Where does your data come from? What is your data?

Data can be anything- your shopping history in Amazon, the grocery store you subscribe to for delivery, your internet browsing trends and history (hello, cookies). More invasively, this data often connects to you at a granular and personal level- your IP address, your device, which browser or app you used. Often, information collected can dive into your age range, ethnicity, education, and gender. This is all before even touching on the limitless amount of times you have inputted your email address, first and last name, job title, state, or the reoccurring password reset questions such as “Where did you attend high school?”. 

We have to be alert and wake up. The internet isn’t going away, and if we don’t set a standard of digital security for ourselves as individuals, we make ourselves open to identity fraud, financial theft, and our safety. Anyone can get the answers to half of those preset password reset questions from a combination of Facebook and LinkedIn if you’re active on both. Did you put your high school and alma mater on your LinkedIn profile? Is your mom listed as your mom on Facebook? What is your mother’s maiden name? Yikes. I hope a few of you shuddered just now and checked your privacy settings.

“Wait, I don’t own my data?”

Unfortunately, as it currently stands- no. There are varying limits and regulations in place depending on the country, but overall and simply put everything collected from you digitally is not owned by you. This begins the complex and ethically questionable practice of different types of companies and retailers selling subscriber lists, shopping intent, and information such as email/name/age/gender/device.

To some extent, we’re all guilty.

Listen, I am here, in this open, expansive space yelling into the abyss of the internet about security, let me yell one more thing: I’m not judging you. I was only a teenager when my identity was exposed through a data leak connected to my first email. I didn’t think much of it, I didn’t even change the other accounts I had at that time with the same password- just the one email. I moved on. Done. Fixed. 

That is until I went to get my license. At 16, in the DMV of my hometown, with my dear mother beside me, the clerk squints at her screen. We had all the required paperwork. I had passed my driver’s test. Why were we standing here for so long? She notified me someone had recently attempted to get a license. Under my name. With my social security number. The horror on my mom’s face was remarkable. I remember the inner sleuth inside her begged the clerk to give her more information- it was confidential, they couldn’t. Now, to connect the two directly is impossible for me. But, I am sure a mass data leak and improper account safety certainly did not put the odds in my favor. A recent example is the Red Cross network- that a hacker had access to for over 70 days before it was noticed and remedied (Arghire, 2022).

“Do only large businesses see this? Who has access?”

The answer to this is a loud and resounding no. Anyone who manages a website, blog, company, or channel can collect your data. If you’ve read this far in my blog, I’m sure you’re wondering what my true intent has been with these routine blogs. Folks, I have written and edited content for years. Writing a blog doesn’t stump me. This blog doesn’t stop at a social media post and hoping you hear out a small portion of what bumps around my brain at night. I’ve been tracking your data.

If you try to stick it to me and leave now, that’s okay. I’ve already captured your data. All you can hurt is my bounce rate.

Does that sound creepy? Admittedly, it is a little bit. But, I guarantee this is not the first time you’ve been used for your data. Probably not even the ten-thousandth time. If we consider myself a brand, you’ve been following the content published by what is referred to as a Personal Brand– that is, myself. The post I put up on my accounts through varying social media platforms enables me to track who likes, comments and shares my posts. But, you knew that. The links I put in each post (for those of you who clicked) have embedded tracker links. This allows me to see how many clicks I received by the day, hour, minute, and to which page. What adds a final touch to my creepy-professional-connection-tracking-your-data persona is the analytics portion. 

By simply integrating specific codes and trackers through my free Google Analytics and Search Console accounts into my blog website, I am opened to a world of new possibilities. What I said earlier at the beginning of this post, about what information can be tracked, is not a special case. In the modern world, this is the status quo. More than anything, I challenge you to take this moment to consider the private information and vulnerabilities that you have left behind in the data footprints you left while walking the internet- and then try to clean it up.

“What information did you collect?”

Ever wonder how that brand you’ve been thinking about suddenly started sending you emails and targeted advertisements? Now, it is more like how couldn’t they? Since I am a single person, with a network full of exclusive connections I know or are in the same field as me, it is easy to weaponize this data.

Less than 5% of my overall traffic was by readers with security settings that prohibit me from tracking their location, gender, or age.

Even then, I still captured their device, browser, and all their marketing metrics used to measure the growth or decline of my public voice. For the other 95% of my readers: over half of you work in security and at least a quarter in digital marketing of some kind. Do better! I can tell which of you read (or at least clicked) previous posts by the city you read from, as well as what type of device you’re viewing from. 

 I plan to publish the entire spread at the end of this project for any curious eyes, but here are the following metrics I tracked: country, city, operating system, browser, age range, gender, users, new users, sessions per user, page views, pages per sessions, session duration, bounce rate, clicks by day, clicks by blog, likes, comments, shares, impressions, new connections, and profile views. A large amount of these metrics can be directly linked to individuals since I know my audience and can identify by social media interaction, device, location, and other identifying factors.

