The best ways to store sensitive data (and protect information)

Your gadgets contain restricted personal data. Think about it—you likely use your smartphone to access government apps, manage banking platforms, pay credit card bills, and receive confidential emails.

Accessing personal and work documents through your devices is convenient. However, note that crooks can bypass them and use your information for crimes like identity theft. Your best defense is a secure, impenetrable digital storage system.

Identity theft is a rapidly growing crime that affects us all, so just like you, we want to secure our personal information. 

We asked our team to gather the smartest, most effective cybersecurity tips from official government resources, reputable security experts, and even identity theft victims.

Please read without skipping. We’ll explain the most important advice to prevent crooks from stealing your personal data. Overlooking this tip will cancel out even the most advanced cybersecurity systems.

Let’s dive into the best ways to store sensitive data!

10 best practices to keep your personal data secure 24/7 

It’s a common misconception that identity theft attacks are isolated cases. The idea of having your personal data misused for fraudulent transactions seems unlikely until it actually happens to you.

Note that identity theft ranks among the fastest-growing crimes in the U.S. Statistics show that 15 million Americans had their personal information stolen in 2021; most cases were never even reported.

Complacency will only leave you susceptible to criminals. Crooks continuously develop more advanced technologies, so you can no longer afford to overlook cybersecurity.

Some best practices for protecting your personal data include:

1. Using password managers and strength checkers

Before exploring cybersecurity tools that encrypt data or change your IP address, start with something basic yet essential, like a password manager.

Too many people overlook the importance of login credentials. Reports indicate that 64% of people have the same combinations across all their accounts, and 24% of them use their personal information as passwords.

We understand that complex passwords are hard to remember. However, using common dictionary words leaves you susceptible to several hacking methods.

Let’s look at brute-force attacks. Hackers can guess most eight-character passwords using dictionary words in less than a second.

To increase your security, we suggest using passwords with upper and lowercase letters, numbers, and special characters. Also, use phrases instead of words.

For instance, cracking the word “Password” only takes 1 second. However, changing it to something like “My/PaSsWoRd1!2!3!/” will require brute-force hacking tools more than a hundred years to guess.

But don’t worry, you don’t have to generate or remember your passwords. Password generators can help create complex, intricate combinations, while encrypted password managers will autofill login fields for you.

2. Using shredder programs to delete files

When was the last time you managed your digital files? Longitudinal surveys show that 50% of Americans are digital hoarders, meaning they rarely delete documents, apps, pictures, and files from their devices.

Note that your devices likely contain sensitive personal data. Leaving them in your hardware storage system exposes them to malware attacks, ransomware, and even physical theft.

We recommend erasing old, confidential documents so that crooks will never have access to them.

However, don’t just use your device’s Delete function. It’s a common misconception that deleted files no longer exist. Several third-party apps can recover files you deleted from your device’s Trash or Recycle Bin.

Deleting a file only frees the space it consumes. Although the kilobytes themselves are vacant, they still contain recoverable data from the previous files.

To permanently delete files, you’ll have to replace them with new ones. Digital file shredders will install and delete junk codes several times on your device to overwrite whatever recoverable data still lingers.

3. Hiding physical copies of confidential documents

After clearing your digital storage, it’s to manage your physical files. 

Unbeknownst to many, crooks can steal plenty of information from trash bins. Your Internal Revenue Service (IRS) letters, credit card statements, government agency notices, and old contracts contain confidential data.

We suggest keeping these documents in a secure place inside your house. Either way, you’ll rarely need to carry around highly confidential personal and work paperwork.

As for your old paperwork, please use a paper shredder. Tearing them to tiny shavings ensures that crooks have no chance of piercing the information together.

You can also opt for paper shredding services if you don’t want to buy one yourself. Just make sure to vet the company first. Otherwise, you might end up sending your confidential documents to crooks under the guise of shredding service providers.

4. Encrypting cloud and hardware backups

Contrary to popular belief, encryption doesn’t require prior IT experience. Although only skilled professionals can configure advanced, sophisticated encryption methods, beginners can at least set up basic encryption from their devices.

All you’ll need is your PC or laptop. The process generally varies depending on your OS, but both macOS and Windows have their respective encrypting file systems.

For Windows devices

  1. Highlight the file you wish to encrypt and right-click on it.
  2. Go to Properties and hit the Advanced button on the left side of the screen.
  3. Tick the box saying Encrypt Contents to Secure Data and hit Ok.
  4. Choose whether to encrypt the file along with its parent folder.
  5. Go back to Properties and hit Ok to apply the changes.
  6. Now, people logging into your device using a different account can’t access your encrypted file.

