If you thought browsing securely (and privately) was as easy as opening a new incognito window, think again. Private browsing is all the rage now that it’s necessary in order to access certain websites in some countries. Luckily, there are lots of ways to access the web that doesn’t require Safari, Firefox, or Chrome. There are also ways to surf the internet that aren’t actually secure at all -- even if they’re advertised as such. The first step to tapping into a safe connection is understanding what a safe connection is -- and what it’s not.

This is not what private browsing looks like.

Google Chrome’s Incognito mode may cover your tracks online locally, but it doesn’t erase them entirely. When you choose to browse privately using a major web browser, the places you visit online will not accumulate in your computer’s history. This way, no one else who accesses your device will be able to see the websites you used during your private browsing session. (In fact, you won’t even be able to see them yourself.)

Except...you can. In fact, anyone can; That is, anyone who has access to your internet bill. All it takes is calling up your internet service provider and requesting a log of the websites you visited at any given time and day. (Yes, this can include times and days when you were browsing “privately.”)

Yet you and anyone with access to your internet bill aren’t the only ones with access to your browsing history! All of the websites you’re visiting can also see you, even if you’re not logged into an account associated with their services. This is because your path to that website isn’t protected. Online, who you are is defined by how you arrived there.

Encryption is the Key

Truly private browsing requires an encrypted connection through a browser that has Virtual Private Network (VPN) capabilities. This isn’t your typical browser, but rather a special kind that you may have to do a bit of Googling to find (that is, unless you’re lucky enough to find yourself reading this article).

When you connect to the internet through a VPN, where your connection originates is indistinguishable. This is because your connection is made possible through a web of devices and a remote server (some private browsers allow users to choose from a number of remote servers, but most don’t). Unlike when you connect to the web using a standard connection, when you browse through a VPN, your device’s point of origin is unidentifiable.

The only thing that is visible when you’re browsing utilizing a VPN, is the location you chooseto be visible. Private browsers with VPN capabilities allow you to choose from connections around the world to display as your point of origin. (If you connect through a VPN location in Switzerland, it will appear as though you are browsing the web via Switzerland, even if your physical location is Palo Alto, California.)

Encrypted Browsing in the Work Place

In the workplace, things get a bit more complicated. Although a VPN connection will encrypt your traffic, your employer’s IT department may be able to still tell if you are using an encrypted connection especially if you’re on the company network. This may be against your company’s policy, so be aware of the consequences.

Also if you’re on a company machine, then it may already be controlled by corporate and your activities are already being monitored regardless if a VPN is on or not. The safest bet is use to a VPN on your own personal device over data and not on your company network to keep your browsing private from your employer.

How to Choose a Private Browser

There are many private browsers out there that are completely free, which is why choosing the right one to do the job can be a daunting task. Ever since the rise in popularity of private browsing in recent months, some have even adopted questionable means of serving their users (including feigning VPN capabilities and selling data).

The first thing to note when shopping for a private browser is what makes it private. If the only thing advertised is an ability to delete your local history, then you’re being pushed a glorified incognito window. Almost all today’s browser’s incognito mode does not encrypt your traffic.

The first thing that should be advertised is what VPN options the browser offers. A user friendly private encrypted browser will have different servers to connect to the web through, easy ways to switch between servers, as well as an intuitive interface for connecting, and disconnecting from the web.

Encryption is crucial for truly private browsing because it masks information about your surfing habits such as how long you stayed on a site, how many times you visited, and what your activity log looked like for any particular website. Someone snooping on your online activity may be able to see how much data you’re using in a browsing session, but they won’t be able to see how it’s used if your connection is encrypted.

There are a number of quality private browsers out there that can be downloaded for free, but it’s important to lookout for any hidden catch. When a web product or service is offered for free, sometimes the reason for that is because you’re paying for it with your data.

Other Ways to Stay Safe Online

Browsing privately isn’t the only way to protect your data on the internet. You can start using these tools even without a private browser to enhance your traditional web experience and make it harder to be tracked.

Start by switching up your default search engine. Google’s AdSense makes a private browsing experience impossible using Google. A private search engine such as DuckDuckGo and StartPage don’t creep on your habits for the sake of targeting advertisements to you.

If you browse the web primarily from your phone, be sure to turn off Geotagging to prevent the public caching of your physical location each time you take a photo. (If you’re using a private browser but still have this feature turned on, your browsing location with conflate with your physical location.)

There are many free password managers available that will help you generate passwords that are difficult to be compromised, and will remind you when it’s time to change up your passwords.

Last but not least, you can use browser security tools such as HTTPS Everywhere and Privacy Badger to protect your data even when you’re not browsing privately.

https://youtu.be/i4YQRLQVixM When Apple announced the iPhone X earlier this year, it promised its new unlocking mechanism, Face ID, was twice as secure as its predecessor, Touch ID. The company said it had tested it six ways from Sunday — including using masks — and that unless you had an identical twin running around, the chances of somebody breaking into your phone were “one in a million.” This week, Bkav says they’re the one. The Vietnamese cybersecurity firm claims they’ve successfully hacked an iPhone X using a mask.

The mask, a combination of silicon, paper, fabric, and 3-D printouts that looks like something out of a low-budget horror film, cost $150, according to Bkav. The firm posted a video in which they claim to break into the phone, and a blog post answering questions about how they did it. “The recognition mechanism is not as strict as you think, Apple seems to rely too much on Face ID’s AI. We just need a half face to create the mask. It was even simpler than we ourselves had thought.” Of course, this is just one firm’s claim and the technique video hasn’t been confirmed or replicated by anybody else. (Wired tried and failed to defeat Face ID using masks earlier this fall.) Don’t go panicking just yet.

The internet was developed on university campuses, and it revolutionized education. As a student, you probably don’t have access to a highly secured campus network that restricts and regulates the traffic and new devices. You’re responsible for your own online security, so here are some tips to help you be safe and privacy-savvy on campus. 1. Keep Security Systems Up to Date All of your connected devices should have updated antivirus, operating software and apps. Turn the auto updates on! It’s important to have the latest protection against viruses, malware and other threats to which you’re exposed.

2. Check Your Bank Statements Frequently This should become a habit. Aim to check your statements once a day, so you’ll make sure all transactions are legitimate.

3. Only Shop on Secure Sites Online shopping is great but you have to make sure you’re doing it from a secure network. Avoid sensitive transactions like shopping and banking when using a public campus network; instead, consider using a virtual private network (VPN) or your smartphone’s hotspot for more secure browsing.

Pay attention to the websites, too. Check to make sure the URL starts with https:// and search for reviews to make sure it’s safe.

4. Back Everything Up What if you’re working on an important research project and you lose everything right before the deadline? Store your work safely on the cloud or on an external hard drive.

5. Get Informed About Ransomware Hackers can remotely lock your computer and keep your private files encrypted until you pay them. Do not pay the ransom! Get informed so you’ll know what to do in such a situation. To protect your files from this, be wary about clicking links or opening attachments in emails.

6. Improve Your Passwords Do not use the same password for different services. Avoid passwords that are easy to guess, such as those that include your name, birthday or address. Make your password a sentence that is at least 12 characters long – focus on positive sentences that are easy to remember – on many sites you can even use spaces!

7. Never Share Passwords So you’re expecting an important email and you thought your roommate could check it for you? Do not do that! It doesn’t mean you don’t trust them. Do not share your passwords!

8. Keep Your Passwords Safe How do you remember all those passwords? Do not keep them in a note on your phone. If someone gets their hands on it, they will have access to everything. Write the passwords in your diary, a notebook or a piece of paper that you’ll keep in a safe place away from your computer – or consider using a password manager that will store them for you.

9. Learn What to Do in Case of a Data Breach Campus networks and servers are at risk of a data breach, meaning hackers can break in to computer accounts. You can’t do much to protect yourself against these practices, but if there is a breach impacting your accounts, immediately change all passwords. Check and control your bank statements, too!

10. Use Public Computers Very Carefully You’re using a computer in the library? Never save your passwords on the websites you visit. Always log out before leaving a website. Delete all files you may have downloaded or saved from the device.

11. Don’t Fall for a Phishing Scam If a suspicious site or email or other message asks for sensitive information like your credit card number, Social Security number or phone number, do not provide it.

12. Protect Your Devices Protecting your devices includes keeping them safe from physical theft. Never leave devices unattended in public. When you leave your devices in your room on campus, don’t leave them in a visible spot. You can use a cable lock for laptops and other devices to keep them secure.

13. Manage Your – and Others’ – Privacy No one should post photos of you on social media without your permission. Unflattering content – or photos of you under the influence or engaging in risky behavior – could present disciplinary risks and/or impact your ability to get jobs in the future. Ask friends to get your permission before posting about you, and do the same for them. The golden rule applies online as well.

