In a world where people are flagrantly unafraid of exposing themselves, as well as personal information relating to them, as professionals we need to be acutely aware of how much information we are leaking. We’ve all heard the environmental expression ‘carbon footprint,’ but are we aware we also have a ‘data footprint?’

So how do we measure our data footprint? Here are three areas that may be worth considering:

Digital
Have you ever performed a Google search of yourself or your company? Trust me when I say, it’s an interesting exercise to undertake and helps determine how big our digital footprint may be. Every time we surf the internet or post on the internet, we leave a trail of crumbs behind us. Given half a chance, a hacker can easily retrace our steps using those crumbs, can profile us, glean an enormous amount of information about us and then deploy a spear phishing email campaign which easily tempt us. So be careful what crumbs of information you leave behind you on the internet.

The biggest crumbs are photos. Please don’t be fooled into thinking only our colleagues, friends and family can see photos we post. It would make your skin crawl if you realised how easily these photos can end up on the dark web and how they can be used. We need to realise anything we post on the internet, particularly photos, are totally out of our control. The fallacy is believing we know, or think we can control, who sees what we post.

It’s not surprising how few people now trust Facebook, considering their lax attitude to how they handle a person’s data. But isn’t it shocking how we all trust Linked-In? Because it’s a business-related app, no questions are asked….

If you regularly use a mobile device for work, it’s worth considering using a VPN to hide your IP address from hackers, as well as implementing an automatic lock for your display. This offers you peace of mind, should you accidently lose or have the device stolen. Also, can you track the device or remotely wipe it if necessary?

These are all controls which help us digitally cover our mouths, so to speak.

Eavesdropping
It’s frightening how many people give such little thought to what they are saying in a public place or fail to think about who might be listening to them. Have you ever been in deep conversation with a fellow employee as the lift arrived, squeezed into the lift continuing your chat without realising just how many listening ears are listening to every word you say?

I remember a number of years ago catching the train to Liverpool Street and listening to a man speaking on his mobile phone. Within five minutes, you would not believe how much information I managed to piece together regarding this man. I realised he was speaking to his estate agent, learnt he was looking to buy a new house, the exact address of the property he was selling, as well as the exact address of the property he was interested in buying. From a quick Google search of his new proposed address, I obtained a rough estimate of the property value, his proposed mortgage (which he also confirmed for me verbally) and from that I was able to calculate a rough annual income. To this day, I still believe had I written all this information down and presented it to the man as he hung up his phone, he would be absolutely horrified how much information he had leaked within such a short space of time.

When I related this experience in a training session recently, a client (working within Telecoms) related a similar experience and how they picked up a new customer whilst travelling on the train. They had overheard someone complaining about their IT issue, and as this person came off the phone my client approached them confidently stating: “I didn’t mean to eavesdrop on your conversation, but I might just have the IT solution you’re looking for!”

I just wonder if more of us covered our mouth when speaking in public places, we would substantially reduce our data footprint.

Shoulder surfing
I totally understand it is human nature to look over a person’s shoulder and read their messages. I’ve got to be honest, I do it all the time given the opportunity. The honest truth is, it’s a human weakness in us all, because most of us are nosey. And the fact we know this, should make us even more cautious when using our devices in busy places.

For instance, do we think about where we sit when working in public? Personally, I always ensure my back is to a wall, so no one can see my screen or any information on show. I would always encourage anyone who regularly works in a public place, to invest in a privacy screen protector to prevent unwanted eyes scanning sensitive information they are not entitled to view.

There’s no doubt, if more of us covered our screens when working in public places, we would substantially reduce our data footprint.

At ADL Consultancy our aim is not only to help you achieve ISO27001 registration but also determine how valuable your information is, where you store it, what risks there are to it and how to protect it. A lot of my clients have been pleasantly surprised as to how ISO helps professionalise them as a business and heightens their security in all aspects.

I suppose at the end of the day… even footballers could teach the business world a thing or two.

Covering your mouth when you talk, really isn’t as silly as it may seem.

Written by David Points – Quality, Information Security & Aerospace Consultant