How to Protect Your Online Reputation

The Scope of the Problem

Given the recent events in the internet security world, I am pleading with you to secure your online identity. For those just joining the fray:

In the space of one hour, my entire digital life was destroyed. First my Google account was taken over, then deleted. Next my Twitter account was compromised, and used as a platform to broadcast racist and homophobic messages. And worst of all, my AppleID account was broken into, and my hackers used it to remotely erase all of the data on my iPhone, iPad, and MacBook.

I’m sure you’ve seen commercials like these regarding identity theft, and, funny as they are, they probably leave you slightly troubled… even if you think “that could never happen to me” (NB: I don’t have Citibank Identity Protect and do not endorse their particular product in any way).

My Story

As a member of Generation Y, I’ve been surrounded by technology all my life (which I’ve previously written about) and have seen the marked changes in the computing world and the Internet. I was an early adopter of Linux and spent hours compiling the kernel and fiddling with xorg.conf files and thought I was pretty good about security, using “good” eight-character passwords like 8&Ph9Saj or c!aDR4pR (not my real ones obviously!).

However, as more and more websites began requiring registration, I did what most of us did: I recycled passwords from “important” sites like email accounts into less secure or important sites like those from department stores, hotels, or user forums.

So spurred by the events above, I began securing my online presence with Google Two-Factor Authentication, started using LastPass, and began the laborious task of updating all the websites I visit with long, randomly generated, unique passwords that are taken care of by the password manager. As I went through, I was amazed at how many online accounts I had, and how many times I used the same username and password. They say a journey of a thousand miles start with a single step, and I had taken hundreds of steps…

What You Can Do

These are my recommendations as an educated computer user, but I am not a security expert nor am I 100% certain this approach would eliminate the risk of having your “digital life destroyed.” Again, I have no financial disclosures with respect to any of the products mentioned.

  • Disable FindMyMac to eliminate the possibility of it being remotely wiped
    • But allow remote wiping of your iPhone/iPad (I think it is easier to lose a phone than it is to misplace a laptop)
  • Continue (or start!) to keep backups of your data – my approach may be overkill but I use a variety of methods
    • CrashPlan for cloud storage
    • Time Machine for local backups
    • DropBox for non-critical files that I can access anytime, anywhere
    • Truly important and irreplaceable data (like family photos) are kept on a separate external USB hard drive at my parents’ house in case my house caught on fire
  • Enable multi-factor authentication if available (available for Gmail & Facebook – there may be others)
  • Use a password manager like LastPass (I will notenter the LastPass vs KeePass vs 1Password etc argument)

    • Slowly start changing all the passwords on the websites you use, starting with accounts like your email account and social media sites
    • Disable password synchronization services available in Google Chrome and Firefox – these are not as secure as LastPass and negate its benefits
    • For more information about LastPass, I recommend watching this YouTube video (starting around 53:00) and/or reading the transcript (starting about halfway down)

Why Physicians Should Care

Although Mat Honan is a prominent tech writer with an impact on what the entire industry reads and suffered a very unfortunate personal tragedy of losing the photos from the first year and a half of his daughter’s life, his story struck fear into my heart as a physician.

One of our most valuable assets is our reputation among colleagues and patients. Now, multiple social networking venues make your online reputation available to everyone (just try Googling yourself). It may be controversial whether physicians should indeed be held to a “higher standard” than other members of the community or other professionals, but I believe it is your responsibility to protect your online reputation from vicious attacks.

I’m interested to hear your thoughts on recent events or the system I suggest, what system you would recommend, or if you have any physician-specific advice. And please let me know if you want more posts like this or other topic suggestions!


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s