Securely Storing Sensitive Data

Many folks put sensitive data on their computers, cellphones and other devices. In fact, someone browsing through one of your devices might quickly find your bank account numbers, email passwords and your child’s Social Security number. This type of vulnerability is a tradeoff you may make for convenience, but there are ways to minimize the risks you open yourself up to.

Of course, your device doesn’t have to be borrowed, lost or stolen for sensitive data to be accessed. Hackers, whether they live down the street or on the other side of the world, know their stuff. They are continually learning and adapting. The good news is that you, too, have the ability to refine your data storage techniques and to keep the sensitive aspects of your life private from hackers.

Expert Quotes on Securely Storing Sensitive Data on Computers and Portable Devices

What Devices Might You Need to Consider?

You may be surprised at all the different devices your sensitive data might be on. There are personal computers such as desktops, and portability brings more players into the picture. Consider devices such as the following:

  • Personal smartphones

  • Work smartphones

  • Tablets

  • Thumb drives/flash drives

  • Videogame systems

  • Laptop and notebook computers

It’s not uncommon for a household to have all of the above devices.

What Are the Types of Data You Need to Protect?

In general, “sensitive data” means personal, legal, financial and medical information, especially if it can identify you or your family members. Examples include:

  • Social Security numbers

  • Driver’s license numbers

  • Bank account numbers

  • Email passwords

  • Proprietary information from your business or employer

  • Cardholder numbers

  • Digital signatures

  • You or your parents’ previous legal names before marriage or a name change

This information could be spread across many cellphone apps without you realizing it. For example, maybe your photo album has a picture of your driver’s license and store loyalty card, your messenger app has a conversation between you and your spouse about a loan application, and the conversation includes both of your SSNs, your Notes app lists various passwords and bank account numbers, and your email app enables access to messages that contain a wealth of additional sensitive information.

Computer and Portable Device Security Basics

To keep your computers and portable devices as secure as possible, take the following steps:

  • Limit device access with passwords / passcodes / passphrases, fingerprints and/or facial recognition programs.

  • Use strong, unique passwords.

  • Know who all is using your devices and have appropriate protocols for each user.

  • Download mobile apps only from the approved store, and research each app first.

  • Use unique passwords for each app that has or uses sensitive data (Android options and iPhone options)

  • Use an erase data feature to erase data after a certain number of failed password or passcode attempts.

  • Install apps for remote data wiping if you lose your phone or it gets stolen.

  • Save much of your data on flash drives, external hard drives or other removable media.

  • Use Kensington lock ports for your laptop when you’re in public (just don’t forget the passcode for the lock!)

  • Cover your computer, phone and tablet webcams with shades.

  • Use your cellphone’s data plan instead of public Wi-Fi when possible

  • Use VPNs to send and receive data securely

  • Install screen filters that prevent many instances of shoulder surfing (and that reduce blue light).

  • Use firewalls, anti-virus software and the like.

  • Restrict your Wi-Fi settings to protect your data when you’re in public.

  • Disconnect your devices from the internet whenever you’re offline.

  • Back your data up regularly and frequently.

  • Turn off location tracking when feasible.

Passwords, Passcodes and Biometric Identifiers

Some devices may go past passwords or passcodes, giving you the option of using fingerprints or facial recognition. Similarly, you might be able to draw a pattern to unlock your cellphone rather than key in a numeric code. Whatever you do, the first rule of securely storing sensitive data is to use SOMETHING.

To be sure, these security measures can get inconvenient and cumbersome fast, especially if you constantly use your phone. The solution tends to come down to a risk assessment. For example, if you’re merely hanging out at home with your family or people you trust, it may be fine to temporarily suspend passcodes or fingerprint recognition. Just remember to restore your security measures when you go out.

Experiment with the different security measures that your devices offer. For instance, you may find that you actually don’t mind Touch ID on your iPhone. The newer your devices are, the smoother and faster their authentication processes may be.

That said, passwords and passcodes do have their place on virtually any device, and it’s critical that these character strings be strong. Did you know that there’s a tool called GrayKey that can crack passcodes? If your passcode is four digits, the process might take a mere 13 minutes. With six digits, the time to crack can increase considerably to about 22 hours.

Still, six-digit passcodes are relatively weak. You want eight-digit codes or, even better, 10-digit codes. You may need to root around in your passcode settings for a bit to find the options for longer or custom passcodes, but many devices have them.

Not ideal: A passcode using dates relevant to your life that anyone could dig up. If your birthday, loved one’s birthday, wedding date or date of graduation is right there on social media, then cracking your passcode may not require rocket science. Ditto with passcodes such as, “7777777777” or “1234567890.”

Unfortunately, no matter how good or random a numeric passcode is, they are much easier to break than alphanumeric passcodes, which bring more possible characters into play. Whenever possible, opt for alphanumeric passcodes and passwords rather than those that are strictly numeric.

What makes for a strong password or passcode?

  • It’s long, at least eight characters (even longer is better).

  • It’s unique, something you never used before and that isn’t used on other devices or for other accounts.

  • It combines numbers, symbols and uppercase and lowercase letters.

  • It doesn’t include personal information such as a pet’s name or your house number.

Of course, remembering 10 different long passwords is no easy feat. Many experts recommend this strategy: Come up with a sentence relevant to you and that includes a mix of keyboard characters. For instance, you might think, “I would love to have 4 pets: A dog, cat, rabbit and snake!” Taking the first initial from each and including characters, you now have, “Iwlth4p:Adcras!” You can even add the commas if you want.

Important: Use strong passwords and passcodes to secure your devices AND to secure each of your accounts such as your bank account and email account.

