Proton
Subscribe by RSS
Data breach prevention illustration

How to prevent a data breach

Ben Wolford

Share this page

The Internet is full of information about what companies should do to keep consumers’ personal data safe from hackers. And there’s plenty of advice for consumers who have already been the victim of a data breach. (You can read our article on the Proton VPN blog about what to do if you were the victim of a data breach(new window).)

But there’s very little guidance for consumers on how to keep their data safe in the first place. In fact, Quartz reported after the Equifax breach that we should just assume our data will be stolen(new window).

Part of our mission at Proton is to build an Internet where data breaches are an anomaly, not a given while mitigating the damage when a breach does occur. There are, of course, regulatory and technological solutions to the increasing trend of data breaches. However, there are also steps individual consumers can take to prevent their data from being exposed.

In this article, we’ll give you 5 simple steps you can follow to decrease the likelihood that you’ll be a victim of a significant data breach.

1. Reduce the amount of information you give out

This isn’t always possible or practical, but companies can’t expose data they don’t have. It’s the most sure-fire way to mitigate your risk of a data breach. In the case of medical or financial information, our control is limited. Banks, credit bureaus, and other financial institutions collect your data often for regulatory purposes or through agreements you can’t opt out of.

But other companies — particularly websites operators like Google, Facebook, or Twitter — usually only collect and store information that you allow them to have. For example, this article shows you how to delete your Google data(new window). In the early days of Facebook, many people treated photo albums as cloud storage. But multiple privacy and security breaches at Facebook(new window) have shown that information stored on the company’s servers is not necessarily safe. Privacy settings are not a solution because the data is still vulnerable to breaches, even if your friends and followers can’t see it.

You should only store information online that you wouldn’t mind showing to everyone. (Encrypted cloud storage is the one exception to this rule, which we’ll cover more below.)

2. Use aliases when possible

Websites are hungry for data, but sometimes they don’t really need it to provide you with a service. For example, airports may ask for your name, phone number, and email address to access free WiFi. Or a liquor company may ask for your date of birth to verify your age before entering their site.

Unless you have to, don’t give companies your real information. While this is obviously not advisable for your shipping address or the name on your airline ticket, there are many situations where an alias or fake birthday works just fine. Proton Mail allows you to create aliases and multiple email addresses, which you can provide instead of your main email address. You can also create secondary social media accounts with limited personal details whenever a website asks for your profile link. If a site requires an image, consider using an illustration or something that’s not your real face.

3. Research companies’ security record before doing business with them

With so many major companies(new window) falling victim to data breaches, it’s not always possible to do business only with companies that have never had an incident. And there may be other factors like price and convenience that weigh into your decision. But if it comes down to Marriott(new window) or another hotel, or British Airways(new window) or another airline, you may find it easier to choose the company with a better IT security record.

4. Use end-to-end encryption

The most secure way to store and send information online is through services that use end-to-end encryption. We have previously explained how end-to-end encryption works, but here’s the brief version: when you send a message or store information on the cloud, the data is encrypted before it leaves your device and it can only be decrypted by you or the people you choose to share the data with.

End-to-end encryption adds an extra layer of protection to your sensitive information. Even if your files are exposed in a data breach, those files cannot be decrypted and thus remain safe. A variety of online services employ end-to-end encryption, including instant messaging apps, video and voice calling, cloud storage solutions, note-keeping apps, and email. Proton Mail automatically applies end-to-end encryption to all of your messages. It even allows you to send end-to-end encrypted emails to other email services. 

5. Use strong passwords

Most people don’t have to worry about the NSA or a hacker targeting them specifically and trying to crack into their accounts. For most of us, it’s important to use a strong, unique password for your online accounts in case the website’s password database is breached. 

Proton Mail uses the Secure Remote Password protocol to authenticate users, which means we don’t know what your password is and a hacker cannot steal a “list” of all our users’ passwords. But other websites store your password on their servers in an encrypted form that can conceivably be cracked by hackers who obtain the password database. That’s why we recommend following the tips in this guide to creating a strong password.

You should also use a unique password for all your accounts and devices. That way if one password is breached, your other accounts remain secure. Two-factor authentication can also protect you in the event your password is exposed.

There’s no way to completely protect yourself from a data breach, short of abandoning the Internet. But these steps can help mitigate your risk. Sign up for Proton Mail(new window) today and minimize how much data you share with any organization to avoid having your data exposed in the next breach.

Best Regards,
The Proton Mail Team

Protect your privacy with Proton
Create a free account

Related articles

How to delete all photos from Google Photos
Using Google Photos to store and share your pictures means allowing the company to see, analyze, and process them. Many people concerned about their privacy have taken steps to move away from the Google ecosystem, despite the company’s efforts to hid
Proton Wallet
  • Product updates
  • Proton news
  • Proton Wallet
Introducing Proton Wallet – a safer way to hold Bitcoin
WHAT IS PROTON WALLET? Our long-term vision is for Proton Wallet to be a digital wallet that gives you full control of your digital assets. While the type of assets that you can hold in Proton Wallet may evolve over time as we add more capabilities
  • Privacy guides
What is Bitcoin?
Bitcoin is an innovative payment network that leverages peer-to-peer transactions to remove the need for a central bank. Bitcoin has revolutionized the core principles of value exchange by showing that a network of fully independent nodes can operate
Proton Wallet is a digital asset wallet that currently supports self-custody on-chain Bitcoin. In this article, we review the key features and security architecture that make Proton Wallet a private and secure wallet that is as easy to use as email.
proton scribe
Most of us send emails every day. Finding the right words and tone, however, can take up a lot of time. Today we’re introducing Proton Scribe, a smart, privacy-first writing assistant built right into Proton Mail that helps you compose and improve yo
People and companies are generally subject to the laws of the country and city where they are located, and those laws can change when they move to a new place. However, the situation becomes more complicated when considering data, which can be subjec