If you’re anything like me - then the notion of a personal data security breach sounds like something out of a James Bond movie. In other words; like something pretty far outside of the realm of possibilities. Luckily, I had the ignorance metaphorically slapped out of me last week at an Arkansas STEM Coalition event. Dr. Rhonda Childress, Chief Technology Officer for IBM Security Services and an IBM Fellow, spoke about many of the ways that people can have their information hacked. Childress informed some of the less aware people (me) that in 2014, data associated with 500 million Yahoo accounts were stolen in one of the largest cybersecurity breaches, ever. That’s terrifying. Hackers are everywhere. Ever taken an embarrassing picture of yourself and immediately deleted it? I know I have. Well - bad news. Somewhere out there, that picture lives on...just waiting to be accessed. And you think a picture is bad? How about literally everything in your email account? That means social security numbers, bank details, credit card numbers, and more. And it gets creepier. Apparently, it’s extremely easy for hackers to access the web-connected cameras on your laptop and cellphone - and your baby monitor. Yikes.
Luckily for us, Dr. Childress also spoke about the best practices when it come to protecting your personal data. So dig in, folks. Protect yourself.
1.Research Privacy Laws
As of yet, the U.S. doesn’t have any one, centralized, formal legislation at the federal level regarding the issue of data protection. Great! But...our government does insure the privacy and protection of data through the United States Privacy Act and the Health Insurance Portability and Accountability Act. First and foremost, Dr. Childress suggests reading up on this legislation in order to know exactly what you’re at risk of.
2.Look At Permissions
Most applications, as we all know, include a list of permissions that you can either choose to allow or ignore upon download. This is not something to be taken lightly. I had no idea, but most applications ask for permission to access things like your camera, microphone, or network for absolutely no reason. Dr. Childress used the Fitbit app as an example. Fitbit (along with many other fitness tracking applications) has nothing stopping it from releasing the personal information that you store there such as your weight and other personal health information. Since the Health Insurance Portability and Accountability Act was passed back in 1996, technology has outgrown the law. With this in mind...
3.Make A Risk Based Decision
Do you really need a fitbit? Or that random flashlight app? (check this out for more information on that). Dr. Childress suggests figuring out the risk involved in downloading an app, before you actually do it. Something a little more serious to consider is the risk behind filling out a medical form. Do you necessarily have to provide your social security number? Or your spouse’s social security number? Actually, no. You are under no obligation to hand over that information. More on that here. In general, it’s best to put some thought into these decisions and downloads (which are often mindless, in my case).
4.Change Your Passwords (or don't?)
Here is where there’s a little bit of dispute. Dr. Childress told us that she changes all of her passwords, every 30 days. She also has every one of her family members do the same thing. Additionally, Dr. Childress suggested purchasing a password vault which basically stores all of your passwords in one place, offline - so there’s no chance of a hack. This sounds extremely secure to me, especially if your passwords are vastly different every time you change them. However, upon further research, I found out that the Federal Trade Commission’s chief technologist, Lorrie Cranor, discovered that forcing people to change their passwords so often (think office life) actually caused people to come up with easy-to-guess, useless passwords. So I suppose, just come up with an impossible to guess password! Easy.
5.Cover Your Camera
If you don’t already do this, you definitely should. Dr. Childress told us a story about a 10 year old who was asked to hack into someone’s webcam and could do it in under 10 minutes, with zero prior experience. According to Mashable, “Hackers can access these cameras through malware. If you accidentally click a bad link or download the wrong file, that malware could contain executable code to turn on your webcam and send that video feed to a website or save it somewhere else. Worse, often this kind of malware can even disable the camera's LED light, so you'd never know your camera's been hijacked just by looking at it.”