Where is your Personal Data is Stored 

Have you ever wondered where your personal information is stored? The answer is probably going to surprise you. Unless you’re using a VPN or other privacy-protecting tools, your data is absolutely everywhere. ANd it’s not always being protected by the people who have it. Here’s everything that you need to know about where your personal information is being stored, how it’s being used, and what steps you can take to secure your data.

First: Your Devices Host a Lot of Data
You may have a smartphone, tablet, laptop, desktop computer, work computer, and more. All these devices contain your personal data, and more of it than you might think. It isn’t just the photos and files that you put on these devices. Your smartphone tracks your location and keeps logs of your location. Your tablet and laptop tracks your browsing history. While you can delete this information, it isn’t always apparent that the information is even being kept. So there’s more information about you than you really think.

When you install new applications, you can control what they can access. But you may have noticed that you can install an app and it might ask for access to your microphone (voice data) and your camera (video and film data). Many applications will access your data and it’s not always clear what they are doing with it. These applications can also upload your data to other servers. Thus, you need to be really careful with the data you have on your devices.

Today, modern phones often upload and sync everything to the cloud. Many people have found that their cloud services get hacked and all their data gets stolen. Because of this, you should also be aware of what’s being kept on your device and what’s being uploaded to the cloud. And speaking of the cloud…

Second: Cloud Services
The cloud has become large. If you’re using Google Drive or Microsoft OneDrive, your files are probably being uploaded to the cloud. For the most part, that personal data is safe there; it’s encrypted. But if someone ever gets access to your personal cloud, they’re going to have an extraordinary wealth of personal data. That can include:

  • Your financial documents
  • Word documents
  • Spreadsheets for work
  • PowerPoint presentations

And more. Anything that is automatically uploaded to cloud services is going to stay there. The information is kept redundantly, and that’s usually a benefit. If you accidentally delete something or if you lose one of your devices, you’ll be able to pull that information back.

The dark side of cloud services is that the information is always going to be there. For the most part, that’s more documents than personal data. But consider if you’re keeping personal documents such as birth certificates, tax returns, financial statements, and otherwise, on the cloud. That means that if your cloud services is breached, your entire identity can be stolen.

Many people use cloud services because they are so useful and now ubiquitous. Still, you should take action to control it. Always make sure that you have two-factor authentication turned on with your cloud services so that someone else can’t log in. Two-factor often uses either your phone or your email accounts, so you need to verify twice that you are who you say you are, and that you are granted access.

Third: Private Servers
In addition to the cloud, personal data is often stored on private servers.

Your work may have an on-premise server, on which your data is stored. That could even include your browsing data (while at work) and other information about you. Every year, many companies are hacked and 1099s and W2s are stolen. These are tax forms that have information on every employee.

Employers have a tremendous amount of personal data on their employees. And unfortunately, employees don’t usually have direct control over that data. All you can do is observe whether your company is following best practices as comes to data safety. If you see tax forms being sent unencrypted, for instance, you should talk to your HR department, as this is likely to eventually lead to a security breach.

But employers aren’t the only ones who keep your data on private servers. Your data may be kept on private clinic servers, if you go in for medical treatment. Your private data is probably on the servers of your dentist, for instance, and your general practitioner.

These are still people who could experience an attack, and if they do experience an attack your data could be compromised.

Fourth: Social Media Accounts
Online accounts and social media accounts are one of the biggest havens of personal data, even if people don’t realize it. Facebook can contain someone’s entire personal history, while LinkedIn can contain someone’s entire work history. Today, people are getting less paranoid about posting information online, but that doesn’t mean that it still isn’t dangerous.

On Facebook, someone can glean enough information to steal someone’s identity. Even birthdates are posted on Facebook, and it’s trivial to find out information like someone’s maternal grandmother’s maiden name. Furthermore, on LinkedIn, people can find out more about someone’s role in a company. It’s very easy for people to run social engineering scamps by finding out someone’s title in a business, because they can then spoof a request from them.

It’s always good to be a little paranoid about what one posts on social media. Social media is a great tool, but it can also be dangerous because it encourages the sharing of so much personal information.

Further, the information that is being shared is more than most people think. It’s not just what is posted, but what is looked at. People’s browsing habits on social media are all stored. The company that runs the social media knows exactly what you’re watching, how long you’re watching it for, and whether you’re engaging with it. They know who you’re interacting with most and who you’re talking to most through messenger.

All these things are used to modify behaviors so that people stay on the site longer and engage with ads longer. People are right to be skeptical about the amount of time they spend on social media and what the consequences could be.

Fifth: The Dark Net
The dark net isn’t as spooky as it sounds. It’s just an anonymous area of the internet. But the dark net can contain some spooky things, including personal data. When people collect personal data, they often want to sell it. Understandably, you can’t usually legally sell things that you didn’t obtain legally. And that’s where the dark net comes in. People can sell lists of personal information that they acquired online for Bitcoin or other untraceable cryptocurrency.

And that’s a big problem because it is untraceable. It’s low risk for people to sell this data, so they do so quite frequently.

If your dentist’s office or your employer is hacked, the information is likely to be taken to the dark net. And once it’s on the dark net, it can’t be removed. Nothing on the internet can ever be removed, because it can also be copied and placed somewhere else.

This information isn’t always used for extremely nefarious purposes. Sometimes it’s used for things like financial crimes, scams, and identity theft. But other times it’s just used for mailing lists; so that advertisers can send out emails to a pre-approved list of people that they know are real. While irritating, that’s not devastating. Nevertheless, the last thing someone wants is to have something like their social security number on the dark net, because once it’s on the dark net, it’s everywhere.

Sixth: Email
Finally, there’s a personal information repository that people often forget entirely about, and that’s email. Most people’s email addresses contain connections to virtually every other thing that they do. Their bank accounts are linked to their email. Their work accounts are linked to their email. Their social media accounts are linked to their email. Everything goes through email and not everything is encrypted.

Out of all the accounts you have, it’s likely that your email account should be the most well-secured. You should have two-factor authentication turned on, a complex password, and you should change your password frequently. You should also avoid trading important information through email unless you are going through an encrypted service.

As you can see, there’s not a lot you can do once your data is out there. Companies are constantly collecting your data. Medical institutions, educational institutions, and more: They have your data. If you have a social media account, your data is out there. Your data is on your devices, on the cloud, on servers everywhere else, and places that you can’t even imagine them being. The only control you have is over whether data is out there at all.

By adopting good privacy habits and by using a VPN, you can reduce the overall amount of your data that’s out there. But the data that is already out there is going to be out there forever. You need to take action now if you want to protect yourself.



Comments

comments