SlideShare ist ein Scribd-Unternehmen logo

Seven actions of the Digital Me

Highervista
Highervista

Seven Actions of the Digital Me: Article written to discuss several personal security items essential for consumers/users of the Internet. http://www.wrinkledbrain.net

Technologie
1 von 6
Downloaden Sie, um offline zu lesen
Seven actions for the “digital me” The CyberSecurity Place by Guest Contributor , March 17, 2016 Expert Article Link: https://thecybersecurityplace.com/seven-actions-digital/ By Dr. Ron McFarland, CISSP, PMP We live in an electronically chronicled society. Like it or not, our recorded society, fostered by computers, databases and analytics, provides each of us with many benefits and several potential hazards. It’s a pretty well understood fact that emails, online shopping information, cell phone calls, and Internet traffic is recorded – by someone on a database located somewhere. Whether it’s your Internet Service Provider, Cell phone provider, your bank or utility company, someone is storing your information, your data, and the “digital you” is recorded. It is important for each one of us to understand the fundamental aspects of how much data is collected, why it is collected and how it is generally shared. By developing awareness of how your information is stored, collected, collated and shared, we can address any errors or assumptions made by vast databases and programs about who we are, increasing our benefits for living in a digital society and reducing the risks that can occur. Many organizations record, save, and share pieces of data about you. Information and data known about you and your buying patterns, web-surfing behaviors is retained by the conglomeration of vendors where you do your online shopping, banking, credit card transactions, and a host of other online activities. Collection of this information is necessary for organizations to provide you with access to their large databases of products and services. Also, collection of your information is essential to provide you with some level of information security that protects your information from the prying eyes of highly trained and ill-intentioned hackers. Demographics, Psychographics, and Trends – oh my! Most of us may be familiar with the field of demographics. Just to clarify what demographics are, it is the quantifiable characteristics about you. For example, your name, age, and address are demographic attributes that are collected and stored in databases. Beyond demographics, companies also save psychographic information about you. Psychographics is more formally described as the collection of information about your interests, opinions, and even your lifestyles. I’m interested in guitar playing, for example, so my psychographic profile indicated that I prefer acoustic guitars. Here’s another example how a company, say my local chain store grocery store might use my information. When I signed up for a discount card at my grocers, they asked me to fill out a simple form. The form asked for the usual information: name, address, phone number, email, and a few
other demographic pieces of data (data about me), which I gladly provided to obtain the weekly discounts that the store offers. The demographic information that I provided is stored on a large database file containing demographic information for everyone who signed up for the discount card. In that way, the store can send out a weekly email flyer containing store specials to email addresses or a printed flyer to the physical address of store customers. Demographic and psychographic information can be used in a more robust approach to provide the grocery store chain with marketing information for their customers. For example, when I go into my local store every Friday to purchase my usual one-pound of wild-caught salmon and favorite Irish beer, the grocery store’s database will recognize my purchasing trends and note these as my shopping preferences. The store can actually send out a coupon to my email address when salmon or my favorite Irish beer goes on sale. The combination of demographic and psychographic information collected by our example grocery store chain, can also help a grocery store chain with their overall individual store planning. Trend information, what customers are purchasing at a given store, can provide a store chain with valuable analytics to shape individual stores in a way to meet their customer needs. Have you noticed that in the past fifteen years or so that some grocery store chains have created a few isles of health food products as an offering to their customers? How this has been done is that grocery stores recognized the trend for health food products over the past few decades. Several chains examined their demographic information, which provided them with maps of where their customers live for a particular store and cross-referenced this information with the stored psychographic information that were trending in both the store and within the region. Analytics revealed if a store could support a health food section by examining the trends. Demographics also determine if the addition of a few aisles of health food products, which tend to run at a premium, could be added to the store’s inventory mix. Databases and Analytics – more of the techie stuff. Databases are the essential background technology used by companies to store information about you, transaction information about what you’ve purchased, consumed or traded. With today’s technology, your information, saved by a given company, is usually not stored at one location. Today’s highly sophisticated databases use analytics to meet the needs of their customers with the intention to expand their customer base and consumer markets that the company serves. However, the push is on for companies to share information about their consumers with each other to further expand markets with complimentary products. So much information is shared about you between companies with highly distributed databases located around the globe that organizations can with reasonable accuracy, predict what you will purchase in the near future. This is referred to a predictive analytics. Amazon, for example, is using predictive analytics (demographics, psychographics and current trends) to predict or “shape” their inventory at their warehouses based on projected future sales. Every Amazon warehouse has a particular mix of products kept on the shelves for the area that the warehouse serves which will allow for quicker shipping. Imagine Austin Texas and the music scene. Because of all of the guitar players around Austin, I can only imagine that the Amazon warehouses that sever the area probably store more guitar strings than many of the other Amazon warehouses around the country.
