Mirror Mirror on the Wall, who is the Least Protected of them All?

There was a time where blackberry and apple were just fruits in a supermarket.

It’s true. The Internet has blurred the lines between the real world and the virtual one. People are spending more time online everyday. I mean, the first thing we see when we wake up is our phone, and the last thing we see before we sleep is our phone! (Don’t tell me that’s not true)

However, just as the digital world is becoming more important, it’s also becoming a bigger target for attacks. Yet, safeguarding our digital experience isn’t a one-size-fits-all solution. It often involves multiple techniques and layers of security.


The most important thing we should all safeguard is our personal data.

Personal data is anything that can be linked to you as an individual. It includes things like our name, address, date of birth, email address, NRIC or passport number, bank or credit card details, location and biometric data. Of course, this list is by no means exhaustive.


So let’s be clear on one thing: There is no privacy on the Internet.

There could always be someone watching where you go and what you do online. And if you think you don’t have anything to hide or are not important enough to be spied on, well let me tell you that you are wrong! In fact, whether you are a student, businessman or a celebrity, it honestly doesn’t matter who you are.

The base line is this: Once you open your web browser, you are putting your private information at risk of being exposed, or even worse, hacked.

And with hackers getting smarter and surveillance growing stronger, all Internet users should know how to protect their personal data privacy in the digital world.


#1: Use a Safe Password

I cannot stress this enough. Use a strong password!

The best passwords are more than 8 characters, and contain both uppercase and lowercase letters, with at least one numeric and one special character.

You should also avoid using easily guessed words or alphanumeric combinations, such as the names of children or pets, birth dates, addresses, and similar information that can be easily guessed by someone looking at your Facebook or LinkedIn profile.

#2: Enable 2-Factor Authentication when available

What if you could find a way to make your password all but useless to a hacker? That’s what two-factor authentication does.

Two-factor authentication adds an additional layer of protection by requiring an additional step in verifying a login. Basically, after verifying your password, it will require a verification code either from a text message sent to your phone or from a token. So even with a valid password, it is harder for hackers to access your account.

Tip: Two-factor authentication should at the very least be enabled on your e-mail account. Most account passwords can be reset using the forgot password feature, which sends a new password or link to reset the password to the e-mail address on file. If anyone has access to your e-mail account, they could get the new password for your account.

#3: Be overly cautious when sharing personal information.

The basic questions you should ask yourself is this:

Who is asking for your personal information? Why do they need it? How will they use it?

Basically, know who you’re giving out information to, and don’t share any information that’s not necessary. When in doubt, withhold information when possible.

Yet the truth is that it is impractical in the modern environment. Families need to share passwords to bank accounts, credit cards, and other online services with spouses, and many share a single login to services like Netflix. In the workplace, there are abundant reasons why co-workers may need to share login credentials.

The bottom line is: You shouldn’t give out passwords without concern; rather, determine when another person legitimately requires access to your personal information or account and grant access on a case-by-case basis.

If another person needs access for a single, isolated purpose, change your password when the task is completed and they no longer require access.


DATA PROTECTION TIPS FOR COMPUTERS


#4: Encrypt your Data

If you think you need to be a technology geek just to encrypt your data, well then, you are wrong! This is because modern tools have made it easy for ANYONE to encrypt emails and other information.

When sending confidential information over the Internet, such as usernames, passwords, or credit card numbers, remember to only send it securely. To verify this, look for a small lock (Internet browser security lock) icon in the bottom right corner of your browser window or next to the address bar, and make sure it is in the locked position.

While in the locked position, data is encrypted, which helps prevent anyone from understanding the data if intercepted. When no lock is visible or in the unlocked position, all information is plain text and could be read if intercepted.

So basically, if a web page is not secure, such as an online forum, use a password you wouldn’t use with protected sites, such as your online banking website.

Tip: Never transmit confidential data over email, such as passwords, credit card information, etc. E-mail is not encrypted, and if intercepted by a third-party, it could be read.

#5: Be cautious where you’re logging in from

Business

Your place of work may have installed key loggers or use other methods of monitoring the computer while online. And someone who has access to this information could read these logs and gather usernames and passwords.