For macOS devices

  1. Click on the Apple icon at the top and go to the System Preferences section.
  2. Scroll to the Security and Privacy button.
  3. Go to the FileVault tab, hit the lock icon at the bottom left corner of the screen, then enter your password.
  4. Turn on FileVault and re-enter your computer password.
  5. Afterward, go back to the individual files you wish to encrypt.
  6. Highlight the file or folder, hit the Go tab at the top of the scream, then select Utilities.
  7. Go to Disk Utility. 
  8. Once the page loads, select the File tab, hover over New Image, then choose Image from Folder.
  9. Select the file you need to encrypt.
  10. Choose whether to use 128-bit or 256-bit AES encryption. The system recommends 128-bit encryption because it runs faster, but the latter offers better security. It would take a billion years to bypass encryption with 256 keys.
  11. Input your preferred password and hit the Save button.

5. Configuring your own firewall

The files in your hardware storage system are prone to various attacks. Criminals can extract them by infecting your device with malware, sending you phishing links, or just outright stealing your device.

If your files are on the cloud, you can manage them remotely. However, as for the files stored solely in your physical devices, we encourage protecting them with firewalls.

A firewall prevents third parties from accessing internal servers. Depending on the sophistication of your security system, it could even block traffic passing through proxy networks.

Windows has an in-platform firewall system. Just go to the System and Security section of your control panel, and you’d find a toggle for the firewall status.

Microsoft routinely updates its firewall technologies. But you can rest assured knowing that its current proprietary version—Windows Defender Firewall with Advanced Security—does an excellent job blocking unauthorized access.

For more extensive protection, we recommend looking into third-party firewall software programs. Look for options guaranteed to block traffic coming from different protocols.

6. Investing in a high-quality antivirus software program

Global statistics show an alarming increase in ransomware attacks. 2022 cyber threat reports show that ransomware cases spiked by 105% worldwide, and this data excludes unreported incidents.

Common sense will help you avoid most malware threats. Crooks can’t target you if you don’t download random files, open random links, visit shady websites, or input information into phishing sites.

Unfortunately, cybercriminals continuously developed more sophisticated, advanced tactics to trick innocent people. It’s scary how well-made most phishing sites look nowadays.

You’d likely still avoid most cyberattacks. However, ransomware is a numbers game; criminals only need to trick you once before stealing and misusing your personal information.

For added protection, consider getting an antivirus software program. Run it 24/7 and constantly monitor all the emails, links, websites, and files you engage with on your device.

Just make sure to address all its notifications. If your antivirus software detects malicious intent in the website or link you’re visiting, get back to safety immediately.

7. Surfing on VPN servers

SSL certificates and HTTPS protocols encrypt in-transit data. They establish secure networks from your device to ensure that criminals can’t intercept the personal information you send.

However, note that they only protect in-transit traffic. Third parties like Internet Service Providers (ISPs), website admins, and government agencies can still see your internet activity.

The law prohibits the sale and distribution of consumer data collected by cookies. However, you can’t count on crooks to follow the rules.

To secure the data, information, and documents you send, we suggest using VPN services. They redirect your traffic through an encapsulated proxy surfer, thus hiding sensitive information like your IP address, location, and devices.

Also, VPNs encrypt data. Even if a third party steals your traffic, the encrypted data will appear as indecipherable blocks of text and codes. 

And don’t worry about crooks converting your traffic. Modern VPN services use advanced encryption methods that take millions of years to decode via brute-force tactics.

8. Updating your device’s OS

Updates are a hassle. Statistics show that 40% of American adults forgo updating their mobile devices and laptops because it will interrupt their browsing session.

Admittedly, few people update their devices promptly. We say we’ll do it when we’re not busy, but let’s face it—our computers are always running at least a couple of programs or tabs.

However, installing updates is necessary. You’ll notice that updates often address the bugs, cybersecurity risks, and insecurities found in earlier versions.

Let’s talk about Windows 11, version 21H2. If Microsoft receives recurring complaints about the same issues, it will likely ask its developers to propose a solution for succeeding updates.

Similarly, developers sometimes also release major design and functionality changes. For instance, Apple completely overhauled the iPhone’s user interface in 2013 when it released the iOS 7.

9. Switching from on-premises to cloud storage systems

Enterprise-level cloud storage solutions have grown increasingly popular in the past decades. Statistics show that 94% of businesses use the cloud.

Business clients prefer the cloud over on-premise storage solutions because it provides better accessibility and versatility. They can configure its security settings for much cheaper.

