The Internet has become a two-way window to the world. We all see the power and benefits of having the world’s information literally at our fingertips and we acknowledge with mixed emotions our capacity for instantaneous communications. Browsers, search engines, email, instant messaging, Twitter, and most recently social networking via FaceBook, LinkedIn, YouTube, and the like appear to serve us well.
Unfortunately, the two-way window presents unprecedented access to our most personal information and has created new capabilities for the “bad guys” to exploit this almost unfettered access to you and everything that you value. They look at your wealth, your reputation, your personal safety and security… and they watch everyone and everything around you that you value.
Today’s daily headlines are proof-positive that there are material implications to organized, advanced and random threats that target people and corporations alike, to cause harm and financial damage which can take years to rebuild or recover from. On one hand there is the risk of loss of wealth – on the other hand the exposure to irreversible damage done in the media – represent the wide range of issues a person faces in the personal cyber threat theater. It’s apparent that in the world court of Internet process you are Guilty until proven innocent – and perhaps just plain guilty regardless of the facts. More importantly there is absolutely no room for compromise in the protection of yourself and your property (real and intellectual).
Social Media Safety and Cyber Safety are two phrases that are becoming commonplace in the 21st Century as a result of the significant challenges faced by ordinary Americans as they learn to deal with and navigate the ever changing, online landscape and the privacy and protection of their personal, identifiable information. The risk increases exponentially for families and individuals with valuable assets such as family reputation, wealth, reputation, and brand.
The obvious question then becomes: “What do I need to know to protect myself; and what should I prioritize in terms of changing my family security and privacy profile?”
At the risk of oversimplifying and minimizing your need to seriously consider action on your family cyber security plan – The Guidry Group has established a straight forward five point process to make sense of this very real and multidimensional threat.
The Five Point Process
Our five point process is really a simple, practical best practice that allows our clients to gain a clear understanding of the necessary steps to reduce their risk in the cyber and social world.
- Assess the family public profile, maintain visibility.
Without a comprehensive understanding of the current position, it would be counter-productive to recommend a ‘standardized’ approach to improvement because no two people are ‘standard’!
- Identify the elements of family cyber life that are vulnerable and expose risk.
Are the teenage children tweeting locations and ‘checking in’ on foursquare every time they go somewhere? Is the family name highly recognizable and unique making it easier to find them on social media sites than a more common spelling might be?
- Prioritize the protective measures and critical information necessary to mitigate family risks.
Although many steps that can be taken are similar for most people, every family and every person will have some unique nuances that must be approached in a customizedway. Additionally, what may be a high priority fix for one may be a low priority fix for
- Take action to change.
Implementing the changes in the appropriate way, making sure no errors are made such as missing a privacy setting when locking down a Facebook account.
- Initiate a continuous family cyber security strategy.
Implement an ongoing, annual review of the cyber footprint to understand and monitor changes in visibility as the sites constantly change their rules in an attempt to make more information public. Additionally, monitoring general news media sites is an effective and useful tool and can be done with relative ease.
Online Protection for the Corporation
HR and legal departments must remain focused on policies that protect their employees in the online realm, much as the physical security departments protect them in the physical realm. Cyber bullying, gossip, sharing of company information indadvertedly, intellectual property transfer and extortion are just some of the pitfalls facing companies today.
People are still the most valuable asset an organization has and recognizing that the physical walls no longer protect them is the first step in succeeding against this threat.
Out of office auto-replies, checking in on social media sites and so on all indicate to potential ‘bad guys’ that an employee is not in the office and perhaps worse, where exactly they are. This type of information could be used to target someone in the real world by an ex, disgruntled employee for example to target his previous manager.
Maintaing a mindset of precaution is one of the best first steps your team can take and practical, regular training is imperative to keep this mindset active on an ongoing basis.
Quick Tips to Stay Safe
How many times have you seen someone post on a social media site about being on vacation or being out at a concert. Although this may be harmless, it also tells a potential burglar that the home is empty, giving them the perfect opportunity to burglarize without detection while the homeowners are out.
