Where's Your Data Stored?

Where's Your Data stored?

I'd like to pose a question we should be asking ourselves often in this modern digital world: Where's my data?

Where is your data?
These days a person may own a computer, a smartphone, a tablet, and other Internet-connecting gadgets like a smartwatch. Each of these devices collects data we put into them, and data they gather about us. Here I'll focus on one set of important data we input: Personally Identifying Information (PII).

What is Personally Identifying Information (PII)?
PII can include your name, social security number (SSN), date and place of birth, mother's maiden name, etc. It can also relate to your unique medical, educational, financial, or employment information. PII can be exploited for identity theft and other crimes.

Know where your PII is stored. For example, do you keep your SSN, or those of family members, on your phone in the Contacts or in a notes app? This may be convenient, but it's risky. If someone steals your phone, or hacks it, the PII is exploitable.

So after answering the "Where's my data?" question, the follow up should be: "Is it safe there?"

Is your data safe there?
In the example of a smartphone, is yours password protected? Is it encrypted? If the answer is no, no, then do not store PII on the phone. If you are using an app like Lastpass on your phone to store PII, this app's vault encrypts the data. This is good protection, but still password-protect and encrypt your phone. Nothing is 100% secure.   

What if… your phone is lost or stolen?
The third data risk question to ask is: "What if?" For example, ask yourself, "What if my phone is lost or stolen?" Have a protocol you can follow quickly to minimize the potential for information theft, the first step being locating the phone and trying a remote wipe. 

If that isn't effective, then consider all apps and accounts you save on the phone that are password-linked and change those passwords on the website for those apps and accounts immediately! (If you haven’t done so already, make complex and unique passwords for each of those accounts.)

Don't keep any PII on a portable device
To err on the side of paranoia, don't keep any PII on a portable device, or for that matter any info that you don't want going public. Take measures to protect what’s most precious. 

Thanks for reading.
Sam

---

If you haven't already, you can subscribe to our email tips by visiting www.kokuadigital.com and entering your name, email, and "add to email list" in the request form, then click Send. 

Deterring Theft of Your Home and Office Computers

Deterring Theft of Your Home and Office Computers

What's the issue?
It seems whenever we tune into the news these days we hear of another computer system hacking. Whether it's an attack on big business, government, or celebrities, the black hat hackers are chalking up victories. But there are less techie ways of getting to our confidential data. 

Why should you care?
Because it's so easy to be ripped off. A criminal could find the opportunity to pick up your computer (or phone or tablet) and walk off with it. Cyber theft can be that simple.

Speaking from my perspective on Hawaii Island it seems most homes and businesses don't have alarm systems. Most don't seem to have very good locks on their doors either. I have yet to see a laptop locked to furniture. The deterrents to computer theft around here are low. 

So it would be quite easy for a thief to acquire a computer in these environments, such as after business hours, or when the homeowner is away. And once the computer is in hand, even if it's password protected, any data on that computer is compromised. (Encrypting the data does boost your security.)

Expect the worst! Reasons for stealing a computer range from a disgruntled employee, a mad ex-spouse or partner, a desperate drug addict, etc. 

How to protect yourself?
If you have confidential info on your computer, and you could imagine a scenario where someone would steal the system, please think of ways to counter that. 

Installing good door and window locks is a start. For a business, an alarm system is a good investment. If you are leaving for the weekend or going on vacation, you can hide your computer. There are cord locks you can install, which latch the computer to furniture (it's a deterrent). You can lock a server in a closet or cage. There are many approaches to boost security. 

Put on the hat of a thief and survey your home or office for ways a computer could be stolen. Think how it would affect you if the computer were stolen. Then take appropriate action to protect that asset. 

When should you do it?
ASAP! The word is out on the "cyberstreet" that stolen data is a commodity. Don't wait until after you're a victim. 

Where can you find more info on this topic?
Here's a website that offers theft prevention tips.

Who can help?
Ask a friend or family member or IT consultant to help assess your computer theft vulnerabilities. Two heads are better than one to craft defenses. 

In Sum
The nexus between the online and offline worlds provides many angles for the criminals. Let's keep our guard up so we don't become another statistic of cyber crime. 

Thanks for reading. You're feedback is appreciated!

Aloha, Sam

You can subscribe to email tips by visiting www.kokuadigital.com and entering your name, email, and "add to email list" in the request form, then click Send. 

Safeguarding Your Smartphone

Safeguarding Your Smartphone

What's the issue?
In a previous post I recommended taking stock of your wallet items that could be exploited for identify theft and other illegal purposes. Now that you've done that chore, let's move onto another commonly carried digital data asset that's targeted by criminals: your smartphone.  

Why care?
Your smartphone--be it an iPhone, Samsung Galaxy, Blackberry, etc.--likely contains or can give access to bank accounts, social security numbers, birth dates, passwords, etc., not to mention emails and private photos. Do you want any of that in the hands of someone you don't trust?

How to protect yourself?
Though this sounds like a major chore (and can be!), but I suggest making an inventory of confidential data on your phone so you know exactly what you stand to lose. The only personal data somewhat safe to keep on your phone in the Contacts program, for example, is names, addresses, and emails. Don't store birth dates and other confidential info. 

For storing confidential data like birth dates, account numbers, passwords, etc., I recommend a program such as LastPass, which you can sync between your phone and their secure website (https://lastpass.com/f?7616566 ). This means in addition using the LastPass app on your phone you can log in from any computer to the website to also access your private info. You can learn more about LastPass on their site.

And though convenient, it's really best not to do any banking on your smartphone. Here's one of many articles explaining the dangers of smartphone banking.

Also be aware that cybercrooks can crack your smartphone's login password, so don't trust that alone to block access. It's best to set up encryption so if someone does steal the phone, it will be more difficult to access the data. Check the website for your phone's vendor for how to encrypt it.

Another option to set up on your phone is remote wiping. You can use this feature in the event you suspect the phone has been stolen. Check with your smartphone vendor's website for instructions to set this up. Be aware after wiping the phone you'll lose any data that's not backed up. 

When should you do it?
Take inventory of the confidential data on your phone as soon as possible. Block out one hour to sit with your phone some place without distractions. Get a pad of paper and jot down your concerns about what's on your phone, then try on your own to whittle down your exposure and beef up security per the suggestions above. 

Where can you learn more on this topic?
This website provides a list of best practices for more secure use of your smartphone.

Who can help?
You can take your phone to the store where you bought it for tutoring and advice on this topic. You can also call your service provider, such as AT&T. Most service providers are keenly aware of cyber theft exploits and can provide the latest tips for protection. 

In Sum
If all this makes you dizzy, it should. It's a bummer we can't be more casual with our digital devices and enjoy them without worry. But that's not the world we live in. However we can be informed and take steps to to reduce security risks, just as we do with our cars, homes, and other possessions. 

Thanks for reading. You're feedback is appreciated!

Aloha, Sam

P.S. You can subscribe to email tips by visiting www.kokuadigital.com and entering your name, email, and "add to email" in the request form.