As our connectivity increases, a few simple steps will help you stay safer and more secure online while helping to protect your personal data and identity all year round.
WASHINGTON, D.C. ‒ With spring in full swing, there is a good chance that your weekend plans may include scrubbing, sweeping and sprucing up your home for the season. While clearing clutter is an annual ritual for many households, the National Cyber Security Alliance (NCSA) and Better Business Bureau (BBB) have teamed up to remind all consumers not to be digital hoarders and to freshen up their online lives. By conducting a digital spring cleaning and taking care of overdue online maintenance, you will be safer and more secure against losing personal information and becoming a victim of identity theft.
“A single breach in September 2017 hit nearly 148 million Americans – exposing Social Security numbers, birthdates, addresses and other highly personal information,” said Russ Schrader, NCSA’s executive director. “The average consumer is doing very little to protect their data. Our connected devices contain volumes of details about family and friends. Information like contacts, photos and videos, along with confidential health and financial records, could easily get into the wrong hands and cause chaos. Doing a digital spring cleaning will help keep your valuable information more secure and assist in protecting you against identity theft, which continues to be a top online safety concern.”
A good rule of thumb is to consistently keep a keen eye on all sensitive accounts like online banking, your credit cards and credit report. A recent survey indicates that half of Americans still have not checked their credit reports since the previously referenced breach. If you are in that 50 percent, take action to fix this as soon as possible. Then, as you prepare to digitally declutter, spend a few minutes reviewing NCSA’s STOP. THINK. CONNECT.™ tips and the additional advice listed. When it comes to rolling up your sleeves and actually starting the cleanup process, stay organized by following this handy checklist, which breaks the bulk of the tasks into four buckets: keeping a clean machine, staying secure, cleaning up your online reputation and purging files.
“Last year, consumers filed more than 47,000 reports to BBB Scam Tracker about a wide variety of scams, and we found the riskiest are online scams,” said Bill Fanelli, chief security officer with the Council of Better Business Bureaus. “It’s vitally important that consumers and businesses alike develop and stick to good habits on how data is collected, stored, and shared, and how it is disposed of when it’s no longer relevant. Digital Spring Cleaning means treating both paper files and electronic files securely; destroying old hard drives, data sticks, cell phones, and tablets; deleting old files; updating passwords; and making sure you have the most up-to-date versions of operating systems, software, apps, and malware protection.”
A digital refresh is a relatively simple process. NCSA has identified our top, trouble-free tips and advice that everyone should follow beginning this spring and throughout the year.
- Keep a clean machine: Ensure all software on internet-connected devices – including PCs, smartphones and tablets – is up to date to reduce risk of infection from malware.
- Lock down your login: Your usernames and passwords are not enough to protect key accounts like email, banking and social media. Begin your spring cleaning by fortifying your online accounts and enabling the strongest authentication tools available, such as biometrics, security keys or a unique one-time code through an app on your mobile device.
- Declutter your mobile life: Most of us have apps we no longer use and some that need updating. Delete unused apps and keep others current, including the operating system on your mobile device. An added benefit of deleting unused apps is more storage space and longer battery life. Actively manage your location services, Bluetooth, microphone and camera – making sure apps use them appropriately.
- Do a digital file purge: Perform a good, thorough review of your online files. Tend to your digital records, PCs and phones and any device with storage just as you do for paper files. Get started by doing the following:
- Clean up your email: Save only those emails you really need, and unsubscribe to email you no longer need/want to receive.
- Back it up: Copy important data to a secure cloud site or another computer or drive where it can be safely stored. Password protect backup drives. Make sure to back up your files before getting rid of a device, too.
- Own your online presence: Review the privacy and security settings on websites you use to be sure that they remain set to your comfort level for sharing. It’s OK to limit how and with whom you share information.
Here are some user-friendly, actionable guidelines to assist with the safe disposal of electronically stored data. Prep your data in advance of participating in BBB’s Secure Your ID Day:
- Know what devices to digitally “shred”: Computers and mobile phones aren’t the only devices that capture and store sensitive, personal data. External hard drives and USBs, tape drives, embedded flash memory, wearables, networking equipment and office tools like copiers, printers and fax machines all contain valuable personal information.
