A Beginner’s Guide to Becoming a Data Security Ninja

Some forms of security are second nature to the vast majority of us. We lock our cars when we go inside the grocery store. We put our desirable lunch behind the gross condiments in the breakroom fridge. We lock our front doors at night. We password protect our phones when we head to a party with the only friend who still thinks making ridiculous Facebook statuses on your profile is funny.

We understand that to protect our property we have to create barriers to prohibit bad people from stealing from us.

Given the title of this piece, I’m sure you know exactly where I’m going — we also need to protect our virtual identities and property. We all know that. This truth has become a seemingly endless source of news about the latest and cringiest breaches.

The U.S. government, major retailers, and credit reporting agencies, oh my! History has proved time and time again that there is no organization or industry that is safe from the claws of skilled hackers. Not only do they target big industries, they also will steal from individuals.

How in the world does one take advantage of the benefits of modern technology and participate in society without being robbed?

In a sense, some of the risk can’t be avoided. If you’re unwilling to go full Quaker, you’re going to be at risk. But understanding the basics of data security can empower you to make well-informed choices that will decrease the likelihood that you are taken advantage of.

The Scope of the Data Sharing Situation

If you participate in modern society then, in a sense, you’re constantly creating data. The more unsettling and more concise way of framing this is that you need to be aware that basically everything you do is being tracked.

I know, I know. It’s enough to cause even the least-paranoid among us to experience flashbacks to that one time you read 1984 in high school.

 

How Your Data Is Collected

We knowingly and willingly give away a large amount of our data. A lot of the time we are willing to give away our information because doing so is part of the bargain when procuring products and services that add value to our lives.

Making Purchases: When you make a purchase, you recognize that that company now has some of your personal information in addition to information about your buying habits, which are valuable because they can be added to your consumer profile. Any time you use a card for any reason, your information is being stored. So whether you’re buying groceries or paying for a museum membership, you’re giving your information away.

Agreeing to Terms of Service: In this day and age, terms of service will almost always ask that you allow the organization to access and store information about you.

Some Progressive customers allow the company to monitor their driving because of safe-driving-related incentives. If you use MyFitnessPal, a popular health app, you allow them access to highly specific records of everything that you consume.

Cookies on the Web: Cookies are what make it possible for web sites to track your activity. A first-party cookie exists on the website you are on, while third-party cookies are placed by affiliates of the website you’re on.

This is, of course, not an exhaustive list, but it does include some of the primary ways that companies are able to build a profile of who you are.

And build a profile they do. For example, Target figured out a teenager was pregnant before her father did because of what she was purchasing.

 

How Your Data Is Shared

If information sharing began and ended there, it might not be such a huge issue. But that of course isn’t the case. Instead, most of the entities that we share our information with share it with others.

The organizations you willingly give your information to will sell that information to third-party companies. Different industries are interested in different data sets, and the data is sold among different types of industries.

This process is actually a full-time job for some; data brokers create lists with names and information that gets sold to companies willing to pay. This is why protecting your information is so challenging.

For example, remember when Equifax was hacked last year? Well, the information stolen wasn’t even information that those who were impacted by the breach knew Equifax had.

As Ben Allen writes for Fiscal Tiger, “Credit bureaus get their information from creditors, banks, landlords, and lenders. Most things that you do with these type of businesses that involve debt or credit, is reported by them back to the credit bureaus.”

The Equifax breach was so massive it impacted the equivalent of half the United States, but we’re talking about people who never even opted to send their information to Equifax.

Any company that cares about the bottom line is going to be interested in consumer data, because it helps their companies become more lucrative.

Do What You Can With What You’ve Got

While this may all seem overwhelming, remember that you do have some tools available to combat the risks that can threaten your personal information. This is a matter of protecting your own devices, as well as thoughtfully considering what information you’re willing to share with third parties.

Secure Your Network and Devices

One of a hacker’s favorite forms of attack is to spot weaknesses in the software or network that an individual is using. So for example, if you have a home internet service and it isn’t secured a hacker can very well access the network and then potentially gain access to the information contained on your devices.

