INTRODUCTION
Human beings are prone to make mistakes, especially when it comes to guarding their personal data. The mistakes below are not technical in nature, but rather stem from a lack of human self-control and second-thought in everyday instances. However, you will find that they are easily preventable, simply by writing things down, having a long-term memory, and knowing enough about a person or situation to say “no”.
KEEPING YOUR PRIVACY PRIVATE
1. Be aware of items that you should keep private
While in conversation with friends, family, co-workers, or complete strangers, it is easy to forget the nature of our privacy. We get caught up in a discussion, and somehow before we know it, we hint at or completely give away a piece of critical information. Afterwards, we hope that whoever we were talking to will forget what was said, (and usually they do) but this type of accident is preventable. To use control while talking freely, I suggest writing down a physical list of things you are NOT ALLOWED to reveal when it comes to your privacy:
Usernames
Passwords
Social Security Number
Credit Card Number
PIN codes
Other things that can be off-limits (depending on who you are speaking to) is your age, date of birth, email address, phone number, or locations that you frequent on a daily basis. A list of written down bullet points will stay in the back of your mind and will help prevent you from slipping information about your personal data.
2. Don’t let someone borrow your devices or use your account
For naturally agreeable and easy-going people, the worst thing in the world is to appear rude by not letting someone borrow your device or account. However, there are several good reasons why you should always say “no” when someone asks to use your device. In any setting, when you let someone use your account out of courtesy, keep in mind that they have access to all of your personal files, data, or information that you wouldn't want them to see.
They may also forget to log out of their account, which leaves you in a conflicted position of accountability. If it is especially a co-worker or or employee at your office, not only should you refuse for your personal security, but also because the sharing of accounts and devices is against company security policy. You will face a penalty by giving away access!
In addition to letting someone borrow your phone to make a call or to use your laptop, it is best to just always say “no” because you don’t know the technical skills of a stranger or friend. If it is a family member, the same rules still apply. Although there is a high amount of data sharing among family accounts, it is good to teach all members that they have rights to their personal privacy.
3. Make sure your devices lock you out when you are not using them
It is so often that when we get up from our desk to use the bathroom or get a drink of water that we forget to secure our workstations. However, if you can avoid being forgetful, you will be doing yourself a huge security favor! Firstly, ensure that all of your devices have automatic lock setting on so that after a brief time of inactivity, they will require your password to reopen. Second, never leave your laptop open (always close it) and put your desktop computer on sleep mode. This prevents any nosy passer-by from snooping in your workstation files while you are not present.
4. When you have to provide critical information, keep track of the 5W’s and the How
Whenever we are obligated to provide our personal information, it is important to keep track of the 5W’s and the How of the situation.
Who- Who are you giving your information to?
What- What information are you required to provide? Is it your username, password, or PIN number?
When- Write down the date and time that you had to give this information.
Where- Did you give this information in a physical place or in the environment of your home?
Why- What was the reason that you had to provide it?
How- How did you give this information? Was it over the internet? Over the phone?
By jotting down the details of an event in which you were required to give critical information, you are actually practicing some pre-incident response! Incident response is a method for handling breaches and security incidents. If something goes wrong (if your information was used unlawfully), you will have the basic details of the event to provide to the authorities or organization. This is a tremendous help to investigators and incident response teams, for it makes the start of the inquiry go a lot smoother.
CONCLUSION
As you can see, the solutions to these everyday errors are simple. If you can keep these four points in the back of your mind, you will avoid common security mistakes. As a result, you tend to also notice how many people make these mistakes so often. If given an opportunity, make sure to have a conversation with your close family members on how to prevent the accidental sharing of personal information.
Comentarios