Tips for Staying Secure on Social Media

By | February 2nd, 2017|Online Safety|

CSIDWe recently celebrated Data Privacy Day, where industry leaders and experts shared security insights to help businesses and individuals protect themselves from cybercrime. Social media was a big focus throughout the day; in fact, Twitter celebrated by live streaming from its headquarters, hosting panels with some of the top minds in the industry. As social media continues to become more popular, there are new cybersecurity concerns to consider. Information that is shared on social media can be used to access other, more sensitive accounts – especially if that information is the answer to a password reset question, such as the name of a first pet or favorite teacher. Individuals and businesses alike can take basic precautions to minimize the risk of their information becoming compromised.

Social media networks are doing their part to keep their users’ information secure. Facebook just announced its updated “Privacy Basics” tool, which makes it easier for people to find the tools that control how their information is shared on Facebook. Twitter also updated their safety policy at the end of last year, allowing users to mute or report abusive or hateful content, even allowing bystanders to step in to report questionable content.

While we love seeing social media platforms upping their security, the responsibility ultimately falls on the individual to check out the privacy settings offered across platforms and use caution when sharing information. Here are a few tips and best practices to consider:

  • Facebook offers a Privacy Checkup, which walks users through their settings. The checkup reviews who can see your posts, which apps you’re using, and the privacy of critical pieces of information on your profile.
  • Turn on two-factor authentication. Many networks, including Facebook and Twitter, offer the option to have a security code sent to your phone whenever you log in from a new device. It’s a quick, convenient extra measure of security.
  • If you go on vacation, it’s tempting to share photos of your experiences as they happen. However, it’s best to wait until you’re back home to post. Otherwise, you’re alerting a potential cyber criminal to the fact that you’re away. An empty house is a much more attractive target for a thief.
  • While you’re at it, it’s worth turning off the geotagging feature of your networks. When you’re posting, there’s an option to share your location. Make sure that icon is unchecked, or people will know exactly where you are when you post. If you’re at home, they now have your address. If you’re out and about, they now know your home is unoccupied.
  • Keep your social media bios free of personally identifiable information. You can also remove the year from your birthday, and refrain from sharing other information like your mother’s maiden name or high school mascot, since they often serve as password reset questions to your online accounts.
  • When your favorite social media app offers an update, do this as soon as possible. Many updates fix bugs and potential vulnerabilities, so it’s worth taking the time to do it, even if it means waiting a few minutes before being able to log in.

What other tips do you have for staying secure on social media? Join the conversation on Facebook, Twitter, or LinkedIn.

Secure Your Information for Data Privacy Day

By | January 26th, 2017|Online Safety|

CSIDOn January 28, cybersecurity experts around the world will recognize Data Privacy Day. With efforts led by the National Cyber Security Alliance, Data Privacy Day invites industry leaders and experts to share security insights that can help safeguard businesses and individuals from cybercrime. CSID is proud to be a registered champion of the international event.

On Thursday, Data Privacy Day was celebrated with a daylong event featuring TED-style talks, interviews and tips for staying secure. The National Cyber Security Alliance traveled to Twitter’s San Francisco headquarters, where consumers and businesses were able to watch and engage in real-time through social media.

Practicing secure habits at home and in the workplace can and should happen every day. Here are some of our top tips:

At Work:

  • Create a culture of cybersecurity by discussing threats and best practices with all employees.
  • Develop a “Bring Your Own Device” policy for your company. Be sure to include insights and standards from your IT department, risk management, and legal counsel.
  • Require your employees to create long, strong, and unique passwords. Encourage employees to take advantage of two-factor authentication wherever possible.
  • Require your employees to update their software on devices whenever prompted to help address security vulnerabilities.
  • Be mindful of how you collect, use, and store employee and consumer information.
  • Carefully vet partners and third-party vendors to see how they manage data.

