Scare-Free Ways to Make Your Cyber Existence Less Spooky
By Dale Dresch, IT Audit Manager, Maloney + Novotny
Ahhh, October. That time of year when we celebrate Christopher Columbus, carve pumpkins, and maybe even buy candy corn. And, for the 16th year running, it’s also the time for recognizing National Cybersecurity Awareness Month.
This annual campaign, co-led by government and industry via the National Cyber Security Alliance and the Cybersecurity and Infrastructure Agency (CISA), is all about building cybersecurity awareness at home and at work by understanding the risks and updating your digital practices to reduce them.
This year the overarching theme of the campaign makes a clever play on the term Information Technology, with organizers urging us to: “Own IT. Secure IT. Protect IT.”
“IT” all sounds like good advice — but only if we know how to do these things. We’re here to help, offering a reality check and advice to consider when it comes to the digital information you unwittingly share and consume.
In fact, deconstructing this year’s cybersecurity awareness month theme, you may notice that each sentence of the three-part message highlights a different cybersecurity risk area in need of attention: Owning your personal information, securing your cyber world, and protecting your cyber profile. We’ll cover each of them in succession through three article posts this month looking at each component and helping you learn how to build up your cybersecurity quotient with just a few simple changes.
Rethink Your Online Footprint
The cybersecurity campaign’s first call to “Own IT,” speaks to taking charge of your online profiles concerning the devices, applications and networks you use every day. In many cases it’s all about looking at the fine print and purposefully managing the personal information you share online, whether at home, at work, or elsewhere.
So “Owning IT” refers to the IT applications, connected devices and networks you use. Yes, it’s a tedious job many people know they should make time for, but don’t: reviewing and understanding the agreements and privacy settings for the applications, devices and networks they use. This time-consuming task is the perfect starting point: Reviewing agreements and adjusting settings lets you know exactly what information is at stake, then ideally gives you acceptable options to limit that sharing. And if the options you find aren’t acceptable to you? A deal-breaker if there ever was one.
Don’t want your location history shared with Google? Or your contacts uploaded to the latest game you’ve added? A privacy review and checkup will help you keep this personal information private. Want to know if your smart TV is listening to the ambient noises in your living room? Unless you’ve looked at the fine print, you may not know for sure. Read user agreements and take control and ownership.
Knowledge is Power
Owning your online information sharing ultimately means understanding what you’ve tacitly agreed whenever you’ve clicked “accept” after downloading a new program, logging into a new computer, linking to a WiFi network, setting up your new Smart TV, and even visiting a website for the first time. And if you don’t review policies and apply your preferences, you may fall victim to default settings that are far more generous with your information than you intended.
Reviewing the details will also show you whether the applications and devices are asking for information they shouldn’t ever need. You can stem the tide, so take the time to review and manage the data and personalization settings for applications, devices and networks. Understanding is the first step of taking ownership. And controlling what you share is a very close second.
In next week’s post, we’ll deconstruct the next part of this year’s cybersecurity campaign: the call to “Secure IT” which deals with making the most of password protections and other security features. In the meantime, if you have a specific cybersecurity question you’d like to discuss, don’t hesitate to contact Maloney + Novotny IT Audit Manager Dale Dresch at (216) 344-5296 or email@example.com, or use this online contact form to get in touch with us.