The cloud is everywhere. Data about you is not only stored and shared on massive databases that organizations maintain, but are also stored in large data pools hosted in diverse locations around the US and world. The current method of storing and distributing data that many commercial organizations use is cloud technology. Cloud technology allows for an organization to distribute your information anywhere in ever-growing databases, typically in a private networks of databases that span United States or even the globe. Your information is literally scattered around multiple sites that an organization hosts. The catch in cloud-based services is that not all organizations can afford their own vast ever- growing networks of hardware to host and maintain their databases. Instead, many large, medium, and small organizations will rent cloud space with a third-party cloud-based services company that have the infrastructure to lease large amounts of space to companies. I liken this to my garage. I, like many Americans, have quite a bit of storage in my garage. When I’ve run out of space, at times, I’ve rented a storage space to hold my treasures. The catch is that with space for data or for your things, you release control and trust of your assets to a third party. Aside from the massive amount of data that a particular organization will keep and share about you, whether on their own databases or on leased cloud-based services, information about you can also be found on the various social media sites. Facebook, Twitter and YouTube, to name a few, provide a rich source of data about you. We upload our pictures, videos, our poems and papers in order to share these with our online friends and community. Our pictures, posts and papers provide information about our preferences. I don’t know how many political posts I’ve responded to in the past month, but this alone can provide certain information about my likes and dislikes as it pertains to an event or political interest. In addition, files that are uploaded typically contain meta-data, which is simply information about our location, earth coordinates, and other information about the file, picture, or video. Meta data is like a fingerprint. In fact, the sheer volume of data that is uploaded hourly on social sites is astounding. Over 300 hours of video alone is uploaded per minute to YouTube. That’s a lot of video content that may contain telltale information about you. And the social media companies, also willing to make a buck off of your information, gladly share information about you to other social media companies and to businesses. So where is the digital me? The sharing of information about the “digital me” is at a fever pitch. Billions of dollars per year are spent on sharing, collating, sorting, and relating information gathered from many sources. The “digital me” is a composite of all data collected about my activities, purchases, preferences, and activities scattered throughout social media, third-party cloud services and private organizations. It is no wonder that security agencies have a hand into our profiles as they can project who may be more prone to illegal and terrorist activities. But there is a more fundamental problem with the conglomeration of information about the “digital me.” Is the information about me accurate? A few years ago, I set up two profiles on my favorite social media site. One of the account profiles I set up was for my very conservative side and another account profile suggested that I was quite liberal. Of course, I pointed each of these
accounts to a different email that I had, and I used my first name for one account and my middle name for the second account, so the setup was quite legit at the time. As I anticipated, based on my profile information, I started receiving more conservative information to the conservative- leaning account and more liberal information to the other account. The point is that marketing companies obtained my preference information and my demographic information (email address, age, etc.) from the social media website. My bet is that the social media site sold my information for a few pennies and the digital me (both side of me) were sold to a third party company. Decisions by algorithm, not people. As noted earlier, many decisions are made by databases. Automated decision making and predictive analytics is done by a set of programmed algorithms that most organizations use. When I want to purchase a car, the credit agencies will use an algorithm that checks the “digital me” including my credit risk and worthiness, with fairly good accuracy. Algorithms are only as good as they are designed. Algorithms make an assumption that the data is accurate. And there are bad algorithms that can be downright harmful. When an algorithm is designed and used for decision-making, the algorithm will read in the data to its process that it has access to. The algorithm typically does not determine the quality of the information, the accuracy of the information nor the context of the information. In most cases, algorithms that make decisions for us do not determine if mistakes have been made to the data that is being review if the data is correct or not, the quality or verifiability of the accuracy of the information is, for the most part, not considered. Imagine a scenario where your healthcare information is hijacked by a hacker. If the hijacker can alter your information about who you are to your healthcare provide and receive services, you may be on the hook for the services that you’ve received. Keep the “digital me” clean. Correction of data is difficult at best. It is hard to clean up our own digital data and to make corrections. From this standpoint, digital data spreads like a disease. There are, however, some precautionary measures that we can take to better assure that our data is more accurate. It takes some effort and I recommend these actions: 1. Be security aware: Continuously be cautious about sharing your information with people, emails, and organizations that ask for your information. Understand why they need the information. If you receive an email, for example, from your bank asking you to update your information, call the bank and ask them to send the request in writing. 2. Check your credit rating: I recommend checking your credit reports at least one time per year. Credit reporting agencies, by law, must respond to your request to change credit information in a timely manner. For example, if a credit card incorrectly reported that you were late on a payment, you can request that (a) the credit card agency reverse the report to the credit reporting agency and (b) request to the credit reporting agency that the report on your file be corrected. Both the credit card company and the credit reporting agency must respond to your request within a certain time limit or are required by law to change their records about you.
