Headshot of Mariano MiguelHomeConsultingAboutWriting

How I Safeguard Information in 2025

February 25, 2025

Ensuring the security of client data and proprietary information is more than a technical exercise—it's a foundational commitment that shapes every aspect of my professional practice.

As of this year, I've been an independent consultant for about 13 years. While I've always treated all my data with care and never had any issues, my clients have gone from small businesses with no compliance requirements to bigger and more complex engagements with very specific compliance requirements over the years. This year marks a new milestone in the way I handle data both personally and for my business, as I've significantly enhanced my security infrastructure to create a multi-layered defense system that provides both protection and peace of mind.

Security Has Strategic Value

When clients share sensitive business challenges, they need absolute confidence in data protection. My approach combines multiple security layers that create what security professionals call "defense in depth" — forcing potential attackers to overcome numerous sophisticated barriers.

I'm a computer nerd and really enjoy doing this type of work, even for its own sake. But this isn't merely about implementing technology. It's about establishing trust through consistent diligence and transparent processes. Protecting information is just as crucial as delivering strategic insights and good work.

Without further ado, here's my comprehensive security approach for 2025.

The Foundation: Creating a digital fortress

Moving from a Standard Google Workspace to Google Workspace Enterprise Plus

I've upgraded to Google Workspace Enterprise Plus, giving me access to enterprise-grade security capabilities:

  • Advanced threat detection identifies and blocks suspicious activities in real-time
  • Data Loss Prevention automatically recognizes sensitive information like credit card numbers or PII and prevents inadvertent sharing
  • Context-aware access ensures that even if credentials are compromised, unauthorized access remains virtually impossible without meeting specific device and location requirements
  • The client-side encryption capability puts me in direct control of encryption keys—creating an additional layer of protection for strategic documents and sensitive materials.

Double-Encrypted Digital Workspace

My operational workflow incorporates dual security systems:

  • All work happens on a MacBook with FileVault encryption activated
  • Sensitive information receives an additional protection layer inside a VeraCrypt volume secured with a long, random passphrase

This two-tier approach means that even if someone physically accessed my device, they'd face two robust encryption barriers before reaching any protected information.

Daily Security Practices

Password and Authentication Strategy

I maintain completely unique, long, and random passwords for every service I use. This eliminates the "domino effect" where a single breach cascades into multiple compromises.

Two-Factor Authentication is enabled everywhere it's available, adding a verification layer that significantly strengthens my overall security posture.

Hardened Devices and Networks

Security requires continuous vigilance:

  • Monthly vulnerability scans identify and remediate potential weaknesses on my network
  • Immediate security updates are applied across all devices
  • Network configurations incorporate the latest encryption protocols and robust firewall settings

All professional communications happen exclusively through encrypted channels, dramatically reducing data interception risks and preserving the confidentiality of strategic conversations.

Proactive Monitoring and Response

I try not to wait for problems. Instead, I take some time regularly to actively hunt for them:

  • Automated systems continuously scan for known credential exposure incidents that could affect me
  • When potential issues are detected, I immediately reset passwords and strengthen affected services

This proactive stance allows me to identify and address vulnerabilities before they impact operations

Insurance

To provide additional stakeholder confidence, I maintain industry-standard insurance coverage:

  • General Liability
  • Professional Liability
  • Cybersecurity Insurance

This comprehensive coverage gives me practical, concrete preparation for contingencies and full accountability for information protection.

Looking Forward

As the threat landscape continues to evolve throughout 2025, my security approach will evolve in tandem. I remain committed to continuously evaluating and enhancing these protections to maintain the highest standards of information security—ensuring that when clients trust me with their most valuable assets, that trust is well-placed and well-protected.