At Home:

  • Discuss security and privacy habits with your family. It’s never too early (or late) to create an ongoing conversation about best practices.
  • Talk to your family about which types of information should be kept private, both online and in-person.
  • As a family, create strong passwords, especially for social media accounts.
  • Discuss how spam and scams can appear through email and private messages. Avoid clicking on links if a message seems suspicious or you do not know the sender.
  • Familiarize yourself with your child’s gadgets and apps. Understand the data collected and consider the privacy settings on each device. Always opt for the strictest security settings to help keep your – and your child’s – information safe.
  • Talk about the permanence of posting to social media, as well as manners and cyberbullying.

How will you celebrate Data Privacy Day? Share your experience with us on our social media — Facebook, Twitter and LinkedIn. For more information around Data Privacy Day, please visit stopthinkconnect.org.

 

 

 

 

 

 

Cats, Geotags, and the Risks of Oversharing

By | November 1st, 2016|Online Safety|

CSIDIt’s important to remember that when we’re sharing selfies, back to school photos, and pictures of our kittens on social media, we’re also sharing much more.

I Know Where Your Cat Lives” is a project created by an associate professor at Florida State University, featuring one million Instagram, Twitpic, and Flickr pictures of cats (found through the hashtag #cat) from around the world. The online visualization is possible thanks to geotags, which are provided by photo sharing websites and publicly available APIs. After the initial cuteness of the cats wears off, it’s alarming to realize that these photos reveal the homes and locations of many individuals.

Geotags can be added to many different forms of media, including pictures and video, websites, and SMS messages. These meta tags can include latitude and longitude coordinates, altitude, bearing, distance, place names, and even time stamps. It is this data that makes aggregated sites like IKWYCL possible.

Sharing geotags can pose a risk to your safety and security. Whether you’re tagging animals in your home or your feet in the sand on an exotic vacation, you are alerting friends and strangers to your exact location. It’s important to note that some social platforms by default, like Instagram, do not reveal a user’s location coordinates. However, many users elect to add their location. This may put yourself or your belongings in danger, alerting criminals to your whereabouts.

If you hang around the cat site long enough, you are sure to see a gray box stating “Photo removed by user.” Users unsettled by the location of their cats can change the privacy setting in their apps to remove the data and their images from the site.

Regardless of your favorite social platform, it’s important to be cognizant about the information you’re sharing. Always opt for the strictest security settings to help keep your information safe.

Are you concerned about over sharing on social? Weigh in with us on FacebookTwitter or LinkedIn.

 

Pokemon Privacy: Catching Them All, Safely

By | July 18th, 2016|Industry News, Malware and Scams, Online Safety|

CSIDOn July 6, Niantic launched Pokemon Go — a free, augmented reality game for iOS and Android devices. The world went wild. Pokemon Go grabbed 26 million users in the U.S. alone, surpassing both Google Maps and Twitter in daily active users.

It’s been hard to escape the colorful news over the past week. Articles continue to surface on where to find the best Pokemon, how to catch them, and (most importantly) how to stay safe while doing so. In addition to warning users to be aware of their physical surroundings, many headlines warn of the cybersecurity risks involved with the game.

Full Google Account Access
One of the main concerns was Pokemon Go’s access to iOS users’ full Google Accounts. Although the app was vague on what this entailed, many privacy experts and users were concerned the game could access everything from Gmail to Google Drive.

Niantic was quick to respond to the alarm, claiming this was an error. “Pokémon Go only accesses basic Google profile information (specifically, your User ID and email address) and no other Google account information is or has been accessed or collected,” Niantic said in a joint statement with The Pokemon Company.

The statement also clarified that no additional information has been received or accessed within Google. Instead of potentially accessing your entire Google footprint, the app can now only access your Google user ID and email address.

Take Action: iOS players should take care to update the app from the App Store and re-login to accept this updated privacy policy.

Malware Threats
Pokemon Go is only currently available in the United States, Australia, New Zealand, and United Kingdom, though it will soon be available in Italy, Spain and Portugal. While other regions wait for their chance to build their Pokedexes, many over-eager gamers are downloading versions from third-party sites.

“When it comes to malware, you really don’t want to catch ’em all,” Tim Erlin, Director, Security and IT Risk Strategist at Tripwire told InformationSecurityBuzz.com. “Cybercriminals are after any angle that helps them gain a foothold on your devices. A popular app that’s not available in some places is a near-perfect target for crafting a malware delivery strategy. … Installing software from third-party markets and unknown sources increases your risk of malware. Period.”

