Data security for left behind parents

In my previous post I detailed how I lost a lot of precious photos. Now, I want to share some practical data security tips on how to keep your data private and secure. This is an increasingly important issue because platforms such as Facebook encourage you to add as many ‘friends’ as possible and share as much as possible. Also, unless you are a target, e-mail security usually just means having an okay password and not clicking on phishing links. The thing is… what do you do when your attacker knows all of your passwords and has strategically installed back doors in your devices? Also, what if they get help from expert hackers?

Odd on if you’re holding down a stable job and worried about the welfare of your abducted children, you won’t have a lot of time or patience for such behaviour. I’m no expert, but here’s a few tips to get you started.

E-mail data security

Data security for your e-mail is paramount. If somebody hijacks your e-mail then they can likely get access to a range of other online data using password recovery systems. Solution? Lock it down before you do anything else. No, Seriously! Otherwise, there’s no point getting started on other data security issues. You use Gmail or Hotmail, or any other popular e-mail platform? Great, people can still hack it.

Use a good e-mail provider, a good password and 2-step verification

If possible, my rule number one is to make a new e-mail address. Why? If somebody doesn’t know your address, they can’t hack you. One of my favourite e-mail providers is Hushmail because they have a big focus on privacy and security. Even if it’s just for contacting your lawyers and doing business, I recommend setting up a Hushmail account. Whether or not you setup a new account, set a good password (e.g. a sentence or the first letter of each word in that sentence with symbols and numbers) then make sure 2-step verification is enabled. This will provide protection from people guessing your password. Also, if they do guess it (or otherwise obtain it by unethical means), you have a second layer of protection.

Change your password regularly and monitor who has logged in

From time to time, change your password. Also, most e-mail providers have a log of who has logged in, and where. Check it regularly. If 1/2 the people who have logged into your account are from Russia then more than likely your ex has hired a hacker. Change your password, deauthorise all devices approved to view your account and be careful. If the history of who has logged in has magically been deleted and/or disabled then same thing, but make sure it’s enabled for next time.

This may sound silly, but it won’t when you’re a victim of it. In my case, my ex-wife received a criminal conviction for bashing me, just before we broke up. If your ex has abducted your kids and lied about it, I’m sorry, but you can no longer trust anything they do or say.

Quick fix – use your work/university address

If you’re really worried and need a quick fix for data security, one thing I did was use my work e-mail address for official correspondence. Check your workplace policy, of course, but if they have a really secure system with enterprise-grade protection then that’s a plus. Be aware that somebody will probably be able to read e-mails sent from work, and decide whether this is okay.

Facebook security

Facebook’s data security is similar to e-mail in that you want a strong password, 2-step verification and to occasionally monitor who else is using your account. However, it’s a little different because you also have ‘friends’ and ‘friends of friends’. Therefore, you want to make sure only the right people can access your data.

First… get those baby photos off Facebook and store them offline

Opinions differ on this, but it’s a fact that paedophiles stalk Facebook, download photos of kids and will Photoshop you and your kids into disgusting photos of child abuse. DON’T LET THEM! Keep all your child’s photos offline and don’t plaster their face all over the internet. When they grow up they can make that decision but as a kid, your role as a parent is to protect them from harm, so take those photos down and put them onto a cheapo USB hard disk for now.

Cull your ‘friends’ and setup strict access groups

Facebook is not a game of who has the most friends. For data security reasons, you should only add people who you can trust. My rule of thumb is that if I don’t know somebody in person, they shouldn’t be on my list. Set a challenge… try to have as few friends as possible. I dare you to delete your high school crush who is still single. Use a dating site, not Facebook, if you’re looking to meet people.

Once you have culled your list, make all of your content private and setup access groups. You’ll want (for example) lists for best friends, friends, family, colleagues…etc. As a rule of thumb, don’t do anything that ‘everybody’ can see. A basic test for whether somebody should have access to something is a need-to-know test. Who needs to know what you’re sharing on Facebook?

If it’s nobody and you’re just boasting about something you did because you want to get as many likes as possible then think to yourself… WHY?!?!? Post it anonymously on reddit or something if you REALLY need to share an observation about society. In the wrong hands, the simplest of things are important data. Data security is about protecting that data. For example say you notice a guy wearing a funny hat at a cafe you visit every day. If you post that then everybody who can see it now knows that you go to that cafe every day, and they can estimate the time that you visit it. In aggregate, they can suss out everything you do and use it against you.

