Anyone working in IT is a steward for data—their company’s proprietary information, their personal records and their customers’ data, which, if they lose it, becomes a mammoth strike on their credibility.
The problem is most of us don’t think like spies, the insidious digital criminals who seek out valuable information that lets them make fraudulent credit card charges, hack into bank accounts and undermine corporate activities.
During his keynote address at SHARE in Anaheim, privacy expert John Sileo armed the audience with the mindset they need to stay ahead of the crooks and preserve the security of their data.
A big part of that mentality is understanding that, as far as criminals are concerned, computers, smartphones and the cloud store our identity.
“Part of who we are, part of our makeup is digital,” Sileo said. “Just because it’s electronic doesn’t mean it’s any less real than anything else.”
That means data is a currency, more valuable than gold to savvy criminals who can use bits of information to take out a fraudulent mortgage, drain bank accounts and frame you for crimes committed in your name.
Though a bank with adequate customer protections might be able to restore your money within weeks, it can take years to repair a damaged reputation, as Sileo learned when his business partner embezzled nearly $300,000 in Sileo’s name.
Sileo spent two years fighting to stay out of jail for a crime he didn’t commit, and in the process he lost his family technology business, hundreds of thousands of dollars and precious time with his young children.
Four elements that contribute to digital security breaches, Sileo said: human, physical, technology and Internet factors.
Most people assume IT is the biggest contributor to safeguarding privacy, Sileo said. But the other components play just as big of a role.
If someone steals a purse, for example, they physically removed it from a human, and it likely contains technology that connects to the Internet—and all that combined opens up a Pandora’s Box of security issues.
The key to protecting the privacy of yourself and your customers, Sileo said, is changing your brain chemistry.
We’re hardwired to trust people that seem like they’re in control. But there’s a three-step process to rerouting the connections and building a safer environment for your data.
Anytime someone asks for your information, follow the process: react, research and respond.
“It isn’t about paranoia,” Sileo said. “It’s about healthy skepticism.”
Rather than acting impulsively, react thoughtfully. Don’t click on the suspicious link. Decline to give your social security number to the stranger who calls. Pay with cash rather than a credit card.
Then do your research. Ask questions, such as can I verify this is a legitimate request for information? Do I have other options for resolving the issue?
And finally, respond by safeguarding your data by treating your mobile devices like the minicomputers that they are, creating tough-to-crack passwords and building a culture of security within your organization.
Sileo said most security training is so bland that employees don’t take to it. But if you make it emotional and engaging, your staff will understand how much is at stake.
“You have to make possession, even of digital assets, an obsession,” Sileo said.