A Parents Guide to Securely Storing Sensitive Data on Computers and Portable Devices
Last Updated on Mar 27, 2024
Many folks put sensitive data on their computers, cellphones and other devices. In fact, someone browsing through one of your devices might quickly find your bank account numbers, email passwords and your child’s Social Security number. This type of vulnerability is a tradeoff you may make for convenience, but there are ways to minimize the risks you open yourself up to.
Of course, your device doesn’t have to be borrowed, lost or stolen for sensitive data to be accessed. Hackers, whether they live down the street or on the other side of the world, know their stuff. They are continually learning and adapting. The good news is that you, too, have the ability to refine your data storage techniques and to keep the sensitive aspects of your life private from hackers. Worried about identity theft too? Check out our Identity Theft Protection Guide.
Expert Quotes on Securely Storing Sensitive Data on Computers and Portable Devices
What Devices Might You Need to Consider?
Let’s face it. Most of us don’t even know what devices our personal information is on. But, the more you think about it, the more you realize at least some personal information is on almost all of your devices. A lot of these devices even share accounts. Think about it, you only have one Apple ID that works for your Macbook, iPad, Apple Watch, and iPhone. When most people don’t know if their iPad needs antivirus software or if an iPhone can be hacked, the vulnerability of your sensitive data might surprise you. If you lost your phone, make sure to read our Guide to Protecting Personal Data after Losing Your Mobile Device.
With two-thirds of Americans only using one password for multiple accounts, access to one device or account could give an attacker access to all of your devices and accounts. Here’s a good starting point when figuring out what devices you need to consider when securing your personal data:
- Personal smartphones
- Work smartphones
- Tablets
- Thumb drives/flash drives
- Videogame systems
- Laptop and notebook computers
Nowadays, almost every household has these devices and a whole lot more. In fact, the average American home owns 16 connected devices. That’s right, there’s an average of 16 devices that a hacker could use to get into your home network.
What Are the Types of Data You Need to Protect?
In general, “sensitive data” means personal, legal, financial and medical information, especially if it can identify you or your family members. Think of it as any of your information that someone could use to either impersonate you or access your personal accounts. This type of data comes with heavy regulations enforcing companies to protect the sensitive data they have on you. But, that still leaves the sensitive data you store unregulated. Examples include:
- Social Security numbers
- Driver’s license numbers
- Bank account numbers
- Email passwords
- Proprietary information from your business or employer
- Cardholder numbers
- Digital signatures
- You or your parents’ previous legal names before marriage or a name change
Without you even realizing it, you most likely already store some of your sensitive data right on your cellphone. For example, you might have a picture of your driver’s license in your photo album that you sent to confirm your age when ordering a case of wine. Or, maybe you were filling out tax forms and needed some information from your spouse. Well, now all of that information is in your messaging app. You might even keep a “secret” Notes app to help you remember your passwords and PINs for your bank accounts. Basically, we’re saying that your sensitive data is most likely on your phone and other devices whether you know it or not.
>> Learn More: Securing Confidential Personal Data Both Online and Offline
Computer and Portable Device Security Basics
To keep your computers and portable devices as secure as possible, take the following steps:
- Limit device access with passwords / passcodes / passphrases, fingerprints and/or facial recognition programs.
- Use strong, unique passwords.
- Know who all is using your devices and have appropriate protocols for each user.
- Download mobile apps only from the approved store, and research each app first.
- Use unique passwords for each app that has or uses sensitive data (Android options and iPhone options)
- Use an erase data feature to erase data after a certain number of failed password or passcode attempts.
- Install apps for remote data wiping if you lose your phone or it gets stolen.
- Save much of your data on flash drives, external hard drives or other removable media.
- Use Kensington lock ports for your laptop when you’re in public (just don’t forget the passcode for the lock!)
- Cover your computer, phone and tablet webcams with shades.
- Use your cellphone’s data plan instead of public Wi-Fi when possible
- Use VPNs to send and receive data securely
- Install screen filters that prevent many instances of shoulder surfing (and that reduce blue light).
- Use firewalls, anti-virus software and the like.
- Restrict your Wi-Fi settings to protect your data when you’re in public.
- Disconnect your devices from the internet whenever you’re offline.
- Back your data up regularly and frequently.
- Turn off location tracking when feasible.
Passwords, Passcodes and Biometric Identifiers
Some devices may go past passwords or passcodes, giving you the option of using fingerprints or facial recognition. Similarly, you might be able to draw a pattern to unlock your cellphone rather than key in a numeric code. Whatever you do, the first rule of securely storing sensitive data is to use SOMETHING.
To be sure, these security measures can get inconvenient and cumbersome fast, especially if you constantly use your phone. The solution tends to come down to a risk assessment. For example, if you’re merely hanging out at home with your family or people you trust, it may be fine to temporarily suspend passcodes or fingerprint recognition. Just remember to restore your security measures when you go out.
