Picture a large and intricate spider’s web: hundreds of sticky threads, tightly and strategically woven into cross-hatched lines, poised to ensnare unsuspecting prey.
Now picture the Internet: billions of tightly and intricately woven connections from the 4.57 billion humans and 25 billion‘things’ now online (which will roughly double in the next 10 years), poised to ensnare unsuspecting prey.
Both webs are a ‘threat landscape’ with many points of potential entrapment across a vast ‘attack surface’. For the insects, the aggressor is the spider; for the humans, the aggressor is any bad actor intent on surveillance capitalism, data abuse or cybercrime.
Interestingly, the insects and the humans share one of the same optimal survival strategies: agility. Being able to move quickly and easily, and frequently reassess and adapt to circumstance, is particularly valuable when the threat is vast, surveillance is constant, and attacks are frequent.
Threats to personal data are now incredibly frequent, with global damages from cybercrime predicted to run to $6 trillion annually by 2021. No person or organization is immune: at least one-third of all organizations globally will experience a data breach within the next two years.
So, just like a fly flapping close to the spider’s web, your best defence is to move quickly and constantly around the digital threat landscape to evade attack. But as well as agility, you need a second strategy the fly can’t have: resilience, or the capacity to recover quickly from an attack if it happens.
But how do you do it? You take responsibility for your own personal data, by organizing, compartmentalizing, and thus limiting, the amount of information you expose every time you go online. And you can do it with MySudo.
MySudo is based on the concept of “Sudo”, a secure digital identity that intentionally differentiates from your legal identity and limits the places you expose your highly sensitive personally identifiable information (PII) online.
You assign each Sudo (you can create up to nine) its own set of identity attributes and associated capabilities (different from your personal identity attributes), including name, phone number, address, email address, virtual cards for secure shopping, browser profile, notification settings, and more.
You use your Sudos anywhere you’d normally use your personal information (e.g. banking, selling on classifieds, catching up with friends, and booking travel). Instead of accessing your various online accounts with your regular email address and phone number, for example, you’d use the Sudo email address and phone number you’ve set up for the purpose (e.g. streaming subscriptions).
If one of your Sudos is compromised in a company’s breach, or you no longer need it, you simply delete it* and create a new one in minutes.
You’re achieving two important goals: by not using your personal data online, you’re preventing it from being linked together by surveillance capitalists (divulging your identity and highly sensitive information such as medical history), stored indefinitely, sold to other organizations, or exposed through a data breach. You’re also compartmentalizing your digital life, so that if one ‘compartment’ is breached, you limit the harm and move on.
Indeed, you’re being both agile and resilient—the best cybersafety strategy for our times.
You could say using MySudo is a bit like putting holes in the web that might otherwise ensnare you. Suddenly the threat landscape is far less threatening, and you’re far less likely to become the ill-fated fly.
Another way you can stay agile online is to demand that the many organizations whose sites and services you access reduce your exposure to the ‘attack surface’ (the total number of places through which an attacker can access your personal data). Businesses can do this by limiting the amount of PII they use, collect and store about their users. Learn more .
* Deleting a phone number or its Sudo does not refund your entitlement for that phone number.For example, SudoMax plan provides nine phone numbers total lifetime in the account, as opposed to always allowing up to nine phone numbers concurrently. Once used, the only way to get another phone number is to purchase a line reset.