Privacy Check Tuesday

Category

Privacy, Awareness

Risk Level

Threat Levels-02.png
 

Cybersecurity and privacy are intrinsically connected.  The ability to protect your privacy often relies on cybersecurity working correctly.  For example, if a healthcare company fails to protect your information and a hacker steals your health records, this is a huge violation of your privacy.

We’ll talk a lot about privacy here on the ACT, but today we’ve got two quick checks for you:

Off-Facebook Activity

Facebook (or is it FACEBOOK now?) has been in the news for myriad privacy related issues.  We won’t dive into them here, but Facebook’s bread and butter has always been its advertising revenue.  By collecting a lot of information about you, they can start to create a “profile” about who you are and what you like.  This helps them link you with companies whose products and services may interest you. Companies will pay Facebook money to advertise in the hope that these ads will ultimately turn into sales.

Facebook has a setting called “Your Off-Facebook Activity” that can help you understand what companies are feeding information to Facebook to help build out your “profile”.  While this can be useful to help you find better products and services you may be searching for, it can also be used maliciously. The best way to make sure it’s being used properly is to go check the list that Facebook provides for you.

On your Facebook app, click on the three bars icon in the bottom right (also called a hamburger button).  Scroll down and click on Settings, and then scroll down and click on Off-Facebook Activity. Click on Manage Your Off-Facebook Activity and you’ll be prompted to enter your Facebook password.  You’ll then be presented with a list of websites and apps who have contributed or are contributing information for your “Profile”.  If you don’t like some of them contributing, you can click on the [name of business or organization] and then click on Turn off future activity from [name of business or organization], then click Turn Off.

You can also stop Facebook from collecting any future off-Facebook activity, but beware, this may break some websites and apps you use.  Under the Your Off-Facebook Activity menu, click More Options > Manage Future Activity > Manage Future Activity.  Next to Future Off-Facebook Activity, click the switch to off and then click Turn Off.

We recommend you also do a dive through your other Facebook settings while you’re here, especially the Apps and Websites list located a quick scroll up from the Off-Facebook Activity menu you were just in.

Securing BGP

Cloudflare, a cybersecurity company, released an amazing tool to check if your internet service provider, or ISP, properly secures BGP.  BGP stands for Border Gateway Protocol, and as Cloudflare puts it:

Border Gateway Protocol (BGP) is the postal service of the Internet. When someone drops a letter into a mailbox, the postal service processes that piece of mail and chooses a fast, efficient route to deliver that letter to its recipient. Similarly, when someone submits data across the Internet, BGP is responsible for looking at all of the available paths that data could travel and picking the best route, which usually means hopping between autonomous systems.

BGP is what makes the internet work.  Remember when we talked about your router and all those “trees”?  The problem is that the internet wasn’t built securely by default. There have been some major attacks against BGP that have caused huge problems for internet users everywhere.  Wikipedia notes 17 of them, but these were just the ones that were big enough to be publicly noticed.

Unfortunately, there’s nothing you can do to fix this.  However you can choose to only use ISP’s who use BGP securely.  If yours doesn’t, contact them and tell them to fix it! And if you don’t know what any of this means, or just want to know if your organization is at risk in a clear and easy to understand way, our Vulnerability Assessment is the right way to go. 

 

Follow us - stay ahead.


Read more of the ACT

Previous
Previous

Your IT Investments May Not Be Keeping You Safe

Next
Next

Number of Suspicious COVID-19 Websites