What do dentists who shoot lions, publicists who make jokes in poor taste on Twitter and Indiana pizza makers have in common? Their lives were suddenly and irrevocably changed for the worse while doing something they could never have predicted would lead to it.
Avoiding catastrophe is an important pillar of the wealth building strategy that I promote through Radical Personal Finance. As personal finance enthusiasts, we are one of the most prudent groups of people on this planet: we build our emergency funds, insure against negative events, diversify our investments, and make careful choices about our spending.
Radical Personal Finance is, however, about going beyond the obvious and into the territory of things less commonly considered, but just as important. I want you to be prepared to deal with a hurricane, becoming a refugee, dealing with food scarcity or even the possibility of getting arrested.
In my experience as a financial advisor, it has often frustrated me how little care is sometimes taken to ensure the client’s financial security, despite the good intentions of most people in the industry. But why is this possible? The answer is that most people care even less about their data.
It’s shocking to discover how vulnerable we actually make ourselves by not taking simple security measures when using bank accounts, email and social media - vulnerable not only to a loss privacy but potentially to a very real financial loss.
I’ve taken an interest in this subject a while ago, and have been really impressed by the book The Complete Privacy and Security Desk Reference which stood out in a field where information is often cursory or out of date.
That is why I invited co-author Justin Carroll to Radical Personal Finance to talk about real, actionable ways in which you can become more secure and protect your privacy. This article contains some of the best tools mentioned in our discussion, though for a more complete picture I recommend that you listen to the episode above and purchase the book itself.
I often get this objection: “I’m not doing anything wrong - why should I be concerned about privacy?” Here’s an analogy that I’ve found helpful in explaining why I promote these ideas:
Do you remember the time when every phone call was a party line? Anyone in the household could pick up another receiver and there was very little one could do about it at the time. Now, however, you do have a choice - do you want to make everything you search for, consume, and talk about, as well as access to all of your accounts and purchase history, a party line?
Complete privacy and security are very difficult to achieve, but some very simple steps and tools can protect you from most of the headaches in the future.
Another thing to consider is this: you may not be a target right now - but you may become one in the future as your wealth increases, as you endorse unpopular political or religious perspectives, or as you just live your life the usual way, as the stories at the beginning of this article illustrate.
This may be a decade from now, but to prevent it you must build the skills and the mindset starting today, because you don’t know what circumstances you will face in the future through no fault of your own, and you can’t control things after the fact.
Some simple tools and habits that have a great impact:
You are at great risk if you use the same or the same few passwords for all of your accounts. You will see this warning often and for good reason when creating new accounts: it only takes one company to be breached (who didn’t store your data properly) and an attacker gains access to all of your accounts. Alternatively, it’s often enough if they just gain access to your main email and phone account (which isn’t very difficult) and that opens up everything else. Using a different strong password for every account mitigates some of this risk.
Less often mentioned, but equally important, is using different and random usernames. Is your email address [email protected]? You’ve just given away an important piece of the puzzle to a would-be attacker.
The problem often is safely storing and remembering all of these account names and passwords - that’s where a password manager comes into play. Using LastPass (more convenient) or KeePass (more secure) can make the process a whole lot easier and secure.
Nowadays you often see a website offering (or requiring) you to enter a code from a text message in addition to your password. This is a form of two-factor authentication: an attacker's job is made more difficult since he needs access to your account name and password AND your phone number. Unfortunately, phone numbers are often accessed by social engineers (who exploit human psychology), or accounts are simply hacked into, making this method not particularly secure.
What I recommend instead is that you use Authy or Google Authenticator on your smartphone. This works in a similar way, but you need actual physical access to your device (as opposed to just the number) which significantly enhances your security.
For even more security, you could purchase a YubiKey, which is a special piece of hardware dedicated entirely to two-factor authentication.
Even though we rarely send long and heartfelt email anymore, there’s still a lot of important information someone can gain from reading the emails you send and receive. The same is true for instant messaging and phone calls.
I encourage people who own an iOS to use Facetime Audio instead of calling and to use Signal (iOS and Android) for instant messaging - both of which are encrypted.
Setting up email encryption used to be somewhat difficult, but tools such as Proton Mail offer end-to-end encrypted communication. You can also encrypt sensitive documents with a password using Adobe Acrobat Pro (Windows) or Preview (Mac).
Just because someone is in the financial industry, it doesn’t mean they take good care of your information. Bank accounts sometimes have worse-than-average security - make no difference and use the same tools and principles that you would with any other account.
The same is true with financial advisors, accountants etc. Your information is not always stored appropriately - sometimes physical copies are kept that are not secured, sometimes administrative staff has access to digital documents, sometimes your information may be shared between financial advisors at the same firm.
Make sure to compartmentalize information: think carefully if that person or organization really needs this or that particular piece of information, and try not give a complete picture whenever possible. This way, if there’s a breach at a particular firm, that information alone will not be enough to impersonate you or access your other accounts.
Show me your bank statement, and I’ll tell you who you are.
How much could I learn about you knowing where you shop, where you get your morning coffee, where you fill up your car, where you eat your lunch, and what kind of shops you visit? All this information can paint quite an accurate picture of you - there’s no reason to offer it up on a silver plate.
Use cash whenever you can - it’s not so hard to get used to (again).
Sometimes you can’t get around using a card - but by sharing your bank-issued credit/debit card details when making purchases, you are losing control over the transaction. Most of the time, everything stays win-win, but in contentious situations it’s often a problem if the merchant has all of your details. In addition, unauthorized spurious charges have been known to occur, sometimes in foreign countries, which drain your time and energy to deal with.
Using services such as Privacy.com, SudoPay (connected with Apple Pay) and Blur, you can create credit cards that work only for one transaction, or are used for only one merchant. This also means that you don’t have to use your real name or address when making these payments, protecting you from when (often inevitably) the merchant’s database gets compromised.
In addition, you can also set up additional email addresses and phone numbers - this way, for instance, you can share one virtual number with friends and family, and another virtual one to important accounts, so your accounts stay safe even if your actual phone number is compromised.
The tools here are some of the lowest-hanging fruit available to you right now to ensure that your assets and your information stay safe. I’ve gone into even more strategies with Justin in the podcast episode that this article was based on - including owning a car and a house as well as maintaining a mailing address as privately as possible.
You can find our discussion above this article, or in iTunes. I also wholeheartedly endorse Justin’s and Michael’s books on the subject, as well as their podcast.
Proper prudent planning beats trying to fight the fires after the fact. Take the steps today to protect yourself so you aren’t caught off guard in the coming decade!
I am available if you’d like to have a phone conversation on this subject. Email me at the address given in each podcast.
Here are all the resources mentioned in the podcast episode: