Did you know the 2022 global average for daily time spent online is 397 minutes, or 6 hours and 37 minutes? Based on the 5.07 billion total internet users, that’s a lot of accounts and a lot of people putting personal information online. With roughly two in every three people being online for lengthy periods of time, you can wager that their accounts are not that secure. When you spend significant time on the internet be it for work, leisure, or administration, you inevitably start to depend on platforms that require sensitive identifying details. From a birthday or a postcode through to a parent’s birth surname or a place of birth, your publicly disclosed data is all over the world wide web.
With greater connectivity and the exponential rise in cybercrime, like the 15 million data breaches in the third quarter of 2022, it should be a case of running and not walking to secure your digital identities. In the last three years alone, cybercrime has become even more prevalent due to remote work and people shifting much of their discretionary activities online. This has been a boom time for cybercriminals and the numbers reflect this; according to Cybersecurity Ventures, the global cost of cybercrime is projected to hit $8 trillion USD in 2023. When you consider the additional costs of damages from cybercrime — that are projected to hit an additional $10.5 trillion USD by 2025 — you should be thinking of yourself and how to prevent becoming a victim. Governments and experts are warning that you can and will be affected by cybercrime and it’s not if, it’s when. Every person should be securing their accounts and hardware with the mindset of thwarting a would-be attacker. To help you, in this article we’ve compiled five suggested action steps to secure your digital identity.
Defining Digital Identities
For the purposes of this discussion, we refer to Techopedia’s definition of an identity in an “online or networked form” that relates to an individual, organization or electronic device. Techopedia’s classification states that, “In terms of digital identity management, key areas of concern are security and privacy.” Due to the relevant personal nature such as unique characteristics and data attributes that are captured in a digital identity — date of birth, first and last names, social security number, address, email username and password, medical history, search records, purchases and bank records — any theft or breach could be disastrous. Keeping every digital identity secure and requiring it to be authenticated and validated is crucial to preventing cyberattacks. In a normal day, you probably use your digital identities for at least one of the following actions you don’t even think about:
- Checking email
- Paying bills
- Booking medical appointments
- Communicating with loved ones
Today’s world requires you to protect your digital assets and this information is central to effective cybersecurity. Now, let’s look at the five actions to take to protect your digital identity.
Action 1: Cover your tracks everywhere you go using a VPN
The first action is to use a Virtual Private Network (VPN) every time you go online — even if it’s just to Google something. A VPN is essential in any effort to protect your digital identity because it’s designed to help keep your activity private. So, how does a VPN work? A VPN is a tool that creates an encrypted channel akin to a tunnel between the computer or phone and the server of the VPN. When you head online with the VPN on, your normal internet traffic is sent through the encrypted channel to the VPN server, then the data continues on to the public internet from the VPN server. When you receive data back, it has the reverse course: internet, the VPN server, the encrypted channel, and your device. In a VPN explainer for PC Mag, Max Eddy writes that this is a step towards privacy as the VPN can’t make you completely anonymous. Eddy says, “By encrypting your traffic and routing it through a VPN server, it is harder but not impossible for observers to identify you and track your movements online.” Your goal with investing in a VPN is to protect your privacy. There are many VPN services available with a range of payment models to choose fro,. Most can be used on a range of devices, so you should connect the VPN before any internet activity including app use on your phone; be sure to disable your location services on your phone, too.
