In the posts that follow, I strive to be Virgil to your Dante, guiding you through the dark wood of fear, uncertainty, and doubt; making a straight way past the three beasts of pervasive surveillance, pernicious malware, and catastrophic hardware failure, leading you onward to privacy paradise. You may note that I’ve skipped over hell and purgatory in this overwrought allusion, but they’re boring and it’s really not that hard.
As for the roadmap, I’ve organized the posts that follow into three sections: device security, Internet access, and other things to think about.
The first order of business is to secure your digital devices, including desktops, laptops, tablets and mobile phones. The operating systems on these devices are not secure out-of-the-box and don’t protect your privacy. Common operating systems include Microsoft Windows, macOS, iOS, and Android. Devices with Linux installed can be readily configured to be both private and secure. If you use Linux as your operating system, I assume you’re highly technical and don’t need my help.
To secure your digital devices, I walk you through four important topics: backup and recovery, password management, virus and malware protection, and full disk encryption. I follow these discussions with some additional considerations to include keeping your operating system and applications up-to-date, managing device privacy permissions, and secure file deletion.
Next, I talk about five products that preserve your privacy while accessing the Internet: virtual private networks (VPNs), private web browsers, web search, text messaging, and email.
Other things to think about include freezing your credit, avoiding scams, social networking, tracking a lost device, locking your phone account, the Internet of things (IoT), the Phone Company, and related topics. I sprinkle these in among the prior two topics as Interludes.
For each of these topics, I discuss a variety of approaches and products. Where I recommend products, I usually present only two options to keep things simple. My recommendations reflect my personal assessment. In most cases, they also reflect the judgment of the broader privacy and security community. That said, there are other good products. I include evaluation criteria for most product categories to assist you in your search.
Most of my recommendations are just that, recommendations. Perhaps strong recommendations, or very strong recommendations, but in the end, recommendations. Occasionally I use the word “MUST.” When I say must, I mean MUST. Should disaster strike, no amount of wailing or gnashing of teeth will avail you if you ignore a must. I’ve received more than a few calls in the middle of the night where I could not be helpful because someone ignored a must.
To reiterate a caveat in Post 2—take one step at a time. Don’t change everything at once. Work with a new product or process until you get used to it, and before you make another significant change. Write down what you change just in case you want to return to a prior configuration.
On to backup and recovery.
Information provided in this post is subject to the disclaimer in the first post of this series.