Home for the Holidays

 

Many of us will hunker down with friends and family over the next few weeks. We'll welcome them into the warm, safe and food-filled rooms of our houses. We'll travel miles to share even just a few hours with the ones who make our lives meaningful. We'll make long-overdue phone calls to far-flung relatives, friends and contacts.

 

 

 

It's a joyous time of year and one that reminds us of the importance of our communities. Safeguarding the VIPs in our life should not be viewed as "just one more thing on the to-do list." It's an incredibly important endeavor, and one we can't afford to neglect, even during the busiest time of year.  

 

Read on for ways to protect seniors, youth and ourselves this holiday season - a time when, unfortunately, the "bad guys," too, are looking for a way in.  

 

Black Friday and Cyber Monday Assaults

No, I'm not referring to the elbow-throwing shoppers who jockey for position in front of this year's deal-of-a-century bargain. I'm talking about fraudsters - specifically, individuals intent on using their tech know-how to ruin your online experience.  


A newly released infographic by VeraCode (snippet pictured below) provides a terrific visual representation of the threats we're facing this season.      


  

Below are three more resources for helping to keep your eyes peeled this shopping season. 



Hot Gift May Open Door for Criminals, Investigators

Video games and consoles will be a hot commodity this year, especially among our world's youth. But keep this scary fact in mind when purchasing these must-have gifts: they are a playground for Internet predators.  


With two teenagers in the house, you learn of the latest and greatest gaming systems slightly ahead of the rest of the world. Others may not be aware that many of today's video game systems allow players to connect with others online as they play, and some even offer video capabilities to allow players to see each other. These systems not only provide an "open window" for online offenders trolling for victims, they also, according to police in my home state of Iowa, provide criminals a non-traditional communications channel in which to conspire about criminal activities outside the virtual realm.  


With the potential for criminal interaction, connected gamers of all ages should keep in mind that communication inside these systems is just as vulnerable to collection and sharing as in other digital channels. Per this Cedar Rapids Gazette article, "...investigators can analyze data stored in video game systems just like they can pull text messages off cellular phones or review Internet search histories on laptops." Adult content sites have also infiltrated the new Playstation 4


If you happen across a child predator using these systems, you can report him or her via a new app called Operation Predator recently launched by the U.S. Homeland Securities Investigations.  

 

 

 

Bullies Bully Even When School's Out

As we've learned thanks to several recent headlines, bullying among kids is no longer confined to the classrooms and hallways of school, the mall or any other hangout. As our kids spend less of their free time hanging out physically and more of their time hanging out virtually, the bullying has naturally migrated online.  


While many adults understand how to manage their social-media networks in a way that protects them from too many or the wrong eyes on their private information, many kids do the opposite. For a myriad of reasons, kids leave their social networks open, which means any negative post they receive on their page is not only something that will torment them privately; it's open for the world to see.  


Even when private accounts are locked down (or children aren't even participating in social networking), kids can still get dragged into the mire. Take this Instagram bullying case, which happened in my own neck of the woods, for instance.  


Parents, keep a close watch on your kids' social-networking interaction. Here's a great article with 13 tips on how you can do exactly that.  

 

  


A New Way to Keep 'Track' of Kids

Nervous parents the world over are taking advantage of emerging technology to keep a closer eye on their kids. A multitude of tracking apps for smartphones, cars and even the body are "creeping up" (pun intentional) to help moms and dads monitor their children.


While the intentions are generally good, certainly privacy concerns abound with any type of tracking app or technologyThis is especially true when these apps are used for shady purposes by people less interested in where Bobbi is and more interested in stalking a boyfriend/girlfriend, for example. Or worse.


Intrigued by the idea of using technology to track people -- or where this kind of innovation may someday move society? You may be interested in this novel by Dave Eggers. I've not read it yet. If you have, let me know your thoughts about it!

 

  

Watching Out for Seniors this Season

This month, grandparents will devote a great deal of energy to making the holidays special for their families. According to research, these individuals are less likely than their counterparts to fall victim to fraud. A recent study found that older adults who had the highest levels of depression and the lowest levels of social needs fulfillment experienced a 225-percent increase in the risk of fraud prevalence compared to those who were less psychologically vulnerable.


