BFI Group Blog

Stay informed about the news at BFI and in a world of rapid change

BFI Capital
October 10, 2018

Online Privacy – Are You as Secure as You Think You Are?

Protecting your privacy, and protecting your ONLINE privacy in particular, is getting more important as well as more difficult by the day. This brief piece on the topic of online privacy should provide some valuable insights, particularly if you are not a computer aficionado. It was written by a concerned friend who is not a “guru” on the topic. However, that is possibly precisely why her short article on this very important topic is so easily readable, and why we have included it here.

The world is going online!

According to a recent report by GroupM, online media will overtake television and all other mediums in terms of time spent on a single media format in 2018. A significant part of this increase, in time spent online, is secondary to the ongoing rise in worldwide e-commerce.

In 2018, approximately 10 percent of all retail transactions (in 35 countries) accounting for about 2.4 trillion dollars, will occur online. Recent data from GlobalWebIndex reveals more than a billion people worldwide are regularly using the internet. The average user spends up to 6 hours a day using internet-powered devices and services, with cell phones being the preferred method of connectivity.

Surveys from the same source indicate that the number one concern users have with internet usage is cybercrime, such as having your money, or personal information stolen online. Also, of significant concern is the possibility of companies collecting and sharing your personal data online with other organizations, and online surveillance of U.S. citizens by the U.S. government. Despite these concerns, McAfee notes that up to 52% of internet users aren’t even sure how to secure their connected devices and apps.

Data security is critical, and difficult!

It’s tough to secure your data and privacy if you don’t even know how to check. Worse yet, cyber criminals are now exploiting the traditional measures of trust, such as site reputation or category to avoid detection, making security even more difficult even for sophisticated users.

A recent research report from Menlo Security found that 42% of Alexa’s top 100,000 sites were risky, 4,600 phishing sites used legitimate hosting services, and 19% of categorized typo-squatting sites were in trusted categories.

So, what are we to do? There is no such thing as perfect security; however, there are a lot of things you can do, many of which are very simple, to protect yourself while connected to the internet.

The three main things everyone should and can do include, (1) using a firewall, (2) using good antivirus and anti-malware software and (3) most important of all, using a VPN.

What is a VPN and how do we use it?

First, a little background. To exchange information on the internet, devices need to connect with each other. The internet is a global network of computers and each computer connected to the internet must have a unique address. People use the term “address” in a variety of ways.

With respect to the internet, the term address can be used to mean the unique location of an internet server, a specific file (or web page), or an e-mail user. It can also be used to specify the location of data within computer storage. There are several types of IP addresses, private, public, static, and dynamic. The IP address we are concerned with in this discussion is our public IP address.

The significance of your IP address

An IP address, or Internet Protocol address, is an identifying number for a piece of network hardware. Having an IP address allows a device to communicate with other devices over an IP-based network like the internet. An IP is a unique device location on the internet expressed either as a unique string of numbers or as its associated domain name.

Your IP address is the numerical label assigned to your computer or mobile device to uniquely identify it on the web, and that in turn identifies you. IP address allow for requests and responses to reach their intended destinations, but they can also be used to determine your location, reveal the internet service provider you are using, or which websites are hosted on the same server.

Your IP address can reveal a range of sensitive information about you like your physical location including, your city, state/province, zip code, and country. When you change physical location your IP address will change to follow you.

Once your location is determined it is relatively easy to figure out your Internet Service Provider and your customer account and thus your name, credit card number, home address, credit history, browsing history, phone number, etc.…you get the idea. Websites also link your IP address to cookies, tracking software, and the various online services that you use. Once this information is obtained, it can be used to target you with ads or your personal information can be sold.

Clearly your IP address is one of the primary weaknesses in maintaining privacy and security when using the internet. There are a variety of ways to change or hide your IP address. Some examples include using a VPN service, using TOR, using a proxy server, or using a free/public WiFi.

Using VPN to “hide” your IP address

A VPN (Virtual Private Network) is arguably the best, most reliable, and simplest method. When you use a VPN your actual public IP address is hidden from the world, your internet connection is hack proof, your internet activity is encrypted and unreadable, your VPN is completely mobile and can include multiple devices simultaneously, you can get around internet blackouts or blockages created by censors or countries, and even in “unsecure” hotspots, you are secure.

Basically, a VPN is a service that routs your connection through another server. The IP address visible to the internet is then the VPN server’s IP address, not your IP address, thus hiding your identity from the internet. The VPN client software that you use to connect to your VPN encrypts your data making a secure tunnel between you and your VPN.

Let’s say you decide to connect to the internet from some insecure WiFi provider like your local coffee shop. When using a VPN, you will always initiate any connection with the internet by first connecting through your VPN.

You can do this manually by starting your VPN app or have the VPN app always on whenever your device (phone, iPad, computer, etc.) is on. Since the initial connection you are making to the internet is encrypted, it is gibberish if intercepted. The connection to the online destination is then made from a server in a remote location (you can choose the location if you like) with a completely different IP address not from you and your location.

Selecting a VPN that is right for you

This is a very superficial discussion of VPN’s, although I hope in-depth enough to understand the basics. Rather than get bogged down in details like VPN protocols, I think it would be useful to discuss some things I think are important to know about the various VPN’s available.

The first thing I would recommend is to make sure you use a reliable VPN. You will most likely get what you pay for if you decide to use a free VPN. The cost of an excellent reliable VPN is in the range of a few dollars a month and most will cover multiple devices often with capability to use them simultaneously.

I would look at the numerous reviews of VPN’s to determine what capabilities you are most interested in. Reviewers suggest some are better at streaming media or torrents than others; I personally have not noticed this, but it is a consideration. Some VPN’s have capabilities for utilizing Double VPN, P2P, Onion Over VPN, and Dedicated IP connections.

Two VPN’s I am familiar with and can recommend are IPVanish and NordVPN. I would recommend you do your own research and decide for yourself.

Some important considerations: I would also add your choice of web browser and Facebook. Firefox, Opera, and Chrome have some security problems and can leak a real IP address even with a VPN. You should also avoid using Facebook Connect signups, which significantly improves web convenience but causes a major security risk for your personal data.

And in a few final statements concerning privacy and security, make sure your antivirus and malware software is up-to-date, and look at your firewall settings. Some topics for further reading that might tempt your interest include deep packet inspection, packet filtering vs proxy firewalls, and TOR.

Download PDF Blog Post
Download • 288KB