Take It Personally: Ten Tips for Protecting Your Personally Identifiable Information (PII)
Seems like we always have a connected device somewhere within arm’s reach, whether it’s a smartphone, laptop, tablet, a wearable, or some combination of them all. In a way, we bring the internet along with us nearly wherever we go. Yet there’s something else that follows us around as well—a growing body of personally identifiable information, also known as PII.
What is PII?
What is PII? It’s information relating to an identified or identifiable individual when such individual can be identified directly or indirectly, when used alone or linked to other online identifiers provided by their devices, applications, tools and protocols. A prime example is your Social Security Number, if you live in the U.S. That clearly calls out your identity. Further examples include your facial image to unlock your smartphone, your medical information, your finances, your phone number (because it can be easily linked back to you), internet protocol addresses, or other identifiers such as radio frequency identification tags.
You can also find examples of PII in the accounts you use, like your Google to Apple IDs, which can be linked to your name, your email address, and the apps you have. You’ll also find it in places like the apps you use to map your runs, because the combination of your smartphone’s unique device ID and GPS tracking can be used in conjunction with other information to identify who you are and where you like to do your 5k hill days. The same goes for messenger apps, which can collect how you interact with others, how often you use the app, and your location information based on your IP address, GPS information, or both.
In all, there’s a cloud of PII that follows us around as we go about our day online. Some wisps of that cloud are more personally identifying than others, yet gather enough of it and PII can create a high-resolution snapshot of you—who you are, what you’re doing, when you’re doing it, and even where you’re doing it too—particularly if it gets into the wrong hands.
Protecting your PII protects your identity and privacy
It reminds me of Pig-Pen, the character straight from the old funny pages of Charles Schultz’s Charlie Brown, followed as he was by an ever-present cloud of dust. Charlie Brown once said, “He may be carrying the soil that was trod upon by Solomon or Nebuchadnezzar or Genghis Khan!” Except the cloud surrounding us isn’t the dust of kings and conquerors, they’re motes of digital information that are of tremendously high value to crooks and bad actors—whether for purposes of identity theft or invasion of privacy.
Needless to say, with all PII we create and share on the internet, it means we need to take steps to protect it—lest that PII get abused.
I’ve outlined a set of ten things you can do to help ensure that what’s private stays that way.
1) Use a complete security platform that can also protect your privacy
Square One is to protect your devices with comprehensive security software. This will defend you against the latest virus, malware, spyware, and ransomware attacks plus further protect your privacy and identity. In addition to this, it can also provide it can also provide strong password protection by generating and automatically storing complex passwords to keep your credentials safer from hackers and crooks who may try to force their way into your accounts.
Further, security software can also include a firewall that blocks unwanted traffic from entering your home network, such as an attacker poking around for network vulnerabilities so that they can “break in” to your computer and steal information. Again, setting yourself up with security software really is your first step, as it offers numerous means of protecting your PII and other important information.
In the case of our security software, Identity Theft Protection Essentials is available with every subscription of McAfee Total Protection 5-Device or 10-Device. This allows you to set up monitoring for several key pieces of PII—such as your passport info, Social Security Number, or driver’s license info—so you can be alerted should they appear on the web or Dark Web.
2) Use a VPN
Also known as a virtual private network, a VPN helps protect your vital PII and other data with bank-grade encryption. The VPN encrypts your internet connection to keep your online activity private on any network, even public networks. Using a public network without a VPN can increase your cybersecurity risk because others on the network may be able to easily hack into your browsing and data.
If you’re new to the notion of using a VPN, check out my recent article on the VPNs and how to choose one so that you can get the best protection and privacy possible.
3) Keep a close grip on your Social Security Number
Here in the U.S., the Social Security Number (SSN) is one of the most prized pieces of PII as it unlocks the door to employment, finances, and much more. First up, keep a close grip on it. Literally. Store your card in a secure location. Not your purse or wallet.
Certain businesses and medical practices may ask you for your SSN for billing practices and the like. You don’t have to provide it (although some businesses could refuse service if you don’t). However, there are a handful of instances where an SSN is a requirement. These include:
- For employment or contracting with a business
- Group health insurance
- Financial and real estate transactions
- Applying for credit cards, car loans, and so forth
Be aware that many instances of hacked credit cards come by way of internal negligence, rather than the direct efforts of cybercriminals. Minimizing how often you provide your SSN can offer an extra degree of protection.
