Information Security – Episode 5 Protecting your online privacy
If we asked you what it meant to you to protect your online privacy, most people would immediately think of the searches they carry out or the websites they visit. It goes much deeper than that. Whenever you download an app, visit a website or use social media it’s highly likely that some of your personal information is being gathered. At some point in time you’ve almost certainly willingly given up your name, address, marital status, usernames, email addresses, age, race, height, weight, gender etc. If you’ve shopped online you’ll have surrendered your card details and even advertised the areas around your home that you consider “safe zones” in case you’re not at home for a delivery.
Giving it away
You may have offered up your neighbour’s name and address, they may have given away yours! Somewhere out there someone will know that you like a box of 20 chicken McNuggets, a large portion of fries and a chocolate milkshake every Saturday evening after you WhatsApp your daughter in Australia, except when you take your annual holiday to Mallorca with your friends, Jack and Stacy. You have a senior admin role in the construction industry but you clearly love animals and would probably do well to consider a career change. In fact, you are considering it. You’ve applied for 13 jobs in the last two weeks and have an interview tomorrow with Jane, who you connected with on LinkedIn just last night. You have two dogs that you treat like your children but one has been poorly of late with multiple trips to the vet in the last few months. Your partner passed away 10 years ago and you’re finally looking for a relationship again on a dating app. Your mother has just beaten cancer, you average 11,000 steps a day, you wear a size 10 shoe, you sleep for 7 hours a night, it takes you 15 minutes to drive to work, you eat real butter but drink the red milk, you watch a lot of golf on Sky Sports, you drive a Nissan X-Trail, you pay your bills on time, you login to Facebook on your work computer, you walk your dogs at the country park 10 minutes from your house, you earn £34,000 a year, your mobile number is 07653….…
If you think about it, is there anything about yourself that that you haven’t willingly given up online?
Why does it matter if you give your personal information away?
Cyber criminals collect this information about you in order to perform identity theft or for targeted social engineering attacks. You could end up as the weak link that allows someone onto your company network.
It’s not realistic to think that you could just go off the grid completely, but you can seriously consider which information to choose to share about yourself and with whom. Here are some basic tips to help:
• Don’t display where you work on your social media profile
• Check your privacy settings on your online profiles
• Don’t just accept the warning messages on a website or app, read their privacy settings
• Think before posting any photos or videos online (who will see it, does it give away anything personal?)
• Don’t use the same passwords for all accounts
• Save all accounts in a password manager and review what you have access to on a regular basis
• Validate a company, app or website before entering your personal information onto them
• Remove old posts and delete accounts you no longer use (especially on job boards)
• Use a VPN when on public networks
These tips make the assumption that the providers of the services you are using are secure. We know that isn’t always the case as even the largest corporations in the world have suffered data breaches. We recommend that you periodically check what information of yours is circulating on the dark web. Credit score companies often offer this service for free, or you can visit an open site like “haveibeenpwnd”. There is also a Google Chrome extension called “Password Checkup” which can identify whether your account details have been exposed in a breach for the sites which you visit. If you discover your details in any breaches, make sure you change your passwords on those sites or even delete your account.
Remember, once you give your information away online it is almost impossible to take it back again.