The security firm Proofpoint claims to have found a third-party version of the game which included a RAT, or remote access tool, called Droidjack. While Proofpoint has not observed the malicious tool “in the wild,” Droidjack has the potential to give a cybercriminal full control over a victim’s phone.

Take Action: If Pokemon Go is not currently available in your area, be patient. Do not risk infecting your phone and devices with malware. Android users should also take care to download the app from App Store.

Watch Where You Work
The cybersecurity risks around Pokemon Go give employers a great opportunity to create a conversation around BYOD security (and time management) in the workplace. Companies and employees should be aware that a device infected with malware could affect the entire network’s security.

Take Action: Brush up on our best practices for protecting your business.

Create a Conversation with Kids
While apps – and Pokemon – are meant for fun, it’s important to examine the privacy policies of all your apps to ensure you are not over-sharing data. This can help lead into a conversation with your family, and especially your kids, about privacy and security.

Discuss what types of information should be kept private, both online and in person. Discuss concerns over connecting devices to public Wi-Fi, and how to recognize a scam. Creating a conversation now can lead to better cybersecurity habits later.

Take Action: We discuss more tips for talking to your kids about privacy.

Are you playing Pokemon Go? Let us know your experience with the app and how you’re protecting your information. Join in the conversation on Facebook, Twitter or LinkedIn!

Firewall Chats, S. 2, Ep. 2: Exploring Biometric Data

By | March 1st, 2016|Firewall Chats|

BiometricsAlmost five years ago, Facebook announced the debut of its facial recognition software, DeepFace, to make tagging photos of friends easier for users. The news spurred many articles questioning how exactly the technology worked and what steps could be taken to maintain privacy.

Today, having software instantly identity faces in our photos seems almost commonplace. Facebook’s billions of users upload nearly 350 million new pictures each day that are quickly scanned and tagged. Google Photos also has built-in facial recognition software that automatically organizes your photos based on the people you’re with. But this convenience doesn’t come without concern.

To hear the latest in biometric advances and facial recognition technology, we caught up with Olga Raskin, Research Manager at Novetta. In her current role, Raskin leads identity-related research projects for government and commercial clients, focusing on biometrics and online identity intelligence. She’s also been spotlighted for her biometric expertise on CNN, The Economic Times, and the Wall Street Journal. Raskin will present “Face Recognition and Online Identity” at SXSW 2016 next Saturday, March 12.

“Right now [sites like Facebook and Google] are [using face recognition] to help users tag and organize their photos,” Raskin explains. “And we’ve learned it’s pretty accurate.”

Facial recognition and biometric data can be beneficial in today’s social society, Raskin explains.

“It can be more convenient and more secure,” she said. “It may be considered safer in some cases because biometrics can’t be stolen as easily as passwords.”

However, having your face scanned and identified leaves most people feeling unsettled.

“In the United States there are no laws that strictly govern this space,” Raskin explained. “Self-regulation has been a challenge because it’s hard to get the privacy advocates – and the people implementing the technologies – to agree on the rules and guidelines.”

In this episode, Raskin delves deeper into the myths and facts behind traditional and modern technologies. Listen now and catch her SXSW session on Saturday, March 12 to learn even more.

Listen to the entire episode at www.CSID.com/FirewallChats. And let us know your feedback on our Firewall Chats social channels on Twitter and Facebook.

Save the Date: Our next episode will air on Tuesday, March 7, and feature SXSW speakers Corey Ealons of VOX Global and Sterling Miller of Hilgers Graben on what to do if your business has been hacked. Be sure to tune in!

CSID Launches Social Media Monitoring Service

By | November 11th, 2015|Product News|

Social MediaEach day our lives become increasingly connected to our friends and family around the world thanks in large part to social media.

As of September, Facebook now boasts 1.55 billion monthly active users across the globe. Instagram has more than 400 million monthly users. Our favorite 140-character site has just over 320 million monthly tweeters.

