Exclusive contribution for The Executive Magazine by René-Sylvain Bédard, author of Secure by Design, cybersecurity expert, and Founder of Indominus Managed Security
In this age where our digital identity is the backbone to access a constellation of cloud-based services, from our bank accounts to our children’s picture, how do we keep it safe?
Here are 5 ways to make it more SECURE.
5. Know your digital landscape
First, consider how large a breadcrumb trail you have created online. The bankruptcy of 23andMe is a hard reminder that if you leave personal data lying around online, someone might be tempted to buy it. And your data could already be for sale or simply published on the dark web.
This calls for a spring cleanup. Figure out what accounts you have and what you are no longer using. Log onto them and make sure that you securely delete your personal information.
4. Have a way out, a backup method to re-authenticate
Make sure that your master account has an exit clause, that if ever it gets locked out, there is another account or phone that you have access to and allows you to reset it. Why? So that if ever it falls victim to a cybercriminal, you have a way to get it back.
Then take that phone and the credentials of this secondary account and store them in a safe somewhere. That way, it can also be used by your succession, should something even more terrible happen.
3. Strengthen your identification method
Here are a few shortcuts:
- Don’t use the same password twice
- Use pass-phrases instead of passwords, augmenting your capacity to remember them (making them longer, as a bonus)
- Never share them
- Never write them down
If you are technologically savvy, you can also look at the latest and greatest such as password-less technologies or biometrics. This works very well but the scope of acceptance is still somewhat limited.
2. Use a password vault
There are a few great alternatives out there such as 1Password and LastPass which grant you a centralized way to host and defend usernames, passwords and even MFA (Multiple Factor Authentication) methods. Consider this exactly as a normal vault. The level of security of your vault is directly related to how hard it is to get in. If you have a vault that has your entire life in it, and it is always opened as soon as you log in to your PC, that’s dangerous.
Lesson: keep it hard to get into, and make sure the platforms you are using to get into them are also safe, even, if possible, monitored.
1. Use multiple factors
MFA is a way for you to prove that you are the person attached to this identity. By adding another factor, such as receiving a code to your mobile, you reduce by over 80% the chance of your digital identity being successfully stolen.
They might have your username and password, but they still can’t access your services or data. They can still harm you, but their power is very limited.
Conclusion
Hygiene is the main keyword to remember. Close unused services by ensuring data is properly exported/deleted, have a backup method to reauthenticate credentials and strengthen your identification methods. Password vaults and MFA are your friends when used correctly.
With these tips, you will be able to avoid the worst of the storm. Stay secure