Photo from Unsplash
Originally Posted On: https://www.alwaysvpn.com/insights/nordvpn-interview-daniel-markuson
Whether a cybersecurity newbie or expert, there’s always something new to learn. In light of the ever-changing tech landscape, we’re kicking off a new series around protecting your smart devices and personal data online. First up, we sat down with NordVPN’s Data Privacy Expert, Daniel Markuson, to discuss his take on the subject and the privacy industry as a whole.
Daniel oversees NordVPN’s entire resource center where they provide blogs, guides, and how-tos to assist VPN users and privacy enthusiasts alike. He began his career in journalism and was quickly exposed to the data privacy issues inherent online. We ask Daniel his take on current privacy trends, recommendations for online safety, and so much more.
Here’s what he had to say for our series on the Top 5 Ways to Protect Your Devices & Personal Data:
Before we dive into the main topic of this interview, could you tell our readers a little bit about yourself? What’s your educational background or upbringing?
I’ve studied journalism and early on started focusing on digital privacy topics. The more I delved, the more potential issues of online security opened up to me. So for the last eight years, I’ve been working for Nord Security and doing what I love the most: educating the public on how to be safer and more private on the internet.
What first sparked your interest in online privacy and VPNs?
For me, like most people who don’t come from the IT field, seeing the actual cases of leaked personal data and cybercrime damage was a real eye-opener. At the time, VPN was still mainly used by tech-savvy people, but you could already see its potential.
Can you recall a moment in your career when the tools you use today became a necessity rather than a nice-to-have? For example, a VPN or say a password manager.
Well, as soon as I started working for Nord Security, using our cybersecurity tools became a natural necessity. After all, you need to maintain a thorough hands-on approach with cybersecurity tools to educate people about online risks.
With the first wave of the pandemic, we saw a spike in demand for our VPN business solution NordLayer. Many businesses had to build remote work processes, and a lot of people turned to VPN technology for necessity reasons.
Great, thank you. Now let’s shift to the main focus of our interview today: online privacy and security. To start, can you tell our readers what NordVPN is and the overall mission of this company?
Sure! NordVPN is the world’s most advanced VPN service provider used by over 14 million internet users worldwide. NordVPN offers numerous features, like double VPN encryption, blocking malicious sites, DNS leak protection, automatic Kill Switch, and many more. NordVPN has over 5,000 servers in 60 countries worldwide and offers one of the best prices on the market. According to AV-test results, it’s also the fastest VPN in the market, which is essential for our clients in the media-rich internet we have today.
Our motto is to strive to make the internet better than it is today: without online threats, censorship, and surveillance. A reliable VPN service can offer a path to that, but our users must trust that our words align with our actions. So we always aim to provide the highest possible transparency with the help of extensive audits from third parties.
How did you come to work for NordVPN, and what’s your main focus there right now?
Working for NordVPN, I went from being a digital privacy enthusiast to an experienced internet security expert. I oversee the blog section where our team shares news, stories, and tips to help people stay private and secure. I’m proud that we can provide quality content for different audiences: from people only starting to learn the basics of securing their online activities to engineers interested in more in-depth analysis.
Are you working on any exciting new projects you’re able to share with our readers? For example, are there any new features or improvements to the app that might help with the overall user experience?
Well, in the cybersecurity field, new threats and attack vectors rise all the time. So to offer our users the next level of online privacy and security, our R&D team always needs to focus on new technologies. In Q4 this year, we’re planning to introduce a few exciting features not seen in the VPN market before. Final tests are happening, and we all are looking forward to seeing them in action.
I know NordVPN also offers NordPass, a password management tool. Could you explain to our readers the benefits of NordPass?
NordPass is another app from the Nord Security product family. It’s a password manager powered by the latest technology for the highest security. The NordPass team developed it with affordability, simplicity, and ease-of-use in mind, giving users safe access to their passwords on desktop, mobile, and browsers. Besides, all passwords are encrypted on the device, so only the user can access them.
As password managers go, it’s an excellent tool. But I like to think it also goes above and beyond that concept. Yes, it’s there to store your passwords, but also all other sensitive information: credit cards, alarm codes, anything. And it will nudge you in the right direction if you use old passwords or try to reuse them. Not to mention that if your account is breached and its details are out there in the wild, you’ll get a prompt notification.
As a Data Privacy Expert, you must have a lot of experience scoping out the competition. What would you say makes NordVPN stand out among other VPN providers on the market today from a privacy standpoint?
As I mentioned earlier, the trust factor is a critical element in this market. I don’t know if there is a more straightforward way to earn your user’s trust in your VPN service than transparency. Apart from regular and fully disclosed audits from reputable third parties, I’m proud of the open bug bounty program we are running. Of course, managing it requires dedicated infrastructure and more resources than having a closed program, but this is how our industry keeps going forward.
Looking at the industry as a whole, it seems that more and more companies are adopting methods of tracking and storing data on people’s every move. How aware do you think the average user is of the amount of information collected about them?
I suspect the average users today are far more aware of the tracking and storing of their personal data than, say, a few years prior. So the important follow-up question is, what changed? Well, I believe at least two notable factors are contributing to increased public awareness. The first one is a wave of large-scale cyber-attacks that happened during the pandemic. They received extensive media coverage, and for many, showed the potential damage cybercrime could do to businesses and individuals if their data gets leaked in such an attack. It made people think not only about whether they should update their old passwords but also about all their sensitive information that a potential breach could reveal.
