These guidelines were kindly written for me by James Wood, who works professionally in the Technology sector. They cover basic ways to protect yourself and your data in the online world.


This usually happens when a laptop is lost, hard drive crashes or house is burgled. It happens all the time and is still the most common thing I am contacted about. A spinning disk hard drive has a life of around 3 years. If your laptop is older than that, then you are living on borrowed time. It can be very traumatic for people who lose precious family photos and important documents. There are two great ways to mitigate this, both of which, once set up are very low maintenance.

1.      Protect against accidental deletion or hard drive failure: create your own backups. On Windows, use Windows Backup and an external usb hard disk (Seagate are a good brand) (guide: On Mac purchase a Time Capsule, which is basically a hard drive in a nice white box and use the Time Machine software to regularly run a daily backup. Set this to run automatically on a schedule.

2.      Use an distributed file storage: Store photos and documents on a distributed system like Dropbox, Box, Google Drive, iCloud. These offer some redundancy in case of fire or theft of your device and backup drive, as they store copies of your files online. Additionally they have the benefit of allowing you to access your files on your mobile device.

Note: You must use both methods. Either one on its own is not sufficient as physical backups can be stolen and distributed storage can end up replicating local problems (file deletions or corruption) up to the version stored in the cloud.

Next steps: Spend some money on a good backup drive. Move your photos and documents to a distributed system.


I see this all the time. Once a hacker has your password, they can steal your money, delete your data, reset and wipe all your devices and hold your photos hostage. Access to one account, e.g. an email account, usually means that the hacker can then gain access to all your other accounts through requesting password resets where new recovery links are emailed to the already compromised account. Almost all passwords that people use regularly can be guessed easily. A computer is capable of running millions of calculations a second. How long do you think it would take a fast machine to try substituting numbers or characters onto dictionary words to guess yours? Also psychologically, people tend to choose similar passwords. This makes the job of guessing passwords even easier.

Additionally, many poorly designed websites have been compromised in the past and passwords exposed. This means that almost certainly, if you use just one or two passwords, they are already compromised.

The answer to these is clear, but surprisingly hard to implement without a little help.

1.      Use different passwords on each website.

2.      Make up long very difficult passwords e.g. 21dsKJBGUYTD^$%w754^%$ which include lower, upper and special characters and are not based on words in the dictionary.

3.      Turn on two-factor authentication: this is where the website will text you a code which you have to input when you log in. This proves that you are who you say you are as you have your phone.

The problem with 1 & 2 is that this is impractical for most people. It can be done with a notebook of passwords, but these are vulnerable to loss and long passwords are pain to enter. These problems are solved by using a password manager. Google Chrome and MacOS Safari now have this built in. A cross platform solution is available from These managers will suggest new passwords when you register with a website and store the password on your devices so that you don’t need to remember them. They also sync these passwords securely to any other computers or mobile devices you use and will fill them automatically when you log into a site. This means you can have lots of ridiculously long passwords and never have to enter them or remember them.

Next steps: Make a list of all the websites you use, change all the passwords to randomly generated passwords. Turn on two factor authentication (available on Facebook, Google, Amazon, Apple and Microsoft systems)


This is the most difficult to protect against. This is where a hacker will email, call or otherwise contact you in a way which seems genuine, and ask you to give up information which will allow them to subsequently hack your accounts. They may ring saying they are from your bank and they ask for a password to security check you or you may receive an email from a provider asking you to log in to your system. The link included in the email will however redirect you to a copy of the bank’s website which will collect your username and password when you try to login.

1.      Never trust any calls that you have not made yourself (i.e. incoming calls). If someone calls from your bank and asks for a password then hang up and call the bank back using your usual customer service telephone number (not any number they give you). You are then free to continue your business knowing that you are actually speaking to someone at the bank. Be aware that scammers may have browsed your facebook profile and know some personal information about you to seem genuine. Don’t be fooled!

2.      Don’t trust any emails, and don’t click on links in emails. Email is fundamentally an insecure messaging system. Anyone can send an email and make it look like it came from someone else. Additionally links in emails can be disguised to look like they will direct you to an official bank website when they do not.

3.      Educate yourself about the methods scammers are using to fool people. Stay up to date.

This is the phase when you open receptively to the “aha!” moment, the creative insight that produces a way forward from the creative confusion. Like any right-brain process, you can’t force it. There is a saying, “In sleep, sex and fishing, the more you try, the less happens.” The same applies here. Sometimes just closing your eyes, breathing peacefully, and waiting enables you to find the synergy. If not, this is a good time to go for a walk, have a bath, sit in the garden, play some music: do something enjoyable and stay observant for the answer when it’s ready.

5. Evaluation

This is where the left brain takes the lead again. You have a vision of an outcome: it may seem sensible or it may seem crazy. Either way, you need to check out the practicalities, do the sums, ask the questions. None of us have 100% infallible intuition, and you may have to return to an earlier phase of the cycle to check things out.

6. Conclusion

Your evaluation may support your new vision, or highlight doubts or risks. Before you go ahead, return to the right brain: sit with your potential decision, see it in perspective, ask if it inspires and motivates you. This is the stage where we often say: “I’ll sleep on it”.

It is sometimes wise to cycle back within this process and repeat some stages. For example, the creative confusion stage may raise more questions to explore. Or you may alternate for a while between confusion and synthesis. It’s also cyclical because the conclusion to one diamond often becomes the starting point for another.