Cybersecurity as a public persona

Masha a.k.a. Coding Blonde shares how she maintains online privacy as a public persona.

Hi, my name is Masha. I’m the founder of Coding Blonde, an entrepreneur, content creator, educator, ex-Googler, stereotype challenger and a girl with big dreams and ambitions.

I started my blog in 2015 and now it’s my full-time job! It’s incredible to have been able to create my own job, but at the same time, I’m almost always exposed to the public – which comes with its challenges– from psychological to privacy concerns.

It’s been over 4 years now since I’ve started my blog and I’ve learned a thing or two about securing my accounts from interviewing cybersecurity experts. Here are my thoughts and advice on the topic.

As a public persona, how do you maintain a sense of privacy online? Do you think complete digital privacy is possible?

It is hard but it is possible to maintain some degree of privacy online even if your account is very very public – from both a content and account perspective.

First of all, you get to decide what you share online. You get to dictate those boundaries – not anybody else. You can choose to share certain aspects of your life, while keeping others private. Your branding and content is entirely up to you!

For example, my boyfriend doesn’t want to be on my social media – and I can choose not to show him. I do talk about having a boyfriend, but he is never in my photos or videos. That’s just one example of how you can maintain privacy when it comes to certain aspects of your life.

Another big thing for me is not sharing my exact location. When I worked at YouTube before starting my blog, I witnessed some bloggers getting stalked and harassed after the location of their flat was leaked. Since then, I never share my exact location and I don’t advise anyone who has a public account to do so. Even sharing the view outside of your window can be a bad idea, so be cautious when it comes to that.

From an account perspective, I keep my business and personal accounts separate. I don’t add my audience as friends on Facebook or any other personal social media accounts – unless I’ve met them in real life and, you know, we’re friends offline!

I believe that every person has a right to have digital privacy. And yes, it can be achieved – you just have to be proactive about it.

What kind of steps do you take to secure your work accounts? Do you consider yourself to have strong security habits?

Securing my business accounts is one of my top priorities. Here is a list of things I practice:

  • I regularly change passwords on all my accounts
  • I have 2-factor authentication enabled
  • I use different and complex passwords for all my accounts, auto-generated using a password manager
  • All of my passwords are securely stored in a password manager
  • My accounts are registered under a different email than the contact email that I display on my social media
  • I don’t login into my accounts on public Wi-Fi, but either use data or a VPN in that case
  • I make sure that all of my software and apps are up-to-date
  • All of my devices are password protected
  • I limit the number of IoT devices I use – to protect myself from potential vulnerabilities

I think that I’m taking good measures to secure my accounts. However there’s always a way to improve your cybersecurity habits – especially with new threats coming out all the time.

For example, I’ve recently read that Bluetooth connected devices might be exposing us to additional threats, so I’m currently researching the topic and to see how I can limit my vulnerabilities when it comes to devices that need Bluetooth.

Do you worry about keeping your devices secure while traveling? What steps do you take to stay secure when on the go?

I travel all the time, so being protected from cyber-attacks on the go it’s something that I’ve definitely looked into.

Again, I am very cautious about protecting my location – as well as protecting my accounts and personal information. This means that I don’t connect to public Wi-Fi and use data when I can or a VPN. It’s better to be safe than sorry!

Where do you store all your content for your blog and social media accounts? How do you make sure it’s protected?

I store my blog and my social media content using different cloud-based platforms. From Google Drive to WordPress and Dropbox – that’s where the bulk of my content lives. And when it comes to scheduling my content, I use apps called Later and Meet Edgar.

Again, I use strong passwords that don’t repeat, 2-factor authentication and other precautionary measures that I have already listed above. I really want to make sure that my content is safe and then I can access it on a later date.

Social media scams, like the one that was recently reported luring victims with promise of an Instagram verified account status, are growing in popularity. What are some of the hallmarks of these scams, and how do you tell what’s real versus what’s not?

I remember that Instagram verification scam very well! I remember opening one of those emails and looking for different ways to determine that this is a phishing attack. You see, I already knew that it was a phishing attack because the email was sent to the account that’s listed as my contact email address, which I previously mentioned is different from the email I used to create the account. So I knew this wasn’t from Instagram.

I studied that email looking for signs of a phishing email and there are quite a few. From the actual look of the email (it didn’t look right), to the scammy looking text or the email address that it was sent from. There were a lot of giveaways! The main thing is to not click on any links, download attachments or share any information with these people.

However, cybercriminals are getting better at creating realistic-looking phishing attacks. So we need to constantly be on the lookout.

I remember getting a notification through Kaspersky Security Cloud recently about a scam on Apple devices – iPhones in particular. Apparently hackers managed to get their caller ID to display as “Apple,” which meant many more people could fall for the scam. Luckily I don’t have an iPhone, but I told my iPhone-owning friends about it immediately. I believe that being aware and staying on top of scams and attacks is always a good idea.

What tips do you have for people who want to start learning about privacy and security? What can they do as a starting point to start acting more secure?

For anyone hoping to become better at personal cybersecurity, I’ve created a small checklist of where to start!

Here it is:

Here’s my challenge: implement as many of those items as you can and share this checklist in your Instagram stories – checking all of the items that you have implemented. Show your friends that you are taking steps to protect yourself online and encourage them to do the same – nominating three friends who should do it too.

That’s step one – and step two is to stay aware of threats, scams, attacks and new developments in the field.

If all of those things are too much to keep on your head at once, then I’d recommend signing up for Kaspersky Security Cloud and let this awesome software do the hard work for you!