Information Security & Personal Security Considerations
Four years ago if you told me the NSA was monitoring everything I do online and otherwise I probably would have laughed and asked why they would be watching me? Today, its irrelevant why, they simply are. Regardless of what the .GOV is doing the fact is that a lot of the technology that is used to monitor people comes from the private sector and is often, if you look hard enough, open source. This means that if you know the right people or have the dedication to go get it, you can.
One concern that is becoming more and more of a problem is PROTECTING your personal information. If you are online in any way, have a smartphone or utilize credit cards, your info is out there. Experts say the only way to hide or mask personal information (and this will take time) is:
1) Never have ever gone online to begin with
2) Delete all online content, all email, all social sites, all websites, EVERYTHING.
Not many “normal people” are going to go this far especially since so much of our lives is intermingled with technology, smartphones, credit, computing and the internet.
Isn’t this stuff just for Ninja’s, spy movie types, kooks and real spy’s? No, not anymore. With technology advances come people, other than the government, who want your info. Hackers, identity thief’s, skimmers – criminals – want what you have so they can use that info to rob or control you in some way. In late 2012 and in 2013 I have had credit card info stolen, charges made to my accounts and had to take action to stop any potential damage. In 2012 I can track back to where and when my info was stolen however the most recent incident I cannot track down or isolate. I don’t shop online at unfamiliar websites (although many will tell you NO website is truly secure), I check the card readers whenever I use a card and I do not use my cards “Debit” function, only credit. So, I cannot help but be concerned that skimming may have taken place. Regardless of how, it has created a need to better protect and safeguard my InfoSec and in so doing, my PerSec.
Here is a concern that you should at least consider when traveling abroad (foreign countries and for the purposes of this article, foreign cities) –
Some considerations for better InfoSec:
There are A LOT of various options for securing credit cards, smartphones, laptops, iDevices etc. If you travel a lot for work, your company probably has a device and InfoSec policy in place. Check it out and adhere to it since you can often be held personally responsible for loss. If you are a small business this is just as relevant. Having a business credit card, laptop or personal cell phone stolen when traveling could be disastrous. Having to shut down your business credit card while traveling can be a real issue and bite into your bottom line or personal finances. You may want to consider implementing a couple of these safeguards:
1) Personal and Situational Awareness – Monitor smartphones like you would monitor a personal carry firearm. I often see people place smartphones in open coat or purse pockets. On many occasions I could have picked up someones phone and walked off or stuffed it in my pocket, no problem. The amount of personal information contained on these phones is staggering. This also includes inputting a lock-out code on smartphones or tablet, laptop devices. I sat in an airport back in August and by simply observing a number of people around me was able to record 3 different peoples lock-out codes during the 45min I sat waiting for a plane. You think that code is secure, however, through a small amount of observation someone can get a code that unlocks a ton of personal info. Protect that comm device like it’s a portable bank, because it actually is. You have probably heard this before, don’t utilize the same passcode for multiple devices, multiple Apps or multiple websites; have a different code for every different access point. Inconvenient, yes, true InfoSec and PerSec often is.
2) AVOID – using the debit function on cards. Entering a debit card number out in public, like at a grocery store, possibly allows others to see the PIN# and can make skimming much easier. That PIN# along with the card number that was skimmed is an open door to your account. Both VISA & MASTERCARD offer zero percent liability against debit or credit fraud however, if your debit card is skimmed or hacked those fraudulent charges come directly out of your “available balance”, that balance which you may need to pay bills with, tomorrow. Those stolen funds will be placed on hold until your dispute is remediated which can be very inconvenient and a source of great stress. Using the credit function of the card requires no PIN#, has liability protection and the funds represent “borrowed” funds. This means that if a card is skimmed or hacked (fraud of any type), nothing is lost directly. There is usually a window of time before you will become responsible for the debt that was accumulated due to the theft or fraud. In that time, a watchful individual will have detected the fraud, reported it and had it resolved.
3) Counter Measures – Technological counter measures are available to block crimes like skimming. If you are concerned check out the following options:
4) Device Security –
Secure WiFi when in public or utilize a VPN or Virtual Private Network (here is why from lifehacker.com). I have utilized ProXPN since 2011 with good results. The only concerns with a VPN setting or network is that it tends to slow down browser and speed. If you are willing to apply a little patience for security then try this out.
Disable Bluetooth when in public if you don’t need it. Others can take advantage of your bluetooth connection, pairing to your device, access files or piggyback onto another device you have paired. A lot of devices have the bluetooth already enabled, go into the settings and figure out how to disable this feature when required.
Disable Location Based Services (GPS) – location based services can be totally disabled on most smartphones or set to on/off for specific apps. For example, I may need my location services on in my Navigation App for travel purposes but there is no need for Facebook Places to track me providing info to anyone on Facebook. This is just good PerSec unless you are of the generation of people who believe everyone should know your every move, everyday, everywhere and see a pic of you doing whatever. FACT – YOU are not that important to anyone but yourself.
Good InfoSec = Better PerSec
How does all of this apply to Personal Security and personal protection? Having a credit card, smartphone, iDevice or laptop hacked, skimmed or stolen while traveling can have a significant impact on your personal and family security. Without funds, without stored travel data, without comms, you are at risk. Technology is great, technological ignorance is not. Take your personal and family security seriously, train, practice, test viable info security to enhance overall personal security.