What can you do to better prevent your information from being exposed?

 First of all, I highly encourage you to read this link for a more secure password strategy and your general internet safety. As a people, we all carry the responsibility to make the internet and digital world safer for one another- on an individual, corporate, and federal level.

Data is the pollution problem of the Information Age, and protecting privacy is the environmental challenge. – Bruce Schneier

Not All Collected Data is Bad Data
– Conclusion From A Digital Marketer/Data Analyst Who Allows Cookies

Not all collected data is bad data. If I trust a site, I allow cookies. I allow my data to be captured, analyzed, and used- because it benefits me. My digital experience is enhanced through my data being tracked- companies can better suggest resources, products, and ads based on my interaction, history, and pre-filled forms. If you make your data as private as you possibly can, some websites will have a difficult time giving you as convenient and easy an experience. Another setback of too strict of privacy settings can be the inconvenience of forgotten passwords, usernames, less accurate search results, ect.

There are precautions I take across the board, such as only allowing my location to be used in apps or sites that pertain to navigation, health, or safety. I ask apps to not track data if they are companies that I don’t use often or don’t trust their published data ethics.

References

Arghire, I. (2022, February 17). Hackers Had Access to Red Cross Network for 70 Days. SecurityWeek. Retrieved from https://www.securityweek.com/hackers-had-access-red-cross-network-70-days

Chai, W. (2021, April 12). What is Google Analytics and How Does it Work? Search Business Analytics. Retrieved from https://searchbusinessanalytics.techtarget.com/definition/Google-Analytics

De Groot, J. (2021, January 25). 101 Data Protection Tips: How to Keep Your Passwords, Financial & Personal Information Safe in 2020. Digital Guardian. Retrieved from https://digitalguardian.com/blog/101-data-protection-tips-how-keep-your-passwords-financial-personal-information-safe

Henderson, G. (n.d.). What is Personal Branding? What Is Personal Branding? Retrieved from https://www.digitalmarketing.org/blog/what-is-personal-branding

Kaspersky. (2022, February 9). What are Cookies? www.kaspersky.com. Retrieved from https://www.kaspersky.com/resource-center/definitions/cookies

Ruberg, B. (n.d.). What is Your Mother’s Maiden Name? . Retrieved from https://ourglasslake.com/wp-content/uploads/2018/02/Ruberg-FMH-Mother-Maiden-Name-July-2017.pdf

Lobbies, Doorways, and Hallways: Safety Pain Points

Entrances and places where the general public, employee, or tenant walk pose two main risks: when someone who shouldn’t be there is there, or when a disaster strikes. Do you have an emergency plan to vacate in case of fire? What about when unauthorized- or even dangerous personnel are present? How will you both prevent and control these events?

With a technology boom in recent years, it is crucial to have a building not just smart enough to detect when a risk is present, but to be more intelligent than attempt to steal assets, data, or put the general safety of those present at risk. Enter: the Smart Building. A Smart Building is a crucial and relatively new surge in the security industry to tailor a building to shift security from reactive to a state of proactive sensing and deterrence.

Access Control: Enforcing Credentialing with Software

Access control is a broad term used to describe the systems that identify users and authenticate their credentials; thereby deciding whether or not the bearer of those credentials is permitted admission to either a physical or digital asset.

Access control is software that works on a verification basis, also known as credentialing. Biometrics, proximity cards, and key codes are types of verification credentialing that can be run through access control. Access control reads the credential and will compute demand-based decisions in real-time to either unlock the door, open the turnstile, or permit entry. If the entrant is not authorized, the entrance can remain closed, and even sound alarms or alert security personnel or building management to the attempted entry. Access control enables capabilities such as population counting, weapons detection, and mask enforcement when paired with entrance control hardware, like optical turnstiles. Below, you can see how such complicated access control software work in stages of protection and verification. 

Entrance Control: Allowing  Authorized Entrants

Entrance control is the first line of defense for physical on-site threats of any office park, apartment complex, corporate headquarters, hospital, or other building. There are security guards, metal detectors, locking doors, full height turnstiles, and optical turnstiles that are all valid and practical forms of security that start at the door. Entrance control hardware interacts with the access control software to create a physical barrier with intelligent decision making, to optimize building safety.

References

Cohen, M. (2019, March 25). How to Protect the Physical Security of Your Data . CREA Café . Retrieved from https://www.creacafe.ca/how-to-protect-the-physical-security-of-your-data/

Siemens. (n.d.). Security in Smart Buildings Overview. Youtube. Retrieved from https://www.youtube.com/watch?v=JSLN0ucAlK0