3. Use pass phrases: Passwords are easy to crack. You can search the web and literally find dozens of password crackers that hackers use to provide access to your account. The shorter the password, the easier it is to use. Instead, many companies are giving you the option to provide either a password or a pass phrase. Choose the pass phrase, if you are given this option and insist that your bank or credit card company use pass phrases, if they do not. A pass phrase, as you probably already guessed, is a much longer password and is something that is unique to you. Because of its length, it takes a hacker who is running password cracking tools a lot longer. An example of a pass phrase would be something that is unique to you and can look like: “I lov3 the University of Arizona basket ball te4m because they are $tellar” (notice the use of a long, unique phrase with numbers and special characters). 4. Remove your hard drive when donating: Take out your hard drive before you donate your computer. When I taught computer forensics courses a few years back, I’d purchase a few computers donated to Goodwill. I’d remove the hard drives and would scan each hard drive for strings of 16 digits. A string of 16 digits might reveal a credit card number. If the software that I used found a 16 digit number, it would mark it for further inspection once the entire disk drive was scanned. Later, the program would examine more closely the 16 digit number to see if the first four digits were representative of a bank or a credit card number. I’d demo this to my class and would discover that most hard drives at the time contained several credit card numbers. And, if you think that you’ve deleted the hard drive contents before you donated it to a worthy cause, keep in mind that there is software that can recover deleted files on a hard drive. The best practice is to donate your computers and laptops without the hard drive. Then, take the hard drive down to a computer store and have them physically shred your drive (look for a computer store that has a hard drive shredder, which is similar to paper shredders, but can chew up a chunk of metal). 5. Do not loan your computer: This sounds a bit harsh, especially when your friend is looking to borrow your computer. But keep in mind that your friend may not be as careful with your computer, which contains your data, as you might be. They may be tempted to download software or visit websites that will install malware onto your computer and malware is often written to steal your information and transmit it to another computer on the web. I’ve run into this situation when repairing and restoring computers, especially in a school setting. 6. Update, update: This is an item that we’ve heard of continuously from both software and hardware vendors, but warrants emphasis. Operating system, application software and hardware companies continuously seek to patch their systems for vulnerabilities and will release updates often. Aside from the necessary virus protection that needs to be updated, please be sure to check that your operating system and applications are updated frequently. Most operating systems including the MacOS and Windows OS versions, will allow you to set an automatic update where the operating system checks periodically and will install critical patches that can provide additional security to your system. 7. Clean it out: When your computer begins to run sluggish and you’ve performed the suggested vendor maintenance, if your computer still runs sluggish, do not hesitate to take it to your computer technician to have her or him perform deep cleaning and inspection of files and browser software. One of the symptoms of a virus (or many) on your computer is that your system runs slow, browser windows open slowly, extra windows seem to pop up out of no where, and you are prompted mysteriously. While you may take all efforts to
clean your system as required by the manufacturer, deep cleaning and scanning may be necessary and can be readily done by a certified computer technician. As a result of the massive amounts of data collected by computers, we each have a digital profile – a “digital me” that identifies who we are, what we do, what we like and how we interact in the world. The “digital me” is rapidly evolving by the rapid collection of information that you’ve provided over the Internet to your banks, favorite shopping web sites, social media sites, and other web sites that you visit weekly. Large massive databases that operate in the background share your demographic, psychographic and trend information as well as your location and other related meta- data. The soup of information that is collected about each of us creates a unique “digital me.” It is essential that we constantly monitor what data is put into the process and clean up any data that is incorrectly stored on databases like credit reporting data. About the author. Dr. Ron McFarland, CISSP, PMP is the Dean of Applied Technologies at the College of the Canyons in Valencia, California, that has a robust Computer Networking and Cyber Security program. He received his doctorate from Nova Southeastern University’s School of Engineering and Computer Science. He also holds multiple security certifications including the prestigious Certified Information Systems Security Professional (CISSP) certification and several CISCO certifications. Dr. McFarland can be reached at: ronald.mcfarland@canyons.edu

