SALT LAKE CITY — The phrase “spring cleaning” is more likely to invoke images of sponges and vinegar than emails and cloud storage. But Aaron Sherman says we should all consider a “digital declutter” this spring.
Sherman is the senior director of cyberthreat intelligence for Braintrace, a Utah-based cybersecurity company. Sherman joined Maria Shilaos on Let’s Get Moving with Maria to discuss common mistakes in the digital realm, and what Utahns can do to clean up after themselves.
“The biggest thing I see people do wrong is they take for granted their cybersecurity,” Sherman told Shilaos, explaining that people rarely consider “how easy it is for someone to get into their accounts, how easy it is for their information to get stolen, how easy it is for cybercriminals to exploit that information to conduct all sorts of attacks, steal identities and open up lines of credit.”
To those looking to lock down their personal data, Sherman offered these tips.
Use a password manager
“The biggest thing that people can do is look at their passwords,” Sherman said. “Passwords are inherently weak.”
Sherman encouraged people to consider using a password manager, which allow you to set longer and more secure passwords by remembering them for you.
“You ask me what my passwords are, I have no idea. My password manager on my phone, which is encrypted, knows,” Sherman said. “I don’t have to worry about it, so it takes a lot of that problem out of the picture.”
Use multi-factor authentication
Processes like two-step authentication can help protect your accounts from would-be fraudsters, Sherman said. Text messages are a good bet, but authentication apps are even safer.
Close down old accounts
“You’re leaving this digital trail behind you,” Sherman said of most people’s interactions with the web. “You might not think about your MySpace account, but MySpace still has your information … If MySpace ever gets hacked, that information is going to be out there and that’s potentially a risk for you today.”
Most people have more accounts than they think they do, Sherman said. If you’ve ever ordered pizza online or given your email to a cashier, those companies have information on you. To jog your memory and remind you which accounts need to be closed down, Sherman suggests looking through your inbox and spam folder for communications from companies you are registered with. At that point, you can close your accounts and request they delete your information.
The biggest thing I see people do wrong is they take for granted their cyber security.
Keep your software up-to-date
“We’re on our phones all the time,” Sherman said. “Those are essentially computers that are mobile and any electronic device is always vulnerable to any type of breach — a hacker could get in, or you could accidentally leak information.”
Sherman said staying on top of software updates is critical, as companies will frequently patch security issues with updates.
“Whenever you have the ability to update your device, you’ve got to do it,” he said.
Freeze your credit
Sherman’s biggest piece of advice? Act as if cybercriminals already have your information.
“There’s nothing private about anyone,” he said. “The bad guys have everything. Our credit card numbers are out there, our bank account information is out there, our social security numbers are out there, everything’s out there. The one thing that we can do is operate under the assumption that the bad guys know everything.”
For Sherman and his wife, this means freezing both their credit and their children’s credit. This prevents hackers who might obtain their personal information from using it to open lines of credit under their names and potentially ruining their financial situations. Sherman encouraged consumers to look into freezing their own credit, and to do all they can to minimize the risks they might face if/when their information falls into the wrong hands.