Billions of people create an almost unfathomable amount of data. By 2020, social data is expected to reach 44 zetabytes (or 44 trillion GB’s), according to industry research firm IDC. With every post, check-in, like, swipe, and favorite, we are sharing our most precious information with the world. While many posts are harmless, individuals need to be aware of the types of things they are sharing on social media.

We recently tackled this topic on our first episode of Firewall Chats, titled “Social Media Matters.” Credit cards and Social Security numbers aren’t the only pieces of information that can lead to identity theft and fraud. Social media oversharing can have lasting consequences.

Inspired by the world’s social tendencies and our commitment to protecting consumers, CSID is proud to debut a new service to assist social media users. Our Social Media Monitoring service alerts users to privacy and reputational risks on the most widely-used platforms: Facebook, Twitter, LinkedIn, and Instagram.

Cyber criminals can easily access sensitive information on social media. Even seemingly innocuous information found on social networking sites, like mother’s maiden name and high school mascot, can be useful to fraudsters to gain access into your accounts. Just think, are these pieces of information used as your password reset questions? You may want to think twice next time you share this information on social media. That’s where our Social Media Monitoring services comes in. This service alerts a user when they are sharing personal information on their social networks, whether it be in their profile info, comments, status updates, or wall posts.

Perhaps even more than our assets, social media poses a great threat to our reputations. Careless posts and comments have resulted in lost jobs, relationships, and opportunities. After all, 91 percent of hiring managers screen job applicants’ social networking profiles during the hiring process. In addition to flagging privacy risks, Social Media Monitoring alerts users when their reputation may be at stake, identifying social media content containing foul language, sexual content, or drug and alcohol references.

To learn more about our Social Media Monitoring service and how to safeguard your consumers’ online privacy and reputation, please visit www.csid.com/socialmonitoring.

Firewall Chats, Ep. 3: Simple Steps to Control Your Privacy

By | November 10th, 2015|Firewall Chats|

PodcastDid you log in to Facebook recently to see post after post of “privacy notices?” Those ineffective status updates were spawned by rumors of how people assume online privacy operates. There are a lot of unnerving rumors and myths circulating on the best way to control your information. In this week’s episode of Firewall Chats, we want to give you the facts and cut through the clutter.

We sat down with Katie Stephens from the University of Texas at Austin’s Center for Identity to discuss how keep your information safeguarded, online and off. These habits don’t require you to copy/paste any text into your status updates, or sacrifice hours of your day. We offer simple tips you can adopt, right now.

At the Center, Stephens is the education program manager and has a heavy hand in the UT’s new master’s program exploring identity management and security. Whether she’s speaking at SXSW or helping craft a security-related video game for kids, Stephens is dedicated to informing people about privacy and security.

“The key point surrounding privacy is to know what you value and to educate yourself accordingly,” she said. “The more you are willing to give up, with regards to your privacy, the more risk it opens you up to in terms of identity theft.”

We need to be careful not to give away data that is unnecessary to share, Stephens explained. Filling out forms in an urgent care clinic? Don’t feel the need to jot your Social Security number down.

“There’s absolutely no reason they need that information,” Stephens said. “You can leave it blank. If someone is insistent that they need your data, feel comfortable asking them why they need it, who has access it to it, and what precautions they will take to keep it safe.”

We explore password health, children on social media, two-factor authentication, and the woes of identity theft with Stephens. To hear it all, listen on www.CSID.com/FirewallChats, and reach out to us on our Twitter and Facebook pages.

Save the Date: Our next episode will air on Tuesday, Nov. 24, and will feature CSID’s own Adam Tyler and the Internet of Things.

Welcome to Firewall Chats

By | October 9th, 2015|Firewall Chats|

[fusion_text]PodcastWith all the excitement and hype surrounding podcasts like “Serial” and “This American Life,” we finally decided it was time we hosted an ear-bud friendly conversation of our own.

Next week, we are thrilled to debut a brand new podcast called “Firewall Chats.” Our pilot series explores five hot topics with five talented industry experts. Together, we weigh in on the latest conversations surrounding social media security, two-factor authentication, identity theft, privacy, and the ever-expanding Internet of Things.