Empfohlen

Presentation
PresentationPresentation
Presentation
Morad Shadeed
 
Sq lite module1
Sq lite module1Sq lite module1
Sq lite module1
Highervista
 
Sq lite module2
Sq lite module2Sq lite module2
Sq lite module2
Highervista
 
Sq lite module3
Sq lite module3Sq lite module3
Sq lite module3
Highervista
 
Sq lite module4
Sq lite module4Sq lite module4
Sq lite module4
Highervista
 
Sq lite module5
Sq lite module5Sq lite module5
Sq lite module5
Highervista
 
Sq lite module6
Sq lite module6Sq lite module6
Sq lite module6
Highervista
 
Sq lite module7
Sq lite module7Sq lite module7
Sq lite module7
Highervista
 

Empfohlen

Presentation
PresentationPresentation
Presentation
Morad Shadeed
 
Sq lite module1
Sq lite module1Sq lite module1
Sq lite module1
Highervista
 
Sq lite module2
Sq lite module2Sq lite module2
Sq lite module2
Highervista
 
Sq lite module3
Sq lite module3Sq lite module3
Sq lite module3
Highervista
 
Sq lite module4
Sq lite module4Sq lite module4
Sq lite module4
Highervista
 
Sq lite module5
Sq lite module5Sq lite module5
Sq lite module5
Highervista
 
Sq lite module6
Sq lite module6Sq lite module6
Sq lite module6
Highervista
 
Sq lite module7
Sq lite module7Sq lite module7
Sq lite module7
Highervista
 
Sq lite module8
Sq lite module8Sq lite module8
Sq lite module8
Highervista
 
Sq lite module9
Sq lite module9Sq lite module9
Sq lite module9
Highervista
 
Cyber security training using virtual labs 3 cs umuc presentation august 2018
Cyber security training using virtual labs 3 cs umuc presentation august 2018Cyber security training using virtual labs 3 cs umuc presentation august 2018
Cyber security training using virtual labs 3 cs umuc presentation august 2018
Highervista
 
Cyber security for manufacturers umuc cadf-ron mcfarland
Cyber security for manufacturers umuc cadf-ron mcfarlandCyber security for manufacturers umuc cadf-ron mcfarland
Cyber security for manufacturers umuc cadf-ron mcfarland
Highervista
 
