In the Age of No Security & Privacy: Five Steps to More Security and Privacy
Security and privacy is important, and probably more important than what many realize. Recently it has become more obvious that security and privacy have been lacking, so here are a few, sometimes wacky, tips to ensure your continued safety and privacy from a variety of threats that can arise.
#1 Do I care if anyone knows this? This is the question that needs to be continually asked when you are using any device. Stop putting your life story on social media. That funny photo from a bachelor/bachelorette party, your search history, Youtube history, at some point, somewhere in time, this information might be used against you, for what we cannot predict, but do you want to take that chance? In addition, Checking in on Facebook or Foursquare everywhere you go will keep a log of where you are day-to-day, allowing people to track you, including those with nefarious intent. Tagging people who do not want to be tagged in a picture, for various reasons this can be a big security risk to them and to you. Again, nothing wrong with social media, just think before you post. And, when in doubt, borrow a friend’s device or account.
#2 Keep your personal and professional life separate online. Having a client find some remarks or pictures on your person Facebook page might not go over well, so with that in mind, keep these separate. Have all of your professional contacts in one social network or account, and keep personal in another. While this might be cumbersome in the short term, the long term effects will be helpful. If you need to post edgy or controversial posts, have an alias.
#3 Keep some confidential data on your phone. While this seems backwards, allow us to explain. Wherever there is sensitive information, there are safeguards in place to protect that information. As such, keeping some sensitive data on your phone will cause you to be more wary of your surroundings and employ better safeguards to protect that data. It’s a risk, but one that will pay off. Hint: The more sensitive the data the more you will pay attention!
#4 Minimize your backups. Again, allow us to explain. There is nothing wrong with backing up information, in fact we encourage it, but having too many of these backups can cause problems when it comes to hacking, and possibly discovery in a criminal or civil case. You might forget one exists, or have so many that you forget the password for one. Keep it to a minimal, and keep track of what is in them for safekeeping. And remember: If you put a long encryption passphrase on the backup and you forget that passphrase, it is unlikely that anyone else is going to get into it either.
#5 Don’t try to delete relevant data. This is important for court cases, but those of us who are skilled digital forensic professionals are very proficient in seeking out deleted data even shredded data. Maybe the data cannot be recovered, but the fact that traces were found that you did delete it will be enough to kill a case. It is very difficult to discreetly eliminate data, not even us.
ABOUT THE AUTHOR: Scott Greene of Evidence Solutions, Inc.
For over 30 years, Scott Greene has been helping companies meet the challenges of the swiftly evolving computer technology industry.
Directly from high school, Scott went to work for IBM. Scott studied Systems Engineering at the University of Arizona. He has since earned certifications in many products and programming languages.
The Evidence Solutions team analyzes data from Computers, Cell Phones, Black Boxes, Dispatch Systems, Medical Records, Email systems and more. Scott then explains the digital evidence in plain English.
Scott’s extensive knowledge draws clients to him from all over the United States as well as Internationally for consulting, Forensics and expert witness services. His extensive and diverse experience allows him to be an expert in many facets of digital and electronic evidence. Scott, a sought after speaker and educator, travels throughout the country sharing his knowledge and presenting to local, regional, national and International organizations.
Copyright Evidence Solutions, Inc.
Disclaimer: While every effort has been made to ensure the accuracy of this publication, it is not intended to provide legal advice as individual situations will differ and should be discussed with an expert and/or lawyer.For specific technical or legal advice on the information provided and related topics, please contact the author.