Coconet presents Digital Hygiene 101: How to practice digital safety and security

This image is licensed under the Pixabay License

By Darika Bamrungchok for Coconet 28 April 2020

This article was republished from the website of Coconet, a network co-organised by APC and .

The is no longer just a global health crisis but one with widespread implications across all sectors of society. We still don’t know how long this crisis will last, but we do know it will change the way we work, travel, study, and interact with each other in the future.

We always hear daily reminders on how to practice . But beyond your personal hygiene, have you thought about your “digital hygiene”? Now that the pandemic has also forced us into an unprecedented adoption of new technologies to our daily lives, we need to think about the health of our devices – already an important extension of ourselves.

Just as how we are reminded to wash our hands regularly, 20 seconds at a time, we need to check how “clean” and safe our devices and software are. Digital hygiene is our crucial first line of defence against new and evolving digital threats, such as malicious emails, social engineering, phishing, cyber harassment, hacking accounts and devices, stealing private data, or even worse. In fact, the majority of data breaches and hacks are caused by . And with our new reality, there’s been an increase in ; for example, malware disguised as a .

We’ll walk you through how to stay safe and healthy against digital viruses, and give you a list of safer alternatives to the usual tools we use for online work.

Good digital hygiene in the online workplace

Now that many of us have switched to remote working from home, it’s time to take closer look at digital hygiene to ensure our online workspace is safe, and that our personal and organisational informations and files are secure. Here’s a checklist of good practices to do before we start work for the day:

Strong passwords still matter. While many tech companies are pushing for a , passwords are not going away anytime soon. Passwords remain the first step to accessing any of our accounts, so it’s important we create .

  1. To add a layer of protection on top of our passwords, enable for all accounts, especially for emails and social media.

  2. Change personal wifi names to something less identifiable.

  3. Change the passwords on wifi routers to something more complex and hard to crack by adding numbers and special characters to it.

  4. Change the default passwords of personal smart devices connected to your home internet.

  5. Use a reliable password manager, like , as an assistant to further secure passwords.

Keep your software and all applications up to date. Companies regularly update their software and applications to address security issues, so be sure you update your and applications as soon as they’re available.

  1. Make sure anti-virus software and firewalls are also updated.

  2. Review and remove unused software and applications.

Have backups of your files, and back up regularly. Losing important files forever can be a nightmare! To avoid a worst-case scenario and , make it a habit to back up important files using secure tools and security processes.

  1. Encrypt any backups for both external hard-drives and cloud services. Software such as can encrypt files before storing them.

Protect your connection to the internet. Consider using a to create a secure the internet connection. Think of VPNs as “a private tunnel” that connects only you to a secure VPN server.

  1. Use only reliable VPNs with a secure reputation. If you want to try one for free first, we suggest ,, or (free up to 500Mb).

Use safe browsers and HTTPS connections whenever possible. For browsers, we highly recommend , , and

  1. Change the default search engine to a privacy-minded website such as , and regularly clear your cache and history.

  2. Install security browser extensions, regardless of which browser you’re using. , , and help make internet browsing safer.

  3. Note that other extensions can be a security hazard. Regularly review and that you don’t often use.

Be aware of phishing attacks. Only one wrong click can instantly result in a bad infection or cyber threats. This is unfortunately all the more true today, so be extra vigilant! Anyone can trick you into giving access to your accounts or providing your personal information through sending you fake links or emails.

  1. Don’t click on any suspicious links. If you’re unsure, use to check the link first before you click.

  2. Take a look at EFF’s article, “,” for more information. If you want to read more about this, please visit “” and “”.

Learn about . When you don’t encrypt your internet activity, it’s possible for anyone to see your data and what you do online. Imagine that you are sending a postcard – even if your postcard is addressed to your friend or relative, anyone from the mailers and customs officials can just read what your postcard says. End-to-end encryption is like sending a postcard in an envelope. Although other people can see that you are sending a message, they are not capable of seeing the postcard inside the envelope.

Try a digital and data detox. Do you remember the last time you unplugged and didn’t swipe on your phone? Especially now, thinking about doing a “” in the time of COVID-19 seems to be impossible. While it’s good that technology is helping us feel more connected to one another remotely, we should remember to find a healthier screen balance to enhance your digital wellbeing.

