5 min reading
Tue Oct 04 2022

How can your digital footprint grow out of control

issy-bailey-tEIHSmfwznM-unsplash

Gartner reveals that "the ever-expanding digital footprint of modern organizations drives this year’s top cybersecurity trends".

This is one top trend that your company might be interested in, regardless if it's a modern organization or not. The time and cost of building a brand identity can be hard to recover in case of a cyber attack. In today's online reputation realm of social media, cookies, or overcomplicated privacy settings, the digital footprints of any business can be a target.

Your digital footprint

Screenshot 2022-10-04 at 19.22.40.png

As an individual the digital footprint is the trail of data that you leave behind on the Internet. It's your online presence. This includes different websites visited, browsing history, accounts you no longer use, sent emails, information submitted online. If you would like to know more, the researchers at Kaspersky, a leading antivirus provider, put together a long list of how we might overshare online.

There's active digital footprints - when you share proactively on your social media accounts or search google. And there's passive digital footprints - when information is collected about your online activities, many times without your knowledge or consent. This can mean browsing history, personal information or search engine cookies.

If as a user the trail of personal data can come from as many sources as described above, it comes as no surprise that as a company, the list becomes longer. To name a few:

  • sensitive data or private data stored on databases outside of your perimeter leaving a trail of potentially compromising information
  • devices logging information about your business, from ip address information, to the (strong) passwords in your organization, to credit card information(especially payment data), cookies, access, phone number, location or apps information.
  • unmanaged assets such as IoT devices which may belong to users who can be employees or clients, who rely on you to protect the security of their sensitive personal data.
  • any other data, websites, social media accounts or online accounts, or old accounts in the IT digital shadow of your organization.

By now, we can get an idea of how both the individual and the company digital footprint grows out of control, when unmanaged. Following this scenario, below we will go into what happens if digital footprints end up in the wrong hands.

Why you may want to care what you share

5f02d13c-1364-416b-8f14-8f2d61b0a94a.jpg

On a personal level, here are a few things to consider about your online activities:

  • Your posts, and personal data are probably permanent, and once made public, such as via Facebook posts, you have little control over how others use it.
  • Your digital footprint becomes your digital reputation, which in today's world is as important as your offline reputation.
  • Employers tend to check their potential employees’ social media before hiring. Universities could research their potential students digital footprints before accepting them too.

At company level, business growth sometimes seems to go hand in hand with its exposure on the Internet. Business growth here can mean moving to a new data center, changing hosting providers, a new cloud provider or moving from on premise to cloud and so on. If we're considering data alone, any of the data moved to the new IT context could be hosted on a different continent. Same goes for marketing or advertising departments which bypass IT departments in launching websites, or creating online campaigns. These are examples of how your digital footprint can grow out of your control.

So here are a few main reasons why it is important to take stock of the digital footprints that leave a trail. First is potential reputational damage, which can affect individuals or business in ways that may be hard to recover from, such as lose of credibility and trust.

Second, which is related to the first, is ensuring business continuity in case of a cyber attack. Equally, if someone impersonates an individual using their publicly available personal information, they can steal or use credit card information, for example.

Privacy cynics will claim that they have nothing to hide. However, we hope that the reasons we shared above will inspire you to have more of a secure minded approach to what you post or create on the Internet.

A few ideas on how to reduce your digital footprint

Screenshot 2022-10-04 at 19.22.32.png

As an individual, one idea is using a virtual private network (VPN).  If you want to keep your online activity hidden VPN technology provides the privacy you need. A simple solution to manage your digital footprint and keep personal data, personal. Online activities such as using search engines, social media, or checking online news will be secured and encrypted by the VPN service.  Another idea is more a matter of habit. It's cautious to pay attention and try to avoiding unsafe websites. In an organization this can be mitigated by introducing a technical control.

As an organization, investing in a VPN corporate solution is nowadays simply keeping up, no longer going the extra mile. Same goes for customizing the privacy settings both at home and at in the professional context. Organizations who want to be in control of their digital footprint use a third party risk management platform to manage their increasing footprint.

To conclude on a positive note, we hope to have shared what are the implications of your digital footprint for your data privacy and security, and how you can control online activities.

Ceeyu is a SaaS platform that can help assess the security of your vendors and other third parties. By using a platform to improve your third-party risk management process, your organization can easily and quickly identify areas of risk. This data will help improve the security of risky vendors, effectively increasing yours as well.

Contact us for a demo! [email protected]

Silvana Precup Ceeyu

Silvana Precup

Author

Cybersecurity professional experienced in cross-functional roles bridging between top management, risk functions, IT and security operations teams. With a knack for TPRM and digital footprint.

Other Blogposts

Ceeyu UI

NIS2: Essential entities vs Important entities, what’s the difference?

The impact of NIS2 for essential and important entities is not much different when it comes to implementing controls to comply, as they are ...

December 11, 2023

the-eu-dora-regulation-and-third-party-risk

The EU DORA regulation and third party risk

With the DORA regulation that the EU aims to strengthen the IT security of financial services and industries. This means banks, insurance co...

July 17, 2022

how-to-manage-the-third-party-risks-posed-by-your-critical-suppliers

How to manage the third party risks posed by your critical suppliers

This blog post walks you through some ideas on how to navigate the complex web of third-party risks, focusing on critical suppliers.

June 27, 2022