25 Dec

How do I protect myself since net neutrality overturned?

Author: Bryan
human-hands-holding-apple-iphone - One Web Company

Once upon a time there was a government that worked to protect its citizens privacy and had an agency that helped to govern these matters. Forbes magazine succinctly describes it, "Under the rules approved by the Federal Communications Commission in October under then-President Barack Obama, internet providers would need to obtain consumer consent before using precise geolocation, financial information, health information, children's information and web browsing history for advertising and internal marketing."

Now think about this for just a moment. These rules protected some very important information. Would you really want your financial information, your health information or your children's information being sold to the highest bidder? What would they use it for? What would happen if that information fell in to the wrong hands? 

There have been a number of articles written about VPNs (Virtual Private Networks) and making sure to use only HTTPS (an encrypted, secure mode for browsing websites) when surfing the web. These are good advice, as far as they go. However, that only covers part of the equation. Do you receive email on your phone? What about on a tablet? Do you use a mail client that is not browser based? Do you transfer files via file sharing services such as Dropbox? 

The overturn of the FCC rules affect every part of the internet, and every action you take online. There is only one sure fire way to protect yourself: unplug from the internet. I don't know about you, but that's just not something I am keen on doing. The second best option is to utilize a VPN (the Virtual Private Network referenced above). This creates a tunnel that your ISP can not see in to because it is encrypted. There are good points and bad points to doing something like this. It is the most secure method of protecting yourself, but it only protects those devices that run the VPN connection, and this can get costly when you have a desktop computer, a laptop computer, a smart phone and a tablet.

There are other things that you can do today that will help make your data more secure. 

settings for the iphone showing SSL checked and server port 993If you use an email client for communication - and the vast majority of us do, especially if we are on a phone or tablet - you need to make sure that you are communicating on the "secure" port. Both POP3 and IMAP support secure transmission.    

Before beginning this change over, you will need to contact your email service provider to gather the information for their secure IMAP or POP3 settings. Once you have these, it should be an easy transition from an insecure connection to a secure connection.

On an iPhone, you can verify that you are using SSL by going to Settings -> Mail -> Accounts -> Account Name ->  Advanced. Then you will need to scroll down to the Incoming Settings.   

Once you have made any required changes, you will need to click on the <Account in the top left. You may get an alert about needing to accept the security certificate as it may not be set correctly. This is often the case with smaller email service providers. 

Next, you will need to verify your SMTP settings. Just above the Advanced tab is the Outgoing Mail Server SMTP tab. Click on that. Then Click on the Primary server. Again, look for the Use SSL and make sure that is turned on. You will need to find out what the outbound SSL SMTP server port is from your email server provider.

When you have made your changes, click Done -- again, you may need to acknowledge the certificate warning.

If you use a file sharing service, you will want to check with them to confirm how they sync files between their cloud and your computer. They should be using some kind of secure transfer protocol. For instance, Google Drive uses HTTPS (HTTP with SSL) specifically TLS. Dropbox uses an SSL transfer for synchronization. If you use a different file sharing service, make sure you know how your files are being transferred / synchronized.

Finally, you have large or bulk file transfers. For a very long time these have been accomplished using FTP (File Transfer Protocol). The problem is that FTP transfers information or data in clear text. What does this mean for you? It means that if someone puts a device on your network that captures copies of packets, they could rebuild whatever file you were sending.You may be saying, "So, I don't use FTP", but maybe you do. Do you use any of the following products?

  • filezilla
  • cyberduck
  • Dreamweaver
  • Adobe Contribute
  • WinSCP
  • Transmit
  • WS_FTP

If you are using any of the above products then you are using an FTP capable program. Fortunately, all of these programs also offer the more secure versions of FTP, both FTPS and SFTP. The main difference between FTPS and SFTP is the actual encryption. FTPS is FTP that uses SSL encryption, whereas SFTP is FTP that uses something called SSH as a Virtual private tunnel to the server you want to send or retrieve files from. Both are excellent for protecting your data from prying eyes.

At One Web Company, all of our hosting packages come with SSL protocal supported email connections, as well as secure FTP for transferring files to and from our servers.  Check out our Hosting Services.