The incentives for bad actors are very high. When a small amount of data is very valuable, there is no security tight enough or encryption hard enough to protect it. Even worse, the secret data is widely available. It doesn’t take much of “secret” data to apply for online credit and spend it without my knowledge. My name, and address are public information. The only semi-secret information needed are my birthdays, SSN, and maybe another form of payment.
Fortunately, what I really need to protect are not these bits of data. I don’t care if someone knows my birthday and social security number. What I care about is what people can do with that data, so I need to protect my credit score and my money. I protect them by doing 3 things. First, I do a security freeze of my credit score at the top four credit bureaus (Equifax, Experian, TransUnion, and (newer) Innovis). It’s easy, and it’s free. By freezing my credit score, it adds a layer of protection from anyone attempting to apply for rental, credit card, mortgages and other financial instruments in my name. It’s a bit of a hassle to unlock the file when you need to apply for credit but the extra inconvenience is well worth the protection. Just recently, I got a request to unlock my credit score from an unexpected source. Second, use separate passwords for each critical website. I defined criticality based on level of financial risk, and requirement for identity verification: financial institutions (banks, credit cards, etc.), primary methods of identity verification (gmail, phone pin, etc.), and any e-commerce sites (Amazon) where I have credit card saved. Again, it’s a hassle but I don’t want to make it easy for bad actors to easily gain access to the rest of my money in case of a security breach. By isolating each access point, I create additional friction and hopefully they would move to easier targets. Finally, I set up two factor authentication for those sites. And, I'm don't use a password manager for the critical sites. So much hassle, but this is the new reality where everything has a digital presence and much of the original internet is build around openness and information sharing. We need to take advantage of all the tools available to safeguard our money and financial information.
What about you? What are your recommendations for protecting your financial data online?
No comments:
Post a Comment