Ten easy steps to keep your online data safe
Uncurbed data sharing
Our personal and business lives have become heavily dependent on communicating and sharing data online. Interactions with different entities – including those with the government – have shifted online and more of our sensitive data is getting onto the internet.
Even prior the COVID 19 pandemic, people were spending a lot of time on their devices connecting with family & friends, doing online shopping, ordering services in addition to many other activities.
Data is being shared online extensively through many channels (search engines, websites, mobile apps, web apps, cloud-based apps, or email apps), in addition to user and device information that is collected automatically with or without user consent.
Vulnerabilities & incidents
Many data formats are available online: typed, audio, videos and images (scans, art and pictures). Each format has its vulnerabilities and risks depending on the way it can be mined, analyzed and manipulated by others.
Hackers and social engineers have developed many methods to enable them to get unauthorized access to accounts and data. No one is spared; if you are online then you are susceptible to cyber attacks.
Despite the awareness spread on data security by different parties, such as governments and banks, people still fall victims to cyber attacks. In 2021, the global average cost of a data breach was $4.24M. Most cyber crimes are caused by ‘phishing’ via emails and messages that are sent with illegitimate links claiming to be from legitimate organizations. These links are sent with the intention of getting unauthorized access to social media accounts, bank accounts, email accounts, and devices.
One of the biggest data breaches to date occurred less than a decade ago affecting Yahoo, the online platform. The company reported two breaches in two different years and that 3 billion accounts were affected. Another major data breach with over 1.1 billion records lost (including biometric information such as iris and fingerprint scans) was reported by India’s national ID database in 2018.
Preventative measures
It’s no longer a choice to keep our data completely offline. In fact, the COVID 19 pandemic increased and accelerated the availability of our information online.
In this article, the focus is on the actions that we can take to safeguard the data that we have to share on the internet.
1) Understand that it is primarily your responsibility to protect your data.
Awareness of one’s responsibility is key and minimizes the risk and probability of certain data breaches, especially during non-governmental online transactions. Do not rely on platforms to protect your data, particularly social media.
2) Do not overshare.
Although it is nice to let your family and close friends into some of your daily life events and outings, the internet may not be the best place to do that. Do not count on setting your profile as private since hackers and social engineers have developed methods around these settings. Moreover, when sharing your personal information online, you do not necessarily have to provide your phone number and address on websites or social media platforms that request it.
3) Protect your accounts with strong passwords and 2 factor authentication.
You may have heard this advice before but there’s no harm in repeating it and stressing the importance of having ‘difficult’ passwords with at least 8 characters, at least 1 capital letter, at least 1 small letter, at least 1 number and at least 1 special character. Many websites and applications currently enforce this password format with some even imposing the change of password after a certain period of time.
The 2 factor authentication provides a second layer of protection where a code is sent to an assigned email, phone number or authentication app – after entering the password – to authenticate access and double check that the owner is indeed attempting to access the account.
4) Review and audit the permissions granted to applications and websites.
Always question and challenge the permissions requested by apps and websites before pressing the install and accept buttons. Permissions such as location, access to files, microphone and camera should not be granted easily, even if the websites and apps are legitimate and can be trusted. Every now and then, you may want to review applications and websites to remove permissions that are no longer needed. Current operating systems on mobile devices are automatically removing permissions from apps that have been idle and unused for a while but you may want to do the audit manually and more frequently.
5) Install antivirus software on all your devices and keep them up to date.
Antivirus applications scan your system files and downloads to ensure all are virus free. It is important to keep these applications up to date at all times so that they are updated with new viruses that need to be monitored. Do not forget to install antivirus software on your mobile devices.
6) Only access websites that are safe and legitimate.
A couple of simple ways to verify the legitimacy of a website is by checking that the URL contains https and that it has the right spelling with no swapped letters or amended letters/words. You may also compare the URL with the website link provided on corresponding social media accounts.
7) Do not click on suspicious links or open attachments.
The largest number of successful hacking attempts are done through phishing (the practice of sending emails claiming to be from reputable companies in order to convince individuals to reveal personal information, such as passwords and credit card numbers; these emails might contain links or attachments) or smishing (phishing via text messages). Be careful, even if you have activated 2 factor authentication on your accounts, clicking on such links and attachments can still jeopardize the security of your accounts, data and devices.
8) Do not share your passwords with anyone, including family and close friends.
There’s not much use of a “strong” password if it’s shared around.
9) Avoid using public WIFI at all costs.
Free public WIFI may be attractive but it opens up a lot of doors for hackers to access your devices and information. A few reasons why this is the case is that some WIFI networks do not use encryption, some may be infected with malware, while others may be completely fake networks that were created by hackers waiting for someone to connect to them. This link provides deeper insights into why you should avoid public WIFI but HAK Technology Hub does not recommend the mentioned suggestion of using a VPN (particularly in the UAE where there are some restrictions imposed on VPN usage under the country’s cyber laws).
10) Turn off your Bluetooth.
Bluetooth technology also provides back doors to hackers to access and control your devices. In addition to that, some widely used mobile apps, such as Google and Facebook, utilize Bluetooth to track you and locate your location. If this is of concern to you, review your Bluetooth settings and turn off permissions for those apps.
A final reminder: Once data is shared online, there’s no way of completely wiping it off of the internet. Be careful what and how much you share!
Share this article