The second factor is public and institutional pressure on tech giants to implement better measures on data handling. The data privacy laws like GDPR in Europe or CCPA in California were a strong starting point. But for an average user, it translated into clicking a few extra boxes when opening a web page. On the other hand, it led to welcome initiatives like the now-famous Apple’s iOS 14.5 App Tracking Transparency update. It was a really graphic example for people to understand just how much data they generate and give away.
Can you walk our readers through exactly how the powers that be actually go about collecting people’s online data?
Unless you’ve spent your entire life without ever touching any connected device and without signing up for any service, you most likely have a lot of data attached to your online identity. Those little bits of information, for example, gender, age, or ethnicity, are called data attribution points.
If you single one or a few data points out, it might seem like a harmless thing to disclose when filling your information in some online form. What evil can anybody do knowing that chess is your hobby? But when thousands of separate data points of your online activity are gathered in one place, one can paint a pretty clear picture of your real-life identity. And then it becomes a tempting target for third parties. They collect those large databases of your data and sell it to other third parties, like marketers, risk assessment agencies, financial institutions, or others. And after all that, you might see a targeted ad for a new set of chess figures.
One benefit, some say, to all this data collection and spying is the personalization a user experiences – from retargeted ads to curated social media content. What would you say the pros and cons of this are?
So let’s take that chess set example. If you are lucky enough and that chess set is something you actually need but would have never found by yourself, it is a successful case. But in real life, experiences are not always that precise. For example, you might get bombarded on different sites and social pages by the same obtrusive ad for a thing you don’t need. Why? Only because you happened to open some random online shop page. We all want a certain level of convenience, but the question is at what cost, and more importantly, do we know that cost? Some people don’t mind the existence of an elaborate model of their likes, dislikes, and activities if that gives them a more convenient experience. The problem often is that most online users do not know the other side of this personal data trade-off.
What direction do you see the privacy industry going in general?
Cyber-attacks will likely still be happening, and internet freedom, in general, might continue to shrink. I believe that the privacy industry will continue to expand to meet the demand from a growing base of internet users who will be even more aware of online threats. And let’s not forget that expectations formed in other digital industries, like ease of use, will still be there. So cybersecurity solutions might go in the direction of an all-in-one package, offering one convenient ecosystem for security and privacy needs.
Are there any protocols or technologies on the horizon we should look out for?
I think we could see a duel between AI-enhanced security solutions and adaptive malicious software on the far point in the cybersecurity horizon. While the true AI capabilities are yet to be seen, it might be the next best thing for cybercriminals to launch sophisticated attacks. And it will require equally competent AI models to analyze user infrastructures to see the potential weak points.
You’ve been in the business for 8 years now, give or take. In your experience, what would you say is one tool a user should get to protect their online privacy – besides a VPN of course.
Sadly, there are no silver bullets in the cybersecurity field that could guarantee you 100% safety and privacy. That’s why a holistic approach is always the best way to deal with online threats. But, if I need to recommend only one thing apart from having a trusted VPN service, I’d go with multiple-factor authentication. If possible, enable and use the MFA for all websites where you are storing your personal data. So in the event of a compromised password, the malicious actor will have a much harder time accessing your information.
Are there any smart devices you’d recommend to users interested in protecting their privacy and data online?
I would recommend investing more in a capable and secure Wi-Fi router at home. The best options are usually more expensive than the generic models offered by most ISPs. But in return, you will have more features, like the ability to install a VPN directly into the router and regular OS updates.
On the same lines, what operating system(s) focused on privacy would you recommend using?
The most secure option would be to learn Linux-based OS fundamentals and spend considerable time learning all ins and outs of that framework. However, that is usually not the option for the majority of computer users. The main thing to do when using your current operating system is to know and follow the essential security tips, like regular updates, using robust cybersecurity tools, not abusing the administrator rights, and others.
Thank you for humoring me with those. Now for the main question of our interview: What are the “Top 5 Ways a User Can Protect Their Devices and Personal Data?” (Please explain why you chose each.)
- Update your software as fast as possible. Zero-day vulnerabilities are often one of the most critical entry points for cybercriminals. To have a potential security risk when a software maker solves it is a privilege that is too pricey in this day and age.
- Review the information you already provided online. While it is crucial not to overshare your personal details when signing up for a new service or a website, it is equally important to revisit the sites you used in the past. Some of the information might seem a bit too detailed or unnecessary, and if the site is breached, that information can fall into the wrong hands.
- Use an MFA app. Most services and social sites already offer an extra security measure in the form of multiple-factor authentication. Install an authenticator app on your smartphone or have a physical authenticator device and provide a more substantial security layer for your personal data.
- Never use the same password for multiple sites. Coming up with one strong password or phrase and using it everywhere is not an option. Different sites use different levels of security, and one breach could put all your online accounts at enormous risk. Using a secure password manager is the right way to go.
- Use a VPN. A reliable VPN offers better levels of privacy and security for any online activity. A feature-rich VPN should feel like a savvy digital life companion guarding your every online step.
What educational resources does NordVPN provide if our users want to learn more?
Our blog section offers a wide range of topics on privacy and cybersecurity. Readers can find answers to the most pressing questions, in-depth analyses, how-to tutorials, detailed engineering posts, and news on cybersecurity topics from all around the world.
Is there a place our readers can follow your work?
Great! Thank you so much for the time and care you spent answering my questions, Daniel. We hope this interview can help our readers stay informed and protected online – especially with NordVPN and NordPass as part of their privacy toolkit, too.