Be it annoying spam emails or losing important work to a virus, protecting your online accounts and identity is essential to prevent your digital life from being taken over by malicious hackers. You don’t want to lose the dedicated social media following you’ve worked so hard to cultivate, or the precious work you’ve built up over your entire practice!

With that in mind, we’ve collated some of the best practices to make sure your online accounts are well protected.

As its name suggests, this rule instructs you to store three copies of your files: two backups and one primary copy.

You should store one set in the cloud, one in a physical memory card, and one offsite – at a friend’s, family member’s, partner’s, or even abroad if it’s possible.

This may sound a little OTT, but following this step will save your work in case it’s lost during an emergency that’s beyond your control. It’s especially useful for those who work with original, large files, such as photographers, but is useful to anyone with a large collection of important digital documents.

Two-factor authentication, or 2FA, adds a second security layer beyond entering a password to get into an account. Typically, the programme or app you’re using will send you a text message with a unique code to confirm your identity before letting you in. This is a great practice to have for apps such as Instagram, to ensure you protect your hard-won following, but also for email accounts.

Adding this second step makes it much harder for hackers to get into your account, even if they have access to your password, as it means they would also have to gain access to your other device that can confirm your identity.

Mobile apps such as Google Authenticator and Authy allow you to generate 2FA codes to your phone when you’re accessing your accounts. With these apps, you can issue codes for multiple accounts, all from the same mobile device.

Major websites have increasingly been reporting data breaches, which is when your data is exposed to those who shouldn’t be able to access it. A data breach could mean your confidential information is leaked, and lead to theft of intellectual property – or even your identity. Hackers could potentially use your information to pose as you and contact others, such as your clients and project collaborators.

To check whether your account and password has been affected, use a site like Have I Been Pwned?, which cross-references your email address with hundreds of data breaches across the web and lets you know if any of your accounts have been compromised. Simply enter your email address, and if any of your accounts appear, change your password immediately.

If you showcase your work across different social media and portfolio platforms, it can be tempting to use the same or similar passwords for all of them. But as data breaches show, all your accounts will be vulnerable once a hacker gains access to that one password, and your creative work and sensitive details put at risk.

Even subtle password variations – like adding a different number or capitalising an alphabet – can be spotted by hackers, who apply hundreds of thousands of previously used passwords in seconds. And don’t even think about using easy-to-guess ones (password123 – we’re looking at you!)

A password manager such as LastPass or Zoho can help you generate hard-to-guess passwords and store them in an encrypted vault, so you don’t need to worry about remembering them. You’ll also be able to fill in passwords with their handy autofill feature. And the best part? You’ll only have to remember one master password.

You can make sure sites are secure by checking that the web address begins with ‘https’ rather than ‘http’ (the ‘s’ stands for secure). Secure sites are also usually identified by a padlock icon (🔒) to the left. This is really important to check, especially if you are making a payment or entering personal details, to prevent any hackers from viewing that information.

There are web extensions to automatically make this conversion for you, one of them being the browser extension HTTPS Everywhere, created by EFF and Tor Project – nonprofit organisations for the protection of digital privacy, free speech and online anonymity.

VPNs, or Virtual Private Networks, are used to encrypt online data, hide your IP address and protect your online behaviour from third parties. VPNs can come in especially handy if you have to connect to public Wi-Fi networks, which can often be hijacked by hackers without you even realising. In this regard, it’s particularly useful for journalists and writers who have to rely on Wi-Fi on public transportation or in countries where there are government firewalls.

They usually come in a subscription, and tech websites often have comparisons to decide which VPN is best for your individual needs. Make sure you use a VPN that is well-known and used by others, rather than opting for a very cheap or free option that’s unheard of. Free VPN services can often sell your data or run adverts that are malware infected, so a trusted name will further protect you against breaches. Some good options are Mullvad and NordVPN, and tech websites often provide comparisons for different needs.

With free email providers, targeted ads often pop up, which are so effective because they mine your inbox for keywords. To protect important documents from prying eyes, consider moving to services that encrypt your emails – meaning that only you and the recipient will be able to access the communication. This is particularly important if you’re a freelancer who regularly has sensitive info in your inbox, like client invoices.

A popular and trusted encrypted email service is ProtonMail. It offers users the option to log in with a two-password mode, requiring both a login password and a mailbox password. You can also make an easy switch from your current email provider so you don’t lose contacts, calendars or important messages.

Remember that data breaches occur constantly and no website is safe from it – even the ones you use daily. With that in mind, limiting how much of your data is collected by any website is a good way to protect yourself and copies of your work you’ve painstakingly produced. Much of data collection comes from adverts, so it’s wise to use an ad-blocker such as the uBlock Origin browser extension.

Such extensions also prevent malware – a file or a code that hackers use to infect and/or steal your data – from running on your browser. Plus, it’s easy to turn the ad blocking off whenever you’re happy to support sites that you know are secure, also known as whitelisting.

It goes without saying that viruses wreak havoc on your computer. If you happen to click on a bad link – it happens to the best of us! – having antivirus software will help prevent them from getting further into your computer. The software scans for and protects you against viruses, while also monitoring suspicious behaviour and shielding your precious work, whether they’re completed or in progress.

Antivirus will not only protect you from dangers like unauthorised remote access, which gives hackers total control over your computer; some also protect you from ransomware, where malicious programs block you from accessing your device and demand a ransom fee to unlock it. These attacks are difficult and expensive to fix – not great if you’re waiting for your next invoice to come in – so it’s a good investment to have some protection in place against them. Some good options are Bitdefender and Norton.

Besides keeping physical copies of your data, it’s also a good idea to keep them in the cloud for safe and easy access. Cloud storage services store your files in servers and keep them in sync between your personal devices and the cloud, an excellent way to regularly back up important creative work you’re doing. You have a number of good options for this, including iCloud+ and Dropbox.

Cloud storage services are great for securely sharing files with others, too, and works like an online version of the 3-2-1 rule. Some, like Dropbox, also keep a history of your files so you can recover them in case of an emergency – or if you’ve deleted your files by accident, as many of us are guilty of!

…

Online safety comes in many forms – this is not an exhaustive list! If you have any other tips you’d like to share, email us at [email protected].