TORONTO — In a year that saw companies such as TransUnion, Facebook and Desjardins urge their Canadian users to change their passwords and monitor their financial accounts due to data breaches, it’s never been more important to safeguard your personal information.
The crucial part, however, is to actually take steps to make your personal data less vulnerable to cybercriminals.
“That’s really what cyber hygiene is all about,” said Adrian White, director of the financial crimes division at the Canadian Bankers Association.
“You want to make sure you minimize the risks by doing things on a regular basis that keep you safe from these kinds of threats in the criminal space.”
The start of a new year, and (by most accounts) the start of a fresh new decade, presents an excellent nudge to review digital passwords and take other steps to protect yourself and your finances online.
Taking action is increasingly important amid a rising number of major data breaches, leaving more sensitive data vulnerable to criminals who find devious new ways to put it all to use.
“As we move into 2020, people have less and less control over the security and privacy of their personal information,” said Claudiu Popa, cybersecurity expert and CEO of Informatica Corp.
With so much out of your hands, it’s important to keep control of the key points of entry for your personal online accounts.
First and foremost is updating your passwords, those jumbles of characters that you’ve been haphazardly managing since you went online. It’s time to create a system that will carry you through the next decade with greater safety and peace of mind.
One of the best ways to create a secure password is to think of a phrase, and then use the first letter of each word with some numbers and symbols mixed in as the password. The full phrase can also be used if it is easier to remember, with some added random bits to add security.
“I’ve stopped calling them passwords, I call them passphrases,” said Popa.
“Because the emphasis is on the most important attribute of passwords, which is length. The longer they are, the more useful they are.”
Better yet, use a password manager, which can create complex passwords and them remembers them so you don’t have to. There are a wide variety out there, including some quite functional free versions from providers like LastPass, KeePass, and Dashlane.
“The sooner you get comfortable with a password database the better,” said Popa.
Next is your email, which is the way you access all those accounts where you’ve forgotten your password because you don’t have a system or password manager in place.
You should keep your primary email — linked to online banking and other important accounts — secure by only giving it out when necessary. Have a second email for less important accounts that don’t store personal data, and consider using disposable accounts when possible, said Popa.
“A lot of people just constantly give out their real, their almost permanent, their long-term personal email address because they don’t know how to get a disposable one.”
There are plenty of online services that let you set up a quick email address to satisfy those sites that demand an address when you don’t feel you need to give one.
And while you’re considering whether an email is needed, expand that assessment to any other information asked of you, whether it be a request for your email address at the big box store or a social insurance number when applying for a credit card.
The less information you give out, whether to companies or to the general public on social media, the lower the chances it will fall into the wrong hands.
Other important steps to staying secure, like keeping programs updated, checking in on your online financial accounts, being wary of what you’re connecting your devices to (especially public wifi), and to generally keep a skeptical eye on everything online.
With these two main areas more secure you can venture out a little more confidently in the new year.
Ian Bickis, The Canadian Press