By Joshua Lawton-Belous, Global Business Officer, Global Cyber Alliance
The past weeks of working from home have allowed many of us to focus on what we can do to protect our businesses, employees, and colleagues from malicious cyber actors. However, unlike the relative newness of working from home for vast swathes of individuals, all of us have been online not just at home, but constantly, in our daily lives. The ubiquity of our digital presence has created vast troves of personal data that both businesses who sell your data and malicious actors can use. This type of data collection is so pervasive that many take it as a common toll for living in an interconnected world.
Fortunately, this is not the case. A former colleague of mine, Bryan Schneiders, recently addressed the issue of keeping your data private by keeping it private from everyone (both malicious actors and those who sell your data to others) with 11 specific recommendations that I feel all of us can easily (or without much pain/frustration) enact.
So let’s hit on the first two, and the easiest, things for you to do to protect your privacy:
Stop using free email services and consider alternatives
I, along with the majority of the world, get my personal email through free email service providers. We’ve been doing this for so long that the idea of paying for an email service (think back to when you had an AOL email tied to your AOL Internet account) feels anachronistic. However, if you want to keep your data private, you’ll want to become an email service provider contrarian and use a paid email service to help keep your data private.
You might be wondering how your data is being released if your email accounts haven’t been hacked. Well, as widely reported in various outlets, free email service providers regularly scan the contents of your emails to both provide you with online advertisements and to create your marketing persona. While at face value you might not be concerned with this, it’s important to also note that there are free email service providers which allow apps to access your email and data upon agreeing to the app’s terms of service, which, as outlets from Vice to Business Insider have reported, are almost unintelligible to 99% of people and are almost never read by people who accept them.
If you’re like the 40% of organizations that store passwords in Microsoft Word documents, you are storing your passwords in a medium that can be compromised. The ubiquity of online drives and browsers that store passwords have provided malicious cyber actors with multiple vectors to obtain your passwords.
But, let’s be honest with one another, with the average email account being tied to 130 online accounts, it’s not just hard to remember those passwords (including changing them) — it’s also hard to not reuse passwords and to come up with new, strong passwords. One of the ways to get around storing your passwords in unsafe spaces, while at the same time having unique, strong passwords, is to use a password management system. Password managers store all of your passwords in an encrypted database that can be synchronized across devices and use one master password along with two-factor authentication for you to access and use your account passwords. For more information, please check out the free tools and resources in the GCA Cybersecurity Toolkit.