Digital Footprint: Manage / Cover

Our digital footprint is much more than we think. It not only involves our active online activities like photos, tweets, social updates, etc. but also passive ones like a website collecting IP addresses, social media sharing and engagement data. These days, cookies and customized ads are always there to assist with login information, shopping or to make personalized suggestions based on our location or interests. But we have to keep in mind that a user profile created using digital footprint can contain personal information like interests, affiliations, demographics, religion, political inclination and much more.

In many corporate/industries, an online background check is a common practice by recruiters. We have seen individuals losing their job offers in worst-case scenarios. So all and all conclusion is that we all need to take greater responsibility when it comes to the digital footprint and then slowly learn to prevent data breaches and keep information private.

So lets Start!

Start Managing it Today!

  • Start Googling yourself: Know what’s out there about you. Search yourself every few months so you’re mindful of your pictures/videos/data other people have access to.
  • Set a Google alerts: After setting up this tool you’ll be able to get occasional alerts of whenever your names pops-up on the web.
  • Don’t disclose your personal data: Personal address, phone number, passwords or bank card numbers are one on the examples of sensitive data you might want to protect.
  • Think twice, post once: Think properly the implications of your post. Random emotions are temporary; online data lasts forever! For example: Never expose birthdays, nicknames, pet names etc. online, especially if you have used them in any of your passwords or user names (which is not a good idea generally).
  • Limit data sharing: Your data like any questionable image/video/tweet or anything else can be used to gather more information or harm you. So beware of what you are sharing with whom. Which are data is public or which is private.

Let’s Remove all traces too!

  • Check your browser & browser settings: Always use most up to date security and privacy measures while browsing. Clear your cookies regularly too.
    1. If you are just looking to avoid basic tracking which is used for general advertising use search engines like DuckDuckGo.
    2. If you are planning to completely go dark in most scenarios then use most recent versions of browsers like one from TOR Project.
  • Setup a separate email address for subscribing and queries: If you are using your regular email address (personal/professional) for subscribing and registering on web, then you are increasing chances of a digital trace on you by cyber criminals. I recommend you to setup a web-based email for all secondary activities on the web. Try to make it completely anonymous by not using your personal information and your home/office device to access it.
  • Keep an eye online platform settings: Online platforms from cloud services to social media to e-commerce platforms are valuable assets to our daily fast pace lifestyle. Keep yourself aware with all the privacy setting and their regular updates, on each platform you use. They may vary on the device to device, so you have to carry out through privacy sweeps regularly.
  • Keep an eye on data protection policies: To ensure everybody is handling certain issues properly, data protection policies are a must. Employee awareness and training under these policies is the most essential part of any security program. They comprise of the following kind of sections:
    1. Encryption policies
    2. Acceptable use policies
    3. Password policies
    4. Email policies
    5. Data processing policies

INFORMATION SECURITY

Computer security began immediately after first mainframes were developed. Successful organisation has multiple layers of security in place: i.e. Physical, Personal, Operations, Communications, network & information. Security is a balance between protection and availability. Sec SDLC [General System Development Life Cycle] is a methodology for the design and implementation of an information system in an organisation.

Information is considered to be the Backbone of the Modern world. So the need for protection is also important. Ethical hackers use the same methods to test and bypass a systems defence, but rather than taking advantage of any vulnerabilities found, they document them & provide actionable advice how to fix them so that the organisation can improve its overall security.

Let’s go a little back, and get introduced to art and science of writing hidden message in such a way that none other than sender and the recipient suspects the existence of the message. It can be also called information smuggling. It is called Steganography! It has a Greek origins and means “concealed writing”. Steganos means “Covered or Protected”. Graphei meaning “Writing”. So it is the practice of concealing message or information within other non-secret text or data.

For Detailed we recommend this DEFCON video to make it more clear!

While we are looking at YouTube videos, i strongly recommend the following video by Mr. Pavan Duggal taking about Cyber-law and Indian I.T. acts 👨‍⚖️⚖

Some mental notes you can make by watching above video:

India’s technology act 2000. Chapter 11 not only specify cyber-crime in India & their respective punishment in India, but also this particular legislation has amended the Indian penal code in such a manner to meet various offences under the Indian penal code, in sync with the requirement of the digital platforms. Now if in case u want to steal any computer source code or computer source documents then Be alerted because this activity is itself a cyber crime under sec 65 of the IT Act 2000. The same is punishable with 3 years imprisonment and ₹ 5 Lakh. Earlier the IT act 2000 made only Hacking a crime, but later 2008 amends came with much broader umbrella of computer offences. Like unauthorised task on any computers come within the ambit of these offences. Also 2008 amends says that if you actually publish or transmit content which is sexually explicit then you are further inviting an exposed to section 67-A , which is further an offence punishable with 5 years of imprisonment and fine. Earlier India was not concerned about child pornography as it thought it would be covered under the offense of pornography, But 2008 amends made it an offense. Not only publishing or transmitting but visiting a website that relates to child pornography it’s a serious offence punishable with 5 years of imprisonment and ₹ 5 lakh fine.

Also if you try to exploit the privacy of a person by capturing the images of private parts of a person without his/her knowledge, it’s an offense and is punishable with 3 years of imprisonment & ₹ 5 lakh fine. Also 2008 ammneds has added some new offence or example if you if you transmit any information using a computer which is offensive or has menace character it is a different offence under 66-A. If you try to misuse digital signature for fraudlent purpose then also its an offence under section 72 of the IT Act.

Identity theft offense is punishable with 3 years of imprisonment and fine under section 66-C. Also if u indulge in any activity the relates to cyber terrorism, it is a serious offense made punishable with life imprisonment and fine.

Hope this video was informative and might add something to you knowledge bank!!!