Intro infosec version 2
Intro infosec version 2Intro infosec version 2
Intro infosec version 2
Highervista
 
How to create a maker space v2 ebook
How to create a maker space v2 ebookHow to create a maker space v2 ebook
How to create a maker space v2 ebook
Highervista
 
Love and silence v3 scribd slide share
Love and silence v3 scribd slide shareLove and silence v3 scribd slide share
Love and silence v3 scribd slide share
Highervista
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
HampshireHUG
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
wesley chun
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
The Digital Insurer
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
naman860154
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
Michael W. Hawkins
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
The Digital Insurer
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
Khem
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 

Weitere ähnliche Inhalte

Mehr von Highervista

Mehr von Highervista (7)

Sq lite module8
Sq lite module8Sq lite module8
Sq lite module8
 
Sq lite module9
Sq lite module9Sq lite module9
Sq lite module9
 
Cyber security training using virtual labs 3 cs umuc presentation august 2018
Cyber security training using virtual labs 3 cs umuc presentation august 2018Cyber security training using virtual labs 3 cs umuc presentation august 2018
Cyber security training using virtual labs 3 cs umuc presentation august 2018
 
Cyber security for manufacturers umuc cadf-ron mcfarland
Cyber security for manufacturers umuc cadf-ron mcfarlandCyber security for manufacturers umuc cadf-ron mcfarland
Cyber security for manufacturers umuc cadf-ron mcfarland
 
Intro infosec version 2
Intro infosec version 2Intro infosec version 2
Intro infosec version 2
 
How to create a maker space v2 ebook
How to create a maker space v2 ebookHow to create a maker space v2 ebook
How to create a maker space v2 ebook
 
Love and silence v3 scribd slide share
Love and silence v3 scribd slide shareLove and silence v3 scribd slide share
Love and silence v3 scribd slide share
 

Kürzlich hochgeladen

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
Malak Abu Hammad
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
UK Journal
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
vu2urc
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
Enterprise Knowledge
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
giselly40
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
Delhi Call girls
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Igalia
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
Enterprise Knowledge
 

Kürzlich hochgeladen (20)

The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men08448380779 Call Girls In Friends Colony Women Seeking Men
08448380779 Call Girls In Friends Colony Women Seeking Men
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 

