It’s time for a digital spring clean
Hooray for the warmer weather! Spring has finally sprung, and the summer break is not too far off.
I’ve spent a great deal of time this year consulting, thinking and writing about IT security. Year on year I’m seeing the rise in exploitation of personally identifying information (PII) for profit by cyber criminals. Two years ago, the main threat facing my clients was ransomware; now it’s phishing.
The best way to avoid having any of your private information and data end up in the wrong hands is to purge it, protect it and avoid producing it!
If the pre-Christmas period is extra busy for your business; now may be your moment to take the time for a digital declutter before the craziness starts.
Or if, like me, you’re beginning to plan for a quiet time between Christmas and New Year when there’s less day-to-day work from clients and your team needs a few little projects to keep them busy; you might like to file this away as a “To Do”.
Keep a clean machine
Ensure all software on internet-connected devices – including computers, smartphones and tablets – is up to date to reduce risk of infection from malware.
Lock down your login
Your usernames and passwords are not enough to protect key accounts like email, banking and social media. Begin your spring cleaning by fortifying your online accounts and enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device.
Declutter your mobile life
Most of us have apps we no longer use and some that need updating. Delete unused apps and keep others current, including the operating system on your mobile device.
Do a digital file purge
Perform a good, thorough review of your online files. Tend to digital records, PCs, phones and any device with storage just as you do for paper files. Get started by doing the following:
- Clean up your email: Save only those emails you really need and unsubscribe to email you no longer need/want to receive.
- Back it up: Copy important data to a secure cloud site or another computer/drive where it can be safely stored. Password protect backup drives. Always back up your files before getting rid of a device, too.
Own your online presence
Review the privacy and security settings on websites you use to ensure they’re at your comfort level for sharing. It’s OK to limit how and with whom you share information.
How to safely dispose of your electronically stored data
Know what devices to digitally “shred”
Computers and mobile phones aren’t the only devices that capture and store sensitive, personal data. External hard drives and USBs, embedded flash memory, wearables, networking equipment and office tools like copiers, printers and fax machines all contain valuable personal information.
Clear out stockpiles
If you have a stash of old hard drives or other devices – even if they’re in a locked storage area – information still exists and could be stolen. Don’t wait: wipe and/or destroy unneeded hard drives as soon as possible.
Empty your trash or recycle bin on all devices and be certain to wipe and overwrite
Simply deleting and emptying the trash isn’t enough to completely get rid of a file. Permanently delete old files using a program that deletes the data, “wipes” it from your device and overwrites it by putting random data in place of your information ‒ that then cannot be retrieved.
For devices like external hard drives, remove any identifying information that may be written on labels before disposal, and use embedded flash memory or networking or office equipment to perform a full factory reset and verify that no potentially sensitive information still exists on the device.
Decide what to do with the device
Once the device is clean, you can sell it, trade it in, give it away, recycle it or have it destroyed.