Living in a world integrated with technology, your online presence is just as significant as your real-world identity. Whether you are applying for a credit card, interviewing for a position, or just posting memes on Facebook, what you do on the internet (and what others do to you or using your credentials) affects what companies, employers, and the public find when they search for you. It is quite alarming what you can find on the internet, even with an amateur’s knowledge of tech. For example, I can probably find out your full name, birthdate, employment history, where you have lived, your interests, and even develop a basic psychological assessment of your behavior and spending habits using just your social media profiles. The data that is voluntarily submitted by a person on the internet, coupled with the information that websites unknowingly collect, can be used to steal identities, falsify documents, open up credit cards, and other malicious intents.
While this can be scary, it is essential to know that there are an equal amount of steps and procedures to protect your online presence as there are to potentially allow someone to use it to their advantage. In this post, I will be discussing the many ways to both add privacy and security to your digital self.
- Google Yourself
I know that this step seems a bit simple; however, this should always be the first task in determining the nature and status of your online presence. If you find any harmful or irrelevant content during a search that you have the power to control (old websites, pictures of your intoxicated weekend), go ahead and delete them or talk to the webmaster of the site that it is on and ask for their removal.
- Social Media
It is not a myth that things you put on the internet are there forever, however, that does not mean that they have to be visible. Your various social media accounts are havens for the juicy personal and sensitive information that hackers crave. Facebook, in particular, is probably the most significant source of data for both governments and hackers. Go through each of your social media accounts and delete anything you don’t wish to be seen; birthdates, pet pictures (which names are often used in passwords), employment history, undesirable images, and politically influenced content are just a few examples. Keep in mind that other people’s pictures and material can get tagged with your name; it is quite easy to fix these issues.
Furthermore, pay attention to privacy settings. On Facebook, you can change photo albums, personal information, posts, and even your birthday, to only be visible to a select audience (or just you). On Instagram, you can set your profile to private, so just the people you allow to follow you can see your content. How can your Instagram photos be used against you when the app doesn’t ask for or collect near the amount of information as Facebook does? Well, besides the fact that Facebook owns Instagram, if I am a credit card company verifying your ability to pay the required monthly payment, I can quickly search for your name, find your profile, see your posts about flashy cars, jewelry, and clothes, and then compare this to the salary you listed on the credit card application. Let’s just say that it wouldn’t take a genius to find some problems with an individual posting an image of a new BMW convertible they purchased with a part-time Taco Bell salary.
Note: While social media certainly has its drawbacks, they are definitely vital to use for increasing the security of your online presence. Creating and using your real name on every social media platform out there and only adding necessary information can lay the groundwork for hackers and other undesired users to see the search results pertaining to your actual content, first.
- Registering your Name
When you perform the first step in this post, searching for your name on Google, you will notice that the first few results will most likely be your social media accounts; further down the list, might be forum posts or other content (that you don’t want to appear). A simple fix to controlling what search results immediately appear is to create a website using your name/online presence. For example, If you are Michael Scott, creating a site called MichaelScott.com will prevent other people from stealing the most valuable (to you) piece of real estate away, your name. Additionally, adding content to the site (while paying attention to not divulging sensitive material) can further increase the validity of the site and your online presence, while ensuring that the website will appear first in search engines.
- Google Alerts
By creating a Google Alert, Google will automatically inform you of content appearing with your name or business included in it. To perform this, click on this link, enter the topic you wish to follow in the box at the top, change the settings to your satisfaction, and then just click on Create Alert. Now, emails will be sent to you if your name or content appears in Google Search results.
- Practice Anonymity
Do not be afraid of using accounts and usernames that do not indicate who you actually are. For gamers, our usernames are our digital self (however not precisely us, if that makes sense). Using an alias or alternate email addresses is encouraged, when available. It is important to remember that while practicing anonymity can be advantageous, you still leave a trail. If you, for example, if you use an alias to troll or spread negativity, this only encourages those with the necessary tech skills to find out who you are, to uncover your identity.
- Location Tracking
How often do you get asked if you want to allow a website or application to know your location? Why do these websites and apps ask for this? Well, advertisers, hedge funds, and retailers use this information to display location-based ads (suggesting a restaurant a few miles away from you instead of one in Russia), enhance websites/apps with geographical user data (where their users/visitors are located), region-specific content (weather apps), and help facilitate more natural financial operations (changing the currency used in your particular country).
What can be done to protect your location?
Many applications have internal settings which can allow you to turn off location tracking. However, the easiest method to ensure that your location is private is to go into your device’s privacy menu. Note: disabling location tracking can prevent apps or websites, such as weather services, from operating; they use your location to give you region-specific information.
Internet browsers such as Safari, Chrome, and Firefox, also collect numerous types of data, including your location. If you wish to avoid having your browsing history visible to others on your computer or want to prevent a website from knowing your location, it is recommended to edit the location settings in your browser.
