1(630)802-8605 Ravi.das@bn-inc.net

Back in the day, when I was not almost half a century old, and when I was nimble and flexible, I was a devout a student of the martial arts.  My main area of study was Taekwondo, and I even got as high as a 2nd degree Black Belt.  I competed, and even fought at the national level three different times, and picked up the bronze at al of them. 

I even dabbled in other forms of marital arts, such as Brazilian Ju Jitsu, and even MMA.  There is a reason for why I am bringing all of this up, and I will get to it towards the end of the blog.

As I was perusing the news headlines this morning of what to blog on, I came across an interesting study that was conducted by CreditCards.com.  The main purpose of this survey was to find out where the American population, as a whole stand, when it comes to Cybersecurity.  The actual survey and results can be downloaded at this link:

https://www.creditcards.com/credit-card-news/data-security-poll.php

What they found was completely startling:  Over 92% of the respondents polled showed that they have demonstrated some high level of bad “Cyber Hygiene”.  In other words, they have taken Security Risks that they should not have taken even in the first place.  Here is what the study further revealed as well:

*Strong misuse of passwords:

The survey discovered that at least 80% of the respondents continue to recycle the same password over and over again.  It also discovered that 61% of the respondents do this half the time, while 22% do it all of the time.  I get this.  I know passwords are frustrating, and trying to create a long and complex password for every website your login to is an extremely time-consuming task.  We are a society that is always on the go, and want things here and now.

But you know what?  There are solutions to this.  But it means totally stepping out of your comfort zone and doing something different. The first one is the use of a Password Manager.  Although I have not used one personally yet, I have talked to many of my podcast guests about it, and this is the one tool that they recommend to use.  It can create those long and crazy passwords that you loathe to remember, and heck, it will even log into the applications automatically for you (those that require a password).

Not sure which Password Manager to use?  Conduct a simple Google search, and you will plenty of them.  Read the reviews on them, and see what you feel comfortable with.  There are many of them that are free, but my advice to you on this one is to stay on this one.  Many of them are built upon using insecure Source Code to begin with. 

Try to get a paid subscription for a moderate cost, and have the vendor actually train you in how to use it.  By going this route, you also have one more advantage: You will have access to their tech support line in case you need it.

*Using insecure WiFi Hotspots:

Being the extremely mobile society that we are now these days, we always feel the need to carry our tablet, notebook or Smartphone with us in order to stay “connected”.  Many times, when we are “connected”, it is through a safe and secure connection either at home or at work.  But how about on the weekends or when we travel?  That is when it becomes a huge problem.

In these instances, this is where we will probably log into the free, public hotspot at Panera Bread or Starbucks. While yes, they are free, they are totally insecure, as there is no encryption involved with them. 

In fact, the survey revealed that 48% of Americans knowingly used an insecure WiFi connection, while 67% of the “Gen Z” adults always use an insecure WiFi connection.

So basically, anybody that is sitting next to you could be secretly hiding a network sniffer in their pocket, and actually capturing all of your PII without you even knowing it.  The fix here?  Try not to use these kinds of hotspots.  But, if you must be “connected”, make use of the Personal Hotspot feature on your Samsung device or iPhone.  With this, you can at least be guaranteed of a somewhat secure connection.

*Saving PII on your computer or wireless device:

The study revealed that 45% of the respondents save their passwords on their computers or wireless devices, and that 35% of them have saved their credit card info onto the online applications that they use.  I have to personally admit, although I never store passwords, some of the online merchants I use do have my credit card info on file.

I have worked with and trusted these vendors for quite some time.  The primary reason why I do this is because it is convenient, so I don’t have to remember every month when I have to pay for a particular service.  But on the flip side of this, I do monitor my credit card transactions on a daily basis, and check my account twice daily to make sure that there is no fraudulent activity from occurring.

Many vendors have also taken extra precautions to protect your credit card information, not only because of recent Security Breaches (such as Target and the Marriott Hotel fiasco), but they don’t want to lose you as a customer and have their brand tarnished.  So, yea, I say with some hesitancy it is OK to do this; but only store credit card number with those vendors that you absolutely trust the most, and make sure that you are checking your credit card transactions on a daily basis like I do.

*Carrying sensitive documents that should remain at home:

By this I mean primarily your Social Security Card.  There is no reason why you should be carrying this in your wallet, except if you are reporting for work for the very first time and your employer needs it to verify your eligibility to work in the United States.  Lost or stolen Social Security numbers are the first place where Identity Theft occurs.

In fact, the study revealed that 33% of the respondents carry this card with them all of the time, and as the person gets older, the frequency of this gets especially higher (for example, 51% of the respondents aged 74 or higher claimed to always carry their Social Security card with them).

My recommendation:  Make a photocopy of your Social Security card, and only carry that with you if you absolutely have to have it. Then of course, after it is not needed, destroy it completely.

*Throwing away mail that is not needed or wanted:

Yes, even in the digital world that we live in, we still get tons of snail mail.  It was utterly horrible up to the point when midterm elections were held.  Every day, my mail box was jammed with all of this election nonsense.  Very often, important mail can get mixed in with all of this nonsense kind of mail, and unknowingly, that gets thrown out as well. 

The study also revealed that 28% of Americans throw away mail that contains their mail that contains their PII.  This would include such important documents as your bank statements, medical records, financial brokerage statements, etc.  Under no circumstances should you simply throw these away

Any Cyberattacker can rummage through your trash cans that you leave outside, or for that matter, they can even go through the public ones as well.  This is known as “Dumpster Diving”, and at the present time, there is no law to prevent this; anybody can legally engage in this kind of activity.

The solution to this:  Always shred your important documents, especially using a cross strip one.  Yes, this is another pain in the butt, but becoming a victim of Identity Theft will cost you a lot more down the road, and will strike you when you least expect it.

My thoughts on all of this?

Well, back to my story on my martial arts.  Except for the exercise and staying in shape part of it, the other reason why I studied the martial arts was to learn mental focus and discipline.  The one thing that I was taught by master instructor is that we must always look into ourselves first, and try to find ways of improving our own beings before we embark upon passing judgements and criticisms onto other people.

In other words, before you cast judgement on another person, always walk that proverbial mile in their shoes first to see what’s going on in their lives.  This same philosophy holds true for the world of Cybersecurity.  Whenever we become a victim of it, the first to get the hit and all of the blaming are the places of businesses and corporations that have been impacted.

While I am not defending them by any means, and yes, many of them still do have lax Security Protocols in place, we need to look at ourselves just as much equally to see what we could have done to avoid from our PII from being hijacked in the first place.

We need to not only do this in our daily activities as it has been described in this blog, but we need to do it as customers as well. Remember, that here in the United States, we have the luxury to make choices.  For example, if you choose to eat a restaurant, there is nothing preventing you from asking the general manager to ask about their Security Protocols when it comes to Credit Card transactions.

If the answer that is given does not make you feel secure enough, then you are free to make that choice and visit another restaurant where you do feel safe about having your credit card swiped.  The moral of the story:  Just as much as the vendors have responsibility for protecting our PII, so do we as both individuals and customers.