Protecting your digital self

The crucial move for protecting your digital self is to make it as unfeasible and costly as possible. If a casual attacker/high/-volume attacker finds it too difficult to destroy you, there's a good chance they'll simply move on to an easier target (it is important to highlight casual and high volume since both of them are not targeting you specifically. A targeted scenario is a completely different story). Then, it’s important to assess the ways that vital information can be stolen or leaked, and understand the limits to protecting that information.

A good thing to start is to know your digital footprint which is a record of your online activity; it shows where you've been, the data you’ve shared, and the traces you've left behind. For example, you can deliberately share information by posting to Meta, signing up for a newsletter, or tweeting your location. Other times, it’s not so obvious.

Sites can track your activity by installing cookies on your device, and Apps can collect your data without you knowing it. You can allow an organization to access your information, and they can sell or share your data with outside parties.

Worse yet, your personal information could be compromised as part of a data breach.

In this way the list of your digital footprint can be expanded to your phone and other smart devices (watches, bands, refrigerators, hubs, video game consoles, etc.), personal computer, home network, social media accounts, online banking and financial accounts, and your physical identifications (passport, driving license, job badge).

Each of these items offers an “attack surface", an opportunity for someone to exploit that component to get to your personal data. How much of an attack surface you present depends on many factors (some of them quite technical for the average user), but you can significantly reduce opportunities for malicious exploitation of these things with some basic countermeasures.

For keeping it clear and easy, the following ten tips are a great place to start when it comes to protecting your digital footprint and reducing the attack surface.

Don’t log in with Facebook

Logging into websites and Apps using Facebook is convenient. Unfortunately, it’s neither secure nor wise. So, avoid linking your Facebook account with third-party organizations.

Delete old accounts

Do you have an old social media account you’re no longer using? Are you subscribed to a feed you no longer read? When was the last time you checked to see how many accounts you have? Reduce your digital footprint by deleting old accounts. This method also helps protect you from future breaches.

Give your medical records a checkup

Identity thieves aren’t just targeting your bank accounts. They also want your medical records and health information. Criminals can use your personal information to get treatment in your name, their records can easily become intertwined with your own. Practice good data hygiene by periodically reviewing your medical records.

Limit your sharing on social media

Social media makes connecting with the world easier than ever. Unfortunately, it makes oversharing just as simple. Think twice before revealing your location, travel plans, or even personal photos.

Update your software

Cybercriminals can attack a victim’s devices and data by exploiting 0day vulnerabilities in software. You can help reduce this by keeping your software up to date.

React fast after a breach

If you suspect your data might have been compromised in a breach, take action immediately. If you believe your password was exposed, change it immediately. If it’s a password you’ve used in other places, update it there as well. There are good websites to track these breaches and we just post one few lines ago.

Limit the types of data you share

The best way to protect your digital footprint is to limit the data you share. Before you fill out an online form or give your personal information to an organization, you should evaluate if the “payoff” is really worth the risk.

Avoid unsafe websites

If a website doesn’t begin with https you should probably go elsewhere (that does not mean that a https site is secure, remember you might be having a “secure conversation with Satan”). Never share any confidential information on unsecured sites, especially payment details.