Experiment with the different security measures that your devices offer. For instance, you may find that you actually don’t mind Touch ID on your iPhone. The newer your devices are, the smoother and faster their authentication processes may be.
That said, passwords and passcodes do have their place on virtually any device, and it’s critical that these character strings be strong. Did you know that there’s a tool called GrayKey that can crack passcodes? If your passcode is four digits, the process might take a mere 13 minutes. With six digits, the time to crack can increase considerably to about 22 hours.
Still, six-digit passcodes are relatively weak. You want eight-digit codes or, even better, 10-digit codes. You may need to root around in your passcode settings for a bit to find the options for longer or custom passcodes, but many devices have them.
Not ideal: A passcode using dates relevant to your life that anyone could dig up. If your birthday, loved one’s birthday, wedding date or date of graduation is right there on social media, then cracking your passcode may not require rocket science. Ditto with passcodes such as, “7777777777” or “1234567890.”
Unfortunately, no matter how good or random a numeric passcode is, they are much easier to break than alphanumeric passcodes, which bring more possible characters into play. Whenever possible, opt for alphanumeric passcodes and passwords rather than those that are strictly numeric.
What makes for a strong password or passcode?
- It’s long, at least eight characters (even longer is better).
- It’s unique, something you never used before and that isn’t used on other devices or for other accounts.
- It combines numbers, symbols and uppercase and lowercase letters.
- It doesn’t include personal information such as a pet’s name or your house number.
Of course, remembering 10 different long passwords is no easy feat. Many experts recommend this strategy: Come up with a sentence relevant to you and that includes a mix of keyboard characters. For instance, you might think, “I would love to have 4 pets: A dog, cat, rabbit and snake!” Taking the first initial from each and including characters, you now have, “Iwlth4p:Adcras!” You can even add the commas if you want.
Important: Use strong passwords and passcodes to secure your devices AND to secure each of your accounts such as your bank account and email account.
Many devices give you the option to have all of the data on a device be erased after X number of failed passcode attempts (10, for example). After you have the hang of a new passcode and it’s secure in your memory, it’s a good idea to turn on this option.
Also, you may wonder if you should use a password manager. If your other option is reusing passwords or creating weak, easy-to-guess passwords, then yes! It’s important to have an extremely strong master password because it controls access to your other passwords.
Full Disk Encryption or Full Device Encryption
Encryption is another piece of the data storage puzzle. If you have an Android phone, try these steps. For an iPad or iPhone, simply setting a passcode encrypts much of your data, including email messages and attachments. You can also encrypt data on devices such as thumb drives and SD cards.
You may have to do a little research for each device you want to encrypt, but it’s time well-spent.
Removable Data Storage
One strategy for securely storing sensitive data is to keep most or all of it on removable devices such as flash drives. That way, if a laptop gets lost/stolen, there’s very little data on the computer itself that could compromise your life.
Pros of using removable media include the following:
- Can be password protected and encrypted
- Affordable
- Easy to use
- Internet connection not necessary (the drive isn’t vulnerable to online hacking in the way an internet-connected computer might be)
- Can be prompted to lock down, destroy data or reformat itself after a certain number of failed password attempts
Cons include:
- Can be lost or stolen, especially if not stored
- Vulnerable to destruction (fire, water, etc.)
- May have a limited life span
- Some malware risk exists if removable media are inserted into a malware-infected computer
It’s possible to minimize the risk of those disadvantages. For instance, with malware, you should insert your flash drives only into trusted devices. To safeguard against loss, theft or destruction, you may want to keep flash drives on lanyards and key rings or inside closed or locked compartments.
As for the limited life span, don’t treat any single flash drive or removable media option as a long-term, primary data storage device. For instance, you could keep a written record of your passwords and other data in a locked safe.
The Cloud
“The cloud” adds another potential layer of complexity to data storage. It can help in disaster recovery (like if a fire destroys your flash drive). So, the cloud can be viable alternative to options such as flash drive storage.
Secure cloud storage starts with having an excellent password, but that data can still be vulnerable to viruses, password hacks and cloud services’ varying security practices.
In other words, cloud computing can be a convenient, even smart, option for data storage. It may keep sensitive data off your computers and portable devices, but you should still take regular security measures to minimize risks. For example, if your cloud service offers data encryption, don’t rely on that alone to protect your data. Still encrypt data on your own before uploading it to the cloud.
Also—never store your encryption keys in the cloud.
Regular and Frequent Data Backups
Chances are that your sensitive data changes from time to time. For instance, you may update a password or open a new bank account. By backing up your data regularly and frequently to removable storage or to the cloud, you can still access your data if a device is stolen. Having that up-to-date information also lets you know at a glance what data the thief might have access to. You can focus on changing those areas first.
