Tenet #10 From Cyber Crazy to Cyber Safe
The world can be a hazardous place, but, evidently, not as dangerous as being online. A decade ago, even the most cynical of tech geeks would not have predicted the extraordinary volume of cyber craziness running rampant today. According to a Pew Research Center 2017 article “64% of Americans have already had their data stolen through data breaches.” That equates to two out of three people. And, nearly half of all Americans (49%) believe “their personal information is less secure than it was five years ago.”
Go from cyber crazy to cyber safe and help your workplace colleagues do the same.
Having your data stolen is not the same experience as getting Chicken Pox. You get it once – you are immune – you never get it again. Since your data has a 2 in 3 chance of having already been stolen, the probability is almost certain that you will “get it again.” In fact, your private online information will continue to be compromised for the rest of your life. And, it doesn’t matter if you use secure passwords and have authentication enabled on your web accounts. Nor is it a matter of whether or not you are rich or poor, young or old or if you use a MAC instead of a PC. Everyone is under attack. Everyone.
Data is stolen because the companies whose services you use fail to protect their own networks. It’s not because they are lax. Just this week, Amazon (high priest of all things purchased online) had their “cloud” storage system compromised bringing sites around the world to a screeching halt for a few hours. Hackers are breaching sites at an alarming rate and are increasingly more damaging in their attacks.
For a visual illustration of what the increase in breaches looks like over time, visit dataisbeautiful.com and check out their bubble motion graphic which shows cyberattacks from 2004 to the present. As you scroll up through the years, the bubbles become larger and appear nearly everywhere until they simply merge together forming one giant blob of cyber nonsense.
If, according to Wordfence’s 2017 Cyber Security Survival Guide “data breaches are the new normal and if you accept the premise that they are inevitable and unavoidable, the problem we need to solve in our personal and business lives becomes ‘How do I reduce the risk and the impact of a breach?’”
It helps if you start with what you need to protect. I agree with Wordfence’s priority version for what to focus on first (again, sound advice for sharing with team mates):
- Information about us that may help criminals target us in the real world.
- Our financial means. In other words, savings accounts, ability to borrow and our assets.
- Sensitive personal information like medical records, tax data and other private data.
- Our ability to earn an income through our reputation and our ability to provide products or services, including our own labor, to others.
While the above cybercrime prevention strategy holds true for developed countries, there is a counterpart in underdeveloped countries. Kidnapping for ransom, robbery, and carjacking are very real threats. Doesn’t apply to you? Think again. What you post in San Diego can be seen (and targeted) by criminals in Rio de Janiero waiting for you to travel there on your next vacation. In order to reduce your risk of being targeted in a “high risk environment” consider the following:
- Never flaunt high value items online, including cars and jewelry.
- Share your location in general terms; if you want to share a specific location, do it after you have left that location.
- Don’t share information that may indicate when you have been paid.
- Consider making social profiles only accessible to people you have approved. Your social profile can provide someone with enough data to give you the impression they know you, or are a friend of a friend.
- If you work in a job with privileged access, or access to sensitive data, avoid disclosing who your employer is and your position. This includes disclosure on public websites like LinkedIn.
Wordfence suggests two easy steps for protecting your personal (and therefore sensitive) data like tax information, social security number and medical records.
- As much as possible, avoid creating data about yourself. If it doesn’t exist, it doesn’t need protection. You will frequently find forms that ask you for your social security number or equivalent. Most of the forms that ask for this don’t actually require that information. If they don’t require it, don’t enter it. Skip any optional forms and optional form fields.
- The best way to protect data is to delete it. Again – if you don’t have data “out there,” protection isn’t needed. If you have old data on a workstation that is sensitive, but you no longer need to keep on hand, delete it and empty your trash to permanently remove the data. If you have old databases lying around on servers that you don’t need anymore, but might contain personal information, delete them.
Bottom Line? Remember, you are not immune to cybercrimes. If your personal data has not already been stolen, it is an almost certainty that it will be. When at all possible, avoid or limit keying in personal data online. And, when you need to store and protect data on your own systems, use hard drive encryption if available. Likewise, be sure to password protect your devices including your cellphone, tablets, laptops and workstations. Use complex codes, gestures or passwords and avoid using one universal password for all of your accounts and devices.
Co-Founder / CEO, ZBglobal, Inc.
Victoria Tucker is the Chief Dreamer at ZBglobal, where she lends her 30+ years of experience on pivotal topics like workforce collaboration, engagement, mentoring and project management. She also plays ukulele…but not very well. Reach out to her!