Sunday, May 15, 2016

Where's Your Data Stored?

Where's Your Data stored?

I'd like to pose a question we should be asking ourselves often in this modern digital world: Where's my data?

Where is your data?
These days a person may own a computer, a smartphone, a tablet, and other Internet-connecting gadgets like a smartwatch. Each of these devices collects data we put into them, and data they gather about us. Here I'll focus on one set of important data we input: Personally Identifying Information (PII).

What is Personally Identifying Information (PII)?
PII can include your name, social security number (SSN), date and place of birth, mother's maiden name, etc. It can also relate to your unique medical, educational, financial, or employment information. PII can be exploited for identity theft and other crimes.

Know where your PII is stored. For example, do you keep your SSN, or those of family members, on your phone in the Contacts or in a notes app? This may be convenient, but it's risky. If someone steals your phone, or hacks it, the PII is exploitable.

So after answering the "Where's my data?" question, the follow up should be: "Is it safe there?"

Is your data safe there?
In the example of a smartphone, is yours password protected? Is it encrypted? If the answer is no, no, then do not store PII on the phone. If you are using an app like Lastpass on your phone to store PII, this app's vault encrypts the data. This is good protection, but still password-protect and encrypt your phone. Nothing is 100% secure.   

What if… your phone is lost or stolen?
The third data risk question to ask is: "What if?" For example, ask yourself, "What if my phone is lost or stolen?" Have a protocol you can follow quickly to minimize the potential for information theft, the first step being locating the phone and trying a remote wipe. 

If that isn't effective, then consider all apps and accounts you save on the phone that are password-linked and change those passwords on the website for those apps and accounts immediately! (If you haven’t done so already, make complex and unique passwords for each of those accounts.)

Don't keep any PII on a portable device
To err on the side of paranoia, don't keep any PII on a portable device, or for that matter any info that you don't want going public. Take measures to protect what’s most precious. 

Thanks for reading.
Sam

---
If you haven't already, you can subscribe to our email tips by visiting www.kokuadigital.com and entering your name, email, and "add to email list" in the request form, then click Send. 


1 comment: