Home devices and your digital data.

NOTE – there is no way I can list every device that collects data in your home. But I’ll list the ones I use.  You can add or delete to your list.

A digital device is one that has memory, via hardware/software. The memory can be local/internal or connect to external services via wi-fi, blue tooth, etc.

Data stored can be all sorts of information. From how often it is on to what settings. Something simple would be your home thermostat. If it may have connected to a website or mobile app.

  • My iPhone. Any smart phone.
  • My iPad. Any tablets, game consoles, laptops.
  • AT&T Digital life – aka my alarm system. Depending on the various components connected to your system, it knows when you are home, how often you leave the house. Commonly used doors and windows.
    • Don’t let your guard. The alarm system is for my physical wellbeing. Which has a digital component, a website and app. So I only have cameras on the outside of the house. I also keep a sticker over my cameras on my MAC, laptop and tablets.
  • At&T internet and cable TV, And all streaming entertainment (Hulu, Netflix, YouTube). They know when you are watching, how long you are watching, what time you are watching, type of device you are using.
    • There are some viewing devices that use voice commands and motion sensor, and would be able to determine when the room is occupied and the activities.
  • My Buick and OnStar. Besides the GPS information, where you go, how often and when, your vehicle’s diagnostics system collects; tire pressures and other engine conditions.
  • Alexa (aka Echo). This devices is always on and listening. FYI – all request you make to Alexa are captured in history within the Echo app (accessed online). Echo is an Amazon product, marring online shopping and at home activity into an individual’s profile.
  • GoPro and other digital cameras/videos. Time and location are stored in the memory with the photos. A camera that uses 35 mm film may have some memory within the camera software itself.
  • Printers. Did you know that trapped deep in the printer memory is a copy of everything that has been scanned and printed. There is a tiny memory chip that compresses the files to achieve. This chip allows the system to recall the last X copies and other fun features.
  • FitBit and other health monitors.
  • Craftsman Garage Opener. Wireless keypad and accessible via mobile app.
  • Roku
  • Wii and other gaming consoles.

That is a good list, considering I claim to be low tech (maybe I’m medium tech). I’m not an early adopter, but I am curious. It takes me time to commit to purchasing new tech gadget, but I do have a collection of digital devices.

You may have a baby monitor, automatic vacuum, anything that connects to a mobile app, website or router.

 

The battle between E-MAIL & ACCOUNT ID & USER NAME

What’s the difference? Are they the same? How do I know which to use when?

As my mom signs up for Echo apps, she is constantly getting tangled in the web of when to  an email and when to use (any numerous) account ids.Sorry mom there is no simple answer.

E-MAIL – for this blog post we are going to assume an email belongs to only one person.

  • E-mail addresses are unique – like a phone number  or physical address there is only one destination per address.
  • E-mail address are NOT case sensitive (PASSWORDS are CASE sensitive.)
  • E-mails always have 3 parts; username, domain (followed by an actual dot) and the extension. There are more rules to what can be included in a e-mail address and what the computer will not except. Usually your e-mail host provider will send you an email back to your inbox if your e-mail could not be delivered due to technological error. example using a bad character in your email address like a space.
  • Some e-mails are anonymous. The person who created the email did not have to prove they were JOHN smith to use the email address johnsmith@domain.com. Nor did they have to prove they were ablueclown@surprise.com.
  • You could have lots of e-mail addresses and use only one e-mail program to read all your new e-mails.
  • There is no magic look up find all email addresses’ belonging to the same person. Even if the personalization (front part of the @ symbol) is the exact same. In the same manner, there is no validation or look up to connect or join email with mobile numbers.

ACCOUNT/USER + ID/NAME (or any combination)

  • An Account ID, is an unique id for a webpage, business, app. You may use the same account/user name across multiple applications or logins. But each business probably doesn’t know that. As companies merged rules around how a customer can access their digital information gets tricky for the customer experience and development teams.
  • Or account id, may or may not be tied to an email. Usually when creating a new account with a new business, they will ask for contact details, address, email, phone – they would prefer someway to contact you if need be.
  • If your account id is your email address – they will usually note it on the login screen.
  • Every website/company creates their own rules for what makes an valid account id. Some allow spaces, some allow numbers. It is all how the site was programmed and there are no set standards for how this should be developed.
  • Usually account ids are not case sensitive. Off-hand I can’t think of one site that uses a case sensitive account id.
  • Some businesses will only let you sign up one account to one email. The account id is how you login into their site and the email is how they will contact you.
  • When you change email addresses, your accounts will need to be updated. Now this is a tricky bit. If a business uses an email account as the login name, if the email address changes, can the individual update their personal details or is the original email locked-in?

