In case you missed it, last week was Data Privacy Week, an awareness campaign to remind everybody that any of our online activities creates a trail of data and that we need to better manage our personal information online. Increasingly, we live our lives in the digital world. They request information like logins, contact details, location and even browsing history to keep your accounts secure, deliver more personalized experiences and monetize their relationship with you. A smart move would be to limit the volume of information you share with these organizations, and publish online, to mitigate any resulting security and privacy risks. The more sites and apps you share personal and account information with, the more chance your details may end up getting breached - if one of those companies is compromised, or you're targeted directly by hackers. There's also a greater chance that your browsing and other information will be shared with third party advertisers and others. This doesn't just put your own personal security and privacy at risk. If you're using a work device or unwittingly sharing corporate information, it may well also be a threat to your employer - raising the stakes even higher. Even something pretty innocuous like the name of a pet animal or details of your current role could be used by hackers to try and crack open online accounts, and/or customize phishing attacks to elicit even more sensitive information. Restricting what you publish and share online makes sense in a digital world increasingly populated by cyber-thieves and shady data brokers. With so much information spread across potentially so many websites, accounts and devices, it can be tough knowing where to start. Mobile applications often require users to input a significant amount of personal and/or financial information to work as intended. They may also track location, browsing activity and other info that is then shared with third parties. It stands to reason that the fewer apps you've signed up to, the less exposed your information will be. That's why many will push you towards setting up accounts and sharing monetizable information that way. A little inconvenience is often the price we pay for greater privacy and security. If over the years you've set up online accounts you don't really need and use anymore, shut them down. Sometimes sharing info is inevitable to get the goods or services you want. Unless strictly necessary, don't share things like phone numbers, email and home addresses, financial details and social security numbers, which are in high demand on the cybercrime underground. Use guest accounts when buying online to further reduce risk. For many of us, the content we share will be liked, reshared and made virtually impossible to remove or retract once out in the digital domain. Whether it contains any sensitive information in it about your work and personal life. Also consider limiting your profile to online your friends/contacts, and not adding anyone you don't know in real life. Review privacy preferences and be mindful that any unsolicited contact may be fraudulent. For people in some parts of the world, including the European Union, regulators have created new ways for data subjects to have information they don't like scrubbed from certain online locations. This so-called "Right to erasure" was pioneered by the EU's GDPR. Search online for your name to see what's out there and contact website owners direct to request removal. One of the most intrusive forms of data capture is that which tracks your location. That doesn't just put your digital privacy at risk, it can also imperil physical safety. The internet is awash with competitions and prize offers, often in return for completing online surveys or similar. Others may be downright criminal efforts designed to steal your personal information for use in phishing campaigns and/or to sell on the dark web. For many of us, online newsletters do nothing more than clog up our inbox. Use a dedicated email address for these purposes or a throwaway email account, especially if you're signing up for something you're only planning to use once. Cookies are tiny files downloaded to your PC or device when visiting a website. While this may make the browsing experience better, many of us would prefer that we didn't share this type of information, which could include usernames and passwords. You can also disable third-party tracking by going to your browser's privacy settings. Finally, consider how many devices and PCs you have in active use. Each one of them is a potential treasure trove of data which could be exposed if the device is lost or stolen. Do you really need to buy that new tablet? If the answer is still "Yes," do you need to sync all of your personal data to it? Data minimization is an industry best practice for the organizations we interact with on a daily basis, helping to reduce their regulatory risk exposure. With caveats, it could also be a best practice for data subjects themselves - to enhance our security and privacy as we navigate the treacherous waters of the internet.
This Cyber News was published on www.welivesecurity.com. Publication date: Fri, 03 Feb 2023 05:07:03 +0000