Is It Really Possible to Stay Invisible Online?

Any person who is able to remain invisible while remaining online is the equivalent of a unicorn. Regardless of the precautions that this person may take, some vestige of his persona will be visible, as his activities are tracked and monitored. Every business should remember this if it maintains an online presence but strives to shield its employees’ online activities from the outside world. Still, this does not mean that businesses cannot substantially reduce the visibility of its employees’ online presence.

Individuals are easily tracked via their mobile devices. Even calls made on prepaid cell phones are trackable with GPS technology. Companies that want to increase their system security should adopt policies restricting how and when employees connect into a company network via a mobile device. Not only do those devices expose employees, but connections made through public Wi-Fi hotspots are easily hacked, leading to greater risk of exposure.

Further, all web browsers store information that hackers can use to track and identify employees. One recent study suggested that almost half of all hacking attacks target that browser information. A company and its employees can reduce their online visibility by changing browser settings to prevent automatic storage of passwords, to delete browser “cookies” that record which websites are visited, and to turn on the browser’s “do not track” feature, if available. Employees can also use a browser’s “stealth” mode for greater secrecy or switch to a “Tor” browser that gives even greater protection (although these alternatives are coupled with limitations that reduce their utility).

Many companies are installing virtual private networks (“VPNs”) to create a wider shield over their employees’ online activities. VPN’s encrypt all data that travels from the company’s system to any other computers or mobile devices. The VPN essentially adds an encryption layer between the company’s network and the internet connection that is provided by an internet service provider. A person who has an online connection that is behind a VPN can still be seen, but his or her communications will be fully encrypted and, in theory, unreadable to the outside world.

A company’s best mechanism to shield its employees’ online activities from prying eyes is to train employees to recognize techniques that hackers use to spy on them. Spam emails from unknown or anonymous sources often includes links for a recipient to click on. When clicked, those links can install malware and tracking routines into an employee’s computer; those routines can then propagate themselves through all other computers on a network. Firewalls and antivirus software will often strip known risky attachments from emails. But since hackers develop new malware on an almost daily basis, technology cannot be trusted to clean every piece of malicious code out of incoming emails.

Employees who are concerned over their own personal online visibility may have more individual options than their employers have for a group of employees. An individual, for example, can adopt strong encryption and utilize anonymous remailers for email, strip internet protocol (IP) addresses from all personal devices, and take other actions to obscure the identities of hardware and software that they use. Maintaining this level of online obscurity is a never-ending task, however, and few individuals have reasons or incentive to go to the necessary extremes to accomplish that task.

From a business perspective, the goal of online invisibility is to protect systems and networks from hackers and cyber thieves who are searching for ways to steal valuable company data. Because complete online invisibility may never be feasible, businesses need to prepare themselves to handle the fallout from a cyberattack that succeeds in stripping any invisibility cloaks from a business’s network. One way to do this is to procure cyber protection insurance, which can help a business recover its direct financial losses and reimburse third parties whose data might have been compromised when a business is struck by a hacking attack.

About Author