Security and giving away information
Security isn’t just down to other people choosing not to hack your device or a service you use – you have some control and some responsibilities too. As part of our ongoing weekly series on security, we review three measures you can take today to increase your security and privacy and that of the people you communicate with.
Keep distribution lists private
How often do you get an email from someone that includes swathes of other email addresses in the Cc field? Lucky you if the answer is ‘not often’. Dare I ask how often you *send* an email like that?
Apart from the bad manners of revealing lots of email addresses that I’m willing to bet have been displayed without their owners’ consent, it looks amateurish and spoils the layout of your email – depending on the system they use, the recipient may have to scroll through the lines and lines of addresses before reaching the body of the email, or they may realise it’s hardly personal and give up without bothering to read it.
So how do you prevent this and avoid jeopardising other people’s security? It’s very simple: when sending a mass email ensure that the recipient addresses go in the Bcc (blind ‘carbon’ copy) field. Put your own address in the To field. That’s all it takes.
Be careful what information you record
It’s too easy to keep up a running commentary of our thoughts and actions across the breathtaking range of social media opportunities we have at our fingertips. Add to that devices that we actively configure to record our sleep, exercise, health – even our driving experience with dashboard cams.
The innocent face of this is to increase our own security and protect ourselves (proof that that white van simply pulled out in front of you) and help us to optimise our lifestyle for the benefit of our health. Consider though the implications of being on the wrong side of the law or a dispute. Clearly we aren’t going to encourage anybody to with-hold evidence or do anything shady, but put it like this: information you don’t record can’t be twisted to be used against you.
Just imagine the fun an insurance company (yours, or someone else’s) could have with your health and fitness data? What if it could be proved that you were sleep-deprived or lacking food the morning you had a car accident (consider this case ongoing in Canada)? What if you’d taken to social media to vent your frustration with a child the day that child has to be taken to A&E with a broken arm? You’ll be 100% innocent of any wrong-doing, but now you may have to prove that because of the information you’ve broadcast and/or recorded.
You’ve all heard of children having parties while their parents are away, the time and venue making it onto social media and 300 uninvited guests arriving, with predictable results. Hilarious. What a numpty. But take a step back and draw the connection between that and the situation you could be creating for yourself.
Kill off obsolete accounts
Over the years we all accumulate vast numbers of accounts – forums, social networking, journal log-ins, multiple email accounts etc etc. It’s worth revisiting these from time to time and deleting any that you’re sure you no longer need. This minimises your exposure to hacking attacks as well as reducing the amount of information about you that’s available on the internet.
In most cases, certainly for personal non-work related accounts, it’s advisable to avoid using your real name for display purposes (clearly professional sites such as LinkedIn are an exception) and remember – never EVER re-use a password.