For the regular computer user, professional, or business analyst, when we hear the word ‘cybersecurity’, we tend to think this is more related to software specialists, IT engineers, and young guys wearing a dark hoodie in front of a computer with multiple screens in a room with no light other than the one that comes off the monitors. Very often, we tend to think that is not relatable to us regular users of consumer technology such as cell phones, tablets, laptops, or other mobile devices. Regardless, cybersecurity best practices are essential for every technology user to secure data privacy.
Cybersecurity is short for ‘computer security’ or ‘information technology security.’ According to Wikipedia, “it is the protection of computer systems and networks from information disclosure, theft of, or damage to their hardware, software or electronic data”.
Yes, most human beings, like you and I, use any kind of hardware containing data; our very own data; valuable data.
The Most Critical Part: the End User
In the big picture, there is a long chain of infrastructure and technology end-to-end to each and every single piece of hardware storing any kind of data, one of those ends being our cell phone, our laptop, our tablet, and so on.
Within that long chain of infrastructure and technology, let’s focus on the weakest part: the end user. This includes people like you and me, who use email, social media posts, and send SMS or chats on many applications (Whatsapp, Telegram, etc…). It includes those who take hundreds of pictures with cell phones, like to use many “free” apps, and surf the web searching for the next product to purchase or check our financials at the bank website. We are the weakest part of the entire chain and we need the biggest protection.
A World in Need of More Data Privacy
We live in a world where we produce boatloads of data. After the pandemic, we have been producing even more data as we replaced human interaction with digital interaction.
In our world, dominated by tech giants and companies very much interested in the data that we produce, data aggregators have convinced us that we can use a lot of “free” services that can facilitate our busy lives, accessing super high-tech applications for “free.” This involves communication systems, GPS applications, email services, scan applications, photograph applications, storage of documents, web browsers…and a zillion more things. Again, for “free.” And we love it.
There is a hidden and non-financial cost associated with that. Those tech giants don’t want our money for all those nice applications and services. No, they want our data — the data that we generate when we use their applications.
The reason for this is that they aggregate large quantities of data and profile us, creating groups of similar profiles that they can use to sell our aggregated data to other third parties. Then, they can create marketing and content with great affinity to our profiled group. My colleague Tony Uphoff recently published a very interesting article about ad fraud reckoning — very interesting to put perspective into this.
There is another angle to this. There are many individuals targeting the same data: your data and my data— and more importantly, the data of the employers and organizations that we relate with. By having access to this data, they can exploit and take advantage of it in many ways. Those individuals also know how much we do enjoy “free” applications and services. So, they use this to bypass any possible security measure to access any valuable data.
Among many attack vectors (that’s the name given to any form of attack), email, social media posts, adverts, and chats are among the top methods to receive malicious attacks from those individuals.
Basic Ways to Protect Ourselves
1. Avoid email as much as possible.
Yes, it sounds drastic, but it is efficient and feasible. Nowadays, we have many tools that facilitate teamwork and communication in a more efficient and effective way, like Microsoft Teams and Slack.
Communication is direct. It can be moderated. It is possible to create dedicated groups to share files and communications in a very controlled environment
2. Separate devices and accounts for different purposes.
Use a phone or laptop for social media and another one for work. Avoid using social media on your work device. Do the same with your profiles. Use one email account only for social media and another one for email communications. Create another email account for logging into personal services, such as online banking, insurance, health, or any other similar service.
3. Invest something in security.
Yes, think about a firewall at home, using VPN and paid antivirus. Do not use public Wi-Fi anywhere.
4. Watch your cell phone connections.
Avoid turning on Wi-Fi, Bluetooth, data, and any other possible connectivity function activated on your device when you are not using it. If you carry your cell phone with everything open, you are telling the entire world: “Hey, I’m here available to be connected! Who wants to connect with me?!” Use each connectivity function strictly when needed.
5. Do not store your personal data in public storage services.
Avoid using “free” storage services (Google Drive or similar) to store your personal IDs, banking details, or related items. Try to use other types of storage devices.
6. Educate yourself.
Although this one is the last, it is the most important. Understand what is happening in the world in terms of data privacy, protection, and security. Stay aware of cyberattack trends. Think carefully about how those trends may impact you. Be ready ahead of time.