Personal Data Currency

Your Personal Data is Currency – Lock it Down

Written by Luke O'Connell

How do you protect your personal data? Are you using multiple/fake email addresses? Monitoring your credit? Using payment providers? You should be. As one of the principal remediators for my company’s GDPR readiness, I get a lot of people asking how they can keep their personal information secure. The good news here is that it comes down to taking a few simple steps.

8 Steps to Securing Your Personal Data

  • The golden rule: Every time you submit your personal data, think of it as a transaction. Your data has a tangible financial value to every organisation so what are you getting in return? If there’s no value exchange here then stop. This escalates with the type of data you’re being asked for: name and email address are pretty inane but entering your date of birth and mother’s maiden name should get you thinking. Consider using secondary or fake data as in steps 2 & 3.
  • A tale of 2 emails: You should have at least a primary and secondary email address. Use your primary address for your core services, things like your bank, credit card, medical provider, utilities etc. Make sure only trusted services are here and register the rest to a secondary email address. This has multiple effects, from helping you guard against phishing attacks to email account compromise (hackers have to get your email address from somewhere, and it’ll more likely be from that gif site you registered to when you just couldn’t get enough cats). Finally, it means that you can, and should, rotate that secondary address frequently to reduce spam and on-going tracking.
  • Fake it ‘till you make it: How many times have you entered your real details into a café Wi-Fi portal? STOP. The majority of the time there’s no verification, so you can make up a name & email address to register with. If you need a disposable email address, use something like Mailinator, you can use any address @mailinator.com and this will allow you to click verification links in welcome emails if needed.
  • Use a payment provider & shield yourself: This one is simple: if you can pay via PayPal, Google Pay etc then do. You won’t have to share your details, especially financial, and you’ll usually have added refund protection when using those services.
  • Your passwords are currency, literally: See my previous blog article on password management and take note. Passwords are the keys to the castle and if you’re using the same password on your fan forum as your bank, then check yourself immediately.
  • No Phishing: It still amazes me that this works despite an increase in general awareness. A simple technique to avoid phishing is to never click links in emails. If your bank is saying that you need to update details, just login separately: they’ll tell you there if it’s a genuine request.
  • Monitor your credit: You can either use a credit monitoring service here (Credit Expert from Experian is £14.99 p/m at the time of writing) or set a calendar invite to order your credit report for free every 3 months or so. You can do that for free here.
  • Shred your personal data: Remember my paper-free blog? If it has your personal data, shred it. If you are likely to need it again, scan it, and then shred it.

In conclusion, these 8 simple steps will help guard your personal data from the rest of the world, but the golden rule is the biggest take-out here: your personal data is currency. It’s time to start treating it as such.