When America landed on the moon, one of the first things we did was to plant a flag. When an embassy is erected, one of the first things placed over the building is a flag. And when a military takes ground in a battle or a scouting troop leads a parade, one of the things leading the way is the flag-bearer. Planting a flag implies ownership and pride, and responsibility.
I was listening to the podcast, Privacy, Security & OSINT with Michael Bazzell yesterday. One of the security measures he advises taking is to plant the flag. This is essentially taking ownership of any potential accounts or data available on the internet that has any relation to you.
Michael provides an example from a situation he encountered with one of his clients. It’s an interesting methodology and process to listen to. I was intrigued by it. I would highly recommend going and listening to it. But let me give the gist of a hypothetical to relate the basic concept.
If you go to an emergency room that automatically loads your information into a patient portal online, but you never create an account to access that information, it is possible that another individual may call the technical support line to create an account. This can be done with some generally public information about you (your birthdate for example is likely already exposed online whether you realize it or not) and then they use that to access the information you provided the emergency room. For instance, your home address, phone number, perhaps even your insurance information and related health issues. Maybe even your payment information.
However, if you plant the flag, you claim the account. You enable multi-factor authentication. And if you never go back to the account, you’ll at least know when someone is trying to access your health information with or without your permission. Because you took responsibility and ownership of that information. So now I have to go and think about everywhere I may have information out there…
Truth & Tech 
Leave a comment