How can a celebrity protect themselves from hackers?

Jennifer Lawrence is very famous. Her movies have grossed over $2,100,000,000 in the US alone. As her fame grew she attracted crazy fans and stalkers who made her feel unsafe so she did what most celebrities do which is hire a security guard to protect her all hours of the day. It turns out that Jennifer’s precautions were not as effective as she had hoped because in September 2014 a hacker got access to her iCloud account and stole a bunch of her nude photos which he subsequently released all over the internet.

I spent the past 8 years working for Kevin Spacey so I am intimately familiar with how challenging it is to protect celebrities data and it’s usually the celebrities who know the least about how to protect themselves. This post lays out some simple steps a celebrity, their team and family can take to make it 90% less likely a hacker will be able to get access to their private data.

How you should use this info

It would be lovely if you could press one button to protect yourself from hackers but sadly that it not realistic. The most secure computer is unplugged at the bottom of the ocean but that’s no use to anyone so we have to find a happy medium between convenience and security. You should use as many of the following measures as is practical but if something is a huge pain in the ass you should skip it. To keep this post succinct I have included hyper links with further instructions for each step. I have tried to only include the most effective and user friendly measures in this blog. I will try to update the post over time as I learn about new tools and threats.

Passwords

Password protect your phone and computer!

Don’t use the same password for cloud services which contain sensitive data like iCould, Google and Dropbox. If some one tells you to change your passwords often they are wrong. People who change passwords often chose weak predictable passwords. Its better to use a long memorable password.

Pro tip: Your device should auto lock after 1 minute of inactivity.

2 Factor Authentication

You probably store emails in your google account. Photos in your iCloud or documents in your dropbox. There are many ways a hacker can obtain your password and get access to these accounts which is exactly what happened to Jennifer Lawrence. 2 Factor Authentication adds another step to the login process so if someone steals your password they won’t be able to get into your account. This is the most effective protective measure on this list. You can turn on 2 Factor Authentication in the security settings for your Google, iCloud and Dropbox accounts. I would recommend only storing sensitive data with accounts that offer 2 Factor Authentication.

Password Manager

It’s impossible to remember all your passwords these days so most people write them down in places hackers can easily find them like your address book or an unnamed file on your computer. I highly recommend you start using a password manager like 1Password which saves your passwords in an encrypted vault and makes it easy to login to most services if you download the 1Password app and chrome extension. Hackers can use keystroke loggers to record everything you type but 1Password auto-fills your passwords with one click so you never have to type them.

Don’t use public wifi

Next time you are at the airport or coffee shop think again before joining the public wifi. If a wifi network is not protected with a password it is horribly unsafe, everyone on the network can see the websites you are visiting and any login info, passwords or credit cards you enter on unsecured websites.

The best solution is to use your phone’s personal hotspot which lets your computer share your phone’s internet. If you can’t activate personal hotspot you could use a VPN which I explain in the next step.

VPN

Your internet service provider (Verizon, Time Warner etc) can see what you are doing online so if you want increased privacy you should use a VPN like Private Internet Access. This also hides your internet activity if you join a public wifi network.

Secure your home and office wifi

Turn on WPA2 encryption in your wifi router settings to stop hackers seeing everything you do online while at home or the office. Here are instructions if you use Verizon.

Firewall

Both Windows and MacOS have a built-in firewall. You just need to turn it on. On a mac, you can find it in Settings — Security — Firewall.

Encrypt your hard drive

Both Windows and MacOS have built-in full-disk encryption. You just need to turn it on. On a mac, you can find it in Settings — Security — FileVault.

Location privacy

Your phone can share your location with select apps. Most celebrities like to turn this feature of in Settings — Privacy — Location Services. If you keep it turned on you should look through the apps that are using your location and disable any you don’t trust.

When you take pictures on your phone it saves your location in the photos metadata so make sure you disable this feature in Settings — Privacy — Location Services — Camera or remove location metadata before posting photos online. You can see a map of where all your photos where taken in the Photos app — Albums — Places.

iCloud find my iPhone location service is useful but you need to make sure you are using 2 Factor Authentication on your iCloud account to avoid hackers tracking your location. I left my phone in a cab the other day and I was able to track the device then have the driver return the phone to me. This feature also lets you remote wipe your device if you lose it and want to destroy all the data.

Backing up your devices

I think backing up your data is a good idea. It doesn’t necessarily improve your security but it avoids the pain in the ass if you loose all your data. Mac users can backup their computer to an external hard drive using using Settings — Time Machine. Make sure you encrypt the backup and lock your hard drives in a safe or secure room so they can’t be physically stolen.