Action 2: Overhaul passwords and update account security
In line with implementing a VPN, now is the time to change every single account password to a new, complex replacement. If you’re not convinced, consider this: you need to treat your personal credentials like an asset — every account becomes like a safe or a debit card PIN, hence making every single one high-level and unique. Even though this is a mind-numbing task, it pays off when you remember the 2019 Google study that found 65 per cent of people reuse passwords and there are billions off passwords for sale on the dark web. Poor password hygiene in the form of weak or reused credentials tends to end badly. Thankfully one option that can streamline your password replacement journey is a Password Manager. Much like an investment in a VPN, Password Managers are designed to integrate with your devices and strengthen cybersecurity. While many companies now build in Password Managers, such as Apple Keychain, and there are free services on the market, paid options do tend to offer more robust features. Paid benefits — including encrypting data, auto-creating complex passwords, flagging reused passwords, two-factor authentication, and extension options across devices — do serve to be a sound choice for the privilege of your personal security. Bitwarden or 1Password are two high-level products for an annual or monthly fee. Despite how cumbersome the transition and password-updating process is, it’s still preferable to the costs of a data breach plus a Password Manager actually makes tracking digital identities somewhat effortless once completely in place. Don’t forget to update your passwords for your home wifi network which includes any smart devices; Internet of Things devices are quickly becoming a network backdoor and these need to be secured with as much attention as any other account.
Action 3: Lock down identifying visuals
Identifiable personal data is one of the most precarious parts of 21st-century life. In 2022, cybercrime takes all different forms and for individuals, identity theft and being impersonated for extortion are very real threats. Social media makes people especially vulnerable because of the readily available trove of images, videos, and information that can be used for identification and impersonation. Exploitation is very easy when your loved ones can be doxed via someone pretending to be you. Information like a birth date and your parents’ names can also be gleaned from social media accounts — two key security points for many secondary accounts — and from there it’s a seamless way for hackers to gain access to your other digital identities. It’s therefore necessary to start to eliminate visual identifiers from your social media accounts while also transitioning all of them to private settings. Start with changing all profile pictures to an unidentifiable image — it shouldn’t show your face at all, even in a side profile. At the same time, you should delete any photos of yourself currently published on your social media pages and disable settings that allow you to be tagged by friends and family. The goal is to wipe visual records of you from your accounts so it’s much harder for a cybercriminal to take your images and impersonate you. Remember that video is just as risky due to voice cloning technology and people are already being extorted through incredibly realistic deep fakes
Action 4: Changeover identity handles
Action 4 is just as important as Action 3 as it’s about minimizing identity weak spots. Many people use their actual legal first and last name in social media handles which is an open invitation for anyone looking to steal your identity. Take the step to changeover all your account names even for profiles that are set to private and ensure it’s updated to a name that bears no resemblance to your legal or social records. The other aspect of identity handles that you need to secure are the private and identifying details — think your birth date, wedding date, location, home address, workplace, contact numbers, and contact emails. You also need to eliminate access of any contact, friend, family or otherwise, to this information as it could always be easily compromised. You can also filter words in your account settings for a range of social media platforms so be sure to add your name and nickname to these ‘banned words’ lists so people are no longer able to tag or address you by your legal or public name in comments.
Action 5: Update communications systems & let loved ones know
One of the most overwhelming steps of securing your digital identity is transitioning communication systems away from providers that store user data.Any communications providers can be hacked — hence increasing reporting on large-scale data breaches — and your digital identity can be compromised in the process, which is particularly serious if they gather a lot of your data. When you switch your main providers, namely email service and instant messaging service, you are erecting a defence system against data collection that includes everything from your bank account information through to your calendar and location history. Switch email providers to a paid service that don’t collect user data such as Proton Mail(who also offer a VPN service) and transition to an encrypted messaging platform with user-friendly Terms of Service like Signal< or Telegram Tie in these changes to your communications systems and privately update your loved ones that you are implementing permanent security measures to protect your digital identity.
Action 6: Design a long-term plan for securing your digital identity
These five key action steps are your foundation for upgrading how you protect your digital identity. Beyond this, you can should also start reflecting on the following questions:
- Do you still want to use the internet in the same way in one, two, five or 10 years?
- Will you keep social media and if so, how will you monitor your cybersecurity?
- What kind of digital identity do you want to have and how do you plan to keep up-to-date with cybersecurity best practice?
Technology will keep changing so it’s important to reflect on things rather than remaining passive. In nearly every case, a crisis causes people to act even though digital hygiene principles show that there is no cure for cyber attacks — it really is all about prevention and with these actions you do make yourself much less of an easy target starting today.