Seven actions of the Digital Me

  • 1. Seven actions for the “digital me” The CyberSecurity Place by Guest Contributor , March 17, 2016 Expert Article Link: https://thecybersecurityplace.com/seven-actions-digital/ By Dr. Ron McFarland, CISSP, PMP We live in an electronically chronicled society. Like it or not, our recorded society, fostered by computers, databases and analytics, provides each of us with many benefits and several potential hazards. It’s a pretty well understood fact that emails, online shopping information, cell phone calls, and Internet traffic is recorded – by someone on a database located somewhere. Whether it’s your Internet Service Provider, Cell phone provider, your bank or utility company, someone is storing your information, your data, and the “digital you” is recorded. It is important for each one of us to understand the fundamental aspects of how much data is collected, why it is collected and how it is generally shared. By developing awareness of how your information is stored, collected, collated and shared, we can address any errors or assumptions made by vast databases and programs about who we are, increasing our benefits for living in a digital society and reducing the risks that can occur. Many organizations record, save, and share pieces of data about you. Information and data known about you and your buying patterns, web-surfing behaviors is retained by the conglomeration of vendors where you do your online shopping, banking, credit card transactions, and a host of other online activities. Collection of this information is necessary for organizations to provide you with access to their large databases of products and services. Also, collection of your information is essential to provide you with some level of information security that protects your information from the prying eyes of highly trained and ill-intentioned hackers. Demographics, Psychographics, and Trends – oh my! Most of us may be familiar with the field of demographics. Just to clarify what demographics are, it is the quantifiable characteristics about you. For example, your name, age, and address are demographic attributes that are collected and stored in databases. Beyond demographics, companies also save psychographic information about you. Psychographics is more formally described as the collection of information about your interests, opinions, and even your lifestyles. I’m interested in guitar playing, for example, so my psychographic profile indicated that I prefer acoustic guitars. Here’s another example how a company, say my local chain store grocery store might use my information. When I signed up for a discount card at my grocers, they asked me to fill out a simple form. The form asked for the usual information: name, address, phone number, email, and a few
  • 2. other demographic pieces of data (data about me), which I gladly provided to obtain the weekly discounts that the store offers. The demographic information that I provided is stored on a large database file containing demographic information for everyone who signed up for the discount card. In that way, the store can send out a weekly email flyer containing store specials to email addresses or a printed flyer to the physical address of store customers. Demographic and psychographic information can be used in a more robust approach to provide the grocery store chain with marketing information for their customers. For example, when I go into my local store every Friday to purchase my usual one-pound of wild-caught salmon and favorite Irish beer, the grocery store’s database will recognize my purchasing trends and note these as my shopping preferences. The store can actually send out a coupon to my email address when salmon or my favorite Irish beer goes on sale. The combination of demographic and psychographic information collected by our example grocery store chain, can also help a grocery store chain with their overall individual store planning. Trend information, what customers are purchasing at a given store, can provide a store chain with valuable analytics to shape individual stores in a way to meet their customer needs. Have you noticed that in the past fifteen years or so that some grocery store chains have created a few isles of health food products as an offering to their customers? How this has been done is that grocery stores recognized the trend for health food products over the past few decades. Several chains examined their demographic information, which provided them with maps of where their customers live for a particular store and cross-referenced this information with the stored psychographic information that were trending in both the store and within the region. Analytics revealed if a store could support a health food section by examining the trends. Demographics also determine if the addition of a few aisles of health food products, which tend to run at a premium, could be added to the store’s inventory mix. Databases and Analytics – more of the techie stuff. Databases are the essential background technology used by companies to store information about you, transaction information about what you’ve purchased, consumed or traded. With today’s technology, your information, saved by a given company, is usually not stored at one location. Today’s highly sophisticated databases use analytics to meet the needs of their customers with the intention to expand their customer base and consumer markets that the company serves. However, the push is on for companies to share information about their consumers with each other to further expand markets with complimentary products. So much information is shared about you between companies with highly distributed databases located around the globe that organizations can with reasonable accuracy, predict what you will purchase in the near future. This is referred to a predictive analytics. Amazon, for example, is using predictive analytics (demographics, psychographics and current trends) to predict or “shape” their inventory at their warehouses based on projected future sales. Every Amazon warehouse has a particular mix of products kept on the shelves for the area that the warehouse serves which will allow for quicker shipping. Imagine Austin Texas and the music scene. Because of all of the guitar players around Austin, I can only imagine that the Amazon warehouses that sever the area probably store more guitar strings than many of the other Amazon warehouses around the country.
