Financial Literacy

Nowadays, it seems you can't read the news without hearing about another large-scale data breach. Whether it's a massive retailer, a celebrity's smartphone, or even the U.S. government, nobody seems immune from being hacked.

And that's exactly right. We're all vulnerable. And things need to get better. Tens of millions of Americans are affected by a lapse in data security in a given year - sometimes with serious consequences.

Yet, there's no reason for resignation. We can't become passive in the face of constant security breaches. We can't accept this as "the new normal" or the price of doing business in the digital age. 

Instead, we need more vigilance and greater awareness. We need to embrace technological solutions to the problem of online security. We sometimes need to adjust our behavior.

In today's world, data is the key to almost everything. It connects us in ways we once would have thought impossible. That said, there's another side to that coin. Our data can be wielded as a potent weapon against us in the wrong hands. It can be used to hurt us financially or to discredit our reputation.

So, how do you walk the line between engagement with the digital world and your protection?

This series proposes to address that. We'll walk you through some of the steps needed to take to safeguard your personal information in several key areas:

• How to Secure Your Phone  
• Backing Up Your Personal Information  
• Protecting Your Accounts from Hackers  
• How to Protect Your Social Security Number  
• Social Media and Identity Theft  
• Medical Identity Theft  

Of course, the technologies and strategies used by identity thieves are constantly evolving. So, we'll also discuss how making a few smart behavioral changes can provide significant protection and how new technology can enhance that protection.

Ultimately, we want to give you a set of tools to negotiate many situations in which revealing personal information is necessary - and how to do so safely.

After all, it's your life and your data.

These days, a phone is no longer just a phone. For most of us, it's an extension of ourselves - a device tightly integrated with just about every personal and professional aspect of our lives.

While that makes our phones extremely valuable, it also makes us potentially vulnerable. Most of our phones are a treasure trove of sensitive information. That information is very attractive to online thieves - it can be used to access financial accounts and steal your data for identity theft. It can even be used in extortion scams.

Anyone using their phone for day-to-day tasks can benefit from enhanced protection. So, let's review the basics of better smartphone security.

Shopping? Follow Smart Security Practices

Shopping with your smartphone is great. You can make retail purchases with a click or two, often with data like your address and credit card number automatically entered from your device (or the cloud). 

To minimize the risk to your data, it's essential to ensure that you're patronizing established vendors with "best practice" security protocols. For example, if the website's URL starts with "http" versus "https," your data isn't encrypted - a risk that no legitimate vendor would expect customers to take. And if you're considering a purchase from a vendor you've never heard of before, at the very least, search for more information on the company first. Remember, the ads you may see on Facebook, for example, aren't necessarily vetted by Facebook. So extra diligence may be warranted.

Some vendors also allow you to set up multifactor authentication for site login. This extra step sends a code to your phone or email address that you must verify before enabling login, further securing your account and data. 

Use Secure Networks

Not all WiFi networks are created equal. For example, networks in public spaces will always be less safe than a well-protected private network. Not only may some public networks not be encrypted, but the open nature of these networks means that malicious actors can connect to the same network as you, increasing the risk of intercepting your data or launching attacks.

And some public WiFi may not be what it seems. Identity thieves have been known to "spoof" public networks - to create fake networks with similar names to snare unsuspecting smartphone owners. If you log on to one of these bogus networks, you may put your data at risk.

Be Vigilant About Apps

Apps from trusted, well-known developers are usually no cause for worry. But apps that don't meet those standards should be given substantial scrutiny. For example, suppose the app asks for too much access or information (think access to your contacts, camera, or accessibility settings). In that case, you may want to consider an alternative.

It's also a good idea to keep your phone's operating system up to date. Some security issues are not the result of a specific app but a vulnerability in the operating system itself.

Password and Biometrically Protect Your Phone

There are various ways to secure your device itself. Of course, you can use a standard four- or six-digit numeric password, but supplementing that password with a face or fingerprint ID offers even more protection.

Whatever options your phone offers, use at least one of them. Sure, it's a minor pain point to enter your password repeatedly, yet the security it offers is well worth it.