4) Protect your files
Protecting your files with encryption is a core concept in data and information security, and thus it’s a powerful way to protect your PII. It involves transforming data or information into code that requires a digital key to access it in its original, unencrypted format. For example, McAfee® Total Protection includes File Lock, which is our file encryption feature that lets you lock important files in secure digital vaults on your device.
Additionally, you should also delete sensitive files with an application such as McAfee Shredder™, which securely deletes files so that thieves can’t access them. (Quick fact: deleting files in your trash doesn’t actually delete them in the truest sense. They’re still there until they’re “shredded” or otherwise overwritten such that they can’t be restored.)
5) Steer clear of those internet “quizzes”
Which Marvel Universe superhero are you? Does it really matter? After all, such quizzes and social media posts are often grifting pieces of your PII in a seemingly playful way. While you’re not giving up your SSN, you may be giving up things like your birthday, your pet’s name, your first car … things that people often use to compose their passwords or use as answers to common security questions on banking and financial sites. The one way to pass this kind of quiz is not to take it!
6) Be on the lookout for phishing attacks
A far more direct form of separating you from your PII are phishing attacks. Posing as emails from known or trusted brands and financial institutions, a cybercrook’s phishing attack will attempt to trick you into sharing important information like your logins, account numbers, credit card numbers, and so on under the guise of providing customer service.
How do you spot such emails? Well, it’s getting a little tougher nowadays because scammers are getting more sophisticated and can make their phishing emails look nearly legitimate. However, there are several ways you can spot a phishing email as outlined here.
Comprehensive security offers another layer of prevention here, in this case by offering browser protection like our own Web Advisor, which will alert you in the event you come across suspicious links and downloads that can steal your PII or otherwise expose you to attacks.
7) Keep mum in your social media profile
With social engineering attacks that deceive victims by posing as people the victim knows and the way we can sometimes overshare a little too much about our lives, you can see why a social media profile is a potential goldmine for cybercriminals.
Two things you can do to help protect your PII from being at risk via social media: one, think twice about what PII you might be sharing in that post or photo—like the location of your child’s school or the license plate on your car; two, set your profile to private so that only friends can see it. Review your privacy settings regularly to keep your profile information out of the public eye. And remember, nothing is 100% private on the internet. Never post anything you wouldn’t want to see shared.
8) Look for HTTPS when you browse
The “S” stands for secure. Any time you are shopping, banking, or sharing any kind of PII, look for “https” at the start of the web address. Some browsers will also indicate HTTP by showing a small “lock” icon. Doing otherwise on plain HTTP sites exposes your PII for anyone who cares to monitor that site for unsecure connections.
9) Lock your devices—and keep an eye out for “shoulder surfers”
By locking your devices, you protect yourself that much better from PII and data theft in the event your device is lost, stolen, or even left unattended for a short stretch. Use your password, PIN, facial recognition, thumbprint ID, what have you. Just lock your stuff.
And just like you covered your work while taking that math test in grade school, cover your work when you’re out in public. Or better yet, do your shopping, banking, and other sensitive work strictly at home or in another controlled situation. The thing is, crooks are happy to lower themselves and simply peep over your shoulder to get the PII they want.
While it’s necessary to talk about all of the digital ways a criminal can skim your PII, it’s important to remember that physical security, like being aware of your surroundings and simply not leaving your laptop in the car even for a moment while you pay for gas inside the station, is just as important.
10) Keep tabs on your credit
Theft of your PII can of course lead to credit cards and other accounts being opened falsely in your name. What’s more, it can be some time be some time before you even become aware of it, until perhaps your credit score takes a hit or a bill collector comes calling. By checking your credit, you can address any issues that come up, as companies typically have a clear-cut process for contesting any fraud. You can get a free credit report in the U.S. via the Federal Trade Commission (FTC) and likewise other nations like the UK have similar free offerings as well.
Consider identity theft protection as well. A good identity theft protection package pairs well with keeping track of your credit in the way I mentioned above, and should offer cyber monitoring that scans black market sites on the Dark Web, and Social Security Number monitoring that can detect if any new aliases or addresses are attached to your number.