Free is great. Free trial, free WiFi, free food. Whatever it may be, most people love things that are free. Most free things can be taken advantage of with little worry; however, others such as freeware or free computer software – should be treated with caution. As an IT consultant, I’m often asked if I use freeware and if it’s safe for my clients to use. The easy answer: yes, but only for a limited number of things.
3 Questions to Ask Before Downloading Freeware
There are a few simple questions that most people don’t often think about when researching or utilizing these types of services:
1. Where is my data stored?
This is important to understand since in most cases your data is stored throughout the countless number of data centers across the globe. And yes this provides access to your data from anywhere, but at what risk?
2. Who has access to my data?
Most people assume that since their data belongs to them, they are the only ones with access to it. Unfortunately, that’s definitely not true. The most overlooked aspect of these services are the numerous system administrators – people you do not know who have the rights and permissions to look at your data. With that said, disreputable action is only taken by 1/10 of 1 percent of the total number of system administrators that work for these companies. But you shouldn’t overlook this: there have been cases where administrators have been fired because they were caught looking into customers’ data. You’re probably more at risk if your name is Beyoncé, Harrison Ford or Bill Gates.
3. Is my data backed up?
We often assume since we are using a hosted solution that data is automatically being backed up. In most cases, the data is backed up byf replicating it across a number of data centers – an industry best practice. But the question is, should you make this assumption? And of course, the answer is no. It doesn’t hurt to verify with the provider that disaster recovery is part of their hosted process.
3 Things You Should Never Store
As I mentioned above, I do use freeware, but not for certain things. The list below contains three items I believe you should never store in these free systems:
- Do not store any Personal Identifiable Information (PII) – This includes address, phone number, social security number, birth date, etc. – data that would be an identity thief’s dream. If the system requires this type of information, make it up… yes, you read that correctly. Use dates consistent with your actual age, but not the actual date. Same goes for your address, phone number and social security number. You can document the information used to create the account, but this information is not truly warranted for these types of services.
- Do not store any financial data – This includes tax, investment or credit card data. These types of monetary records are exactly what cyber criminals drool over. If they can establish your financial position and access your accounts, they can begin draining your assets.
- Limit the use of calendar and photo storage – Keeping track of special events including birthdays, anniversaries, holidays is often taxing to remember, but be cautious as this is also considered PII data when documenting birthdays with full names. Also do not document vacations or events away from your residence; this provides criminals with exact dates and times you will be away from your home, or when you will be at your most vulnerable – away from your known surroundings. Photos are another issue; and I get it as the advancement of high-resolution pictures on every smartphone, tablet and camera allow for ease of large number of pictures to be captured. Rest assured, you don’t have to delete all of your selfies. I recommend purchasing a secondary storage device to your home computer for back-up. You can retain these photos for as long as you like without the risk of compromise.
The bottom line: Heed a few key warnings and limit to non-identifiable, non-financial data.