look at your attack surfaceIn this interconnected world, the largest and most constant threats are digital. With data breaches being the norm, it can often feel like falling victim to identity theft is inevitable. While it can be hard not to succumb to this sense of inevitability, there are some things that you can do to make yourself less vulnerable to hackers and their schemes. Below, we go in depth about assessing your digital vulnerabilities and how you can address them.

Be aware of your attack surfaces

In security lingo, the phrase “attack surface” refers to all of the potential methods a hacker can use to compromise a network or user information. While it’s a term primarily used by security researchers, it could also be useful for consumers, too. Think about all of the accounts you have. How many of them share passwords? How many smart devices do you have? And how many places do you shop at in a given year? Each of these could loosely be considered part of your own attack surface. Although there are some aspects of your attack surface that will always exist (the act of shopping, for example, inherently puts your information on a network that you don’t control), others can be reduced or eliminated entirely.

How should you control your attack surface?

There are likely parts of your attack surface that you’ll discover either can’t be removed or quantified completely, as we noted above, but here are some of the things you can do to make yourself more digitally secure:

Delete old accounts and change out of date passwords

Remember that time you signed up for some random website to get tickets to see your favorite band in concert, or that time you created an account for a random company to receive a discount? Since then, your information has sat on the company’s servers in an account that’s ripe for the picking. Today, we have more accounts than ever before, and among these accounts are probably some that we don’t use anymore. Ideally, we should only keep accounts active if we’re using or monitoring them because if there is less information about you in the digital world, there’s less of a chance it will be breached. While some websites terminate accounts after long periods of inactivity, that’s not a universal practice, which is why consumers should be proactive in closing accounts they no longer use.

Similarly, it’s likely that a number of the online accounts you want active have stale passwords that haven’t been updated in a while. Though the advice to purposefully change passwords every three months might lead to password fatigue, changing your password at least every six months is something that you should practice, as you never know if the account credentials have been leaked, and using the same passwords across all your accounts or reusing old passwords can add more vulnerabilities to your attack surface. As such, if you haven’t updated the password for your accounts in over a year, now may be the time to consider them. It should be noted that the key to a strong password includes any combination of letters, special characters and numbers — remember the longer, the better. Need help coming up with a password? A password manager might be a good option for you, as it will not only help you come up with unique, strong passwords, but it will also store all of your passwords in a secure, digital safe.

Uninstall old and unwanted software from your device(s)

As with online accounts, keeping programs and apps you no longer use on your devices can make them less secure. The issue is that older, outdated programs, especially ones that are beyond their service life, are more likely to hold vulnerabilities that could be exploited to access or damage your system. Additionally, from a purely pragmatic stand point, these types of programs and apps make your system run slower.

Delete old emails and old contacts

As our email accounts get older, they become more cluttered with marketing emails, spam and other types of information, like welcome emails for accounts you’ve signed up for and links to password resets. Clearing out your email from time to time could help you disassociate your accounts with your email address, so if a hacker unexpectedly gains access to your email address, they wouldn’t suddenly know which accounts it’s connected to or be able to gather more of your information, like where you bank or shop.

Update your technology and monitor device settings

We’ve discussed before, at length, the reasons why you should keep your apps and devices’ software up-to-date. Not only does it make your experience as a user smoother, but it also ensures that you’re protected from the latest threats, as updates usually include patches for known security issues. Additionally, whenever you purchase a new device, you should always make sure you understand what the default device settings are. This also goes for programs and apps after updates. Sometimes default settings are less favorable to privacy than you might like, so it’s best to take some time to look into them.

Destroy old and unused storage media

While destroying old storage media (USBs, hard drives, CDs or phones) is advice often given to businesses, it applies to individuals as well. This is because, just like unshredded paperwork with your personal information (e.g., a bank statement you threw out), improperly disposed storage media allows for personal data to be retrieved. There exist programs for wiping drives, but for extra measure, you should also physically destroy whatever device you wish to dispose of, or at least restore it to the factory settings. Finally, make sure to not simply toss the device into the trash, as you should dispose of it safely and in an environmentally friendly manner.

Keep rarely used devices offline

If you have old systems or devices on hand and still use them, make sure you only use them offline, as they’re likely susceptible to new types of threats that are actively circulating on the Internet. This is especially true for Internet of things devices, which have been the targets of most recent virtual attacks.

There’s no surefire way to protect your identity in this Digital Age, but if you take small steps, like the ones noted above, you can at least limit the amount of openings in your attack surface. If you’re interested in reading more tips on how to stay safe while surfing the Internet and using Internet-connected devices, follow our technology blog.