  • 3. The cloud is everywhere. Data about you is not only stored and shared on massive databases that organizations maintain, but are also stored in large data pools hosted in diverse locations around the US and world. The current method of storing and distributing data that many commercial organizations use is cloud technology. Cloud technology allows for an organization to distribute your information anywhere in ever-growing databases, typically in a private networks of databases that span United States or even the globe. Your information is literally scattered around multiple sites that an organization hosts. The catch in cloud-based services is that not all organizations can afford their own vast ever- growing networks of hardware to host and maintain their databases. Instead, many large, medium, and small organizations will rent cloud space with a third-party cloud-based services company that have the infrastructure to lease large amounts of space to companies. I liken this to my garage. I, like many Americans, have quite a bit of storage in my garage. When I’ve run out of space, at times, I’ve rented a storage space to hold my treasures. The catch is that with space for data or for your things, you release control and trust of your assets to a third party. Aside from the massive amount of data that a particular organization will keep and share about you, whether on their own databases or on leased cloud-based services, information about you can also be found on the various social media sites. Facebook, Twitter and YouTube, to name a few, provide a rich source of data about you. We upload our pictures, videos, our poems and papers in order to share these with our online friends and community. Our pictures, posts and papers provide information about our preferences. I don’t know how many political posts I’ve responded to in the past month, but this alone can provide certain information about my likes and dislikes as it pertains to an event or political interest. In addition, files that are uploaded typically contain meta-data, which is simply information about our location, earth coordinates, and other information about the file, picture, or video. Meta data is like a fingerprint. In fact, the sheer volume of data that is uploaded hourly on social sites is astounding. Over 300 hours of video alone is uploaded per minute to YouTube. That’s a lot of video content that may contain telltale information about you. And the social media companies, also willing to make a buck off of your information, gladly share information about you to other social media companies and to businesses. So where is the digital me? The sharing of information about the “digital me” is at a fever pitch. Billions of dollars per year are spent on sharing, collating, sorting, and relating information gathered from many sources. The “digital me” is a composite of all data collected about my activities, purchases, preferences, and activities scattered throughout social media, third-party cloud services and private organizations. It is no wonder that security agencies have a hand into our profiles as they can project who may be more prone to illegal and terrorist activities. But there is a more fundamental problem with the conglomeration of information about the “digital me.” Is the information about me accurate? A few years ago, I set up two profiles on my favorite social media site. One of the account profiles I set up was for my very conservative side and another account profile suggested that I was quite liberal. Of course, I pointed each of these
  • 4. accounts to a different email that I had, and I used my first name for one account and my middle name for the second account, so the setup was quite legit at the time. As I anticipated, based on my profile information, I started receiving more conservative information to the conservative- leaning account and more liberal information to the other account. The point is that marketing companies obtained my preference information and my demographic information (email address, age, etc.) from the social media website. My bet is that the social media site sold my information for a few pennies and the digital me (both side of me) were sold to a third party company. Decisions by algorithm, not people. As noted earlier, many decisions are made by databases. Automated decision making and predictive analytics is done by a set of programmed algorithms that most organizations use. When I want to purchase a car, the credit agencies will use an algorithm that checks the “digital me” including my credit risk and worthiness, with fairly good accuracy. Algorithms are only as good as they are designed. Algorithms make an assumption that the data is accurate. And there are bad algorithms that can be downright harmful. When an algorithm is designed and used for decision-making, the algorithm will read in the data to its process that it has access to. The algorithm typically does not determine the quality of the information, the accuracy of the information nor the context of the information. In most cases, algorithms that make decisions for us do not determine if mistakes have been made to the data that is being review if the data is correct or not, the quality or verifiability of the accuracy of the information is, for the most part, not considered. Imagine a scenario where your healthcare information is hijacked by a hacker. If the hijacker can alter your information about who you are to your healthcare provide and receive services, you may be on the hook for the services that you’ve received. Keep the “digital me” clean. Correction of data is difficult at best. It is hard to clean up our own digital data and to make corrections. From this standpoint, digital data spreads like a disease. There are, however, some precautionary measures that we can take to better assure that our data is more accurate. It takes some effort and I recommend these actions: 1. Be security aware: Continuously be cautious about sharing your information with people, emails, and organizations that ask for your information. Understand why they need the information. If you receive an email, for example, from your bank asking you to update your information, call the bank and ask them to send the request in writing. 2. Check your credit rating: I recommend checking your credit reports at least one time per year. Credit reporting agencies, by law, must respond to your request to change credit information in a timely manner. For example, if a credit card incorrectly reported that you were late on a payment, you can request that (a) the credit card agency reverse the report to the credit reporting agency and (b) request to the credit reporting agency that the report on your file be corrected. Both the credit card company and the credit reporting agency must respond to your request within a certain time limit or are required by law to change their records about you.
