10 Effective Steps To Improve Your Small Business’ Online Privacy

0
1160

Are you concerned about the security and online privacy of your business, professional, or personal digital assets?

Whether you manage a small business using the web, are a home office freelancer working via the internet, or a start-up that uses the web, are you concerned about tracking of your web movements or do you experience targeted ads as intrusive and disruptive?

Do you worry that communications or files you place on a cloud server could potentially be accessed and misused?

If so, what follows are 10 uncomplicated steps you can take to improve your online privacy. Each of the actionable recommendations ends with references to detailed third-party reviews of relevant software packages.

10 Steps to Improve Small Business’ Online Privacy

Effective Steps To Improve Your Small Business Online Privacy

1# Use A Privacy-Friendly Web Browser

The widely-used Google Chrome browser defaults to enabling web trackers and collecting personal data.

Changing those defaults is one way to reduce web tracking and targeted ads, but not everyone finds it so easy.

For this reason and also because Google’s business practice entails collecting personal data and serving tailored ads, we recommend privacy-friendly browsers that do not do so, and that do not track sites visited, ads clicked, or videos watched.

You might try Mozilla’s Firefox, Apple’s Safari, or niche offerings Brave, Cliqz, or Opera. Alternative browsers are reviewed, for example, in the following articles:

2# Use A Privacy-Friendly Search Engine

Google Search is the most popular search engine, but Google collects personal data and meta-data with respect to your search and browse history and uses it to “personalize” your experience, for example, tailoring search results to your profile and serving ads matching your interests.

Some see this tailoring as useful, but many see it as an intrusion on privacy. You can hinder web tracking and minimize targeted ads by switching to a privacy-focused search engine from vendors that promise not to collect personal data or search history.

Two leading examples are DuckDuckGo and StartPage, which you can make the default on your web browser. Additional reviews can be found in the following articles:

3# Use VPN For Online Privacy

Installing VPN (virtual private network) software on your computer and mobile devices will create the illusion that you are communicating on the internet from the VPN provider’s servers and IP address (the unique address of a computer or device) rather than reveal the IP address that your device is really using.

Because your real IP address can be used to track your online activities and general location, using a VPN aids your anonymity. Here are three reviews:

4# Adopt A Password Manager

Many users create easy-to-hack passwords and use them on many sites across personal and business accounts (so if one password is hacked, many of their accounts are endangered).

A password manager stores your login credentials (user ID and password) for sites in an encrypted “vault” having a single master password.

Depending on the vendor, the password list may reside on a secure cloud server or may be local to your computer.

It pre-fills your credentials whenever you revisit a login page. In addition to offering speed and convenience, it can also enforce use of strong, non-repeating passwords and thus help fight theft of intellectual property, account piracy, and identity theft. See the following reviews:

5# Delete Tracking Cookies

Sites you visit may track your web activity using “tracking cookies” that “follow” you as you visit pages and “nag” you to purchase or take other action. To reduce web tracking and minimize targeted ads, we recommend regularly deleting tracking cookies.

You can delete them one at a time, keeping select cookies (e.g., those that remember you had provided answers to your account authentication “challenge questions” on this device).

However, if you find this a hassle, you may consider periodically deleting all cookies, or, for some browsers, enable auto-deletion of all cookies upon closing. Articles on how to delete tracking cookies include:

6# Install An Ad-Blocker Extension

Many online ads have become intrusive, disruptive of workflow, and snoopy. While some privacy-sensitive browsers, such as Firefox, Opera, Safari, Brave and Cliqz, by default have some automatic anti-tracking and ad-blocking features, some complementary third-party ad-blockers will block more ads and give you greater control over what ads are considered acceptable.

You can find many ad blockers with a simple search, including, for example, Adblock Plus, AdBlocker Ultimate, Disconnect, Ghostery, Privacy Badger, and others. Sample reviews of ad blockers are as follows:

My personal experience is that the combination of #1, 2, 5 and 6 have dramatically reduced ads.

7# Employ An Encrypted Instant Messaging App

To enhance the online privacy of your text-messaging communications, consider adopting a privacy-focused instant messaging app rather than using the phone network SMS or an instant messaging app from an advertising-focused vendor.

Even if the latter claim messages are encrypted en route, they may be logging your meta-data (date/time message sent, to whom, etc.) or storing messages unencrypted on their servers.

For the utmost in private instant communications, consider a truly end-to-end encrypted instant messaging app for your team, where the vendor does not store decryption keys or collect data or meta-data. There are many such apps, including Signal, Silence, Telegram, and Threema. Sample reviews can be found as follows:

8# Switch To A Privacy-Focused Email Service

Many individuals or entrepreneurial businesses use web-based “free” or low-cost email services such as from Google or Yahoo. Many of these services collect user data and meta-data, leveraging them to generate ad revenue.

Some of these vendors or third-party add-ons, offer limited encryption, but they do not go far enough, in our view.

For example, if they store the unencrypted, full text of emails on their server, your emails are exposed to potential hacking, leaking, or spying.

Furthermore, we believe that a vendor deriving revenue via user data collection and advertising is inherently conflicted when it comes to looking after users’ privacy interests.

To enhance your email privacy, despite the pain of adopting a new system, we recommend considering a low-cost, true “end-to-end” encrypted email service, such as ProtonMail or  Tutanota.

They claim to preserve encryption on the servers as well as in transit, to collect no user data, and to have “zero knowledge” of your profile; they were designed for privacy. Sample reviews of such secure email services are as follows:

9# Adopt Online Privacy Best Practices & Settings For Video Conferencing

Much has been written about breaches of security and privacy in video conferencing.

Whatever platform you use, be sure to enhance online privacy by creating a unique URL for each meeting, password protecting meetings, monitoring who enters, not allowing the meeting to start before the host starts it, being selective about who can unmute or share screens, recording sessions sparingly and only with consent, and holding video meetings in a private setting where you cannot be overheard.

Ask your vendor about true end-to-end encryption on their server, so that even if recordings were hacked, no one could view or hear the meeting.

10# Use Encrypted Cloud Storage Or A Local, Secure Personal Cloud

To further protect your private data or intellectual property, think through where you want to store and backup your digital assets, including documents, slide presentations, spreadsheets, photos, images, audio/video files, client data, financials, and other file types.

You could store these on your computer and make local backups with backup software regularly. Alternatively you could use cloud storage, but some of the biggest names do not encrypt the data on their servers, which could be quite detrimental if hacked or leaked.

Instead we recommend you consider using an encrypted cloud account, such as from Sync or Tresorit, or if you are technically-oriented, perhaps manage a local personal cloud server provided by network-attached storage (NAS).

In either of the latter two cases, you have the further benefit of remote document access by authorized users.  We would also recommend backing up all your drive(s) to an offsite location, important in case of fire or theft.

Detailed reviews of encrypted cloud storage can be found as follows:

Detailed reviews of NAS can be found as follows:

Take-Away:

Implement these 10 relatively uncomplicated steps, one at a time, to stop intrusions on your privacy.

Some, like changing default search engines through a browser option, take two minutes to implement. Others, such as changing email services, will take a longer adjustment and transition and may come at a cost of less convenience.

You May Like To Read:

Author Bio: Al Moni is a retired IT executive, an entrepreneur, and former software products designer, holding a Ph.D. in computer science. In retirement, he launched a blog in January 2020, BoostMyPrivacy.org, offering educational articles with actionable advice to protect your security and privacy on the internet.

14