Encrypting your phone is a safety measure to protect against those accidents when you lose it or come across some insincere guests. Phones used to get slowed down by encryption which put a lot of people off, these days though with the rapid advancement of technology there is almost no reason not too; with almost no visible side effects. If you use a Samsung device, I strongly suggest looking into isolating the more important apps in Secure Folder
Use a Reputable VPN
When using public Wifi, you are sharing a network with everyone. The way networking works, all your data that's unencrypted (non-https) websites or internet traffic is view able by everyone in clear-text. Using a VPN and tunnelling all your traffic through it prevents the ears dropping of others, encrypting it and making the sites you browse hidden. Setting up a OpenVPN server on Linode
is a viable alternative to paid services.
Cryptography is commonly thought of as keeping things secret, however this is only part of the real benefits cryptography provides. Cryptography, like PGP, provides strong authenticity mechanisms for providing certainty of who someone is or who authored something. Getting into the habbit of using cryptography to implement a digital signature improves basic security practices in magnitudes. If people rely on information you provide, even your partner, it will now be a lot harder for them to be manipulated under your guise. This works both ways, as now you can request authors of information you utilise to use their signature so you can guarantee the reliability of the information they are giving you.
There is a lot of discussion over using password managers, and which one should you use. To me there is a level of practical security that I adhere to, that meets the guidelines of my employees and my professional ethics. Using a password manager can dramatically improve your security, especially if you use 1 common strong password across every website. Using a single password across many websites gives you a single point of failure if any of them were compromised and database was compromised, or worse if their website was hijacked and password fields logged.
I make use of 1Password
, from my research they provide the best security and ease of integration into all my services. All my passwords are securely encrypted on their servers and sync across to my Mobile Phone and Computers. This gives me the ability to use the most complex passwords I can on any website I sign up to, and then easily sign in on any other device. If an account becomes or is suspected of being compromised, the password was isolated to that account and I can just regenerate another.
Using Secure ports for Email
A lot of email clients I come across, seem to be defaulted to using insecure transmission on ports 25 and 110. When setting up your email client, it is best to use TLS encryption when connecting to your mail server which is often found using ports 465/587 for SMTP and 993/995 for POP/IMAP. It is also good practice to make sure your email server is enforcing secure practices when communicating with other email servers, as if the security is only on your side then it is vulnerable once it leaves the email server and is retrieved by the recipient.
Using GPG for Email
There is debate about PGP being "Too hard". It feels a bit of a ridiculous statement, though I only have experienced it's seamless use on Linux and Mac so Windows mileage may vary. For Mac there is GPGTools
, which provides a simple "Lock" and/or "Sign" button on the top right of each email you send. If you have imported your recipients PGP key, which is so easily done too, then you can lock it; even just signing it is an improvement to protect from tampering. The same integration can be done using Thunderbird and GPG suite on Linux, storing the PGP keys in the key-chain for seamless secure communication between friends and colleagues.
is an awesome idea, providing you a way to submit a secure signature on different services and then Keybase keeps checking to make sure you are still the authority of it. This gives a central way of making sure fake accounts aren't created in your name and trusted, if people know to confirm your identity of these services like twitter with your keybase account then scamming under your name becomes a lot more difficult.
Switching to Signal or even WhatsApp for messaging
Text messaging is very dated and was never meant to take secure communication into account. Signal
is currently the most trusted platform for secure communication, with Whatsapp
offering end to end encryption but backed by Big Brother Facebook. Switching to secure communication for private conversations helps stop people being able to easily impersonate you should they somehow start trying to intercept your communications.