When a developer is creating a new system that requires the user to maintain personal and contact details on file, there are multiple facets to consider. Does it require a password? Will it require the user to have an email or phone number to contact them in the future and for what reasonsCan we collect permissions from the user via Terms and Conditions to use cookies and contacts to gather detailed user information?

I’ve come across many website that validate you are you, by sending a text with a code to your phone, to be entered onto the website This provides a double validation/security point for you the user, and provides both your email and phone contact information back to the business.

Think of your EMAIL ADDRESS as physical delivery address for just you for all your incoming e-mails.

Think of you ACCOUNT ID as your unique nickname used by a business.

Not all big companies have it together. I use AT&T in my house; this includes mobile phone, cable, internet and home security. But I have 3 separate accounts with AT&T today. One email address, one physical address, one phone number and 3 account numbers and 3 user names. I have to log into each account site separately to see any billings, account statements, etc. Even with my knowledge of logins and how they work across large systems, I still had no idea what was going on with my accounts, when one was saying ‘everything is fine’ online and the TV keep splashing a ‘time to pay your bill message’. I (thought) I had set up the auto pay (I noticed during the set up conversations that the security system is separated from all the mobile and cable logins) for 2 accounts. But much to my dismay the cable/tv can not be combined with the mobile account, and I have 2 logins for the website to manage 2 accounts both in my name.

NOTE: AT&T and Comcast both assign you an e-mail address within their own domain. example: yourname@att.com. I’m not sure why they do this, it made it complicated on my end, one more e-mail address to manage. And it appears that now that I’m no longer a Comcast customer, I can not access that e-mail account.

ALSO NOTE: The set up of certain apps on Echo has proved to be difficult. Both my mom and myself are using iPad and iPhone with the Amazon Echo (which is integrated with google). So the conversation of email and ids has been a struggle during setup. There are no standards with in the digital world for the user to understand. Only standards for the developers to keep in mind due to back end processes.

Do you manage your own personal data?

We often talk about how the data is used or could be used. We argue about the sensitivity of when data becomes so detailed it becomes ‘stalking’. We hurry to move past the introduction of the ‘terms and conditions’ just to get the app, the game, the connection.  We hear a lot about identity hacking and stolen personal information.  We talk a lot about keeping your data safe. Your network secured.

So their customer data is your data, data collected about you. Your likes, your behaviors, your preferences, your triggers, your digital footprint. Not only is it used to keep you safe, it is used to predict the future. But what happens when you are ‘done’ with the equipment or vehicle, is your mile by mile driving history in someone else’s hand? I want to talk to you about these things, from our perspective. Not from the perspective of customer data, but from mine and yours – personal information. Who controls it? – you know who controls your finance and money, why not your own personal information.

There are rules and laws that companies must be transparent in their terms and conditions. They have to be clear on how to opt out or into communications.  But each channel has different rules and even the largest of companies haven’t figured out how to manage the communications across their business units.  Making it necessary for you to manage multiple user ids and passwords. Is a digital wallet easy and safe? I want to have open conversations with you on what information exchange is happening between you and the information about you.

What information is aggregated and what is uniquely tied to you as an individual.

WHAT MAKES YOU UNIQUE

When you give an email with an online order, what happens to the email information? What are the rules? I think if more individuals know what to expect, and how to turn off ‘unwanted’ emails and exchange or their own contact details, and the companies are forced to oblige then we can really make the system work for us – the individual.

I like to think this is a conversation between my friends and family and myself. I want people to know what options are out there, what to do with personal digital content

Our digital world is running at lightning speed. This change in our ecosystem has us opting in and out, for what? Our digital world gives us wearables, vehicles and smart homes. All the same time it is collecting and measuring inputs and outputs.  I want individuals to understand the laws and how these companies are ‘allowed’ to store and use it.

