Protecting Your Digital Identity

Make it as hard as possible for someone to steal the most important things to your cyber-safety, like your money, privacy, and digital identity. People who try to get your data will have a better chance of moving to a less complex or expensive target.

For that reason, it’s essential to figure out how critical information can be stolen or leaked, as well as the limits on how well you can protect that information after you know where and what your enemy wants to get, you can put your efforts and resources toward protecting that information.

digital identity

List Your “Attack Surface”

A cyber-thief (or an “unethical” big tech company, an employer, or the like) could use your digital life to make money at your expense. This is the first step in the process. Similar things might make your life a lot less safe, and you might not even know it.

This is an example of what you might see on a list:

  • devices like a cell phone and other phones
  • the person’s computer,
  • network at home (e.g., routers, access points),
  • accounts on social media
  • online banking and money accounts
  • information about your physical ID and your name
  • information about credit cards

In cybersecurity, each thing has what’s called an “attack surface” – a way for someone to get into that part and get your data. The size of your attack surface depends on many different things, but you can take simple steps to make it less likely that someone will try to do bad things. So let’s work on them one by one.

Mobile Device Physical Security

Smartphones and tablets hold many digital identities (one or multiple items on the list above). But, unfortunately, they also have a high chance of getting away from us while we’re not looking after them. They could get lost, stolen, or just be picked up by someone else while we’re not around.

Fortunately, defending against casual attempts to get at personal data on a smartphone or other mobile device isn’t as tricky as defending against attempts by law enforcement, sophisticated criminals, or state actors. To do this, you need to cut down on the attack surfaces.

Phone Lock

Always make sure your devices are locked. With the most secure method you’re comfortable with. Your phone should be locked. If it isn’t a 4-digit PIN, which isn’t worthless but is close to useless, your phone should be locked with it. As a side note, make sure that your device is set to delete all of its data if you keep trying to get into it with the wrong password for a long time (e.g., a maximum of 10 times).

A longer passcode is better than none if you don’t have one yet. Limiting the number of times you try to remember your password can make it much less likely that someone will figure it out, which means you have a better chance of protecting your privacy if your device is stolen or lost.

To be more secure, use a password with at least eight characters in length (and preferably a longer passphrase than a long passcode). This shouldn’t be a problem if you’re unlocking your phone with your face or finger.

It’s also a good idea to look at whether the screen locks take a long time because of the app settings or other things. If someone grabs your phone, they can see your data if they bring up the screen just in time.

Backup

As a result of stricter rules for password resets after multiple password failures, it is essential to back up your phone often. The safest way to back up your data is to do it at home, with an encrypted backup on your external hard drive.

For Apple devices, you can do this:

  • If you have Mac OS Catalina or later, you can back up your iPhone to your computer through Finder or
  • Use iTunes (Windows or macOS Mojave or earlier).

Apple has a step-by-step guide for backing up your data at home. For Android devices, click here for a guide like this one.

To make your Backup more secure, you can encrypt it before putting it on the iCloud or another storage service. This way, even if your local copies get damaged or lost, your Backup will still be available. But remember to keep the encryption key safe and secure, and don’t share it with anyone (no matter it is a password, certificate, or token).

Patching

In the same way, it is essential to make sure your mobile devices are always up to date to keep someone from taking advantage of known security flaws. Good projects like “Project Zero” have made it easier for companies to fix security flaws quickly. Making sure you’re up-to-date is simple. All you have to do is check for updates in the device’s settings and then press “update,” and you’ll be done.

App Security

In most cases, the above steps aren’t perfect, but they could make a big difference in most cases of accidental data leaks or exposures. There are many ways to protect your digital self, but physical security is only one of them. There are also software and network threats that need to be taken care of.

It doesn’t matter what Apple and Google have done to make their mobile devices more secure. Rogue apps and even apps that aren’t rogue can still do things they aren’t supposed to.

For example, apps and the devices themselves can be used to track people who own them in the wrong ways, even though their manufacturers have taken steps to protect them. Apps can also leak information accidentally or intentionally over local, cellular, or Bluetooth networks.

Identity theft can also happen if “sideloaded apps” are used on a phone or tablet. It’s dangerous to sideload an app (get and install apps from an unknown source) or let an iOS app that needs a “profile” be installed on your phone. In this case, the app isn’t one you’ve made or that your employer’s mobile device management (MDM) platform gave you or that the app doesn’t work with.

