This is post 3 of the Online Privacy Please! series I am writing to share with you my thoughts on issues related to online privacy!
Most of us don’t have the opportunity like I did to go around various organizations and monitor what they do with there systems and data. Being part of KPMG’s Information Risk Management Practice and today working on some projects at @cimapr has helped me see the other side of the coin. I have seen how large companies manage your sensitive information in very irresponsible ways. I have also seen companies of all sizes working hardly to try to train there employees on adequate safeguarding of information.
The main factor which causes problems in a protection of privacy effort is the level of Trust people give to others.
How Trust Becomes an Issue!
People by nature like to trust others. Working for the banking industry I have been able to test Physical & Logical Security for many banks. By me just trying to “enchantment” the employees and convince them that I was authorized event though they had never seen me before they would comply with my requests and sometimes hand me sensitive information on a golden platter. The reason in most occasions I breached the security protocols was finding something in common with that employee and making small talk.
My dad is use to getting what he wants in a the most agile and non-intrusive way so I could say I lean many of my social engineering skills from him. Everyone likes my dad and he nows how to Enchant people into giving him what he wants. Many years observing how he interacts and engages with people prepared me to be very successful at trying to breach security. Another example is when I use to visit a client which was a large beverage company. Just because I greeted everyone with a smile I would get into sensitive areas.
The same way I identified gaps in security either physical or logical there are many people that try to gain your trust online with the purpose of making you lose your privacy.
I see how many people constantly share information and trust everyone on there networks forgetting that others outside of there network also have access to the information they publish online.
Personally I share anything that I don’t mind the world knowing.
Protecting Your Accounts
I see how many people block others on Facebook or twitter. If you have a public profile means that anything you publish is only a few steps away from that person that was blocked. Some use twitter private accounts so only there contacts can read their status. I have never been a fan of using a private twitter account because I believe it goes against the main purpose of twitter. If you are going to use twitter privately there are other channels that are more secure like email.
If you protect your account and then allow strangers to read your status then it can become accessible very quickly to someone using a fake account to get access to your information. You never know when someone can take a screenshot of your status and share it publicly especially for the few that decide to use a private twitter account for reasons that can get them in trouble.
Who Should You Trust Online
My good friend Moises has a line I have borrowed from him in many occasions. It is part of his philosophy on life and I have to integrated it to my lifestyle. A good example was including them in my @Meet_Meme cards I added it as my favorite quote.
Love Everyone, Trust No One, and there are always exceptions to the Rule.
If you use the previous phrase as a baseline it can guide you towards not sharing TMI (Too Mucmeeth Information) or trusting people you should not trust online or offline.
Are you trusting strangers online?
What things do you find other people sharing online that should be kept to themselves?