Don’t add some random girl who added you just because she looks pretty and has 1 or 2 common friends!!!

This is the oldest trick in the book, but a good one. Don’t risk your data security by adding randoms who you find attractive!!! Facebook’s privacy settings are a bit funny because a ‘friend’ or a ‘friend of a friend’ almost always gets special privileges. Funny (slightly naughty) story… when I was a kid I used to use a file sharing service called Hotline. People ran file servers from their home PCs and shared things like games, apps and music. To download, server admins usually said ‘you must upload lots of good things if you want to download’. If I was too lazy to upload, I would change my name to something like ‘Sarah^_^’, tell the admin I lived in his city and ask for access so that I could download a photo of him. BOOM… I would not only get access, I’d be an admin within minutes and when he went offline I’d boot everybody out (to maximise my speed), download everything and delete the evidence.

If I could do this in the 90’s, of course people can do it today. Don’t be fooled! And if you already have been then delete all of these ‘friends’ of yours NOW. You probably already have friends who say ‘yes’ to every cute girl who adds them. This is a threat to your data security because they are now a ‘friend of a friend’ to you. Thus, I suggest unfriending acquaintances/desperadoes who fall within this category.

Beware of identity thieft

Just quickly, data security is often about protecting your identity. For example, in a previous post I mentioned that my ex-wife made up pseudonyms, harassed me and then tried to claim that I’d harassed her. In one case she used my address, phone number, e-mail address and credit card to sign-up for a private investigator service. During court proceedings she said ‘HE HAS BEEN STALKING ME!!! THIS PRIVATE INVESTIGATOR WAS STALKING ME!!’ I never hired that private investigator. However, the court asked him whether I was a client and he said ‘yes’. When I called him to ask ‘well if I’m your client, what did we discuss? Can I have my file?’ he said ‘no’. This gave my ex-wife a free kick at goal because she could claim I’d asked this guy to do ANYTHING when in reality I knew nothing about him.

So it sounds silly, but this is why I noted above that you don’t want to share even little things. If somebody’s stealing your identity in order to steal your money then it will be obvious because your bank will call up saying ‘hey, all your money was just spent on Louis Vuitton handbags overseas, are you currently overseas?’ If it’s your ex then it may not be this obvious.

A personal example of what your ex might do with a stolen identity

My experience is that my ex simply hung onto personal details, passwords and other little facts ‘just incase’. As we entered things like court proceedings and mediation, she pulled them all out and did her best to forge actions that would make me look bad. While the courts ended up ‘ignoring’ such things as their relevance was minimal and they had no substance, I think that the image still stuck. Judges can’t completely un-read or un-see a false letter that you’ve supposedly sent to somebody’s family, threatening to commit atrocities. Even if you can prove that it’s a fake (e.g. ‘that’s not my hand writing’ or ‘there is no stamp from the post office so this was never sent’), your image has been tarnished. A fake letter has appeared, it has your name on it. Abductors regularly use such tactics to paint themselves as victims and create doubt/uncertainty in people’s minds. Remember, they’ve abducted children. They have no moral standards! They’ve already shown they are dishonest and they have gotten away with it. Thus, your data security is VERY important. Don’t give them a gratuitous free kick by posting your data everywhere…

Final words of advice

Regarding data security, this is just a start. Long-term you’re going to want to setup a solid offline storage system for your personal records. While one option is purchasing a physical cloud server (so that you know where your files are), I think that having an air-gap between your precious data and the internet is paramount. If you can’t afford to lose something then keep it offline in a USB hard disk. If your ex has access to your house, you’re still in touch with their common friends (who might side with them) or you’re entering into a new relationships with somebody who might get jealous of your past, then you’ll probably need a 2nd or 3rd hard disk. Give one of these to a friend you really really trust and give the other to your parents. Think… if your house burns down, how will you access that data?

If nothing else, I hope this post makes you more vigilant about your data security. Call me a tin hat or whatever, but I got burned REALLY badly by assuming that my data was secure and it caused all sorts of mental health problems knowing that there were worms eating through my private data. Data security is a real issue. I think it’s impossible for your data to be too secure.