Many devices give you the option to have all of the data on a device be erased after X number of failed passcode attempts (10, for example). After you have the hang of a new passcode and it’s secure in your memory, it’s a good idea to turn on this option.

Also, you may wonder if you should use a password manager. If your other option is reusing passwords or creating weak, easy-to-guess passwords, then yes! It’s important to have an extremely strong master password because it controls access to your other passwords.

Full Disk Encryption or Full Device Encryption

Encryption is another piece of the data storage puzzle. If you have an Android phone, try these steps. For an iPad or iPhone, simply setting a passcode encrypts much of your data, including email messages and attachments. You can also encrypt data on devices such as thumb drives and SD cards. As for computers, PCMag.com in 2018 recommended several products.

You may have to do a little research for each device you want to encrypt, but it’s time well-spent.

Removable Data Storage

One strategy for securely storing sensitive data is to keep most or all of it on removable devices such as flash drives. That way, if a laptop gets lost/stolen, there’s very little data on the computer itself that could compromise your life.

Pros of using removable media include the following:

  • Can be password protected and encrypted

  • Affordable

  • Easy to use

  • Internet connection not necessary (the drive isn’t vulnerable to online hacking in the way an internet-connected computer might be)

  • Can be prompted to lock down, destroy data or reformat itself after a certain number of failed password attempts

Cons include:

  • Can be lost or stolen, especially if not stored

  • Vulnerable to destruction (fire, water, etc.)

  • May have a limited life span

  • Some malware risk exists if removable media are inserted into a malware-infected computer

It’s possible to minimize the risk of those disadvantages. For instance, with malware, you should insert your flash drives only into trusted devices. To safeguard against loss, theft or destruction, you may want to keep flash drives on lanyards and key rings or inside closed or locked compartments.

As for the limited life span, don’t treat any single flash drive or removable media option as a long-term, primary data storage device. For instance, you could keep a written record of your passwords and other data in a locked safe.

The Cloud

“The cloud” adds another potential layer of complexity to data storage. It can help in disaster recovery (like if a fire destroys your flash drive). So, the cloud can be viable alternative to options such as flash drive storage.

Secure cloud storage starts with having an excellent password, but that data can still be vulnerable to viruses, password hacks and cloud services’ varying security practices.

In other words, cloud computing can be a convenient, even smart, option for data storage. It may keep sensitive data off your computers and portable devices, but you should still take regular security measures to minimize risks. For example, if your cloud service offers data encryption, don’t rely on that alone to protect your data. Still encrypt data on your own before uploading it to the cloud.

Also—never store your encryption keys in the cloud.

Regular and Frequent Data Backups

Chances are that your sensitive data changes from time to time. For instance, you may update a password or open a new bank account. By backing up your data regularly and frequently to removable storage or to the cloud, you can still access your data if a device is stolen. Having that up-to-date information also lets you know at a glance what data the thief might have access to. You can focus on changing those areas first.

Firewalls

Hackers may try to break into your computer or portable devices from afar. A firewall is a key mechanism in blocking their efforts. Firewalls are also critically important if you’re out and about or traveling.

If you don’t use firewalls yet, install them as soon as possible.

Anti-Virus, Anti-Malware and Anti-Spyware Protection

Your computers, both desktop and portable, benefit from having anti-virus software. Some software packages also offer anti-malware and anti-spyware protection. Check out these recommendations from PCmag.com.

If you have an Android phone, the programs listed here may help. If you own an iPhone, you don’t need antivirus software.

Wi-Fi Settings

Your portable devices may be enabled to automatically connect to Wi-Fi networks when you’re out and about. In other words, you could be driving by a coffee shop and get connected to its public network while idling at a red light. That one or two minutes could give hackers the opportunity to grab sensitive data on your phone.

So, turn off automatic connections or require your device to ask permission before joining a network.

As for your home Wi-Fi network, definitely secure it. Many folks don’t bother to password protect their networks, and that opens up their computers, cellphones and other devices to data theft.

Depending on your router, you may be able to see the devices connected to your network. Change the network password anytime something suspicious happens, and keep your equipment and software up to date. Use the best encryption protocols available.

What about when you have guests? You may be able to set up a guest network or home hotspot. However, if you give guests password access to your network, the password definitely should not be one you use elsewhere.

Caution with Mobile Apps

Mobile apps can be great! For example, you get to play Pokemon Go, check Facebook, see your bank balance and turn your phone into a flashlight when it’s dark outside. However, many mobile apps don’t protect your data well. There can be malware and a lack of encryption, for example.

To keep your data safe, take steps such as asking yourself whether an app really needs to know X and Y things. For example, does a flashlight app really need to access your Facebook account? Before you install any apps, research them and find them yourself in the app store as opposed to blindly following an app link from a website. Just as important, constantly update your apps to ensure you have the latest security patches.

Also, avoid jailbreaking your phone. Modifying your device in this way leaves the software more vulnerable to data theft.

Now for the bright side of mobile apps: Apps such as NordVPN can encrypt your phone internet traffic, and Signal Private Messenger can protect your private conversations.

Conclusion

Whew! There’s a lot to process when it comes to secure data storage on your devices. This probably goes without saying, but if you can avoid having sensitive data stored in the first place, do so. For instance, don’t hold texting conversations in which you list Social Security numbers, passwords or bank account numbers.

In general, though, using strong passwords, encryption tools and pre-approved mobile apps can get you started on the path to good data storage on your devices. Back up your data regularly too.

Additional Resources

Have Security Study Suggestions? Our Team Wants to Hear From You...