14. Think Before You Click Before you open any email or click any link you’re not sure about, stop and think. Make sure your antivirus is updated. Think: do you really need to click? When in doubt about a link or attachment, throw it out.

15. Share With Care Social media is all about sharing, but it doesn’t mean you should make your whole life public. Do not make your personal information public. You don’t have to inform the world when you’re leaving the dorm room and leaving your belongings unattended.

In the wake of new high-profile cybersecurity breaches, such as those experienced by Equifax and Deloitte, the subject of protecting technology and data is on everyone’s mind. Even if your business is not as big of a target as Deloitte or Equifax, protecting your and your customers’ sensitive data is a major obligation. Cybercriminals look for any opening to commit a virtual smash-and-grab. Letting your guard down for even a moment is typically all the opportunity the bad guys need to commit a crime that can have dramatic and catastrophic effects on your business and your customers’ financial stability. Knowing this, it makes sense for all businesses to establish some commonsense safeguards when it comes to their use of technology. Although having strong cybersecurity protocols in place and partnering with a qualified cybersecurity firm, such as Nebula Consulting, can go a long way to protecting data and technology, following a few simple procedures also can have a significant impact on security posture.

STAY AWAY FROM PUBLIC HOTSPOTS It cannot be stressed enough how dangerous it is to share one’s personal or financialIt cannot be stressed enough how dangerous it is to share one’s personal or financialinformation with any website or any person over the Internet while using a public connection.Public Wi-Fi networks are common hunting grounds for attackers and data snoopers who tryto access users’ personal information. Since public networks have negligible security, usersshould try to avoid using them while making online payments – or if they really have to, thenthey must use a VPN – a Virtual Private Network.

KNOW WHERE YOUR DATA IS Even if you use a third party for payment transactions, you are still liable for managing the data. You need to check to make sure you’re not securing credit card payment information on mobile devices and that the data center you’re using to store data has fully-implemented information security policies and procedures in accordance with PCI requirements and industry standards. These also apply to any storage of personal data associated with customers and employees. It’s mandated this information be securely held.

MANAGE PASSWORDS As basic as this might seem, passwords continue to be incredibly important. Require your employees to use strong passwords and to change them often – every 90 days. Use a password manager and employ other factors for authentication, where possible to build defense in depth.

USE A RELIABLE E-COMMERCE PAYMENT SOLUTION Safe payment acceptance technology integrated within your website ensures any transaction completed via a credit card will be secure. The consumer will be able to make purchases without any personal information being accessed by outside forces, and your bank accounts connected to the website will also be secure. You, as well as the consumer, can feel comfortable completing payments within your site.

SECURITY LAYERS When it comes to DDoS attacks, proxy or scrubbing services should be used. Firewalls can help limit DDoS attacks, but they suffer from the same resource issues that a web server or router would when attacked. They may handle it a bit better but are not considered DDoS prevention tools. E-commerce sites can benefit from cloud-based DDoS protection and managed domain name system services to further protect themselves from attacks. Always employ best practices in the software development process.

Most of us use debit or credit cards to pay at all kinds of locations without much thought. But these cards, especially at high-traffic locations like ATMs and fuel pumps, pose a special risk. Hopefully you know to look for the danger signs of a compromised ATM (like a fake number pad). Recently, a new type of device has become popular for fraudsters to install on card readers at gas stations. These can steal your card info without you even noticing, and transmit the stolen details via Bluetooth.

If you want an extra measure of security against these attacks, you should install the free Android app Skimmer Scanner.

Open up this simple app, make sure you have Bluetooth enabled, and tap Scan. Your phone will then search for nearby Bluetooth devices commonly used to skim cards and alert you if there’s a compromised scanner nearby. It will generate a list of nearby Bluetooth devices, including those that are harmless like your car system and your smartwatch. When it’s done scanning, you’ll see if it detected any scam devices.

Of course, this isn’t foolproof. Just because it doesn’t find a device doesn’t mean that the card reader is safe. Also, if you find a device, remember that you may accidentally authenticate your device’s Bluetooth to it, which could identify your device to the criminals using it. Don’t try to remove any skimmers yourself — let the station employees know and they can take the appropriate action.

In all, this is a great app to keep around. Running a quick scan before you pump gas only takes a moment, and could save you from the annoyance of having your card stolen. Just don’t let your guard down because you have the app in your corner.