As we look to spring and the warmer weather, it is a great time to talk about the footprints we all leave behind as part of our daily activities and how to be better and reduce them. “Rob, what does the environment and carbon footprints have to do with Cyber Security?” Oh, my apologies for that misleading opening sentence, not our carbon footprint, our Digital Footprint! “What is a digital footprint?” Good question and ironically it is a little like that other one, it is the residual of your digital activity that remains after you engage in anything digital. A more formal definition:
Digital Footprint – The unique trail of data pertaining to a user’s activities, actions, communications, and transactions on the internet.
Active: When you intentionally share information on social media or other websites (i.e., online forums Reddit, Tumblr, Yelp, Facebook, Tik-Toc, X, etc…)
Passive: Information collected without your knowledge or awareness
(i.e., cookies left and read by websites you visit)
Want to see where you fall in the digital footprint area? Take this quick quiz (from CDSE.edu), each Y = 1 point:
- Do you make purchases online?
- Have you signed up for coupons by creating an account?
- Have you registered or subscribed to newsletters or blog updates?
- Have you downloaded and used shopping apps?
- Have you opened a new credit card account?
- Do you use a mobile banking app?
- Have you bought or sold stocks?
- Have you ever registered your email address with a gym?
- Do you receive health care?
- Have you ever used apps to track your activities and workouts?
- Do you subscribe to an online publication or news source?
- Have you ever reposted articles and information you’ve read?
- Do you use social media on your computer or devices?
- Do you interact with friends online?
- Have you ever shared information, data, and photos with your online connections?
- Have you ever joined a dating site or app?
Results:
<5 = A digital footprint that is less complex than most internet users
5-11 = A digital footprint that is average for most internet users
12+ = A digital footprint that is more complex than most internet users
So, what does this mean for you? Well, the higher the score the more likely the risks of being a target of social engineering, phishing, foreign information collection, targeted disinformation, and identity theft. “OK Rob, so yeah, that is not good, how can I protect myself?” I’m glad you asked, here is a list of things you should do regularly:
- Limit the amount of data intentionally placed on the internet.
- Limit shared information on social media – more information shared = more information others have about you (including people you don’t know)
- Occasionally clean browser cookies and other tracking files on your personal devices – You can configure your browser to delete after each session, see the image below on how much passive tracking is happening every time you are on the internet.
- Tighten up privacy settings on social media – Limit who can see and share information you post.
- Do not open attachments or access links from unknown or questionable sources– I know, duh! But it still happens so it is on the list.
- Anonymize, disallow, or restrict location access of tracking by applications – Have a look at using the duckduckgo browser, very good at blocking and protecting (see 1b above).
- Install and keep antivirus software updated on personal devices.
- Periodically review both financial/credit and medical/health information.
- Setup credit reporting and card activity notifications.
- Continually update passwords and password protections, especially after being informed of a data breach.
As a reference for 1b and 4 above, here is what the different sites TRIED to track, without my knowledge this week, this is only showing the last 6 site visits:
In closing, feel free to leave as much or little footprint as you like. I’m not saying all the information is dangerous or not actually benefiting the app or browsing experience, I’m just saying be aware and know that the ability to piece information together about you by reading your ACTIVE and PASSIVE footprint information is there, very easy to do, and not everyone is looking to use that info about you for your benefit.
Newsletter By: Rob Collings, ISHPI’s VP of Cybersecurity | CISO
April 1, 2024