An Asset Inventory Minus the Assets?

I mean, of course I have some hardware and software assets in my local area network (LAN) but as you can see in the image, most of the hardware (CPUs, RAM, storage devices, servers )and software that enable my business and store my intellectual property are outside my LAN and under someone else’s control.

This is the digital life of a content creator.

This is one main reason why exercising the ability to control my feeling and state of security is paramount.

In other words, this is why being responsible for my own cybersecurity is critical.

Here’s what I’ve done to conduct an asset inventory and secure my intellectual property for the systems outside of my LAN. Maybe you can try it too.

Asset Inventory for Cloud-Based Applications

Review App Subscriptions:

1. Start by making a list of all the cloud-based apps you use for work. I use apps like Canva and Trello.
2. Look for subscription receipts, emails, or bank statements to identify any additional services you might be using but forgot about.

Identify Data Storage Locations:

Many cloud-based services store user data on servers around the world. While you don’t need to know the exact physical locations, understanding where your data is stored can be helpful in terms of:

Choice of Provider: If you have the flexibility, you can choose cloud services that store data in locations aligned with your needs (legal compliance, performance, security standards).

Risk Assessment: Even if you can’t choose the location, knowing where data is stored helps you evaluate potential risks (legal, geopolitical) and put backup plans in place.

Informed Consent: You can make more informed decisions about what data you’re comfortable sharing with cloud providers, based on where it will reside.

Contract Negotiation: For larger businesses, knowing data storage locations can be a point of negotiation in contracts with service providers, ensuring compliance and security expectations.

Check the app’s privacy policy or terms of service for information on data storage locations.

Inventory Data Types:

1. Consider what type of data each app stores and processes.
2. This could include things like:

Personal information (yours or your clients)

Financial data

Intellectual property (documents, creative work)

Security Responsibilities

Securing Your Accounts:

1. Strong Passwords: Use unique and strong passwords for each app, and enable two-factor authentication wherever possible. A password manager can help you create and manage these but I don’t use password managers. I just create a complex password and change the prefix depending on the application. For example Netflix23_[complicated password], Canva24_[complicated password].
2. Beware Phishing: Those who create phishing emails understand human psychology. They know that we’ve already clicked the malicious link before we remember to look for misspelled words, weird URLs and the like. Here’s an easy and no fail way to detect a phishing email.

After you read the email or before you even finish reading, check your emotions. Are you scared, nervous, annoyed, anxious, angry, curious or excited? If so, there’s a high likelihood that you’re being phished.

Why? Because it’s emotions that click malicous links.

The Phishing motto should be “Feel Something? Check Something.”

If you feel any type of way as you’re reading an email, that’s your trigger to start looking for the typical signs of phishing.

Data Management:

1. Understand App Permissions: Be mindful of the permissions you grant each app. Do they need access to all your data, or can you limit it to specific features?
2. Data Sharing: Be cautious about sharing sensitive information within these apps. Understand their data privacy practices and how your data might be used.

Staying Informed:

1. Security Updates: Keep your devices and operating systems up-to-date with the latest security patches.
2. App Updates: Regularly update the cloud-based apps you use to benefit from bug fixes and security improvements.
3. Data Breaches: Be aware of any data breaches or security incidents involving the apps you use. Most reputable companies will notify users in case of such incidents.

Additional Tips:

1. Cloud-Specific Security Features: Many cloud-based services offer additional security features like data encryption or activity monitoring. Explore these options and enable them if appropriate.
2. Consult a Professional: If you have concerns about your specific situation or need help managing your cloud-based assets, consider consulting with an IT security professional.

By following the steps mentioned above, I have consciously taken more control of the security of my digital assets, including my intellectual property, to improve my overall cybersecurity posture.

Now how do I get paid for the information and data I create the way Facebook gets paid for the data I create.

Stay tuned for that article.

Subscribe here and on my YouTube Channel youtube.com/personcenteredcyber