• Make a list of all your email accounts

  Start by making sure you don’t miss any of your email accounts. You’ll need to perform the following steps for each.

• Reassess active email accounts

  Consider creating separate emails for specific purposes. If your main email is beyond saving; consider making that your new junk email and create a new email for important communications. Finally, if you aren’t using an email account anymore, consider deleting the account.

• Set up email filters

  Most email providers (both online and via email clients on your computer) provide the ability to filter incoming emails based on what you’d like to see. Be careful though, sometimes important emails may be accidentally taken out of your inbox and lost in a category or other filter you configure. 

• Unsubscribe from old mailing lists

  Stop getting unnecessary emails altogether. Look to the bottom of any promotional or update email to a link to “unsubscribe” or “manage my preferences” to click through and stop emails you do not want anymore. If you come across an email associated with an old online profile you do not use anymore consider decommissioning the old account (remember these for the “Your accounts” section below).

• Move important files to digital filing cabinets

  This is also a great opportunity to stop using your email as a filing cabinet. Though many email providers make using email as a filing cabinet a little too easy (large storage capacity, search functionality), it is not a reason and definitely not the original intent of the email inbox. Move critical files out of your email and into a true digital filing cabinet like Google Drive or your external hard drive.

• Clear out unnecessary old emails

  Once you’ve moved all of your important files out of your live inbox it is time to purge the rest. If you are still uneasy about this, consider making an archive or backup of your inbox to store on one of your digital filing cabinets just in case.

Check out our previous article: “Protect Me From My Email” for more information.

• Make a list of all of your digital storage spaces

  Think about all of the computers, external hard drives, and online (cloud) storage platforms you use and make note of them. If you use email for storage, consider revisiting the previous “Your email” section above.

• Delete old data you no longer need

  Review the contents of each data storage location and delete anything you no longer need. You will feel relieved by getting rid of the clutter. Rule of thumb: If you haven’t looked at it in five years or more, you probably don’t need to be storing it anymore! Plus if you are having trouble staying under your data limits for your online storage, you’ll be glad you did this! 

• Ensure deleted data is actually deleted

  If you identify data or digital filing cabinets that can be deleted ensure that the data is truly gone. Make sure the recycle/trash bins for your computers and online storage locations are emptied. If you are ceasing the use of an external hard drive, consider reformatting of physically destroying it.

• Consolidate your digital storage spaces

  As you start going through your digital filing cabinets, consider the possibility of consolidating to fewer locations. In some instances, you may have to consider paying for additional space. However, the cost could be worth it if having all your data in one place gives you some assurance that things are properly backed up.

• Secure your digital storage spaces

  If you consider the data on your physical storage devices to be sensitive, encrypt and password protect it. For cloud storage locations, be sure to turn on multi-factor authentication.

• Make a list of all of your digital accounts

  If you’ve followed the previous steps, you’ve already made a good start with your newly consolidated list of emails and online storage locations. Now let’s expand this to include the online accounts you regularly use. This includes social media, websites, subscriptions, mobile apps, etc.

• Delete online accounts you no longer need

  For online accounts you no longer need, consider deleting the account. Follow the provider’s instructions and make sure they are deleting your account and removing all of your data rather than just archiving your account.

• Review all add-ons or plugins

  Review all plugins and add-ons to each of the digital accounts you identified. This may vary by platform, but the main point is to look for any third-party integrations and verify whether they still need access to your online accounts (e.g. games on Facebook, Extensions in Chrome, etc.)

• Review authorized devices

  If you have specified that only specific devices can access your online accounts, you should review and remove any old devices. Make a note of these for later on when we talk about decommissioning old devices.

• Review account content

  Make sure the content on your profiles is correct or that it is the type of content you still consider suitable on the platform. Where possible, remove personal data (or seek to minimize it). On social media, in particular, this could be a great opportunity to remove embarrassing old posts or remove friends/connections who no longer need to see your information.

• Review privacy settings

  Review and update privacy settings to ensure that your publicly facing profiles are locked down. This includes things like public profile visibility and default posting settings (public vs. friends only vs. only close friends).

• Reduce the number of login credentials you have

  Review all of the accounts you have and see whether you can consolidate them into social logins. Examples of this would be when you get asked to log in to a site with Google or Facebook. This reduces the number of passwords you have to remember and you can focus on strengthening the social login password.

• Forget the passwords and let a password manager remember them for you

  Use a password manager to increase the strength of the remaining passwords and decrease the stress of remembering really complex passwords.

• Set up multi-factor authentication

  Always, always (where possible), leverage multi-factor authentication to increase the security of your remaining passwords. For example, register approved devices that can access an account or set up multi-factor authentication services from the online platforms you use.

• Sign up for (or update) security notifications, alerting or monitoring services

  Where they exist, review your account security settings and turn on any notifications to know when your passwords/login credentials may be involved in suspicious activity (e.g., logins you weren’t expecting, etc.). Other alerting or monitoring services may be warranted for your online banking or other high-risk accounts/passwords.

Check out our article titled: “Why the Strength of Your Password Doesn’t Matter” for more information.

• Make a list of all your devices

  You know the drill already. You should have a pretty good list of devices already started from the previous steps in this process. However, please take another second to think about what devices are connected to your cyberself. Maybe a home assistant system (e.g. Amazon Alexa) or home security system?

• Remove old data or applications

  If you haven’t already cleaned up a device as part of a previous step, this is your chance! Not all devices will have applications installed but if they do, take this opportunity to remove old applications. If you find one that wasn’t covered in the preceding “Your accounts” section, make sure you follow guidance there to ensure your data is deleted.

• Get rid of old devices

  If you don’t need a device anymore, consider decommissioning the device entirely. Be sure to securely delete all of your data from the device (e.g., do a factory reset) based on manufacturer recommendations.

• Secure your remaining devices

  Make sure your remaining devices are secure. This includes things like keeping them up to date with manufacturer and security updates and installing security software (e.g. antivirus) where applicable. Finally, ensure your pin codes and passwords for devices are strong and kept safe. Avoid sharing device passwords and /or enable biometrics (e.g. face or fingerprint ID).