Keep Cyber-Safe: 2 Tips to Protect Your Online Identity

MarketingXLerator
Natascha Thomson Owner/Partner, MarketingXLerator

Posted on April 15th 2014

Keep Cyber-Safe: 2 Tips to Protect Your Online Identity

I generally try to do some "house keeping" at the beginning of each year but, of course, it pays to implement the tips below whenever you get to it.

Cyber security, or rather the lack thereof, is one of the main threats of our time.

Here two simple tips that could make the difference:

Photo by flickr user rpongsaj used under a Creative Commons license. 

1. Have Excellent Passwords (Take no Short Cuts)

Hate changing your passwords for your social media, online banking, Amazon.com and many more online accounts? So do I - but having someone invade your privacy, social channels, or even financials could be devastating and time-consuming.

The DO List:

A good solution to make changing passwords less of a pain is to sign up for a password storage tool. Personally, I use 1Password which carries a yearly fee. I’ve also heard good things about a free tool called LastPass.

  • All you need to do, once you have such a tool, is to create one really hard password and remember it. Then you can let the tool auto-generate all your other really hard passwords, which you won’t need to remember.
  • You can have 1Password installed on your Mac/ PC, iPhone, and iPad (as long as you are not using iPad 1, as the OS does not support it).
  • You can "feed" 1Password every time you go to a site that requires you to create or use an existing login and it will store the details directly through the 1Password browser extension. Say you are going right now to change your Facebook password, when you are done doing that, 1Password can automatically record and encrypt the details for you.

The DON’T List:

If you are not ready to use a password tool, take these tips to heart:

  • Don't use the same password or similar password that you slightly modify for each account. Make each password unique, with a mix of upper and lower case letters, numbers, special characters - at least 6 characters, ideally 9.
  • Change your password occasionally (at least once a year). While having a really difficult password is the number one best way to protect your accounts, changing your password cannot hurt.
  • Don't use any real words, your pet's name or anything people could Google about you.
  • Personally, I discourage publishing your birthday on LinkedIn or Facebook as the birth date is a crucial detail to cracking an online identity.

2. Check and update your social channel settings Facebook, LinkedIn and other social media channels periodically (or in Facebook’s case: all the time) change their privacy options or add options without making users explicitly aware of it.

  • For a safe 2014, visit at least your key channels - in my case Twitter, Facebook, and LinkedIn - and check your privacy and notification settings. Update where needed.
  • Also, disconnect access for apps you no longer use.
  • While you are there, it might make sense to tweak your profile information, in case you can add a new accomplishment, job, or had other changes happen.

Photo by flickr user rpongsaj used under a Creative Commons license.

MarketingXLerator

Natascha Thomson

Owner/Partner, MarketingXLerator

Natascha Thomson is the CEO of MarketingXLerator, a Social (Media) Business Consultancy. MarketingXLerator co-innovates with clients to create strategies that generate results through mutually beneficial relationships. Co-author of 42 Rules for B2B Social Media Marketing. Yogini. Yerdler. Motto: "Teach a man how to fish."

 

See Full Profile >

Comments

phishd
Posted on July 30th 2014 at 9:56AM

To follow on from section 2 of the article, one of the specific pieces of information users should be looking to ensure remains private is their email address. Social networking sites and forums can allow users' email addresses to become visible, allowing them to be trivially enumerated and targetted by phishing and spear-phishing attacks.

For personal accounts, this can mean your email inbox becoming flooded with phishing emails, trying to get you to click links to malicious websites that put your personal data at risk.

For corporate accounts this poses an even bigger problem - we often see attackers performing spear-phishing attacks against organisations in a bid to exploit employees to gain access to confidential and sensitive corporate data and/or systems. The vast majority of these attacks use information found in the public domain, including corporate email addresses listed on social networking sites and forums, as a base from which to identify employees inside an organisation to target with spear-phishing - with success rates often in the region of 65%+, even against firms with good employee security awareness training in place.