We understand the environment you operate in and the unique challenges you face.
Protecting your online identity: four tools to protect yourself
We live in the future, and the benefits are legion. Technology such as social media (Facebook, Twitter, Linkedin, Instagram and so on) coupled with mobile communications technology creates a multitude of opportunities to interact positively with a global audience. What is good about it can also be its chief negative. Social media’s potential anonymity, coupled with a desire to harm someone, can be damaging, particularly to a person’s reputation. Harmful behaviour includes blackmail and harassment. The wrongdoer in this instance is likely attempt to cover their tracks by using, amongst other things, a proxy server, fake accounts/ email addresses and disposable hardware such as an unregistered mobile phone. Reputational damage is a key concern because the impact can be immediate whereas mitigating the damage (and removing instances of the offending information) may be a costly and time-consuming process.
An easy recent example is the recent high profile hacking of celebrities’ “cloud” accounts, resulting in dissemination of intimate images that were intended to be kept private. Anonymity is the central concept, both from the point of view of the hacker, anyone hosting the images and, generally speaking the people who choose to look at them. In entertainment, an affect person may feel that there is no such thing as bad publicity. The considerations are of course different for a business, for which bad publicity is just that; bad publicity.
For a person or business to protect themselves against these kinds of threats is a truly modern problem. One might say there are three aspects to the issue; keeping important information private, what to do when there the information has been compromised and finally what if anything should be done to investigate any such compromise. Here are some things to think about:
1. Safeguard important information:
Whether you are an individual or a business, have a policy on information security, and consciously implement it. This does not have to cost the earth, and there are a number of readily available, cost-effective tools, including encryption (such as Windows Bitlocker) or “two step authentication” (via a free mobile app such as Google Authenticator). Two step authentication requires the user to enter a code which changes every thirty seconds when he or she logs into an account from a new device for the first time. Popular information and document management systems such as Dropbox and Evernote offer two step authentication using Google Authenticator.
2. Don’t just curate your public profile – actively protect it!
If you have an internet profile of some kind (via Linkedin, or otherwise) then actively protect it. It is your public message to the world. Ensure to that everything that it published through this channel is professional and “on-message.” This may be less of a concern for an individual. For businesses, managers and owners should consider the extent to which it is appropriate to require employees to reflect their professional personas via social media. This may include a policy on how the company is described on Linkedin, for example (including the use of any brands or logos, etc) and having a policy on making personal statements where there is an apparent link to the company.
3. Be ready for the worst
Consider in advance how you or your business would react if it was subject to hacking or a sustained attack on your reputation. What would you do if you were locked out of key accounts, or negative information circulated on the internet gained public attention? Have a policy which considers your internal response (resetting passwords, communicating with any websites involved) and an external one, which may include having a pre-existing relationship with a public relations/ communications firm, and a law firm.
A properly conducted forensic examination coupled with a legal strategy can yield surprisingly effective results. This may involve communicating constructively with internet service providers and social media hosts, together with judicious use of Court applications to require people or organisation to provide information or documents. This can sometimes create a trail which leads to the detection of the wrongdoer.
Mr. Sebastian Szulkowski