I (mistakenly) shared my personal information….. Now what? And parallels with enterprise security
Recently, I thought I fell for a scam. I received a letter, which fortunately turned out to be legitimate and not a case of mail fraud, as I initially feared. However, I provided my personal information before verifying the legitimacy of the letter. This act led me to a panicked evening filled with ‘what ifs’ and ‘oh no’s”.
Coincidentally, with October being Cybersecurity month, I thought it would be timely to share lessons I learned and steps I took, to protect my online identity.
I have heard some people take at least one night to think before responding to an email. In an age of ‘everything-on-demand’, this point certainly bears noting.
Once I had a chance to reflect on the events of the day, I received good counsel to verify the authenticity by going to the sender’s organization and contacting them. They were quick to respond and let me know that the message I received was, in fact, legitimate. (relief!)
- Plan ahead
In looking at the ‘worst case’ scenario, there are a few ways bad actors could take advantage of my information, some of which are outlined here. One challenge was I forgot what information I shared exactly outside of the basic name, address, and email.
After research, I felt the need to take precautionary steps to reduce the fallout from my possible financial independence. Since I am in the US and not opening a credit card, signing a new lease or making a substantial purchase in the near future, I opted to freeze my credit. When the time comes, I understand it is easy to unfreeze my credit.
To reduce my risk surface area – I also changed passwords. Especially for the email address I provided to the organization I questioned. I also saved my password to a password manager on my phone and chrome browser. Since there are many passwords to remember these days and I’ve learned password managers are a quick and convenient way to store and keep online data safer.
While we reside in the confines of cyber space and are sensitive to security threats, we are also recipients and producers of significant volumes of information. Businesses, banks, hospitals, schools, non-profits and government agencies conduct business through online portals and communications.
Digitization does bring risk, but the potential for transformative impact are enormous and we are already reaping the benefits today through our interactions with smartphones, loyalty programs, e-commerce transactions and other platforms which leverage Big Data.
This type of interaction has now become a necessity and would not be possible without a foundation of trust – trust in business systems, rule of law and integrated technologies. Similar to how there are risks associated with every action, it is a matter of how we associate weight with said risk before making significant decisions.
It is nice to work for an organization like SAP, that is transparent and open to sharing lessons learned not just in meetings, but also for public consumption in the form of tools, documentation and blogs which aim to help customers along their digital journeys and individual learning paths.
What are some ways you or your organizations are driving awareness this Cybersecurity month?