The ease at which we can share information today is incredible, but the ease at which information can be re-shared is even more astounding. If you share a single piece of information to your 100 friends, and they each share it to their 100 friends your information just got shared to approx. 10,100 people, each time with a single click of a button or tap on a screen. In less than 15 seconds over 10,000 people might know that you’re having a great time on the beaches of Cancun.
The Investigative Research division at the Guidry Group performs background research on individuals for a variety of clients and our metrics demonstrate that approx. 1/3 of all research conducted results in flags of concern in some way or another. To use that percentage in our example above, that would be approx. 3,333 people that might have a significant risk factor in their history. Many of these would be serious misdemeanors or felonies!
- Email is NOT safe. Tell yourself every day that email can and will be read by someone who may be trustworthy but also, may not be.
- Secure your home network (Wi-Fi router) with the highest encryption possible (usually WPA2) and turn OFF the broadcast function so that no one can ‘see’ your router except you.
- Only enter your personal information into trusted sites that you have gone to directly, NOT by clicking on a link.
- If you received an email from someone you know that doesn’t make sense, isn’t written in their normal style, contains mistakes or errors that shouldn’t be there or simply doesn’t ‘feel’ right, call them and verify before responding. If it’s asking for ANY personal or identifiable information, call them and give it to them over the phone rather than email.
- Be selective about who you accept friend requests from and make sure you know them before accepting.
- Unfriend people who are not regularly in your ‘real’ life. The less links and connections the lower the risk for potential hacking.
- Assume EVERYTHING entered online is permanent and will be seen by someone at some point.
- Don’t post about where you are, when you’re away or other things that could alert someone as to your exact location until well after the event.
- Use strong random passwords, or use a trusted program to manage your passwords for you (Apple’s new Safari browser for example auto-generates and stores passwords for you to keep them secure). Even if one is compromised, the others won’t be.
- Lock all privacy settings down to the tightest settings you can, and learn to live within those parameters.
- Be cautions about developing online ‘friendships’ with anybody, assuming that they may not be the persona you are seeing.
- Separate work from your personal life when possible and keep the names of spouses, children and siblings off to make it harder for potential criminals to harvest that information.
- Limit what you use your smartphone / tablet for to the minimum possible, reserving banking and financial tasks to your home based computer if at all possible.
Consider this: Every single public tweet since Twitter’s inception in 2006 has been digitally archived by the Library of Congress. That’s billions of stored tweets of information, stored and searchable by anyone.
If not careful, complacency will result in an old device being passed along without being properly erased first, or a current device being lost somewhere without a password code to prevent anyone that finds it from accessing the data stored. Perhaps the greatest weakness we find today is the smart phone that we’ve all come to know and love. The sheer wealth of information stored in its memory banks (GPS locations, bank passwords, online accounts, email accounts etc.) means that singlehandedly, our smart phones could give more personal information to a potential ‘bad guy’ than anything else we own or use.
Staying safe in the Cyber world is perhaps the first time that technical measures and technology based solutions cannot provide all the protection needed, and the individual is actually the biggest asset in improving and enhancing their safety posture. Unlike traditional security measures such as alarm systems to protect a home, the ever changing environment of the online world, the constant upgrading and changing of computing devices (phones, tablets, laptops etc.) means that to stay safe online, one must be highly vigilant, incredibly proactive and ever learning. A person who is alert, cautious and vigilant in what information they share, where they share it and with whom they share it can use the social medial sites with much more security and safety than another person using the same sites but over sharing, not locking down their privacy settings and not being careful about who they allow into their network of friends. Even in this single example, the results (and differences in the outcomes) could be staggering.
The key to staying ahead then, is first and foremost, educating oneself and using that education to make the wisest decisions in navigating the cyber world. Secondary to this are the technology based solutions that can complement further the steps already taken to stay safe and invisible to everyone except those closest to you.