Use Phone Tracking 

Losing your phone is a nightmare on multiple levels. There's the financial cost, plus, if your phone isn't backed up, your photos and other data. Most worrying of all, however, is that others may be able to access your device. 

If your phone is lost, tracking down its precise location is incredibly useful. Find My iPhone and its Android-based equivalents are very effective at finding lost devices. And if your device can't be found, remotely wiping it also protects your security.

The Bottom Line

There are now billions of smartphones in circulation, making them extraordinarily tempting targets for hackers and identity thieves. That's why it's critical that you protect your phone with the same care you give your laptop or home computer. Do that, and you can shop, text, and talk with as much security as possible.

You’re probably familiar with the sensation -- a sick, sinking feeling when you realize you've lost valuable personal information or other online data. No matter how careful you are, it's something that happens to everyone. Often it's for technical reasons entirely outside our control.

What happens next, however, is completely up to you. If you back up your data, you can easily retrieve a copy. If you fail to back it up...well, maybe that data you lost will miraculously reappear, right?

That is the situation that awaits anyone who doesn't take precautions. Yet many of us consistently fail to take even the most basic backup measures.

Luckily, there's an app for that -- a way forward for even the most backup-averse among us.

The "Set It And Forget It" Era Of Data Backup

It wasn't too long ago that data backup was a fairly laborious process that involved floppy disks and other obsolete storage devices. These days, fortunately, backing up data requires nothing more than a few button presses or keystrokes.

That easy accessibility hasn't ushered in a golden age of perfect data backup, however. Many of us still choose to work without a safety net, as even the smallest outlay of time and effort often leads to procrastination.

As mentioned above, modern technology is hard at work solving that problem for us. There are several options available that render the backup process so seamless as to make procrastination a non-issue.

Dropbox is one such app-based solution. It offers a set level of free cloud-based storage to users, then charges fees on a sliding scale as storage needs increase.

The mechanics of Dropbox make file backup virtually foolproof. You can set the app to automatically upload your data to their servers as soon as that data is created. Snap a photo or create a file, and Dropbox will automatically upload a copy.

Apple's Time Machine is another simple solution to the problem of file backup. It provides comprehensive backup and restore functions to your Mac, and requires very little effort to set up. The interface is a snap, and Time Machine will create regular, automatic system backups as soon as it's enabled.

These backup and storage solutions operate on a brilliant premise: If people don't back up their files consistently, just have them opt in once, and make the process automatic.

While these are two of the most popular backup products in the market, you have a wide range of apps to consider. If you're looking for something more tangible, you may always opt for an additional external hard drive -- or two. Just don't keep them in the same place.

Whatever approach suits you best, just make sure your backup and storage settings are comprehensive and in working order.

Do that, and you'll never have to hammer your keys in data-losing desperation again.

Many of us seem relatively unconcerned about the potential of being hacked, even though our financial security may depend on it. And that's precisely the mindset hackers count on and profit from. You're at risk if you live any part of your life online (virtually impossible not to these days).

Don't head for the hills to pursue a life "off the grid" just yet. Hackers, like most people, prefer the path of least resistance. They cycle through vast numbers of potential victims, searching for easy marks. That means if you employ even the most basic safeguards, your odds of being hacked diminish considerably.

So, let's talk about how to avoid becoming a victim.

In Praise of Strong Passwords

Here's the inviolable online security rule: always have a strong password that is at least eight characters long. Don't use your nephew's name, your birthday, or anything else with a personal connection.

If you want premium protection, take the password generation task out of your hands and use a password management software application or browser that can automatically generate strong passwords for each of your online accounts. But keep in mind that using a browser for password management, for example, means all your passwords are only as secure as your password for that browser.

For the best protection, use two-step authentication to secure your accounts. This type of authentication requires a password and a code sent to another of your devices - a text to your phone or an email. Suppose you want the current gold standard in account protection. In that case, some services also support using an authentication device that generates new codes every few seconds. Apps like Google Authenticator can be downloaded to your phone, or you can purchase a dedicated authentication device.