Wireless network

Working at the local coffee shop may have some appeal, but relying on a public Wi-Fi connection means your data can be intercepted by outsiders. Avoid conducting banking transactions and sending other sensitive information over a public Wi-Fi network. In addition, avoid using hotspots that are run by people you do not know or trust. This is because criminals can also set up hotspots known as ‘evil twins’ and ‘rogue hotspots’ to steal users’ information!

Always try and use encrypted (password protected) networks.

Friend’s house

Be concerned when logging into an account on a friend’s computer. A computer or network you are not familiar with could intentionally or unintentionally log usernames and passwords.

#6: Don’t save your passwords on your Web Browser

Let’s face it. We are all lazy people who likes to go on a website in our web browser without the constant need to always log in. For example, when we open Facebook on our laptops, how many of you are automatically already logged in?

However, this is not secure especially if you start getting into a habit of saving your passwords on random browsers. Moreover, if your laptop (touch wood) gets stolen, that means all your accounts are open and vulnerable to the thief or hacker’s perusal.

So whether it is your company’s shared computer, your friend’s laptop or your own personal laptop, do not store any passwords in your web browser!

#7: Don’t forget to sign out.

Signing in to online services is necessary when you need to access your personal accounts, but many users forget to sign out when they’re finished using a service. This is especially crucial for when you are using a public computer! And after you log out, remember to also clear the internet browsing data!


DATA PROTECTION TIPS FOR MOBILE DEVICES


#8: Take care of Privacy Settings

When configuring a new device or operating system, configuring privacy settings should be the first order of business. This ensures that you’re not inadvertently sharing sensitive information as you set up your standard apps and services.

Most apps offer privacy settings for users, enabling you to determine how much and what types of information are shared or stored. Always choose the least amount of data-sharing possible.

#9: Be mindful of your Surroundings

How many of you are oblivious to your surroundings once your head is glued into your phone?

If you have time to kill on your morning commute to work, you might browse the virtual shopping aisles. However, be mindful of who is sitting beside you or behind you. Criminals can easily peep over your shoulder and watch as you enter passwords, credit card details, and other information.

So investing in a privacy screen or filter can significantly reduce the risk of these peeping thieves.


PROTECTING YOUR DATA ON SOCIAL NETWORKING SITES


#10: Don’t share too much information on social networking platforms.

Social networking has become a way of life for many individuals, but sharing too much personal information on your social media profiles can be dangerous.

For instance, many hackers have successfully guessed passwords through trial-and-error methods, using combinations of common information (such as children’s names, addresses, and other details) easily found on users’ social media profiles.

Do not post information that would make you vulnerable, such as your address or information about your schedule or routine.

If your connections post information about you, make sure the combined information is not more than you would be comfortable with strangers knowing.

#11: Customize your social networking privacy settings.

Social networks like Facebook enable users to customize their privacy settings. On Facebook, for instance, you can choose who is able to see the content you post and who is able to view information on your profile. Always choose the highest level of privacy possible to ensure that your personal data doesn’t end up in the hands of someone with malicious intent.

Be choosy: while it’s fun to share information, keep your online reputation in mind. And if you over-disclose information publicly, it could be used by identity thieves to hijack your identity!


## BONUS: Common Sense

You know that thing in our brain that helps us make sound and prudent judgment based on a simple perception of the situation? You know that thing called common sense that everyone should have? Yes, use that!

Don’t click on pop-ups, don’t open suspicious emails and attachments, don’t overshare on social media, and provide very personal information only when necessary.


With that said, here are 5 things you should NEVER share online:

  1. Confidential information about your identity, e.g. your address, phone number, NRIC number, and birth date
  2. Financial information, e.g. your bank account numbers, and credit card information
  3. Your schedule –  Don’t advertise that your house will be empty for a week while you are in Bangkok shopping up a storm.  You may also want to be careful about posting where you’re going during the course of your day
  4. Work information –  Be cautious about posting information about events at work. You don’t want to reveal confidential information about your company or clients
  5. Passwords or information that could be clues to your password – While it may be obvious that you shouldn’t post passwords online, you should also make sure you don’t post information that could allow a scammer to figure out your password

Want to protect your company’s data more securely? Contact us today by clicking the green button below!


eVantage Technology is a professional and trusted IT solutions provider, dedicated to providing exceptional service to companies in Singapore and across Asia.