In our debut episode, we’ll learn about the price of oversharing on our favorite apps and social platforms with Chris Crosby, managing director of SociallyActive.com. Can a Facebook post lead to identity theft and fraud? How do we stay safe on the latest networks, like Periscope and SnapChat? We’ll discuss tips to secure your favorite accounts and how to create a conversation at home about safe digital sharing.

Next, we dive into cybersecurity trends with our friends at Christian Science Monitor’s Passcode, one of the fastest growing cybersecurity publications online. Editor Michael Farrell gives listeners a glimpse of the on-going work inside Passcode to cover news in government, policy, and cyber threats.

Katie Stephens, the education program manager at The University of Texas’ Center for Identity, stops by in our third episode to give us all the facts on taking control of our privacy. Stephens addresses how consumers can adopt small, simple habits to help keep their most precious information safeguarded from cyber criminals.

Our fourth episode spotlights CSID’s own Adam Tyler. Our passionate colleague speaks frequently on our increasingly connected world, and the privacy and security challenges we can anticipate as we reach 50 billion connected devices in 2020. In this podcast, we explore the devices we welcome into our home and our garages. What data is being collected? What are the dangers? Find out a little later this fall.

Closing our pilot season is Encap Security’s Vice President of Business Development Adam Dolby, who takes time to chat with us about scams, malware, and phishing attempts. Did you know that there are roughly 156 million phishing emails sent globally every day? What are the warning signs of a scam? What is two-factor authentication and how do we implement in on our most important accounts? Listen to learn.

We are proud of this new channel and hope it serves as another great platform to share resources and timely news with both businesses and consumers. Have comments, questions? Want to see a topic addressed in a future episode? Let us know on our new Firewall Chats social channels on Twitter and Facebook. Thanks for listening![/fusion_text]

CSID at SXSW 2015

By | March 12th, 2015|Uncategorized|

Cyber SecurityTomorrow, March 13 marks the first day of the SXSW Interactive conference. Over the next five days more than 50,000 of tech and digital’s best and brightest will converge on Austin and talk about emerging technology, digital creativity and all things inherent with the two.

Cyber security promises to be a key issue this year, especially with the growing number of high profile breaches and the security uncertainties that the Internet of Things and growth of mobile technologies are introducing to the market.

CSID is partaking in this conversation and will be participating in a number of security-focused sessions at this year’s conference. If you are attending SXSW, feel free to stop by the sessions. If you are not at this year’s conference but want to follow along with the conversation and conference, we will be live tweeting our panels and other security news at @csidentity.

Check in later next week for a recap of the security issues and themes prevalent at SXSW.

Wi-Fi Privacy: When Sniffing Becomes Snooping
Friday, March 13, 5:30 pm, Austin Convention Center Ballroom C
Image that your daily activities are being recorded and collected: your early morning jog in the park, your daily trip to the local coffee shop, your commute to work. No, we’re not referencing the NSA. We are referring to an emerging class of location-based marketing companies that sniff out signals emitted from Wi-Fi-enabled smartphones (Wi-Fi sniffing) to better understand your habits based off of your location – where you go, how often, how long you stay there, what time you generally visit, and more! All this information is being used to construct a profile that businesses are using for marketing purposes. CSID’s CIO, Adam Tyler will be leading a discussion on the security and privacy issues involved we can expect from Wi-Fi sniffing technology.

Hacker to InfoSec Pro: New Rock Star Generation
Sunday, March 15, 11 am, JW Marriott Salon 8
Malicious hackers tend to be smart, young – many are only teenagers – and they seek respect, power and financial gain. Many of them perceive hacking like being a rock star – they jump into the action and start reaping the rewards. But what if we could help young malicious hackers understand the damage they are doing, the legal ramifications of their actions, and how these actions could hamper their future? What if we could reshape their mindsets and encourage them to channel their work into something more productive – like Information Security, white hat hacking or even working with the government? It’s a wonder that the InfoSec and IT industries have a shortage of talent when salaries are rising and work is comparable to that of hackers, but they are doing it for good. It’s time we turn InfoSec and IT professionals into the new rock stars, the new hot ticket future for the hacker generation. Kent Bloomstrand, CTO at CSID, Tiffany Rad, manager of operational security, embedded technologies at Cisco, and Tom Edwards, Resident Agent in Charge with the United States Secret Service will address why and what we need to do, and how to start making changes.

