Every time you access the internet you leave a data trail that contributes to your “digital footprint”.
Each of us has a digital footprint. It’s the accumulation of our online data produced over time. Together, this data creates a rich picture of our habits and personality. This is exactly the information that cyber criminals are looking to exploit.
As well as individuals, organisations have digital footprints. Not only is it made up of general organisational assets and data. The data trail of every employee also contributes to the organisation’s digital footprint.
For both companies and individuals, digital footprints increase the attack surface for cyber criminals. So how do we better understand digital footprints? And what can be done to minimise the cyber risk they pose?
Four digital footprint domains
Digital footprint data comes from four different domains. The most obvious of these is the public domain. This refers to information and data voluntarily shared online, such as posts on public websites or on social media.
The second source of data is the private domain. This is information stored privately in the cloud that could be accessed and exploited by cyber criminals.
Third, internet-connected devices are accumulating data that also adds to digital footprints. IoT appliances typically use Wi-Fi or Bluetooth, making them more susceptible to cyber attacks. In the home and in the workplace, such appliances can pick up sensitive information through recording by microphone or camera.
The final source of digital footprint data is the state. Certain state activities – including CCTV and Automatic Number Plate Recognition (ANPR) – collect data that is logged and searchable. In the wrong hands, this data could be exploited.
From the personal to the professional
Digital footprints straddle our professional and personal lives. Data from someone’s personal footprint could affect their company’s cyber risk and vice versa.
We could be increasing the risk posed by our digital footprint without even realising it. For example, when working remotely, people are more likely to use personal devices for work. This practice potentially exposes corporate data, increasing an organisation’s footprint. Reusing the same password across personal and work settings also increases risk.
Both organisations and individuals tend to be unaware of how much data they generate online. This lack of awareness makes things easier for criminals.
Improving awareness of the traces of data we leave online is important. So is recognising that our individual digital footprints vary according to personality, behaviour, and habits. Understanding how these factors improve the protection of our data online is a great place to start.
Want to find out more about digital footprints and the cross-domain factors that affect cyber risk? Read our research paper, produced in collaboration with the NCC Group, here.