The Security Editor
Keep your documents safe.
Without the jargon.
Clear, practical guides on encryption, cloud storage, backups, safe sharing, and the messy realities of keeping your files private. Written for people who want to understand, not just be told what to click.
Nine topics. One library.
Each topic is a working hub of articles, ranging from "I just want the short version" to "explain the threat model to me in detail".
-
Start here
Fundamentals
Threat modeling for normal people, the vocabulary you need, and a plain-English tour of what "safe" actually means when it comes to your files.
-
Scrambling data so only you can read it
Encryption
At rest vs in transit, end-to-end encryption, full-disk encryption, file encryption, and how to password-protect documents without shooting yourself in the foot.
-
Google Drive, iCloud, OneDrive, Dropbox, and friends
Cloud storage
How to evaluate a cloud provider, harden the settings on the ones you already use, and when to add a client-side encryption layer on top.
-
So you never say "I had one copy"
Backups
The 3-2-1 rule in plain English, immutable and air-gapped backups, ransomware resilience, and setting up Time Machine or Windows Backup once and forgetting about it.
-
Getting the file to the right person, no one else
Sharing securely
Expiring links, password-protected PDFs done right, sending sensitive docs to your accountant or lawyer, and the common mistakes that make "password-protected" meaningless.
-
Making a file really, truly gone
Destruction & disposal
Why "empty the trash" is not enough, why SSDs and HDDs need different treatment, cryptographic erasure, and retiring old devices without leaking your life.
-
Your documents outlive your devices
Digital estate planning
Who gets access to your documents if you lose your phone, your memory, or your life. Password manager emergency access, legal considerations, and a practical checklist.
-
HIPAA, GDPR, and document retention
Small business & compliance
The parts of HIPAA, GDPR, and document-retention rules that most solo practitioners and small businesses actually need to understand.
-
What you are actually defending against
Threats to documents
Phishing, infostealers, ransomware, lost devices, shoulder surfing. Framed around what each threat means for the documents on your computer, not abstract "cybersecurity".
Latest guides
All guidesTar, encrypt, upload: using GPG to secure files before they hit the cloud
A no-nonsense tutorial on using GnuPG to encrypt files before they leave your machine. Works with any cloud provider, requires no new service, and keeps you in control of the keys. Plus when this is the right tool and when it isn't.
Level: intermediate
Security is a practice, not a product
Setting up MFA, encrypting your disk, and running a password manager once is not the end of the story. Accounts drift, software rots, vendors change. Here's what maintenance actually looks like — and the annual rituals that separate real security from a snapshot.
Level: beginner
Paper documents and shredding: the often-forgotten side of secure disposal
Every security site talks about digital destruction. Your bank still sends paper statements, your health insurance still sends EOBs, and your tax records are still partly on paper. A practical guide to what to shred, which shredder to buy, and the standards that actually mean something.
Level: beginner
A digital estate plan your family can actually use
Your documents and accounts outlive your memory of them. A practical guide to leaving a plan that works — for executors, partners, and children — without handing your entire digital life to anyone who finds a notebook.
Level: beginner
GDPR for a very small business: the three things that will trip you up
GDPR applies to one-person businesses just as much as to Google. The good news: for most small operators, only a handful of obligations really matter day-to-day. This article covers them, in plain English, with the traps that catch small businesses most often.
Level: intermediate
Closing a cloud account without leaving data behind
Deleting an account is not one click; it's a procedure. A walkthrough for closing Google, Apple, Microsoft, and Dropbox accounts properly, including the cleanup most people skip — linked devices, shared content, recovery paths, and the things you'll never get back if you rush it.
Level: beginner
How this site works
Independent. Ad-free. Cited.
- No ads, no affiliate links. We have nothing to sell you. Product mentions are editorial choices, not sponsorships.
- Primary sources. Guides cite NIST, CISA, EFF, vendor security documentation, and reputable journalism — and link back to them.
- Pseudonymous, not anonymous. Read how and why.