Identity Security

dig-IDDigital Identity

Have you ever really thought about Digital Identity Security?

You probably think of your identity as your name or social security number or bank account number or credit card pin.

These critical items are traditionally kept private, at least kept on your person or tucked away at a secure physical location like your home or office.

But when we go online – the whole game changes!

 

 

Tracking

 

trackinglinksYour computer, smartphone, and mobile devices like an iPad or Android Tablet leave a digital trail wherever you visit.  As well those same locations and digital pathways can be recorded on your device or elsewhere to be used immediately or later for a variety of commercial or other legal and not-so-legal purposes.

Now that both the commercial and cyber-criminal world have a better idea about the digital signatures that you leave – mostly unwittingly – they have created new marketing, merchandising, and commercial tactics that depend upon and capitalize on the trails that we all leave throughout the cyber universe.

  • Do we need to cover our tracks?
  • Is our privacy being compromised when we are digitally followed?
  • Does it matter?
  • Do you care?
  • Or are these things just another consequence of a connected society, the revolutionary changes that are occurring, and the protections that it may be fostering.

 

 

Privacy Laws

 

  • PCI-DSS (The Payment Card Industry Data Security Standard) PCI-DSS offers some protections among participating brick and mortar merchants. Internet commerce is less compliant these days.

  • HIPAA (Health Insurance Portability and Accountability Act) HIPAA offers privacy when utilizing public and private health care systems in the US.

 

Example from Pinterest

“These days, whenever you use a website, mobile application, or other
internet service, there’s certain information that almost always gets
created and recorded automatically. The same is true when you use our
products. Here are some of the types of information we collect:

  • Log data. When you use Pinterest, our servers automatically
    record information (“log data”), including information that your browser
    sends whenever you visit a website or your mobile app sends when you’re
    using it. This log data may include your Internet Protocol address, the
    address of the web pages you visited that had Pinterest features,
    browser type and settings, the date and time of your request, how you
    used Pinterest, and cookie data.
  • Cookie data. Depending on how you’re accessing our products, we may
    use “cookies” (a small text file sent by your computer each time you
    visit our website, unique to your Pinterest account or your browser) or
    similar technologies to record log data. When we use cookies, we may use
    “session” cookies (that last until you close your browser) or
    “persistent” cookies (that last until you or your browser delete them).
    For example, we may use cookies to store your language preferences or
    other Pinterest settings so you don‘t have to set them up every time you
    visit Pinterest. Some of the cookies we use are associated with your
    Pinterest account (including personal information about you, such as the
    email address you gave us), and other cookies are not.
  • Device information. In addition to log data, we may also collect
    information about the device you’re using Pinterest on, including what
    type of device it is, what operating system you’re using, device
    settings, unique device identifiers, and crash data. Whether we collect
    some or all of this information often depends on what type of device
    you’re using and its settings. For example, different types of
    information are available depending on whether you’re using a Mac or a
    PC, or an iPhone or an Android phone. To learn more about what
    information your device makes available to us, please also check the
    policies of your device manufacturer or software provider.”

What To Do

  • Be aware of when and where you provide your identity credentials – even a login name and password.

  • Require disclosure of terms and conditions for the sharing of your name, “handle”, and situations in which your app or social media account can be shared with other services or individuals.

  • Be cautious about what you post, especially pictures of others who may not approve of the posting.

  • And be sure to document your posting or identity sharing activities for future recollection. That way you will better know who to contact if a problem arises in the future.