David Seaward

Director of Trustworthy Services at Purism

Latest posts by David Seaward (see all)

During lockdown I’ve been helping friends and neighbors get set up for remote work or just remote calls. If someone is in a bind they use what they have in front of them, or what they’ve been told to use, so it’s been an interesting step back into the world of disloyal devices and horrid software.

But even if your choices are limited, there is one basic step you can take to protect your privacy: create another account. Now is as good a time as any to say, “Oh yeah, I’ve got a new account now.”

Compartmentalization

Compartmentalization is a basic security technique. You make some boxes, say “Critical” and “Trivial”, you sort things into those boxes, and you treat the boxes with different degrees of care. You might already have a folder at home for financial statements or tax invoices. At the office, you might mark and store “Confidential” documents separately.

You did what now?

I discovered that a good number of people I know use the same primary email account to talk to their family, do their shopping, conduct job interviews, receive security links and make social posts. A few use the same account to access their employer’s servers or otherwise conduct business. A handful use ad-hoc compartmentalization tricks to sort messages and mail within the same account.

In the event of a breach, all their eggs are in one account. The unimportant eggs and the very important ones. Of course we all hope our account is never breached, and that each service provides layers of protection, but if we’re talking about a typical email account, that’s a lot of interesting unencrypted text to dig through.

Now I didn’t have time convince anyone to double-check authentication on all non-primary accounts, and also download, encrypt and upload their existing messages, but I did find a simple heuristic process to improve things:

  1. Create a new primary account. This is your new public-facing compartment, for job interviews and other formal settings associated with your real name. I may be biased, ok I am biased, I’d suggest using Librem One.
  2. Any time you sign up for a service in a formal setting, use your new account. If you already have service accounts like this, gradually switch them over, but don’t stress it.
  3. Do not use the new address for shopping, social media, your current place of work or private communication.
  4. Do assume that everything originating from your new account could appear in a very boring Wikipedia article based on “the public record”. Parking tickets, where you applied, where you interviewed, court cases, municipal correspondence, letters to the editor.

Disentangled

Most people require a formal, public-facing identity. Disentangle it from your cool apps, hobby accounts and social media.

If you’re already thinking about additional compartments (“Family”, “Finances”, “Social”, “Superhero alterego”), hold on a moment. Wait a month to see if you’re happy with account-based compartmentalization rather than biting off more than you can chew. Then add compartments one at a time, based on your needs, slowly phasing out all your old accounts.

You might have a good reason to pick a different starting point, again this is a needs-based judgment.

The third account

You probably already have a separate account from your employer to access work resources. Keep it that way. Only use your work account for the tasks you’re paid for, and if you’re doing work, use your employee account. Your colleagues in the IT/sysadmin department will thank you.

Bonus tip

If the thought of all this is already stressing you out, I have an overriding, two-for-one, bonus tip:

Start using a password manager.

It must clearly and boldly state that it uses end-to-end encryption. As well as storing your credentials (unique to every account, of course) it gives you an overview of all your accounts. This makes it easier to tackle maintenance in quick bursts.

In fact, if all you do after reading this post is set up a password manager, give yourself a reward on behalf of your future safety.

Further reading

This is just one thing you can do to improve your online security. If your interest is piqued, I can recommend the following ebooks:

Staying safe online

Good for kids and good for you. Covers the all basics quickly and clearly. Unfortunately all your options for getting it are DRM encumbered.

The Smart Girl’s Guide to Privacy: Practical Tips for Staying Safe Online

You don’t have to be smart or a girl to benefit from this hands-on guide. As well as practical advice, you learn to see things from a pragmatic (not overblown) security perspective. Also, no digital restrictions from No Starch Press!

If you have any five-star recommendations, please let us know.

Recent Posts

Related Content

Tags