I do lots of things to keep myself as secure and private as I can online – so many that I figured I’d make a list.

Securing my devices

• make sure all my devices are fully encrypted – that includes all phones, tablets, laptops, and external hard drives (plus some USB sticks)

• make sure all my data is backed up – and where it’s backed-up it is encrypted at rest (my cloud backup tool of choice is Arq and I use a local Synology NAS and Google Coldline as my backup locations)

• make sure I have USB recovery drives for my all Windows installs

• make sure my computer is kept proactively and reactively secure using anti-virus and anti-malware tools (my AV tool of choice is the pre-installed Windows Defender and my anti-malware tool of choice is Malwarebytes)

Securing my internet connection

• configure my router to use a secure, private DNS server (CloudFlare’s 1.1.1.1 or Google’s Public DNS 8.8.8.8)

• configure my Android phone to use a secure, private DNS server when on 4G (on the latest Android phones go to: Settings > Networks & Internet > Advanced > Private DNS)

• use a VPN whenever I’m on an even slightly insecure network – on both my laptop and smartphone (my VPN provider of choice is Mullvad)

• turn on my router’s guest network (with network isolation) and connect all my non-computer internet-connected gadgets (TV, Blu-ray player, cable set top box, etc) through that

• use an advanced router that supports enterprise-level intrusion prevention (in my case I use a Synology router and their Intrusion Prevention app)

Securing my browser

• use browser add-ons/plug-ins like HTTPS Everywhere, uBlock Origin, and Facebook Container (Firefox only) to minimise my online footprint

• disable third-party cookies on all my browsers

• disable Flash on all my browsers (which will be the default setting in Firefox from Firefox 69 onwards)

• use a separate web browser to log into Facebook and Instagram (I actually use five browsers on my laptop: Firefox, Chrome, Vivaldi, Opera, and Edge!)

Update: Check out my follow-up post for my list of ‘Firefox extensions for privacy and security’.

Securing my online accounts

• use a password manager to generate and store long, secure, unique passwords for all my accounts (my password manager of choice is LastPass)

• use two-factor authentication to keep as many of my accounts as possible secure (check the excellent Two Factor Auth List to see which accounts and services you can set up two-factor authentication for)

• keep a regular, close eye on the data that various online services and social networks have on me by going through their ‘security check-up’ processes (eg Google’s excellent Privacy Check-up)

• check all my email addresses on Have I Been Pwned to see which online services that I have an account with have had their user data stolen – also sign up to their ‘Notify me’ service to get an alert every time any of my email addresses is found in a newly stolen user data set

Always be learning

• keep up with the latest in security via things like the Security Now podcast, several blogs, and a bunch of security-related mailing lists

• check the EFF’s Surveillance Self-Defense website for the latest guides

• consider switching to “ethical, easy-to-use and privacy-conscious alternatives” to social media networks, online services, and software using the comprehensive (and growing) list on switching.social