As individual users, you might not need enterprise-level or commercial-grade cloud solutions, but you can still maximize its features, namely:

  • Accessibility: Say goodbye to bulky external hard drives and cluttered flash drives. You can access your cloud storage system on any device as long as you know your login credentials.
  • Security: Physical storage solutions like flash drives are susceptible to physical damage. Crooks can steal and overwrite their contents. On the other hand, cloud systems can only be accessed by authorized users with the correct authentication codes and passwords. 
  • Affordability: Admittedly, cloud service fees cost more than an external hard drive. However, you’ll save money in the long run since cloud solutions run forever; physical hard drives might need repairs and replacements every few years.

There are dozens of cloud services on the market. With a bit of research, you’ll definitely find one that suits your data privacy and storage needs.

10. Securing your hardware devices

Surprisingly, many people neglect hardware security. They focus so much on bolstering their online privacy that they overlook the safety of their physical devices.

Crooks can extract several pieces of data from hardware systems. Hardware insecurity weakens several cybersecurity measures even if you configure software-level privacy settings.

Take your flash drive and smartphone as examples. Although passwords lock out unauthorized users, experienced crooks can bypass them given enough time.

For these reasons, please secure your gadgets. Turn on your mobile phone tracking feature, leave confidential flash drives at home, and avoid storing too much data on handheld devices.

Also, leave your cards at home. If your smartwatch or phone can already make contactless payments, you might not need to carry around all your credit cards.

Similarly, you shouldn’t keep your IDs and gadgets in the same place. Trust us—you’re risking a lot if you keep your phone, keys, and wallet, among other valuables, in the same bag.

Personal data that you should protect

Personally Identifiable Information (PII) refers to any piece of information regarding your identity. 

Individuals and organizations might ask you to disclose them for certain transactions (i.e., loan application, school enrollment, credit card purchases).

PII is generally classified into three categories: public, confidential, and high-risk. 

1. Public PII

Public data includes your name, address, and contact number. They can’t authorize many transactions by themselves, although crooks can still use them as a gateway to other information. 

You can freely disclose public PII to most people you meet.

2. Confidential PII

Sensitive or confidential PII include specimen signatures, driver’s license number, business mailing number, and parents’ maiden names.

Again, they can’t authorize transactions on their own. However, crooks can already use them to trick certain institutions into disclosing other pieces of information.

You might need to disclose confidential PII when authorizing card purchases or signing up for subscription-based services. But share them at your own risk. 

3. High-risk PII

And the last PII classification is high-risk. It includes restricted personal information like your IP address, Social Security Number (SSN), medical records, and biometric data.

Exposing them to crooks can cause substantial damage. We strongly recommend securing your high-risk PII and limiting who knows them.

Also, avoid disclosing them via phone or email. In all likelihood, government agencies and commercial banks will ask for this information in person.

Devices that might contain personal information

After learning several smart, effective ways to store sensitive data, the next step is knowing where and when you must apply them. 

Admittedly, not all of the tips might apply to you. For instance, the average digital native with zero coding experience might struggle to configure a firewall but easily transfer files to cloud storage systems.

We still encourage you to explore them all. Just take things one step at a time and focus on protecting these commonly used devices:

  • Smartphones: Don’t open your banking apps and mobile wallet while connected to public networks. Switch to your cellular data instead.
  • Tablets: Make sure you hide and encrypt your personal data before letting others use your tablet, even if they’re kids.
  • Laptops and Computers: Permanently delete old emails and files (i.e., tax returns, government agency updates, credit card statements) that you no longer use.
  • Smartwatches: If you often use your smartwatch to make contactless payments, make sure to connect to a secure network like your cellular data.
  • Flash and Hard Drives: Keep track of the flash and hard drives that contain sensitive data. Don’t just lend them to others.

If you apply as many of the best practices we mentioned above to these devices, you’d already have a better cybersecurity system than most people. Statistics show that 83% of Americans don’t even update their passwords.


Tools and programs only support data privacy. Your first line of defense against identity theft is to remain skeptical of everything and everyone asking for personal data. You must stop divulging information!

This tip might seem like a no-brainer, but you’d be surprised to know how many people leak their own data. Despite cybersecurity advancements, 91% of cyberattacks still stem from phishing methods—a very dated, old-school trick. 

It’s crucial to adopt the correct approach toward data privacy. Once you do so, you can begin investing in more advanced security tools and technologies.

Preventing identity theft by securing your personal data

A one-size-fits-all solution for securing data doesn’t exist. It’s essential to customize your cybersecurity system based on the documents you store and the devices you use.

No two people share the exact data privacy system needs. You can emulate best practices like the ones we listed in this article, but you must endeavor to create unique cybersecurity protocols.

Also, avoid becoming 100% dependent on your tools. Having sophisticated data privacy programs alert you on potential threats is helpful, but you can only fend off identity thieves by taking action yourself.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top
Scroll to Top