While not a reliable manner of private browsing (nothing is ever truly private on the internet), most browsers offer a mode where your browsing history, cookies, and site/form data are not saved. Like previously mentioned, your activity is not hidden from your school/employer, the website you visit, or your ISP (Internet Service Provider).
As the IoT (Internet of Things) grows, the number of usernames and passwords we all create and somehow have to remember expands as well. Bank accounts, social media, email, even your son’s Xbox Live login details can contain credit card numbers and other private info; if this data falls into the wrong hands, fraudulent charges and identity theft can occur. While it may seem like an easy fix to just use the same password for every account, I would strongly advise against it (if someone gets your password, they will then have access to everything).
As most know, keeping a Post-it note stuck to your computer containing your login information is not ideal, nor is compiling it all in a Word document on your computer, saved under “Don’t Look.” So, what can be done regarding the safety, accessibility, and redundancy of your login information? Also, what is the best way to send and receive passwords in the workplace?
First, let’s discuss storing and securing passwords. Since we are living in the years of having an app for everything, yes, there is an app for this too. Password managers are programs that store numerous usernames and passwords and only require a single password to access them. Coupled with multi-factor authentication such as requiring a text-message or email verification, a password manager is an excellent way to both remember and safeguard the access to some of the most sensitive information sources you have.
Password managers can also fill out forms automatically, can sync across macOS, Android, iOS, and Windows, and can even scan the dark web for compromised account info as well as record shopping receipts. There are several products to choose from, including my personal favorites Keeper Password Manager & Digital Vault and Dashlane.
You can also use your internet browser to store passwords and auto-form data. While this is very effective for remembering them and simplifying the process of logging into websites, anyone who accesses your computer can then benefit from not having to remember your passwords as well.
Now, what is an appropriate method to say, securely send sensitive login credentials in the workplace?
Well, you could accomplish this by using multiple methods. You could simply write it down on a piece of paper and manually deliver it; this is probably the most straightforward and secure process as long as it is shredded after (although, nobody can guarantee that this will be done). As stated before, you could also use a password manager that keeps multiple usernames and passwords by uploading them to the program and then giving employees information on how to access it; this method would be sufficient as long as none of your personal account information is stored in it. Next, you could send the passwords through an email, such as with Gmail, using confidential mode.
By choosing confidential mode, you can select an expiration date which will erase the message after a set amount of time (maybe just a day or 2 and tell employees they need to access it immediately). By using a password to access the email, you can ensure nobody else can open it unless they are who you originally sent it to. Other email services have encryption options, which work in the same manner.
Of course, there are several other ways to send the data securely. You could use an encrypted USB or another form of removable storage device, however, if it gets misplaced or stolen, that information could be potentially retrieved. You could also send it via a chat service or text message on the phone. Although in this method, those messages do not get deleted often, expanding the window of possible unauthorized access.
- Digital Certificates
Digital certificates are a lot like identification cards, as they are electronic credentials that are used to prove the identity of users, devices, or organizations. Issued by Certification Authorities (CA), digital certificates bind an owner’s public key with his or her private key. These certificates contain data that identifies the owner of the certificate such as the subject’s identification information, public-key value, CA’s name, CA’s digital signature, CA’s private key, and also generates a digital signature. These certificates are often distributed by public folders, email, web pages, and directories. These certificates are also used in the digital signing of electronic data to protect and verify it, by authenticating users who are communicating over networks and protecting symmetric secret encryption which is sent and shared over networks. Digital certificates secure mail, web communications, code signing, and local/remote access to network resources. Using digital certificates is an excellent method to secure your identity online.
- Mobile Device Security
The use of mobile devices has risen dramatically in recent years and will continue to grow as technology advances, and our desires change. While shielding desktops and laptops with security software are common practice, many users do not provide the same protection to their wireless internet devices. Thanks to the current level of technology, wireless devices can often perform many of the same tasks a desktop can, such as store large amounts of vulnerable and personal data. The basic security tools that wireless devices usually come with, such as a password, pin authorization, or fingerprint scanning, help prevent some unauthorized access; although any skilled cybercriminal can bypass these shields with minimal effort. To beef up your wireless device’s security, it is recommended to install a third-party application.
- Legal Help
While all of these suggestions can indeed greatly benefit your online presence, there will be situations where you might need outside help. Many companies offer identity protection services that will locate and inform you of potential issues, as well as provide guidance to eliminating them. Also, online reputation management companies, while pricey, can further advance the security of your actions and persona on the internet.
The time you spend on the internet, the content you publish, the interactions you make, and the reputation of who you are, needs the same level of protection that you put in place on your computer to thwart viruses and malware. As we, as a species, continue and increase our online usage, it is imperative that you take the necessary steps to ensure that you stay ahead of the curve.
Google. (2019). Create an Alert. Retrieved from https://support.google.com/websearch/answer/4815696.