Identity theft

password

With the use of digital data – we expose ourselves to digital identity theft. And it is not just your financial information. Through a  couple of (fairly) easy questions a hacker can access your email. And it not just your email they now have access too, think off how often you have had to retrieve your security password for an account and they sent the link to your email. A password can be just as valuable as a financial account number to a hacker.

HOW MANY TIMES HAS YOUR DIGITAL DATA BEEN EXPOSED?

My corporate credit card number was stolen this week. All is okay, it was a card that only gets used for business expenses and the credit company is issuing me a new number and dealing with the fraudulent charges themselves. Somehow the thief was able to create a new card using my card number. Not total sure how that works, but it happened. That kind of vulnerability got me thinking, time to beef up my own security…

  1. Change your passwords. If you have been using the same passwords for ‘years’ it is time to upgrade. When you are creating your password think bank security – strong and unique.

There are password managers out there. Some store your passwords in a digital safe. Some help you manage your logins across devices.

LEARN ABOUT TWO FACTOR AUTHENTICATION

2. Monitor your accounts online and off line. Be sure to monitor your account statements. Set up text messaging alerts for high risk accounts.

I personally purchase identify theft monitoring systems. I’ve had my house broken into and my personal laptop stolen. Although the computer itself was password protected. I’m sure if you looked hard enough I had one time downloaded a financial statement of two, and my emails accounts were ‘always’ logged-in.’ I get a monthly updated on an activity that uses my identity, such as credit reports.

ON AN ODD NOTE: A friend of mines knows the passwords to her son’s accounts (he is over 21 and graduating from college this spring). I’m guessing he doesn’t know he is being stalked by his own mother. She has access to his Facebook account, both school and personal emails and uses Apple’s Track My iPhone app regularly to know where he is at all times.

It is probably never safe to allow your device to safe your password or auto login. But I have to admit I do it, who has time to re-enter this information every day. If your device is lost/stolen it only takes accessing the device to enter/access private sites.

So take a couple of minutes this week to reconsider how you create and save your password and account information. And then create your password strategy:

  1. Create a couple of different passwords to use.
  2. Use two factor authentication when available.
  3. Update your contact details on old accounts.
  4. Delete old accounts not being used.
  5. Spend some time looking at security applications provided by the products you use today.

Yahoo has a process to create an app password that enables a Second Sign-In Verification. Apple has iCloud Keychain. And there are numerous free apps that provide password management tools.

Now go and create a digitally secure world for yourself.

Credit and identity theft

data3If you are not actively monitoring and preventing your data identity theft, then it is recommend you pull your credit report every 3 months. You can find FREE credit reports from your credit card company and online, there are plenty of credit tools.

The information in a credit report includes: how often you make your payments on time, how much credit you have, how much credit you have available, how much credit you are using, and whether a debt or bill collector is collecting on money you owe. Credit reports also can contain rental repayment information if you are a property renter.

A credit report is easiest way to find out if someone else is using your credit – a sure sign of identity theft! It may take weeks or months for a credit collector to contact you regarding credit that was given to use, but spend by the thief.

FYI – everyone should know their credit score – it drives so many financial decisions; interest rates for credit cards, car loans and home mortgages. . Your credit rate scores drive your ability to get a loan, and there are some employment agencies that look at your credit score as a data point for your character assessment.

How many times has YOUR DIGITAL DATA been exposed?

The New York Times: How many times has your personal information been exposed to hackers?

The NYT has put together an interactive assessment tool to highlight a problem that a reader may only passively consume.

  • Participants answer a series of questions about jobs they’ve applied for, online services they’ve signed up for, who their health insurance providers have been, and at which retailers they’ve used credit or debit cards.
  • As they do that, the assessment tool dynamically updates a tally of how many times different pieces of the participant’s personal information have been exposed to hackers.

It makes the story come alive — and makes it very personal to each reader.

  • At the end of the assessment, The New York Times gives you links to both the stories they’ve published on each individual hacking and, more importantly, links to the announcements from the companies that were hacked, which often include remediation options for those affected.