OUCH! Newsletter

Digital Spring Cleaning in 7 Simple Steps

March 1, 2023

Overview

We often hear of the term spring cleaning,the time of year when we go through our belongings and organize our house and lives in preparation for the upcoming summer. This is also the perfect time to take an annual review of your digital life. The following seven simple steps, taken once a year, will go a long way toward ensuring you can make the most of technology, safely and securely.

ACCOUNTS: Review each of your accounts. Using a long, unique password for each account ensures that if one account is compromised, your other accounts are still safe. Can't remember all those different passwords? Don’t worry, neither can we. We recommend you use a password manager to securely store all your passwords and make your life far simpler and more secure. Enable multi-factor authentication (MFA) when possible, especially for your personal email or financial accounts. This is the single most important step you can take to secure any online account. If you have any online accounts, you have not accessed in over a year, it could be time to simply delete them.

PROGRAMS: Keeping your devices and software updated and current ensures you have the latest security features installed and known vulnerabilities are fixed. The simplest way to do this is to make sure you have automatic updating enabled on all your computers, mobile devices, and even smart home devices. Also, delete any unused programs or apps on your mobile devices and computers. Some apps require large amounts of storage, can introduce new vulnerabilities, and may even slow things down. The fewer apps you have, the more secure your system and your information remains. Many devices show you how long it has been since you've used an app. If it has been a year since you last used the app, chances are you don't need it anymore.

FINANCES: Verify that your bank accounts, credit card accounts, investments, and retirement accounts are configured to alert you whenever a transaction is made, especially for unusual sign-ins, large purchases, or money transfers. This will make it so that you are always notified when a financial transaction occurs and you can spot any fraud or unauthorized activity right away. The sooner you identify fraudulent activity, the sooner you can stop it and the more likely you can recover your money. Depending on which country you live in, an additional step you can take is to implement a credit freeze, which can be one of the most effective ways to protect your identity.

DISPOSING OF DEVICES: Over time you may find yourself collecting old devices you no longer need - perhaps an old smartphone or smart home device. If you dispose of any of these devices, first wipe any personal information from them. Most devices have a simple wiping function that securely purges all personal information (or reset to factory default) before disposing of the device.

BACKUPS: No matter how safe or secure you are, at some point you will most likely need backups to recover your important information or migrate your information to a new device. Set your devices to automatically back up to the cloud. Creating and scheduling automatic backups allows you to recover your most important information.

PARENTING: If you are a parent or guardian, this is a good time to review any parental controls settings you have in place for children. As children get older, you will most likely need to update these controls settings.

SOCIAL MEDIA: Review privacy settings on your social media accounts – these are a goldmine of personal information. Review your accounts to check that you are not sharing sensitive information such as your birthday, phone number, home address, banking information, or geo-location in personal photos.

Spending just a couple hours a year taking these steps will go a long way toward protecting you, your devices, and information.

Guest Editor

Ritu Gill (@OSINTtechniques) is a SANS instructor in development and Intelligence Analyst who specializes in Open-Source Intelligence (OSINT). More info about Ritu here: https://www.sans.org/profiles/ritu-gill and here https://www.osinttechniques.com.

***

Resources

Password Managers: https://www.sans.org/newsletters/ouch/password-managers/
The Power of Updating: https://www.sans.org/newsletters/ouch/the-power-of-updating/
Disposing Mobile Devices: https://www.sans.org/newsletters/ouch/disposing-mobile-devices
Got Backup: https://www.sans.org/newsletters/ouch/backups
Securing Kids: https://www.sans.org/newsletters/ouch/online-security-kids