  1. Discover the many good reasons why we might want to take a break from all tech devices for a brief time. Maybe even try to find some time for a full .

How to (safely) work online with others

What we’ve covered so far are good digital hygiene practices that we can do for ourselves. But working remotely means we might be working with other people who may not be as digitally healthy as us.

Are there collaborative work tools that are safe, trustworthy, and appropriate for remote working? , but this question admittedly has no definitive answer. Tactical Tech’s piece called “” puts it best: “The idea that there are tools that would always work for everyone, everywhere; require no extra knowledge and zero additional infrastructure; are fair and just, and protect users at all times, is a dream that has not yet come true.”

But while we don’t yet have the perfect tools that are completely secure and user-friendly, we’re adding on to our recommendations and listing here alternative tools that are good for remote work. We recommend, however, that you read to know more about how online tools work and why we should be extra vigilant in the time of COVID-19.

Alternatives to Google Docs for collaborating on documents with other people

  1. is an open-source alternative for collaborating documents. The storage limit for all registered users is 1GB. Registration is free with no personal data required. Pads without registration documents are deleted after three months of inactivity.

  2. allow for collaborative editing online by using an service. Riseup does not store IP addresses. Pads are automatically destroyed after 60 days of inactivity. For additional security, access pad.riseup.net via the or this .

Alternatives to mainstream chat applications for secure communications and instant messaging

  1. is a free chat app that has end-to-end encryption. Its open-source Signal protocol keeps your chat secure. It also has the option for for sensitive conversations.

  2. offers one-on-one or groups chat, voice communication, and file-sharing with end-to-end encryption. You can register using your email or phone number. If you will register via email, we recommend you use a secure email service like or .

  3. is also open-source chat apps with end-to-end encryption.

  4. If you’re undecided which one to use, check out this .

Alternatives to and for videoconferencing

  1. is an open-source platform that is easy to use, and doesn’t require registration. Use it on their server or run it on your Trusted Jitsi Meet hosts include and . Note, however, that Jitsi Meet uses end-to-end encryption only for calls between two people, and not for group communication. Use it for group meetings if you trust the one hosting it. Also, try to make your meeting name as unique as possible to ensure no one joins your room. You can also set a meeting password for extra precautions. Find out more .

  2. has a free encryption option. This app allows for simple video chats and screen sharing for groups of up to 6 people.

  3. also offers secure video conferencing, but only for the paid version. If you are interested to try Wire, they offer a 30-day free trial.

  4. is good if you need to use only audio for your online conference. It’s free, open-source, and operates on low latency.

  5. Whatever the app or software you always, always be mindful of your work environment and background! A plain background is best to avoid showing private or personal belongings that can identify you. Consider with anything opaque when you aren’t using it.

Alternatives to corporate cloud storage to share files with others

  1. can send encrypted files to anyone with a one-time use link that automatically expires. Add passwords to additionally protect files.

  2. is a file sharing service hosted by riseup that keeps the file online for a week before deleting it.

  3. lets you securely and anonymously share a file of any size by using Tor Network.

Our tools, our choice

Connecting to the internet is always a risky activity. While there is currently no foolproof way to stay safe online these days, we shouldn’t take digital safety for granted.

When choosing which tools to incorporate into our online workspaces, a good rule of thumb is to review the services privacy policy and check carefully what type of encryption is being employed. Many technology companies and developers are eager to . But we should also take note that not all kinds of encryption are created equal, and many of the software we’re accustomed to using are not end-to-end encrypted. For example, the popular video conferencing app , meaning anyone is capable of spying on your meetings.

At the end of the day, digital security is a subjective concept. What we eventually use for ourselves depends on our respective needs and lifestyles. We have power to draw our boundaries and choose which tools we want to use.

If you find more tools that work for you, tell us about it! We’ll update this post with newer recommendations and security updates as they come. The more that we collectively practice good digital hygiene, the safer we all will be.

  • Digital society
  • Media and ICTs
  • Security and privacy
  • « Go back