In 2003, the National Cyber Security Division of the DHS (Dept. of Homeland Security) named the month of October “National Cyber Security Awareness Month”, aka NCSAM. As the CTO of GDT Secure Infrastructure, you can rest assured that we will be focusing on ways to educate our customers on becoming more security savvy, more security aware, and working with them on ways they can stay more vigilant and protect themselves from outside and insider threats. This year’s theme for NCSAM is “Own IT. Secure IT. Protect IT”, which is fitting for GDT considering a major element of our branding is “Design IT. Build IT. Deliver IT.”
This month I’d like to address what “Own IT” means, from an organizational, professional and personal standpoint. In subsequent months, I’ll be addressing the same as they relate to “Secure IT” and “Protect IT”.
First of all, make a commitment to understand—or at least begin to understand–your own digital footprint. Internet-connected devices abound—home, school, the workplace, retail locations, et al. Pick any place you frequent on a regular basis and, unless you climb mountains in Nepal, you’ve just defined your digital footprint. This constant internet connectivity between you and the world provides amazing opportunities for collaboration, sharing and consuming content (Who doesn’t like a good cat video, or a discount on Starbucks? Or free Wi-Fi just for “liking” something on Facebook?! What a bargain!). But, with all that goodness comes the bad—theft, whether of identity, passwords, personal information or money.
The following will help you “Own IT”:
- Use an anti-virus product that is can detect fraudulent and malicious websites, or what they may refer to as anti-phishing technology in the product’s marketing materials.
- If you’re going to a retailer’s website, type their URL into the browser address bar. Sure, it’s easier to click on the link, but typing it in will ensure you’re heading to the right place. It’ll cost you a few extra seconds, but it’s good insurance against heading to a malicious site.
- On that note, if you’re ever questioning a site’s authenticity, type in a fake password. If it’s accepted, there’s a problem because they’ll accept any password. Close it out and immediately delete your browsing history.
- Regularly inspect your bank and credit card statements. Make sure you account for all purchases listed.
- All CAPS in the subject line of an email means you’ve probably received a phishing email. Why do scammers like ALL CAPS? Nobody knows, but it doesn’t really matter. Just know that they do.
- Check that the e-commerce site you’re visiting begins with https:—note the “S.” If it’s missing the S, which stands for Secure, it’s anything but. The “S” means the communications between you and the website are encrypted.
- Look for misspelled words or horrible grammar, which are tip-offs that something is amiss.
- If you’ve entered a site and the images are of poor quality, you’re likely on a fraudulent site. Reputable retailers wouldn’t dream of publishing websites with low-quality, fuzzy graphics or images.
Using the digital realm—mobile technology, internet access, HDTV, GPS, et al.—to stay connected and demonstrate brand loyalty are some amazing outcomes that have sprung from the growth of the Internet. However, it also presents a window into your life for potential cybersecurity threats. It is becoming increasingly difficult to “lower the blinds” on that window. Your personal information is just that—personal. This month, make a concerted effort to understand what these devices and applications know about you, and take stock in how you can control and limit access to them.
Securing your personal data starts with knowing where it is and the ways to access it.
Here is an interesting article I wanted to pass along to you from Scientific American. You aren’t just a consumer, you are the owner of this data and you rightfully should be asking yourself “What data does this device know about me?”
Next up—“Secure IT”.
For any questions you have about securing your organization’s key, vital data, please contact me at firstname.lastname@example.org. I’d love to hear from you.