Battling to keep personal and corporate data private and out of the prying eyes of cybercriminals and other even more frightening people is a 365-day-a-year fight, but to help out industry executives are weighing in with some thoughts and tips as National Data Privacy Day approaches.
Adam Levin, founder of CyberScout, told SC Media that the threat to people's privacy is goes far beyond having a good password particularly with the billions of Internet of Things devices opening up an entirely new threat sector that had to be defended.
“For this Data Privacy Day in particular, we need to seriously reflect upon the new reality that every minute of every day we are allowing smart devices to dumb down our commitment to privacy and security. Surrounded as we are by billions of Internet of Things devices, our privacy is being increasingly compromised by advancements in new technology. With the recent Amazon Echo case and countess examples of spying baby monitors, webcams, smart appliances and TVs, millions of Americans are passively allowing their privacy and security to be trumped in the name of convenience. Each of us needs to be a privacy champion—on our own behalf as well as others'—by replacing manufacturers' default passwords where we can with ones that are long, strong and not easily decipherable; updating product software whenever vulnerabilities are discovered and patches issued; and carefully reading terms and conditions before blindly granting blanket permissions in order to get the newest, coolest apps or programs,” he said.
Richard Stiennon, chief strategy officer at Blancco Technology Group, has offered up some specific tips covering cybersecurity weaknesses that many people might not consider worrying about.
Tip 1: Just because you can't see files on your desktop/laptop computer doesn't mean they're gone.
When you drag files to the recycle bin on your computer and/or reformat your hard drive, the data isn't really gone. Imagine your hard drive is like a library. To find the book you want, you get a reference number from the library's database – and that leads you to the section of the library where the book can be physically found. But the book still remains in the library and it just becomes a case of using more sophisticated methods to locate it. Secure erasure of your files is the best way to make sure your data is truly destroyed.
Tip 2: Beware of what you're syncing.
How often do you charge your personal smartphone by plugging a USB cord into your company laptop? How often do you charge your work phone by plugging a USB cord into your personal laptop? Chances are, you do this multiple times a day. Once connected, a lot of devices begin automatically syncing without notice and transferring files between the two. If you're plugging devices into one another, beware of which files you may be transferring because sensitive information like photos, emails, contacts and usernames and passwords could be hacked and eventually leaked.
Tip 3: Formatting removable media (i.e. SD cards, USB sticks) isn't the same as erasing data.
External SD cards make it easy and efficient to transfer data from device to another. But it also increases the chances of sensitive information being leaked. Why? Emails, contacts, photos, videos and other files can be saved on the SD card instead of the device itself. So if the SD card is lost or stolen, it can be easily transferred to another device. And formatting removable flash media, such as USB sticks and SD cards, doesn't actually erase the data forever. So all of those emails, photos, videos and other sensitive files could very well come back to haunt you. To securely erase an external SD card so that the data can never resurface – you first have to remove the SD card and insert it into a computer, which can correctly detect all of its sectors and run software to securely erase everything.
Tip 4: If your smartphone is undergoing repairs, don't forget to erase data from a loaner device.
Are you experiencing issues with your mobile device? Have you taken your device into the retail store of your carrier or device manufacturer to have it tested and repaired? If this happens, you might be given a temporary “loaner phone” to use until your own phone is fixed, which could take about one week or possibly longer.
In the meantime, you've probably been using the loaner phone to save new contacts, photos and videos, as well as send emails from your work email account. But when it's time to get your own phone back and return the loaner device, make sure all of that data has been permanently erased. And remember, if you have an Android device, a factory reset doesn't properly erase the data and leaves it exposed and potentially accessible to the next person who uses the loaner device.
Tip 5: When you close an account with a business or website, ask for proof.
When the personal information of over 32 million registered users of dating website Ashley Madison were leaked, the consequences were much more profound. What really stood out in this case was the underlying cause – users had paid for the site's $20 “Full Delete” program with the understanding that their information would be removed completely from the site. But that didn't actually happen and users had their data resurface. The lesson here is to always ask for proof that your data has been permanently erased from all locations where it's being stored.”
