By Baker Nanduru, VP of Endpoint Segment, McAfee
What is PII?
What is PII? It’s information relating to an identified or identifiable individual when such individual can be identified directly or indirectly, when used alone or linked to other online identifiers provided by their devices, applications, tools and protocols. Examples include your facial image to unlock your smartphone, your medical information, your finances, your phone number, internet protocol addresses, or other identifiers such as radio frequency identification tags.
You can also find examples of PII in the accounts you use, like your Google to Apple IDs, which can be linked to your name, your email address, and the apps you have. You’ll also find it in places like the apps you use to map your runs, because the combination of your smartphone’s unique device ID and GPS tracking can be used in conjunction with other information to identify who you are and where you like to do your 5k hill days. The same goes for messenger apps, which can collect how you interact with others, how often you use the app, and your location information based on your IP address, GPS information, or both.
Use a complete security platform that can also protect your privacy
Square One is to protect your devices with comprehensive security software. This will defend you against the latest virus, malware, spyware, and ransomware attacks plus further protect your privacy and identity. In addition to this, it can also provide it can also provide strong password protection by generating and automatically storing complex passwords to keep your credentials safer from hackers and crooks who may try to force their way into your accounts.
Further, security software can also include a firewall that blocks unwanted traffic from entering your home network, such as an attacker poking around for network vulnerabilities so that they can “break in” to your computer and steal information. Again, setting yourself up with security software really is your first step, as it offers numerous means of protecting your PII and other important information.
Use a VPN
Also known as a virtual private network, a VPN helps protect your vital PII and other data with bank-grade encryption. The VPN encrypts your internet connection to keep your online activity private on any network, even public networks. Using a public network without a VPN can increase your cybersecurity risk because others on the network may be able to easily hack into your browsing and data.
Protect your files
Protecting your files with encryption is a core concept in data and information security, and thus it’s a powerful way to protect your PII. It involves transforming data or information into code that requires a digital key to access it in its original, unencrypted format.
Steer clear of those internet “quizzes”
Which Marvel Universe superhero are you? Does it really matter? After all, such quizzes and social media posts are often grifting pieces of your PII in a seemingly playful way. While you’re not giving up your personal number, you may be giving up things like your birthday, your pet’s name, your first car … things that people often use to compose their passwords or use as answers to common security questions on banking and financial sites. The one way to pass this kind of quiz is not to take it!
Be on the lookout for phishing attacks
A far more direct form of separating you from your PII are phishing attacks. Posing as emails from known or trusted brands and financial institutions, a cybercrook’s phishing attack will attempt to trick you into sharing important information like your logins, account numbers, credit card numbers, and so on under the guise of providing customer service.
How do you spot such emails? Well, it’s getting a little tougher nowadays because scammers are getting more sophisticated and can make their phishing emails look nearly legitimate. However, there are several ways you can spot a phishing email as outlined here.
Keep mum in your social media profile
With social engineering attacks that deceive victims by posing as people the victim knows and the way we can sometimes overshare a little too much about our lives, you can see why a social media profile is a potential goldmine for cybercriminals.
Two things you can do to help protect your PII from being at risk via social media: one, think twice about what PII you might be sharing in that post or photo—like the location of your child’s school or the license plate on your car; two, set your profile to private so that only friends can see it. Review your privacy settings regularly to keep your profile information out of the public eye. And remember, nothing is 100% private on the internet. Never post anything you wouldn’t want to see shared.
Look for HTTPS when you browse
The “S” stands for secure. Any time you are shopping, banking, or sharing any kind of PII, look for “https” at the start of the web address. Some browsers will also indicate HTTP by showing a small “lock” icon. Doing otherwise on plain HTTP sites exposes your PII for anyone who cares to monitor that site for unsecure connections.
Lock your devices—and keep an eye out for “shoulder surfers”
By locking your devices, you protect yourself that much better from PII and data theft in the event your device is lost, stolen, or even left unattended for a short stretch. Use your password, PIN, facial recognition, thumbprint ID, what have you. Just lock your stuff.
And just like you covered your work while taking that math test in grade school, cover your work when you’re out in public. Or better yet, do your shopping, banking, and other sensitive work strictly at home or in another controlled situation. The thing is crooks are happy to lower themselves and simply peep over your shoulder to get the PII they want.
Keep tabs on your credit
Theft of your PII can of course lead to credit cards and other accounts being opened falsely in your name. What’s more, it can be some time be some time before you even become aware of it, until perhaps your credit score takes a hit, or a bill collector comes calling. By checking your credit, you can address any issues that come up, as companies typically have a clear-cut process for contesting any fraud.
Consider identity theft protection as well. A good identity theft protection package pairs well with keeping track of your credit in the way I mentioned above and should offer cyber monitoring that scans black market sites on the Dark Web, and Soccan detect if any new aliases or addresses are attached to your number.