Privacy and security are recurring and critical themes in our ever-expanding digital and social-media landscape. Addressing this topic and tasks head on will vastly increase your safety online, enabling you to engage with your clients and connections more securely, as well as boosting your compliance program even further.
There are four key areas to explore when evaluating your privacy and security:
1. Account access
2. Data access
3. Credentials
4. Attacks and malware
Two-factor authentication
This is a simple move you can make across numerous online accounts that dramatically reduces your risk of compromise from hackers. Nearly every site of substance offers this from Buffer to Facebook and Google, Linked, Twitter and more.
The idea is that once you submit your username and password you are prompted for a secret code sent via SMS message to your mobile device of choice. This is the “second factor” of your login. It's easy to know if your account is being manipulated as you will receive text message prompts with your code — and if its not you logging in you can contact the provider to secure your account.
Facebook and Google specifically offer an additional option via a code generator that runs from within the mobile app for their platform. Thus you can generate a code via Wi-Fi connectivity even if you cannot receive a text message.
Understanding Your data and Its visibility
Each online account handles your data differently in how they use it for marketing purposes, expose it to search engines and allow other users of their services to access it. In most cases, you manage the majority of this through your account settings.
It is worth the time to review and assess your choices for data management. For example, you can opt out of your profile being used in conjunction with ads on Google+, how your information extends from Facebook to search engines and to other Facebook users; to who can see your connections or your activity (looking at other's profiles) on LinkedIn.
Certainly some data you prefer is public — such as your LinkedIn profile, or tweets you share promoting your latest blog posts. However, some data is better suited to more controlled visibility (hence the rising popularity of Google+ and its Circles). By auditing each of your online accounts' privacy settings, you will be much more aware of its reach.
Managing your passwords
Passwords are likely the weakest link. And point the blame at us, the users. Research on password security returns frightening results with the top 10 most compromised password choices (Password1 anyone?).
This is easy and now far more convenient to address. There are several highly regarded password management solutions that work across platforms (PC and Mac to smartphone and tablet) insuring your logins follow you securely.
The basic premise is a password manager has you choose one master password to secure your password database. Using the same password across many sites can be a disaster if one of your accounts is compromised (this happened to the author prior to using password managers). The hacker can then test your username and password on any number of sites.
The apps, which reside in your web browsers, follow you around, saving your usernames and passwords as you work. The apps will also help you pick stronger passwords and suggest eliminating duplicates. The apps will also sync changes across your devices and offer backup options.
Popular apps include
1Password,
LastPass, and
RoboForm.
Not falling for the “check out this link” trick
This is more of a social-engineering component of staying secure online. We learned from some of the original viruses, which were delivered via e-mail, clicking a link or opening an attachment without first considering the source and viability of the e-mail, was high risk.
We see these same risks moved to social media. Most common are Twitter direct messages, seemingly from connections you know, with shortened links leading to malware-laden web sites. Remembering to ask first before clicking (“did you really send me that link”) may seem like a nuisance until you've been hit with malware on your devices. Take these same cautions with any unknown messages or links. The social networks take these issues seriously and all offer tools for blocking and reporting spammers and worse.
However, you don't want to block your friends, peers and clients. If you do receive suspicious links from them, let them know their account may have been compromised. You can also pass along these tips to them for better securing their online lives.
Blane Warrene speaks and writes frequently on technology and the intersection of marketing and compliance in financial services. He co-founded Arkovi and QuonWarrene, and produces the Digital Well podcast. He is focused on helping financial advisers and institutions explore and define what being a digital business means to them.