That is not to say the mentally well and full-familied elderly among us are not vulnerable. And as the matriarchs and patriarchs of our communities, these individuals deserve for each of us to join in their protection. Below are some potential pitfalls, tips, advice and resources that I hope will give you a starting point for having important conversations with the seniors in your life.

  • Crafty criminals can put shredded documents back together again using tools like Unshredder. Make sure you cross-shred into tiny pieces the most sensitive documents.  
  • Philanthropic seniors are so important to the sustainability of our charitable causes. However, we must all be careful to properly vet causes before making certain donations. Here's a good pointer I received from my friend @DebbieMahler about the dangers of sharing personal information, even with charities.  
  • When someone calls to say you've won a sweepstakes or lottery, it can be hard to turn away. Here's a recent article that describes how these savvy fraudsters manage to trick the elderly into believing even what's too good to be true.  
  • Thanks to my friend @BurgessCT for creating this terrific resource for online senior safety: senioronlinesafety.com
  

 

Reader Question  

 

I recently came across Dashlane, a service that bills itself as "The world's best password manager & secure digital wallet." Have you looked into Dashlane, and can you tell me if you think it's safe? 

 

Historically, I have not been a big fan of password-keeper sites. After all, it's a bit counter-intuitive to intentionally share what equates to a personal treasure trove of authentication factors with a third-party -- especially when you consider the increasing incidents of data breaches we're seeing.

 

All that said, Dashlane appears to be -- of all the password keepers out there -- better than others I've seen. They use strong encryption, which is a necessity for any service like this. 

 

However, besides your email address and phone number, they also collect your gender, birth year and zip code. They claim they cannot link this information back to your individual personal information, but with today's vast Big Data capabilities, I'm skeptical of that claim.

 

After I received this question, I also looked into the service's posted privacy notice further. When I didn't see some of the most important information contained in the policy, I got in touch with Dashlane to ask about it. I was especially interested to know what they do with their customers' data when those customers stop using their service.  


A Dashlane representative got back to me right away, answered the question, and then said they agreed it was important to have in the policy and that they would work to get it added. Of course it remains to be seen how soon they do get this information added; it is still not there today. Dashlane appeared to be responsive, but that will only matter if they follow through with making the changes they said they would. 

  

It should not be overlooked that they actually have an otherwise fairly decent posted privacy notice, which many other password keepers do not.  

    

Here's more information about Dashlane from LifeHacker.

  

 

Privacy Professor in the News

I'm honored to have been sourced recently for data and information privacy expertise by journalists with ComputerWorld, National Public Radio (NPR), Information Security Buzz and CSO Online. Check out the results below.

 

Need Help?

 

If you need any help with information security or privacy training and awareness, or if you must comply with HIPAA and need help (especially important now that the Omnibus Rule has gone into effect), please check out my Compliance Helper site or get in touch with me; I would love to help you!

  

You Have My Permission to Share

 

I receive a lot of requests to repurpose the information contained in these Tips messages, so I wanted to drop a quick note in here to say, "Yes, I approve!" Please use the following attribution so that others will know where to find me if they have additional questions about the material you pass along.

 

Source: Rebecca Herold (a.k.a. The Privacy Professor), privacyguidance.comrebeccaherold@rebeccaherold.com.

 

  

 

Here I am pictured with one of my most treasured childhood memories -- - Christmas at my grandma's house with her perennial silver-white tree with the Santa Claus topper! I'm hiding behind the presents with excited anticipation of giving them out to everyone after they finish their chili and/or oyster stew.

 

I wish for each of you the continued development of your own holiday memories. And here's to keeping our loved ones -- be they young, old, or the person staring back at us in the mirror -- warm, safe, well-fed and protected this holiday season. 

 

 Merry Christmas, Happy Hanukkah, Warm Winter Wishes and Happy Holidays!!

   

Rebecca

Rebecca Herold, CISSP, CIPM, CIPP/US/IT, CISM, CISA, FLMI 
The Privacy Professor®
Rebecca Herold & Associates, LLC
Mobile: 515.491.1564