- Clear out stockpiles: If you have a stash of old hard drives or other devices – even if they’re in a locked storage area – information still exists and could be stolen. Don’t wait: wipe and/or destroy unneeded hard drives as soon as possible.
- Empty your trash or recycle bin on all devices, and be certain to wipe and overwrite: Simply deleting and emptying the trash isn’t enough to completely get rid of a file. You must permanently delete old files. Use a program that deletes the data, “wipes” it from your device and then overwrites it by putting random data in place of your information ‒ that then cannot be retrieved.
- Various overwriting and wiping tools are available for electronic devices. For devices like tape drives, remove any identifying information that may be written on labels before disposal, and use embedded flash memory or networking or office equipment to perform a full factory reset and verify that no potentially sensitive information still exists on the device.
- Decide what to do with the device: Once the device is clean, you can sell it, trade it in, give it away, recycle it or have it destroyed. Note the following:
- Failed drives still contain data: On failed drives, wiping often fails, too; shredding/destruction is the practical disposal approach for failed drives. Avoid returning a failed drive to the manufacturer; you can purchase support that allows you to keep it – and then destroy it.
- To be “shredded,” a hard drive must be chipped into small pieces: Using a hammer to hit a drive only slows down a determined cybercriminal; instead, use a trusted shredding company to dispose of your old hard drives. Device shredding can often be the most time- and cost-effective option for disposing of a large number of drives.
Events and Resources
- #ChatSTC Twitter Chat – Protect Your Identity With a Digital Spring Cleaning, Thursday, April 12, 3:00–4:00 p.m. EDT/12:00–1:00 p.m. PDT: Tune in for a Twitter chat on the top trouble-free tips everyone should follow this spring – and how you and your organization can be more #CyberAware when it comes to your identity and data all year round. Use #ChatSTC to join!
- BBB – Check out bbb.org/secure-your-id-day for more information on shredding events and tips on what to save and for how long. Businesses should check out bbb.org/cybersecurity for “5 Steps to Better Business Cybersecurity.”
- NCSA ‒ Here’s a handy list of digital spring cleaning tips.
- NCSA ‒ This checklist will help streamline the digital declutter process.
- NCSA ‒ Check your privacy settings.
- NCSA ‒ Keep a clean machine! Use these free security checkups to learn how.
NCSA is the nation’s leading nonprofit, public-private partnership promoting cybersecurity and privacy education and awareness. NCSA works with a broad array of stakeholders in government, industry and civil society. NCSA’s primary partners are DHS and NCSA’s Board of Directors, which includes representatives from ADP; Aetna; AT&T Services Inc.; Bank of America; Barclays; CDK Global, LLC; Cisco; Comcast Corporation; ESET North America; Facebook; Google; Intel Corporation; Logical Operations; Marriott International; Mastercard; Microsoft Corporation; NXP Semiconductors; Raytheon; RSA, the Security Division of EMC; Salesforce; SANS Security Awareness; Symantec Corporation; TeleSign; Visa and Wells Fargo. NCSA’s core efforts include National Cyber Security Awareness Month (October); Data Privacy Day (Jan. 28); STOP. THINK. CONNECT.™, the global online safety awareness and education campaign co-founded by NCSA and the Anti-Phishing Working Group with federal government leadership from DHS; and CyberSecure My Business™, which offers webinars, web resources and workshops to help businesses be resistant to and resilient from cyberattacks. For more information on NCSA, please visit staysafeonline.org/about-us/overview/.
For more than 100 years, BBB has been helping people find businesses, brands and charities they can trust. In 2017, people turned to BBB more than 160 million times for BBB Business Profiles on more than 5.2 million businesses and Charity Reports on 11,000 charities, all available for free at bbb.org. The Council of Better Business Bureaus is the umbrella organization for the local, independent BBBs in the United States, Canada and Mexico, as well as home to its national and international programs on dispute resolution, advertising review and industry self-regulation.
National Cyber Security Alliance Executive Director Russ Schrader Addresses Cyber Challenges Facing Small Businesses at Senate Hearing
April 25, 2018