Firewalls
Hackers may try to break into your computer or portable devices from afar. A firewall is a key mechanism in blocking their efforts. Firewalls are also critically important if you’re out and about or traveling.
If you don’t use firewalls yet, install them as soon as possible.
Anti-Virus, Anti-Malware and Anti-Spyware Protection
Your computers, both desktop and portable, benefit from having anti-virus software. Some software packages also offer anti-malware and anti-spyware protection.
FYI: Need help figuring out which antivirus software is right for you? Take a look at our guide to the Best Antivirus Software of 2024.
If you have an Android phone, the programs listed here may help. If you own an iPhone, you don’t need antivirus software.
Wi-Fi Settings
Your portable devices may be enabled to automatically connect to Wi-Fi networks when you’re out and about. In other words, you could be driving by a coffee shop and get connected to its public network while idling at a red light. That one or two minutes could give hackers the opportunity to grab sensitive data on your phone.
So, turn off automatic connections or require your device to ask permission before joining a network.
As for your home Wi-Fi network, definitely secure it. Many folks don’t bother to password protect their networks, and that opens up their computers, cellphones and other devices to data theft.
Depending on your router, you may be able to see the devices connected to your network. Change the network password anytime something suspicious happens, and keep your equipment and software up to date. Use the best encryption protocols available.
What about when you have guests? You may be able to set up a guest network or home hotspot. However, if you give guests password access to your network, the password definitely should not be one you use elsewhere.
>> Read More: A Guide to Antivirus Protection and Internet Security
Caution with Mobile Apps
Mobile apps can be great! For example, you get to play Pokemon Go, check Facebook, see your bank balance and turn your phone into a flashlight when it’s dark outside. However, many mobile apps don’t protect your data well. There can be malware and a lack of encryption, for example.
To keep your data safe, take steps such as asking yourself whether an app really needs to know X and Y things. For example, does a flashlight app really need to access your Facebook account? Before you install any apps, research them and find them yourself in the app store as opposed to blindly following an app link from a website. Just as important, constantly update your apps to ensure you have the latest security patches.
Also, avoid jailbreaking your phone. Modifying your device in this way leaves the software more vulnerable to data theft.
Now for the bright side of mobile apps: Apps such as NordVPN can encrypt your phone internet traffic, and Signal Private Messenger can protect your private conversations.
Device Sharing
Now, what if you’re not the only person using your device? Perhaps your teenager occasionally borrows your cellphone, or the entire family shares a laptop. Maybe you use a library computer or a public computer in a coffee shop or hotel. Any of the above scenarios could present a security nightmare, so what can you do?
For libraries and other public spaces, the following steps are the basics:
- Always sign out of accounts on shared devices. Closing the browser usually isn’t enough, and the next person on the computer could access your email account or whatever account you left open.
- Don’t leave the computer unattended without signing out, even if you’re gone for just a minute.
- Look around for prying eyes and “shoulder surfers” before you type passwords and other important data.
- Don’t tick prompts such as, “Remember Me,” or “Remember my ID on this computer.”
- Skip banking transactions and the like. Go to the bank in person instead.
The last step is necessary because a public computer may have spyware, and it could even be reading your keystrokes.
If you use public computers occasionally, the above steps should be enough to protect you. However, if you use shared computers often, take the additional step of changing your passwords regularly when you’re on a private computer such as one belonging to a friend you trust.
As for sharing at home, users can have their own profile on a computer. From there, take the usual security precautions such as fingerprint recognition or strong passwords.
Avoid telling your family members, children and adults alike, any passwords. For instance, if your child is going to sleep over at a friend’s house and wants the password to your Netflix account, don’t give it. Who knows what kind of security issues the friend’s family has, and your credit card information, email address, phone number and other data could be accessed. Nope, just don’t do it.
It can be risky as well to let your child or another adult borrow your cellphone. They might fiddle with the security settings, glimpse sensitive information or connect to public Wi-Fi networks.
Conclusion
Whew! There’s a lot to process when it comes to secure data storage on your devices. This probably goes without saying, but if you can avoid having sensitive data stored in the first place, do so. For instance, don’t hold texting conversations in which you list Social Security numbers, passwords or bank account numbers.
In general, though, using strong passwords, encryption tools and pre-approved mobile apps can get you started on the path to good data storage on your devices. Back up your data regularly too.
Additional Resources
- The Most Secure Phones: Four top phones for data security and privacy
- Most Secure Android Phone: Google Pixel 2
- StaySafeOnline: The National Cyber Security Alliance has plenty of information on securing your devices and critical accounts.
- Password Managers: Tips for password managers from AARP
- Using Public Wi-Fi Networks Safely: Awareness, VPNs and more