Manage Your Data

Don't use an app you downloaded two years ago? Don't let it linger. Consolidate your online presence by deleting accounts that have reached zombie status. The less useless information you have sitting online, the better.

Another best practice is to back up your personal information consistently. You have two basic choices: an external hard drive or a cloud-based service. Both will prevent the awful feeling of losing important files, photos, and personal information.

Adjust Your Behavior

Get a fantastic email offer that seems dubious? Delete it immediately. If the slightest internal alarm bell starts ringing, don't follow through. Phony emails are the bread and butter of hackers and phishers for one reason - they still work.

Attachments bear the same scrutiny. If you need clarification on the sender, never open an attachment. In the worst-case scenario, a hacker can take control of your computer, harvest the data, and use your hardware for nefarious purposes.

It's also wise to pay close attention to what you share on social media and in the cloud. Hackers can use anything you post or say publicly to access your computer or accounts. It's important not to underestimate their skill - even the tiniest scrap of seemingly innocuous information can be leveraged against you.

Staying Safe and Secure

Target. eBay. Bank of America. Snapchat. These names represent just a handful of the entities that have been hacked in the last two years. If it can happen to them, it can happen to you.

That's why it's critical to follow the steps outlined above. We can't guarantee our online security, yet we can give ourselves the best chance to avoid hacking-inspired financial disasters.

Though it seems a bit hard to believe today, our Social Security numbers weren't designed to be an all-purpose identification method for retail stores, schools, and government offices.

When they were created in 1936, these numbers were strictly meant for tracking your earnings and calculating your potential benefits. Since then, of course, the use of the Social Security number has radically expanded. It often seems like you can't order a mocha latte without being prompted for your number.

While that might be convenient for businesses, it's not always great for us. Identity thieves often target Social Security numbers to ruinous effect.  The simple act of having your number stolen can lead to significant financial setbacks -- and months of follow-up work to clean up the damage.

With that in mind, let's examine some steps you can take to protect your most sensitive information.

Be Judicious About Giving Your Number Out

There are no restrictions on when a business or organization can ask for a Social Security number. This has helped usher in an era of "information creep," where consumers are asked for identifying information even when it's obviously not necessary. Businesses want as much information about you as possible, as more data means more effective marketing.

It's your job to resist this overreach. Don't involuntarily serve up your number just because you're asked for it. Feel free to ask why it's necessary. If you're not satisfied with the answer, it's OK to say no. Does your school district really need your number? Your doctor? Or your grocery store? If you're not convinced they will be able to safeguard your information, then speak up.

Don't Carry Your Card in Your Wallet or Purse

Many of us make the mistake of toting our Social Security card around with us. Yet that's a bad idea. The Social Security card isn't a driver's license. You don't need to display it very often, and if a thief swipes your purse of wallet, you've just given him the "golden ticket" of identity theft. Even more worrisome, today's thieves don't even need to steal the card -- a quick glance at the numbers or photograph gives them all the information they need.

Instead, lock your card in a safe or another secure location at home, and pull it out only when you need it.

If Your Number Has Been Compromised, Act Immediately

It seems like news of a large-scale data breach occurs on a weekly basis. And some of these breaches are truly massive, involving tens of millions of numbers. If you've been snared in this web of misery, it's vitally important to take steps to protect yourself -- people who have had their Social Security numbers exposed in a data breach are five times more likely to be a victim of identity fraud.

Requesting a copy of your credit report and signing up for monitoring is the best way to protect yourself. Many companies offer these services for free in the wake of a large data breach. You should take advantage of the offer -- and stay vigilant when it comes to checking for unexplained activity.

Keeping Your Number Safe

Your Social Security number is the key to your financial life -- it unlocks everything. Follow the advice above, and you'll increase your chances of staying untouched by identity theft.

The Information Age has bestowed numerous wonders upon us. We have encyclopedic knowledge just a fingertip away. We can video chat with our friends and family from the remotest locations. We can communicate with thousands of people across the world through dozens of social channels.

Yet these amazing gifts don't come entirely without a price. If you're not careful, what you reveal online can compromise your personal and financial security.

