“Take only pictures, leave only footprints.” These words are posted at parks and hiking trails around the country and, as a card-carrying treehugger, I do my best to even keep those footprints as shallow and non-destructive as possible. That’s all well and good for a walk in the woods, but what matters more in the 21st century is the concept of a digital footprint. And, for most of us, our digital footprints are very large indeed.
We used to talk about “digital natives” and “digital immigrants”. Marc Prensky coined the terms back in 2001, referring to young people born into a world in which technology is a natural extension of what we do and how we do it as opposed to those of us who watched the digital revolution happen. Digital native isn’t a term we use much anymore though, because we’re all so deeply immersed in a digital world that the distinction doesn’t really matter anymore. My Uber driver in his early 50’s was telling me the other day about giving his kids their allowance via Snapcash. Digital immigrant or digital native, it’s all digital.
It’s worth taking a moment to think about that word: Digital. It’s an adjective that we throw around a lot, but what does it mean in this context? It’s not just the literal definition of 1’s and 0’s that define digital signals, but instead an approach to our economy, our communication, and our lives in which technology enables an incredible degree of innovation and interconnectedness that few of us imagined at the beginning of the millennium.
Call it revolutionary, call it transformative, throw around any of the technology buzz words that pepper the tech press today. They’re all apt. But even as we embrace social networks, mobile tech, the cloud, and emerging technologies like the Internet of Things, what does all of this mean for security, safety, and privacy? More importantly, how do we manage this very different approach to our lives, our businesses, and our education?
This month, we’ve been talking about these very topics as part of National Cyber Security Awareness Month. Security is a direct result of how we manage our digital footprints. Organizations have them and so do individuals. As our lives become increasingly digital, our digital footprints tend to become the moral equivalent of an elephant stampeding through a jungle. They are large, easily tracked, and often fairly destructive.
I was recently asked to give a talk at my son’s school on Internet safety. As I was talking to one of the parents about it, she said she felt like she’s done a pretty good job locking down her kids’ social profiles as well as her own. Of course, I took that as a challenge and with 20 minutes of poking around, found everything I needed to know to rob her house (between the things that she and her kids posted on open networks or that were shared by even less discrete friends, I knew her family’s schedule quite accurately).
I could have composed an exceptionally legitimate looking spear phishing email since I knew where she worked and the activities in which her kids were involved. I knew her son’s school schedule down to the teachers’ names. It would have been totally reasonable for her to respond to an email asking her to enter her parent portal information to access young Johnny’s detention report from Mr. Smith’s math class or asking her to enter her credit card information to pay the gym fee from Mrs. Roger’s physical education class. It turns out her kids were more prolific (and less private) on Instagram, which happily opened the door to that little opportunity.
Organizations are often little better with unmanaged or rogue Twitter accounts posting unmonitored information. Websites get built and then forgotten, intranet portals are more public than they should be, and employees post all sorts of details about their jobs that give the bad guys clues about ways to attack their employers.
Bottom line, we tend to take our digital interactions for granted, focusing far more on the number of friends in our network or the number of likes we get on a picture than the window that picture might open to both our physical and virtual lives.
I’m the last person to suggest that we should go all Mr. Robot and wipe out our digital identities. I want my mom to see pictures of her grandkids and I fully expect that my friends should see my awesome review on Yelp for a great new restaurant. Rejecting a digital-first world for fear of the hazards and pitfalls means missing out on an exceptionally exciting time in our lives and possibilities that we’re just starting to realize. Rejection is simply not an option for most people and it is generally not a desirable outcome. Just as we’ve been taught to be smart about hazards in the physical world, though, we need to be a lot smarter about how we manage our presence in the digital world, both as organizations and individuals.