Steak, Eggs, and Cybersecurity: A Passcode Conversation
Monday, March 16, 8:30 am, Fogo De Chao
Adam Tyler, CSID CIO, will be joining some of the sharpest practitioners and researchers for a discussion about cyber security innovation and trends. Adam will be joining Daniel Weitzner, head of the new MIT Cybersecurity Policy Initiative; John Dickson, principal of the Denim Group, and Stephen Coty, chief security evangelist at AlertLogic for this conversation. Register for this event at Passcode’s website.

Follow the Money: Cyber Crime and the Black Market
Tuesday, March 17, 12:30 pm, JW Marriott Salon 4
What exactly happens when a cyber criminal steals your credit card number? Believe it or not, in a matter of a couple hours your personal information could have taken a trip to multiple countries before being sold on the Black Market. When it comes to cyber crime, the Internet is a global ecosystem and hackers know no borders. Come take a behind-the-scenes look as we follow a stolen credential’s international journey through the Black Market. See for yourself how cyber crime isn’t a single issue impacting one country, but rather a global issue impacting consumers, corporations and governments around the world. In what country will our stolen credential end up? Join CSID’s development director Joel Lang and IDT911 editor-in-chief Byron Acohido, to find out.

The Implications of Sharing Personal Data

By | January 28th, 2015|Uncategorized|

Data Privacy DayDid you know that privacy policies do not guarantee that your information will be kept private? Most companies use privacy policies to inform customers about how their personal information may be used, i.e. sold, shared, exchanged, not necessarily guaranteeing absolute confidentiality. In today’s increasingly digital world where exchanging personal information – your name, email address, home address, etc. – for access to websites, coupons and the like has become the norm. And, it can be difficult for consumers to understand the value of their personal information.

Today is the eighth annual Data Privacy Day, an international awareness effort spearheaded by the National Cyber Security Alliance (NCSA) that encourages all Internet users to consider the privacy implications of their online actions and motivate all companies to make privacy and data protection a greater priority. Since most consumers aren’t fully aware of the implications of sharing personal information, we’re taking a deeper look at what can happen when personal information is shared online.

Companies that collect don’t always protect
When you share personal information with a company online, that company is responsible for protecting your information. Even data that is seemingly harmless is extremely valuable to cyber criminals, like your email address or your mother’s maiden name for a password reset. When you share this valuable, personal information with a company online be sure to read the company’s privacy policy fine print in order to be certain that your information is not being shared publicly or with outside companies. In some instances, even reading the company’s fine print cannot keep your information safe. Millions were affected last year due to retail and medical data breaches, proving it difficult for companies to protect your data no matter how secure it may seem. Once cyber criminals have their hands on your personal information, you may be surprised at what they can do with it.

Cyber criminals patch together your digital profile
Bits and pieces of personal information stolen from companies can help cyber criminals patch together a complete picture of your digital identity. They can then use your digital identity to access more important information like your financial records from retail sites that have your credit card information stored. Many consumers leave a trail of personal information on the Internet, leading cyber criminals to steal your identity and your financial information.

How to make a difference during Data Privacy Day
Here are some tips on how you can increase your privacy online from the NCSA:

  • Think of your personal information like money – value it and protect it. You are often paying for “free” services with your personal information. Before you willingly provide your information to a service, make sure it is a business you trust to handle your information with care.
  • Manage your browser cookies to maximize your privacy and prevent unwanted tracking.
  • Demand that businesses be honest about how they collect, use and share personal information.
  • Be cautious about who you “friend” and communicate with online.

Join the Data Privacy Day conversations online by using the hashtag #DPD15! And, let us know what you think on Facebook, Twitter or LinkedIn.

Load More Posts
WordPress › Error

There has been a critical error on this website.

Learn more about troubleshooting WordPress.