL encryption.

As Snowden pointed out, encrypting web traffic makes it tougher for spy agencies to capture your data.  This does not make it impossible, but it requires additional computing power to decrypt data.  By encrypting data that is not sensitive, you make it more difficult for the NSA to “gather everything” as they would need to spend extra money to decrypt everyone’s data.

Latest Comments

Got a similar email that seemed suspicious. Ignored it and they even followed up today.
My organization received one of these emails from "Linda," but uses https://www.bestprosintown.com/p...
Angela Snowman posted a comment in Link Building SEO Directory Scam Alert: loc8nearme.com
Hi Nate, I got the same email template from the same email address today and found you through a ...
Just received one today (16 Aug 2022) from "Mailchimp". Thanks for sharing!
Thanks for posting this. I just got one today. I was 99% sure it was a scam, and your post confirmed...


Design & Development

Wordpress, Drupal, Joomla
New custom websites
Bespoke themes and extensions
Redesigns, upgrades, migrations

Web Design & Development


Optimization & SEO

Let us optimize and manage your overall online presence. We offer full service monthly SEO as well as one-time projects.  

Optimization Plans & Pricing


Maintenance, Patching

White glove monthly backups, security updates, maintenance and testing for your Wordpress, Drupal, or Joomla site.

Maintenance Plans & Pricing


Email Newsletter

Bring your web & marketing performance to the next level: monthly blog post roundup via email.  

Stay in Touch!