Practicing Good Personal Data Hygiene
From a young age, we learn how to take good care of our bodies. Brushing, bathing, trimming and polishing all become second nature. Now, however, we are evolving into creatures that occupy both physical and digital realms. 

In this new era, another kind of routine has become just as important - practicing good personal data hygiene.
As doctors and other health experts come to know more about the physical condition, we learn new ways to keep ourselves safe and healthy. The same can be true for our digital identities. Read on for inspiration on practicing good personal data hygiene in a changing world. 

Child taking bath. Little baby in a bath tub washing hair with shampoo and soap. Kids playing with foam and water splashes. White bathroom with window. Clean kid after shower. Children hygiene.
Staying Safe While Away... 
Thanks to my friend Joe Shook for this pointer. 
Innovative hackers have developed web-based tools that log, decrypt and report back keystrokes from wireless keyboards. The trickiest part? They look (and function) just like a USB mobile charger

If you plan to use your wireless keyboard in a public place, such as a hotel lobby or airport, be extra cautious. That stranger who just "plugged in" next to you could be waiting for you to enter a username, password or private URL. 
...At Work...
Did your boss really just ask you to do that? 
Adorable Little Playing Doctor To A Teddy Bear Over White. Shot with the Canon 20D.
If an emailed request from an executive or manager seems out of character or iffy in some way, take a harder look. Better yet, give that person a call to verify the request. You may be the target of a spearphishing attack, like the one that tricked an investment firm employee into transferring almost $500,000 to a Hong Kong bank.
If you lead your company's security or privacy training, do what you can to get C-level executives to participate in your sessions. Although their schedules may be prohibitive, insist. Those highest up the ladder are the most vulnerable to spearphishing cons.
Another thing you may want to consider is restricting the use of employee's own devices and/or personal email accounts. They could act as an open door, letting a crafty hacker into your business systems. After banning the use of outside email from the business network, one client of mine saw its malware occurrences drop by 74 percent!


...and At Home
Thanks to my friend Debbie Morano-Mahler for this pointer.
The idea of a "smart" home is so appealing. Imagine, setting the thermostat to cool down the place when unexpected guests announce their impending arrival; letting the kids into the front door without having to leave the office; or turning on the lights specific to your preference before you even get home.

Sounds great. But, all that connectivity and convenience from the Internet of Things (IoT) comes at a risk.

Cybersecurity researchers, in fact, just hacked into a smart home's front door. They found significant design vulnerabilities on real-world smart devices that are on the market today. Scary!

There's even such a thing as a smart toilet, and of course, it's been proven just as vulnerable as the other IoT appliances and gadgets. Can you imagine needing this? I don't see the need. My friend, Christopher Burgess, provided this pointer to some fun researchers had hacking into a smart toilet.

If you want to have fun experimenting with smart-home gadgets, that's probably okay. But, as Professor Atul Prakash, one of the researchers who broke into the smart-home lock, told the Michigan News, "I would say it's okay to use as a hobby right now, but I wouldn't use it where security is paramount."

Keeping Your Email Protected
Don't stop with just one updated password. 
The child studies is a plug and a knife.     Note  Slight graininess, best at smaller sizes
A new report says tens of millions of accounts from three U.S. email providers have been compromised. If you have a Google, Yahoo or Microsoft email account, change your password immediately. 

But don't stop there. 

If you used that same email password on your social, financial or personal medical accounts, be sure to change your passwords on those sites, as well. (Whenever possible, do not use the same password on more than one site.) 

Betty White knows all about password hygiene. Who knew!? I love it, though. Check out her endorsement of the practice on the website devoted to World Password Day 2016.
If you confirm your email has been breached, notify your contacts. A compromised email account is often used by phishing masterminds to trick contacts of the victim into giving up even more valuable access. 

Go one step further.

You can also sign up for two-factor authentication (2FA). With this added layer of protection, even if someone discovers your very good password, he or she will not be able to get into your account without taking another action (e.g. entering a one-time PIN sent to your smartphone). 

FYI, here is a cool site that lists most of the websites that provide 2FA.