  • 5. 3. Use pass phrases: Passwords are easy to crack. You can search the web and literally find dozens of password crackers that hackers use to provide access to your account. The shorter the password, the easier it is to use. Instead, many companies are giving you the option to provide either a password or a pass phrase. Choose the pass phrase, if you are given this option and insist that your bank or credit card company use pass phrases, if they do not. A pass phrase, as you probably already guessed, is a much longer password and is something that is unique to you. Because of its length, it takes a hacker who is running password cracking tools a lot longer. An example of a pass phrase would be something that is unique to you and can look like: “I lov3 the University of Arizona basket ball te4m because they are $tellar” (notice the use of a long, unique phrase with numbers and special characters). 4. Remove your hard drive when donating: Take out your hard drive before you donate your computer. When I taught computer forensics courses a few years back, I’d purchase a few computers donated to Goodwill. I’d remove the hard drives and would scan each hard drive for strings of 16 digits. A string of 16 digits might reveal a credit card number. If the software that I used found a 16 digit number, it would mark it for further inspection once the entire disk drive was scanned. Later, the program would examine more closely the 16 digit number to see if the first four digits were representative of a bank or a credit card number. I’d demo this to my class and would discover that most hard drives at the time contained several credit card numbers. And, if you think that you’ve deleted the hard drive contents before you donated it to a worthy cause, keep in mind that there is software that can recover deleted files on a hard drive. The best practice is to donate your computers and laptops without the hard drive. Then, take the hard drive down to a computer store and have them physically shred your drive (look for a computer store that has a hard drive shredder, which is similar to paper shredders, but can chew up a chunk of metal). 5. Do not loan your computer: This sounds a bit harsh, especially when your friend is looking to borrow your computer. But keep in mind that your friend may not be as careful with your computer, which contains your data, as you might be. They may be tempted to download software or visit websites that will install malware onto your computer and malware is often written to steal your information and transmit it to another computer on the web. I’ve run into this situation when repairing and restoring computers, especially in a school setting. 6. Update, update: This is an item that we’ve heard of continuously from both software and hardware vendors, but warrants emphasis. Operating system, application software and hardware companies continuously seek to patch their systems for vulnerabilities and will release updates often. Aside from the necessary virus protection that needs to be updated, please be sure to check that your operating system and applications are updated frequently. Most operating systems including the MacOS and Windows OS versions, will allow you to set an automatic update where the operating system checks periodically and will install critical patches that can provide additional security to your system. 7. Clean it out: When your computer begins to run sluggish and you’ve performed the suggested vendor maintenance, if your computer still runs sluggish, do not hesitate to take it to your computer technician to have her or him perform deep cleaning and inspection of files and browser software. One of the symptoms of a virus (or many) on your computer is that your system runs slow, browser windows open slowly, extra windows seem to pop up out of no where, and you are prompted mysteriously. While you may take all efforts to
  • 6. clean your system as required by the manufacturer, deep cleaning and scanning may be necessary and can be readily done by a certified computer technician. As a result of the massive amounts of data collected by computers, we each have a digital profile – a “digital me” that identifies who we are, what we do, what we like and how we interact in the world. The “digital me” is rapidly evolving by the rapid collection of information that you’ve provided over the Internet to your banks, favorite shopping web sites, social media sites, and other web sites that you visit weekly. Large massive databases that operate in the background share your demographic, psychographic and trend information as well as your location and other related meta- data. The soup of information that is collected about each of us creates a unique “digital me.” It is essential that we constantly monitor what data is put into the process and clean up any data that is incorrectly stored on databases like credit reporting data. About the author. Dr. Ron McFarland, CISSP, PMP is the Dean of Applied Technologies at the College of the Canyons in Valencia, California, that has a robust Computer Networking and Cyber Security program. He received his doctorate from Nova Southeastern University’s School of Engineering and Computer Science. He also holds multiple security certifications including the prestigious Certified Information Systems Security Professional (CISSP) certification and several CISCO certifications. Dr. McFarland can be reached at: ronald.mcfarland@canyons.edu