Journalists are always on the verge of threat, be it cyber or physical. Since there job responsibility is to uncover the ugly truth they at times end up in hot waters. These democracy-defenders are so much familiar with the word controversy that they rationally ignore the dangers associated with it.
In journalism, attack to privacy can come from any direction; it can be your local police chief monitoring your activities or even a government spy taking note of your daily routine.
So how does online security comes into play? Since you are reading this article, you must have some concerns regarding the online hacking threats. To help you get rid of this security dilemma, we present six best practices which will help you protect from a potential online threat.
Use Complex Two-Factor Authentication
Remember the infamous leak of Hilary Clinton’s emails? A hacker broke into it by a simple spear-phishing attack. Her campaign chairman accidentally gave his password when he clicked a link in a phony Google security email. Also, you know what happened afterward.. sigh…
To minimize the risk of such attacks and to protect you even if your password is compromised experts suggest having two-factor authentication enabled. We recommend you to go for Authy, which is a reliable two-factor authentication app which adds a layer to your online security protocols.
Use Encrypted Services
Since the internet is full of online threats for a journalist, there is no better way than to encrypt your online traffic and be anonymous with vpn. Edward Snowden didn’t give data to the filmmaker Laura Poitras in Dropbox; he used end-to-end encryption to send the data which means that only Poitras can decrypt the file. This practice gave them a secure pathway to share data with an interception from a third-party.
Online security for journalists is critical because a breach in this domain result in the final step of a journalist killed.
A VPN (Virtual Private Network) acts as the same but in a more diverse fashion. It not only provides a safely encrypted tunnel between your device and the ISP but also fakes your IP address. Hiding your IP address gives you the access to censored and restricted websites which therefore give you full liberty to surf the internet anonymously. Edward Snowden has himself suggested all internet users to use a VPN.
How Are Link Accounts Leading to Hacking?
In late 2012, a hacker named Phobia called Amazon tech support and asked to add a new email address to the account which was then tied to San Francisco reporter Mat Honan. It was then and there; phobia took no time to log into Honan’s Amazon account learned the last four digits of credit cards. Then she breached into all his Twitter, Google and Apple accounts and wiped them clean.
Moral of the story is, be aware of your linked accounts and use services which have a higher restriction on passwords recovery.
Secure Your Backup and Encrypt your Device
If your device is stolen or lost you lose all of the data it contains, so it is critically important to have backups. However, backups can be a source of vulnerability because cloud storage can be intercepted and external drives can be misplaced. So be sure to encrypt your files before you back up. Keep a good look at all the automatic backup softwares such as Apple’s iCloud which may backup sensitive data automatically without encryption doesn’t matter if your device is encrypted or not.
It would help if you always assumed that one day your device could be lost or stolen, so it is better to encrypt your device. Encrypting your device doesn’t mean to set a password and feel carefree, but it means that you have to do one additional step. Mac and Windows both support device encryption, you can find the guides here Mac/Windows. Mobile devices already have such encryptions so don’t worry about those small screens.
All Hail HTTPS
HTTPS (Hypertext Transfer Protocol Secure) is a secured version of HTTP (Hypertext Transfer Protocol) over which data is sent between your internet browser and the website. The Secured version of the protocol means that all communication between you and the website is encrypted.
Never send any information through a website that doesn’t use encryption. You can quickly identify whether a site is secure or not by merely looking at its URL; it should begin with https://.
Intricate Passwords Strengthen Security
The easiest way an attacker can enter your data is by simply logging in your account. Since usernames are available publicly, it merely requires a guess for your password. Make sure you choose a strong password – at least one that cannot be guessed using brute-force attack.
Keeping the sensitivity of your data in mind, we will recommend that your password should have;
- 12-16 characters in total.
- An UPPER case and a lower case letter.
- Symbols such as @, $, # and
Remember, never reuse passwords, your old one might be already compromised by a data breach you didn’t know.
Summing Up – Take Note
All the information is a lot to digest in, so we made bullets for you to take note.
- Use two-factor authentication for better online security.
- Remember Phobia? Know the risks involved in linked accounts.
- Use encrypted services for anonymity on the internet.
- Be cautious of phishing attempts.
- Only trust HTTPS websites.
- Set strong and unique passwords.