101 Digital Footprints

To protect something, we need to know what it is. Everything you do online leaves a digital trail. It includes everything you do with your keyboard and mouse, as well as what you do on your phone or tablet.

These are some places where we leave the most of our mark.

  1. Social media is more than just what you post. It also includes what people say, like, tweet, retweet, and swipe left and right. Because most platforms have long user agreements that are hard to read, this is not good.
  2. Make sure to keep an eye on data policies and setting changes for mobile apps.
  3. Shopping websites are essential for ads and marketing because they show what people buy.
  4. Web Browsers use headers and cookies to let people know who you are.

Many “fake app” scams use social engineering to get people to visit websites that look like app stores. Unfortunately, these schemes almost always cost a lot of money and expose a lot of people’s private information. These things to look for:

  • Avoid apps that ask for too many permissions, and
  • Don’t let them do anything that seems like an overreach (Least Privilege).

To show you how this works, Facebook Messenger asks if it can be your SMS client and then logs all of your phone calls to your Facebook account. This way, it can find “friends” faster. Remove apps you don’t use, too. iOS does this if it’s set up that way, but only when the apps aren’t running in the background.

Single sign-on (SSO) options like social media accounts or email addresses are often used by people to make their lives easier. These options make it quick and easy to sign up (as it skips the process to create a username and password for that application.) “Listaholics” are people who keep track of all the online services, stores, and apps they have used over the years. Not everyone is like that!

If that’s the case, your SSO information might be able to help you in this case. If you sign up for a service like Google, Facebook, or Apple ID, you get a list of third-party apps that can access your account. Top three:

SSO options may not be selected or available, but you used your email address instead. If you search your email inbox for words like “unsubscribe,” “sign-in,” or “welcome,” you can find all of the services you use, even if they don’t have SSO options. You should then revoke or remove, unsubscribe, or delete any sign-ups you no longer want or need to keep.

Minimize Your Digital Footprint Early On

All of it makes sense. When you make less of a digital footprint, clean up more minor things afterward. So there’s still a chance that “Digital Distancing” can help.

In the news, we keep hearing about social distancing. We now all know what it means. It’s like when you want to talk to your boss about getting a raise, but you close the door. The best way to keep your digital self from being hacked or listened to is to keep a digital distance.

Start with these:

  • Change your browser. Firefox and Brave are web browsers that are more concerned about your privacy than other web browsers are. If you need more features, you can use Tor or use a different service.
  • Duckduckgo and browsers’ “private window” are good places to search.
  • Find out what apps have permissions and double-check the privacy settings on your favorite social media apps to make sure they are safe.
  • If you use a Virtual Private Network (VPN), don’t be surprised if the provider keeps logs. Check to see if the provider supports PFS – Perfect Forward Secrecy. Also, look into the privacy laws and regulations where VPN providers are based.
  • Protecting our DNS is an essential part of internet security. You can do this at home. Because many tracking scripts and apps can’t connect and send data back, this can also be a good way for you to stop them. All devices that connect to the internet would have a DNS setting. It is better to protect your data from the start in the long run.
digital identity

Mobile Network Risks

Also, someone could use your phone’s WiFi MAC address to make a fingerprint of it and then track it. The same is true for Bluetooth, as well. There could be information about you and your device if you have Bluetooth turned on on your device. It’s best not to turn on WiFi on your phone unless you know what you’re doing.

Make your phone name something other than [Your Name]’s. Your phone’s network name is broadcast to everyone around you, which is why this is the case. If you use your WiFi as a microphone, you can say your name to other people’s phones.

Conclusion

We need to treat our data as if it were the real world for our digital self. Only the bank sees our financial records. We have vaults where we keep our personalized jewelry, and only the bank sees them. You leave a trail every time you touch your phone.

Privacy is the ability to decide who can see information about our private lives and activities, and it is essential because:

  • Privacy is our right to choose who we share our ideas and feelings with and who we don’t share them with.
  • People who want to keep their private information private, like their health or financial data, can do this.
  • To be truly free, we need to have our own space.

We’d rather pay for what we need than get free things. “How will this company pay their employees? Before you use a free app, you might think about that.” Do you know how Google and Facebook became so big?

People say that “nothing costs us more than what we get.” Because it costs the most, people don’t think about money and how much they have to pay. They think about their time, privacy, health, and freedom. These are the things we value the most.

Leave a Comment