Additionally, the cybercrime experts at DeVry university note, “Typically consumers get tricked into downloading malware by accident, when for instance they click on a rogue website or try to download what seems to be free software, like a screen saver. When criminals use malware to take control of individuals’ computers remotely to perpetrate financial crimes or attack computer networks and websites, the setup is known as a botnet.”

So make sure that every wireless network you use, whether at home or in a coffee shop, is secured. You also want to make sure that your computer is equipped with anti-malware and anti-virus software that will protect it from becoming a target.

 

Opt-Out of Over-Sharing

While most of our activity includes the constant sharing of the nitty-gritty details that allow us to have any activity at all, there are some things that you can do to limit the amount of personal information that you allow to gathered.

Opt-Out In Real Life: Loyalty and membership cards may seem harmless, and often they are just that. But be aware that they are a primary method with which companies are able to obtain your information, as well as specific details about your shopping habits.

Check Cookies: As I’ve noted, cookies let websites track you, but some allow you to opt-out of the cookies.

Browse Anonymously: Many browsers have a “Do Not Track” or an “Incognito” setting that will inform the sites you visit that you do not want them to track your activity. Unfortunately, only those that have previously agreed to that condition are legally obligated to follow through.

To take things even further you can download a browser like Tor, which provides close to anonymous surfing. Be forewarned though; some sites just won’t work when using Tor.

Log Out: We’ve talked before about the perils of sites like Facebook, and it’s a prime reason logging out when not in use is advised. If you don’t log out of Facebook, it can see every other site you look at while surfing the internet.

Check Privacy Settings: Make sure you know what you’re sharing with strangers. Set a reminder on your virtual calendar to go over your privacy settings every few months on devices and websites used frequently.

 

Consider Your Unique Vulnerabilities

The aforementioned are strategies that virtually everyone can implement in an effort to guard themselves from unwanted, malicious advances and tracking. However, it’s important to recognize that there are specific things that make an individual an extra-appealing target. Those of us that fall in or near the millennial camp have some things in common that make us extra appealing targets.

Social Media: Social media is a hacker’s dreamland. One of the primary reasons is that people on social media fail to take the precautions they should. A good rule of thumb is to follow your intuition. Research shows that 66 percent of phishing attempts sent over social media by hackers is opened by the target.

That means that sometimes it’s not the platform itself failing people; it’s people not making smart choices. If something seems fishy, report it. If something seems too good to be true, it probably is.

Small Businesses: In the modern world, one of the best ways to earn some extra green is to sell online. Indeed, a study released last year by SBDC demonstrated that a trademark millennial quality is entrepreneurship.

It showed, as Rhonda Abrams wrote for USA Today that, “People in their 20s and 30s are eager to launch new companies and be their own boss and that they trust themselves to provide their own financial security more than they trust others.”

This means that those who chose that route need to be extra-wary, because hackers love a small business. It’s got more data than the average individual, but fewer safeguards than large companies.

Mobile Devices: Harvard Business Review notes that mobile devices are a hacker’s new form of targeting individuals. Which is scary, given just how much information our phones store. Check out this list from the HBR on how to slow a would be attacker up.

We are currently living in a precarious time in which the amounts of data being collected and stored have surpassed the security measures needed to protect said information. As I alluded to earlier, it seems you need only turn on the news to see an example of how hackers are able to outsmart not just “the system,” but all the systems.

Not only that, but the way that our information is collected and used is, at times, murky. One organization, AboutTheData.com by Acxiom endeavors to equip companies to use data ethically, and to provide transparency to consumers about how their information is used.

But they’re the minority.

And that’s why individuals need to be informed and need to do all they have the power to do — so that they decrease their chances of becoming victims. The hope is that as we move into the future we will be able to look back at this moment in history as a sliver of time that existed before major advances in data security were made.

But as we wait to see when and if that happens, make it clear to any who dare to even consider threatening your personal information that they’re dealing with a straight-up data security ninja.