The National Cyber Security Alliance (NCSA) and the Better Business Bureau (BBB) remind consumers and businesses to protect themselves from identity theft. “A single breach in September 2017 hit nearly 148 million Americans — exposing Social Security numbers, birth dates, addresses and other highly personal information,” said Russ Schrader, NCSA’s executive director. “The average consumer is doing very little to protect their data. Doing a digital spring cleaning keeps valuable information more secure.”
Here’s some advice for digital cleaning:
• Ensure all software on internet-connected devices — including PCs, smartphones and tablets — is up to date to reduce risk of infection from malware.
• Usernames and passwords are not enough to protect key accounts like email, banking and social media. Fortify your online accounts and enable the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device.
• Delete unused apps and keep others current, including the operating system on your mobile device. An added benefit of deleting unused apps is more storage space and longer battery life. Actively manage your location services, Bluetooth, microphone and camera — making sure apps use them appropriately.
• Perform a thorough review of your online files. Protect digital records, PCs, phones and any device with storage just as you do for paper files. Start by:
• Saving only those emails you really need, and unsubscribe to email you no longer need/want to receive.
• Copying important data to a secure cloud site or another computer or drive where it can be safely stored. Password-protect backup drives. Back up your files before getting rid of a device, too.
• Reviewing the privacy and security settings on websites you use to be sure that they remain set to your comfort level for sharing. Limit how and with whom you share information.
Guidelines for safe disposal of electronically stored data:
• Computers, mobile phones, external hard drives and USBs, tape drives, embedded flash memory, wearables, networking equipment and office tools like copiers, printers and fax machines all contain valuable personal information.
• If you have a stash of old hard drives or other devices, information still exists and could be stolen. Wipe and/or destroy unneeded hard drives soon.
• Deleting and emptying the trash isn’t enough to completely get rid of a file. You must permanently delete old files. Use a program that deletes the data, “wipes” it from your device and then overwrites it by putting random data in place of your information — that then cannot be retrieved.
• For devices like tape drives, remove any identifying information that may be written on labels before disposal, and use embedded flash memory or networking or office equipment to perform a full factory reset and verify that no potentially sensitive information still exists on the device.
• Once the device is clean, you can sell it, trade it in, give it away, recycle it or have it destroyed. Note:
• On failed drives, wiping often fails, too; shredding/destruction is the practical disposal approach for failed drives. Avoid returning a failed drive to the manufacturer; you can purchase support that allows you to keep it – and then destroy it.
• Using a hammer to hit a drive only slows down a determined cybercriminal; use a trusted shredding company to dispose of your old hard drives. Device shredding can often be the most time- and cost-effective option for disposing of a large number of drives.