- Life & Money
- Everyday Money
- Managing Finances
4 Best Practices for Protecting Your Digital Privacy
- Catherine McHugh
- Sep 20, 2023

Key takeaways
Keeping your online data secure requires taking protective steps every day.
Any online activity can make your identity vulnerable to hackers.
Learn how to make protecting your digital privacy a daily habit.
Halloween isn’t the only spooky thing about October. In 2004, the National Cyber Security Alliance and the U.S. Department of Homeland Security (DHS) put a spotlight on the vulnerability of Americans’ online data by designating October as Cybersecurity Awareness Month. The month is a chance to highlight how to protect yourself online.
Rohit Agnihotri, senior director of the identity and access management team at Northwestern Mutual, says the monthly designation is helpful for creating awareness about the dangers of not securing your online data as well as the protective resources available.
“Securing your personal assets is a natural habit for most of us: You lock your house and your car before you leave them and you look both ways before crossing the street,” he says. “Since we all do so much online now, you really should think about personal cybersecurity the same way by taking protective steps every day to be a better digital citizen. For example, whenever you visit a website, always check for the lock sign on the address bar, as that indicates the site is digitally encrypted.”
Monitor your identity’s safety
Identity theft made headlines nationwide in 2017 when news of the Equifax breach revealed hackers had accessed the confidential information of 143 million American consumers. That’s nearly half of the entire U.S. population.
“The most valuable thing that everybody has is their identity, which makes everyone a target,” Agnihotri says. “Just the size of your bank account doesn’t matter. A hacker can use your identity to open up credit cards, apply for loans or any number of things.”
Agnihotri advises that if you start getting random emails or calls or you detect an unexpected change in your credit, you should go to identitytheft.gov, which is run by the Federal Trade Commision, to file a report.
To proactively combat these types of threats, Agnihotri recommends requesting your free your credit report at least once a year. You can also periodically check your email’s security status to see if it’s been compromised. You may also want to consider freezing your credit at all three reporting agencies.
It is best to be cautious about sharing any type of personal information unless absolutely necessary. Even the most basic data (birth dates, phone numbers, addresses and email addresses) can be used to steal your identity. For example? Agnihotri points to certain online quizzes.
If you take an online quiz, make sure you know the source. “It can be a data mining activity that could be hosted by a bad guy—they may seem harmless but they’re designed to find out more information about you,” Agnihotri says.
Be careful when downloading apps onto your phone or tablet as well. “Apple’s store is pretty secure but Android’s is less so because anyone publish their apps there,” Agnihotri says. “So before downloading a new app, it’s a good idea to look for any red flags by checking to see if it has a 5-star ratings and reading the reviews.”
Another danger? Public Wi-Fi, which Agnihotri says, “is fine if you’re just browsing the internet for something. But you shouldn’t use it for doing a banking transaction, online shopping or anything that will take you into one of your personal online accounts.”
Take the next step
Our advisors will help to answer your questions — and share knowledge you never knew you needed — to get you to your next goal, and the next.
Get startedSecure your online accounts
We all have so many different usernames and passwords that it can be difficult keeping track of them all. But don’t make the mistake of using the same one for everything. The longer your password is, the better, and don’t save passwords in your browser or on online sites.
Additionally, always use multifactor or two-step authentication when it’s offered. And Agnihotri says to consider using a password manager, which you set up by creating one master password that you will need to memorize. After that, the service will do the rest.
If you’re active on social media, Agnihotri stresses that it’s important to learn how to set up privacy settings for every platform. Photos and content you upload could lead to identity theft. The good news is that more awareness has led to more transparency about security standards. “Everybody should take the time to understand what settings are available and learn how to make adjustments accordingly,” Agnihotri says.
But he says the main thing to do is stop oversharing details about your life. “Hackers mostly look on your Facebook, Instagram or TikTok pages to find your personal information,” Agnihotri says. “If you take a selfie in the office and your badge is visible, they might be able your employee information based on that. And they can use geopositioning to figure out where you are. It’s easy for them to find out your mother’s maiden name and where you went to school just from browsing your social media. I wouldn’t say stop sharing on social media but be mindful of what you do share.”
Protect your internet connections and devices
Update your operating systems
Your personal computer will periodically receive updates for your operating system: Always apply them or configure your machine to do it automatically. Agnihotri says that you should install antivirus software, if it doesn’t come pre-installed, and make sure it’s always on so you get the automatic updates.
Back up your data
Be sure to make regular backups of your data and verify their integrity. Secure the backups by making sure they are not always connected to the computers they are backing up. Whenever you plan to dispose of any old devices, make certain you have wiped them of any personal information.
Set up a personal VPN
With the massive shift to working from home during the pandemic, many office workers became familiar with logging on to their company’s virtual private network (VPN). Agnihotri says it’s worth investing in one for your personal devices. “They’re relatively inexpensive and provide a lot of protection because it hides your activity from any outside parties providing a secure internet connection,” he says. “It acts as a go-between from your computer to an internet site and anonymizes you, which keeps hackers from having a direct line to your activity.”
Agnihotri adds that you should also protect your Wi-Fi networks with a password and change the default admin passwords on all your connected devices.
Know how to identify phishing emails
“Phishing is the No. 1 threat to every person and every business,” Agnihotri says. “It’s the main way bad actors obtain confidential information.”
So, if you have any suspicions about an email, don’t click on anything. Confirm with a phone call from the sender. Or, instead of clicking on anything in the email, go directly to the website it seems to represent.
Agnihotri also recommends setting up a second email address if you want to enroll in any contests or sign up for shopping discounts. “The more places you enter your email, the higher your chances for getting spam and malicious emails,” he says. “Set up one email where you won’t care that you get a bunch of junk mail in it. And only use your more legitimate email for your friends and family and important accounts you access online.”