TechTalk
Our knowledge to you.
Like it or not, the internet knows who you are. As we rely more heavily on the internet for everyday tasks and interactions, everything from our social security numbers to credit cards and personal details is stored online, and the conversation about the best ways to keep your information safe is always evolving. According to Pew Research study, this topic concerns Americans — 70% say they feel as if their data is less secure today than it was five years ago, and more than 50% of the public say they follow privacy news “somewhat closely.” The numbers come as no surprise considering large data breaches are a regular occurrence even affecting major companies like Facebook, Capital One, Equifax and Uber. At the time of the survey, almost 30% of Americans said they had experienced a data breach in the past year, and while individuals don’t have much control over large data breaches of credit card information, medical records, or other sensitive information, there are ways you can help protect yourself.
Anytime you’re online and browsing, you create a “digital footprint,” which is exactly what it sounds like. A combination of factors — say, age and physical address — can be enough to identify you. But a lot of what is collected online is information that can’t be traced back to a specific individual — for example, information about how people use websites, which is sometimes tracked and studied to improve user experience.
This happens through the placement of “cookies,” which are tiny bits of code that are stored on an internet user’s computer after they visit a given website. Cookies are used to deliver advertising that’s tailored to a user, or store information so that a user doesn’t have to fill in a password every time they visit a given website. Less innocuous types of cookies can place a personally identifiable tag in a browser to facilitate web profiling. Cross-site scripting can steal information from a user’s cookies. It’s possible to disable cookies, but the functionality of some websites will be limited if you do.
You can limit your digital footprint to some degree by clearing cookies and deleting your browsing history occasionally. Further, Google Chrome offers “Incognito” mode, while Firefox, Safari, and Explorer offer some version of “Private” browsing. All of these prevent temporary files, such as cookies, browsing history, and form data from being saved. There are a few browsers, such as DuckDuckGo, that don’t track users in any way, which means all users searching on a given term will receive the same results, unlike the Google algorithm that personalizes results to the user.
Many people store their credit card numbers with online merchants, such as Amazon or travel sites, for ready use when buying online. These companies are highly secure, and a data breach involving these stored numbers is unlikely. But typing in your credit card each time you buy reduces that tiny risk even further and is probably worth the inconvenience.
Sometimes people who are otherwise careful about online privacy are overly casual about their social media accounts, a phenomenon sometimes referred to as the “privacy paradox.” Don’t fall into this trap — evaluate the privacy controls that determine who can see what you post, be prudent about what you post, and log out of your accounts when you’re not using them — especially on computers that are accessible to others.
No matter what safeguards you take as you browse websites and social media, it’s important to remember that your browsing history can still be tracked by routers, firewalls, or proxy servers.
Phishing is a form of fraud in which people are tricked into revealing personal information, such as credit card numbers, bank account numbers, Social Security numbers, or passwords, to fraudulent entities that are trying to steal money, or install malware on your computer. Typically, phishing scams try to get you to respond right away by claiming there is a problem of some sort.
Common forms of phishing include legitimate-looking emails that appear to come from entities like your bank or internet service provider, asking you to log onto what is actually a fraudulent site and provide personal information. Red flags include misspellings or grammatical errors in the body of an email, or an unrecognizable or shortened URL — don’t click it if you have any questions. It’s important to report phishing scams to the company the email appears to be from, and to the Federal Trade Commission.
It’s increasingly common to receive phishing phone calls from legitimate-sounding technicians trying to convince you to log onto your computer and download software, claiming that this will solve a problem with Windows or similar. These callers can be quite aggressive, especially if they think you’re falling for it — your best bet is to get off the phone immediately.
Most people occasionally need to access a bank account or other sensitive information from a public wi-fi. To do so safely, be sure your laptop has strong antivirus software and a good firewall (to check the latter, click on the start menu, and then the security icon — a green indicator means the firewall is on). Check for “https” rather than “http” in front of URLs — the “s” stands for secure. That said, this isn’t a panacea — some scam websites have the “s” too.
If possible, use a virtual private network (VPN) to access work data remotely and securely when telecommuting or traveling. If you don’t have a VPN, at the very least avoid file-sharing or other activities where you upload files from another computer onto yours.
Email messages sent “in the clear” (that is, without encryption) are not particularly secure, which is why you should never send sensitive information such as a Social Security number in the body of an email. Encrypting email communications provides, as a popular utility promises in its name, Pretty Good Privacy (PGP). Some email clients such as Outlook Express can be configured to send encrypted mail natively.
Further, your inbox likely contains purchase receipts, your contacts, travel itineraries, “reset password” emails, and other information identity thieves would love to get their hands on. As a safeguard, delete these types of emails after you no longer need them.
It’s easy to use the same password or PIN for all your online accounts and computers, but this creates vulnerability. If someone hacks your Facebook account, you don’t want them to be able to use that password to get into your bank account!
Use strong passwords that don’t include obvious personal information, such as a phone number, family member’s name and so on. It’s prudent to change passwords frequently, especially if you have any reason to believe an account has been compromised.
A password management utility such as Password Safe (free, open-source, and easy to use) is an excellent, secure way to keep track of multiple passwords, and can be set up for personal as well as for business use. It’s much more secure than an Excel spreadsheet, or a handwritten list in your desk drawer.
The digital revolution has created countless advantages and conveniences in our personal and professional lives. However, concerns about online privacy and data breaches are an unfortunate part of this new reality. While some control of your online personal data is possible, complete privacy on the internet is something of an illusion — so it’s important to act accordingly.
Tags: data breaches, digital footprint, email security, internet privacy, online privacy, passwords, phishing, protect yourself