Cyber Security Awareness Month is a great time of the year for most of us cyber security professionals. It gives us some time to reflect on our experiences from the field in order to help those who may not work in our field. One of the key topics for the month, that continues to be a top conversation starter among security professionals, is “Your Evolving Digital Life”.
Boundaries that were once present with technology have dissolved leaving an open field of limitless possibilities. The internet is the single largest shared resource on the planet. At the same time someone can reach you in ways and from places that you would never think of, good and bad. Your data and its privacy is quickly becoming no longer private. How do we share personal data safely, and when should we not share anything. I call this my Top 10 list of things you should do or not do to protect your data privacy.
Privacy In-Depth: “A practical strategy to protect your personal information from being misused or compromised by using privacy control layers, such as limiting the type of personal data being shared or limiting the parties who may view your data.” – Erik Barnett
1.) Limit your shopping rewards programs. Many credit issuers have a rewards program where you can save a percentage on your purchases if you give them your personal information. What they don’t directly say is that once you agree to this, you’re allowing them to share this information with other companies. In some cases these third-party companies will share your information with others.
2.) Use cash instead of your debit card. Financial institutions are watching your spending habits. They know what you bought and when you bought it. They can work with other companies to push certain ads your way. If you don’t want your spending habits to be tracked, use cash. This will also limit the amount of credit and debit card information businesses may retain.
3.) Be selective when sharing your personal data. You should never freely give up your personal information without knowing exactly why the recipient needs it. When it comes to your social security number, protect it with your life. Even the last four digits of your SSN should not be given to everyone.
4.) Limit “Who can view” your social media profiles. Telling everyone about your life history can lead to hackers figuring out your passwords and security question responses. Your actual friends and family probably already know who you are. Lock down who can see your profile by limiting information to your “Friends” and not “Everyone.”
5.) Separate your social media life. Too many of us are using Facebook and LinkedIn interchangeably for work and life, often mixing circles with co-workers. Separate it by using LinkedIn for your professional life and Facebook for your personal life. This will make it easier to screen the good from the bad people who want to connect with you.
6.) Separate your business life from personal life. Your work computer or tablet is the Fort Knox of your business information. By using this same device for personal activities, such as banking and social, it’s easier for a hacker to take everything from you. Separate the data. Put your personal data such as banking information on an external hard drive. Plug it in when you need to use it and unplug it after you’re finished.
7.) Search for your name and create a Google alert. If you want to know how big your digital footprint is, do a search on yourself and look at what everyone else in the world can see about you. The results might be shocking. I did a search on myself and found there is a criminal using my full name. This can also uncover how transparent your Facebook page is or how much information can be seen on your LinkedIn profile. You can then check your settings to limit that information on the Web. If you want to see how your social media pages appear to people outside your circle, view those pages while logged out and with your browser set to private or incognito mode.
8.) Sign out or log off. When you’re finished using social media sites like Facebook, LinkedIn and Twitter, make sure you sign out or log off. Leaving devices logged into social sites, bank sites, etc. exposes you to the possibility of someone later sitting down at the same device and snooping around your data.
9.) Double check all suspicious emails. Have you received an email from a close friend asking to help someone out in Africa for a payment of one million dollars? I have, and I knew it was a scam. However, some scams are hard to recognize so double check with the person who sent the communication. Call the person who sent the communication to ensure they did send it. Never accept email invitations from random people. If you think you have fallen victim you can get help by going to the Federal Trade Commission Identity Theft.Gov.
10.) Passwords, Passwords, Passwords. If it connects to the Internet, it needs a password. Your home devices are the first line of defense to protect your privacy. Those devices hold the most information about you, which can lead to identity theft. Make sure the password you use is hard to figure out and something only you would know. Not having a password is asking for trouble. And please… change them once in a while.
These are some of the things you can do to provide multiple layers of protection for your private information. There are several more ideas like using private browsing, encrypting your computer or using a secondary authentication device. The more layers, the better chance you have for protecting the privacy of your data
Receive notifications of new posts by email.