What you need to know about your digital footprint

Asset 34

What’s a digital footprint?

Posted on 20 April 2021 by Beaming Support

Your digital footprint is another way of describing all the information you share about yourself (knowingly or unknowingly) on the internet.

This can include information you have chosen to put on social media, cookies stored in your browser by websites you visit, messages sent through messaging apps and phrases you’ve typed into search engines.

How does this affect business?

A business has its own digital footprint, so this is something to consider from a brand management perspective. It’s good to Google your company name now and then to ensure that your digital footprint shows you in a positive light!

From a security standpoint, as a business leader your personal digital footprint (and those of your employees) is more interesting to cyber criminals. There may be a gold mine of information freely available online that could be used to engineer a sophisticated attack on you and your business.

Attackers may look to work out passwords for your business systems, or send emails that trick you or an employee into making a payment to them, or into downloading malware.

In some instances, attackers are able to access company systems by “cracking” a junior staff member’s log in information and then leap frogging all the way up to gain complete control of the system.

What kind of digital footprint information do cyber criminals use?

It can be disconcerting to be confronted with the amount of data a company like Google holds about you (find this out by logging into your Google account and navigating to “Data & personalization”, scrolling to “Things you can create and do” and clicking “Go to Google Dashboard”), but you may be shocked to realise just how much information you’ve made freely available to absolutely anyone with an internet connection.

Information found in publicly available profiles can be used for various nefarious purposes including:

  • Have you ever divulged information online about a pet’s name, your home town, you mother’s side of the family? And thinking back to setting up some of your online accounts, have you ever set a password or password reset security question that could relate to those nuggets of information?
  • Posts and comments made online can be used to craft a convincing email that sounds like it comes from you.
  • Your publicly stated “likes” can be used to create targeted phishing attempts that use tactics almost guaranteed to make you click a malicious link or share financial information.

How can we clean up our digital footprints?

  • If you’re going to contribute to the comments section of an online news article, sign up with an anonymous username that can’t be linked to your professional presence.
  • Delete old accounts you don’t use anymore.
  • Think before you post! Do others need to know this information and could it be used against you in the ways outlined above?
  • Educate employees. You might not be able to control what an employee posts online, but some of them may never have thought about the privacy and security implications of the information they share and will appreciate the guidance.

How can we ensure that data found in our digital footprint isn’t used against us?

Asset 10

Password Practice

Secure your accounts with passwords that are strong and unique. Avoid using things like pets’ names or a sports team your support. Definitely don’t re-cycle passwords used for very important accounts like online banking and your email, and definitely don’t use the same password for work accounts as you would for personal.

Asset 12

Use Multi Factor Authentication

This means that even if someone were to guess or obtain your password, they’d still need further information (such as a code sent to your phone) to gain access to your accounts.

Asset 18

Beware Unsolicited Texts and Emails

Our Business Guide to Phishing will help you understand what tricks you need to look out for.

Asset 8

Least Privilege Policy

Use a policy of least privilege to ensure that each employee’s access to your systems and files is set to the bare minimum they need to be able to work. This should help avoid the leap frogging scenario described earlier.

Free guide to phishing threats

Download our Business Guide to Phishing to learn:

  • What is phishing?
  • Why would someone steal my data?
  • How do criminals go about phishing?
  • Focus on a smishing scam
  • 8 steps to avoid becoming a victim
  • Actions for management
 

Enter your email and we’ll send the guide straight away

  • This field is for validation purposes and should be left unchanged.
  • Free guide to spotting malicious emails

  • Email phishing scams have become sophisticated. Find out what you’re up against with our guide to recognising scam emails.

  • Subscribe to the Beaming Bulletin to receive monthly cyber threat alerts, the latest bug fixes from our team & news on the tech that works best for business, and we’ll send you our Business Guide to Phishing, free.
    • This field is for validation purposes and should be left unchanged.