The weather is warming in some parts of the country, inspiring people to clean up or clear out cluttter. The one area many people overlook isn’t the corner of a room or a forgotten closet; it’s probably the digital device on which you’re reading this article. We use our phones to shop, scroll through social media, bank, and work. The National Cyber Security Alliance (NCSA) and the Better Business Bureau (BBB) reminds everyone that when clearing out the physical clutter, there’s probably a bunch of digital data clutter that lives on your electronic devices.
As many businesses and their employees are still working from home, the focus on cybersecurity and protecting sensitive information is critical. NCSA has advice on how to keep your private information safe.
If you have a few extra hours or minutes in your day, it may be a good time to give yourself a digital makeover. Taking some simple, proactive steps will go a long way in safeguarding against any number of potentially disruptive issues – like identity theft, loss of funds or credit card fraud – that can cause mayhem by compromising your data. Take the time to put into practice a few precautionary measures and you will have greater peace of mind – not only this spring, but all year round.
- Lock down your login: Security is critical to protecting accounts being used for work and for home. Ensure passphrases for each account are lengthy, unique, and safely stored. Enable 2-factor authentication on all accounts that offer it.
- Update your system and software: Avoid procrastination! Having the most current software, web browsers, and operating systems are some of the easiest and fastest ways to protect your most sensitive assets.
- Back it up: Protect your personal and workplace data by making electronic copies – or backups – of your most important files. Use the 3-2-1 rule to help guide you: 3 backup copies, 2 different media types, and 1 offline in a separate location.
- Clean up your online presence: When was the last time you used all of the apps on your phone or tablet? Do you know what the settings are on all of the social media accounts that check in with friends and family? Check up on all your accounts. Then, control your role by making sure you know who has administrative access to your accounts. Keep all of your passwords private.
- Be careful what you share: Quizzes on social media are fun, and keeping in touch is a necessity these days. However, questions on social media that might give away too much information about you, your location or or your family.
In addition to following the above-listed tips, small business owners should take time in establishing, updating and communicating policies and procedures around topics like record retention. It is also imperative that a cybersecurity strategy is in place and used by all employees. BBB has tips on BBB.org/bizhq on how to avoid online scams when working from home.
Did you know that protecting your identity is largely in your own hands? Many identity theft victims can trace the theft to something that was stolen from their possession. BBB has a few guidelines to help safely dispose of electronically stored data. Be sure to prep your data in advance of participating in BBB’s Secure Your ID Day or other shredding event.
Know what devices to digitally “shred”: Computers and mobile phones aren’t the only devices that capture and store sensitive, personal data. External hard drives and USBs, tape drives, embedded flash memory, wearables, networking equipment and office tools like copiers, printers and fax machines all contain valuable personal information and stored images.
- Clear out stockpiles: If you have a stash of old hard drives or other devices – even if they’re in a locked storage area – information still exists and could be stolen. Don’t wait: wipe and/or destroy unneeded hard drives as soon as possible.
- Empty your trash or recycle bin on all devices, and be certain to wipe and overwrite: Simply deleting and emptying the trash isn’t enough to completely get rid of a file. You must permanently delete old files. Use a program that deletes the data, “wipes” it from your device and then overwrites it by putting random data in place of your information ‒ which then cannot be retrieved.
- Various overwriting and wiping tools are available for electronic devices. For devices like tape drives, remove any identifying information that may be written on labels before disposal, and use embedded flash memory or other method to perform a full factory reset and verify that no potentially sensitive information still exists on the device.
- Decide what to do with the device: Once the device is clean, you can sell it, trade it in, give it away, recycle it or have it destroyed. Note the following:
- Failed drives still contain data: On failed drives, wiping often fails, too; shredding/destruction is the practical disposal approach for failed drives. Avoid returning a failed drive to the manufacturer; you can purchase support that allows you to keep it – and then destroy it.
- To be “shredded,” a hard drive must be chipped into small pieces: Using a hammer to hit a drive only slows down a determined cybercriminal; instead, use a trusted shredding company to dispose of your old hard drives. Device shredding can often be the most time and cost-effective option for disposing of a large number of drives.
BBB.org/SYID: information on shredding events, plus tips on what to save and for how long.
BBB.org/Cybersecurity for consumers and businesses.
BBB.org/bizHQ for resources for small businesses.
IdentityTheft.gov for a customized recovery plan if you have been the victim of identity theft.
Internal Revenue Service advice for taxpayers to protect personally identifiable information (PII) that can be used for identity theft.
Canadian resources for suspected identity theft.