Knowing Your Digital Rights 
Thanks to my friend Debra Farber for this pointer.
Did you know your biometrics are not protected under the Fifth Amendment

The right against self-incrimination extends to your passwords, but not your fingerprint, vein patterns, heartbeat or any other biometric. 

Be aware of this before you participate in things like Apple Pay, which uses your fingerprint as part of the authentication process. 
Happy loving family. Mother and daughter are doing hair, manicures, doing your makeup and having fun. Mother and daughter sitting at dressing table at house.
Teaching Your Children Well 

Thanks to my friend Gal Shpantzer for this cautionary tale.

There is a terrible true story here, but one you really must take the time to read. A teenager made the kind of mistake you and I never could have made in our teens - simply because the technology did not exist. Because of his mistake, he became a victim of "sextortion," a growing privacy and cybersecurity issue.

See my discussion of the topic on a recent CWIowa Live morning show appearance. 
Take a moment to read his story, share it with others and then talk to the teens (and even pre-teens) in your life about the danger of connecting with people you don't know online. 

Saving Your Reputation 
What happens on the Internet, stays on the Internet. Forever.

We all make mistakes. It's a fact of life. Digital mistakes, however, are much harder to come back from. That's because digital materials are so easily copied and shared. 
If you find yourself, a friend or a loved one in a tough spot where digital reputation is concerned, all hope is not lost. There are reputation saver websites that may be able to help. They are staffed by people who are experts at tracking down private information, images, messages, videos, etc. and continuously monitoring for duplicates. Of course, it comes at a price. So, your best protection against a bad online rep is to avoid getting the material out there in the first place.

And how do you do that? By practicing good personal data hygiene, of course! (I have a list of steps you can take to help accomplish this. I'm happy to send it your way; just email me.)
As I was having this conversation with a colleague, a mother of three "digital natives," she asked if I forsee cybersecurity insurance being something we'll all be paying for soon. I told her I absolutely did. Right now cybersecurity insurance is mainly an investment made by companies. In fact, it's a part of my SIMBUS360 services. However, I don't think we'll have to see too many more cases like the one above before private cybersecurity insurance becomes a new reality. 

Privacy Professor On the Road & On the Air

Brushing teeth lesson
On the road again 

One of my favorite things to do is visit with leaders in different industries - healthcare to energy and beyond. Below is a schedule of where I'll be over the next few months.
July 28: (Live Presentation) Internet of Medical Things conference, Princeton, New Jersey

October 24 - 26: (Live Presentation) "Vendor Management," Privacy + Security Forum, Washington, D.C.  
November 9 - 11: (Live Workshop) "Going Digital? Think Privacy Impact and Security Design," Data Privacy Asia Conference, Singapore
Taking to the air waves

CWIowa Live, a morning TV broadcast, regularly covers privacy and security tips with their guest, the Privacy Professor! Each is a brief 10-15 minutes and covers topics ranging from insider theft to connected vehicles. Check out this online library to watch recent episodes. I will be visiting in-studio June 1 at 8:10 a.m. 

In the news

Questions? Topics?

Have a topic I should discuss on the CW Iowa Live morning show? Or, a question I can answer in my next monthly Tips? Let me know!

In our brave new world, what we teach our children goes far beyond how to wash behind their ears. Personal hygiene now extends into health and safety online, in social networks and around the burgeoning Internet of Things. We need to also regularly remind our kids to practice good personal data hygiene.

You don't have to have all the answers to open a child's eyes to the risks of online behavior. Share stories, talk about consequences, and most importantly, lead by example. Our kiddos (those are mine from many years ago to the left) are watching everything we do. 

Wishing you a wonderful start to your summer! 

Rebecca Herold
The Privacy Professor
Need Help?

Permission to Share

Want to repurpose the information contained in this Tips? Yes, please forward in its entirety. 

If you prefer to use only excerpts, please use this attribution:

Source: Rebecca Herold, Founder, The Privacy Professor®,,,, [email protected] 

NOTE: Permission for excerpts does not extend to images, some of which are my own personal photos. If you want to use them, contact me.