The Facts About Social Media and Identity Theft

It seems hard to believe that modern social media is only around a decade old. In that short time, social platforms have become a nearly indispensable tool for consuming media, searching for a job, or maintaining relationships with friends, family, and colleagues.

Yet this deep integration with our lives presents certain challenges. Social media platforms aren't providing their products as a service to humanity. These are profit-seeking companies that harvest your data as part of their business model. Rather than paying a fee to use most of these products, you provide something just as valuable -- personal information.

In the proper hands, the uses for that information may be fairly benign. A social media network may merely want to better understand your preferences, in order to offer more relevant content. In the wrong hands, however, the constant exhaust cloud of data we leave in our wake can do serious damage.

How to Avoid Becoming a Social Media Target

There are a few common sense strategies you can employ to avoid becoming a target of social media identity thieves. First, it's critical that you exercise discretion in terms of what you reveal. Don't post information that is of obvious value to a criminal, such as your Social Security number or bank information. Don't post your vacation itinerary. Avoid leaking any information that could help thieves guess your password.

It's also a good idea to review your privacy settings across all of your social networks. If your default setting is public, you're potentially serving up a gold mine of identifying details to people with nefarious intentions. It's a smart idea to limit any personal information to people inside your network, or perhaps one step removed (a friend of a friend, for example). This information includes your full name, date of birth, city of residence, work history, etc.

The Power of a Strong Password

Even someone who practices total discretion online can still be undermined by a hacked password. That's why it's important to employ very strong protection. Consider the following steps to secure access to your accounts:

• Change your password regularly
• Use at least eight letters with one digit
• Use random uppercase letters
• Never use a password that's easy to crack based on public information about you
• Use two-step verification whenever possible, such as adding a phone number
• Balancing "social" with "safe"

Navigating modern social media requires a balancing act. The platforms are built upon a foundation of personal disclosure. Yet disclose too much and you expose yourself to serious financial threats.

By following the steps above, you can enjoy all of the benefits of social media -- without worrying about the risk.

The days of your physician keeping your records onsite in a filing cabinet are over.

Today, your medical records and personal information are typically shared across massive insurance and health care provider networks. Digital records are more efficient and accurate -- two big bonuses for patients.

Yet these improvements come with a price -- new security concerns. Now that our medical data is out there, it's a tempting target for sophisticated hackers.

Given the very sensitive nature of medical information, that's serious cause for concern. And given the number of recent large-scale data breaches, that concern seems well founded.

Preventing Medical Identity Theft

Since the beginning of 2015, roughly 100 million people have been affected by medical data breaches. That's hardly uncommon; statistics show that the healthcare industry is the number one target of hackers.

Medical records are great targets for hackers to mine. They offer a detailed mix of personal, financial, and health information. This data can be used to steal money, or, in some cases, to even pursue medical treatment in someone else's name.

It's important to realize this is no small potatoes endeavor. Large collectives of clever hackers are systematically targeting the health care industry because this treasure trove of information is so valuable. Once stolen, your data is sold on the secondary market for significant sums of money.

After that, all bets are off.

Because the health care industry was among the last to fully digitize (due to its complexity and lingering privacy issues), it has some of the newest and most vulnerable security infrastructures.

That means it's important that you do everything you can to help safeguard your data.

Let's review a few basic steps to take:

• Request copies of your medical records from your physician or insurer
• Review these records for discrepancies or inaccuracies
• Keep a close eye on your credit report
• If you use a credit monitoring service, include health care procedures among the activities watched
• Only give out sensitive information (such as your Social Security number) when absolutely necessary
• Pay close attention to your explanation of benefits and mailed correspondence and check them for irregularities

The Risks of Inaction

Medical identity theft is perhaps the most dangerous online data crime. Should someone steal your information and seek medical treatment in your name, the risks go well beyond financial concerns. Your medical records may become intermingled with the records of your identity thief -- a scenario that could cause untold chaos the next time you need medical attention or prescription medication.

Given the alarming frequency of medical data breaches, it's important that you give strong consideration to steps listed above. By doing so, you lower the risk of suffering a potentially devastating personal attack.