top of page
Search
Writer's pictureSarah Anderson

ESTATE PLANNING AND INFOSEC GO TOGETHER LIKE PEANUT BUTTER AND …


What would happen if tomorrow you were hit by a car and suddenly died? Recent events triggered this thought about the realities of my spouse inheriting my half of household and parental responsibilities.


I handle most indoor family administrative tasks: bills, finances, registering kids for everything, managing our calendar, taxes, and making sure we always have toilet paper. Accordingly, the ability to efficiently access relevant information and move assets is likely unknown to my better half.


Depending on an individual’s level of paranoia and devotion to information security, that digital data and its access credentials could be stored anywhere and in any medium. My spouse would NOT know the following: 1) where the sensitive documents are located (digitally); 2) what the login credentials are for important accounts; or 3) the encryption keys for requisite materials.


Without calling multiple professional offices, contacting Apple and other vendors with a death certificate (or subpoena), seeking favors from RedHat contacts, or hiring a translator, my spouse would not have access to any of the following:


1. Login credentials for any online account.

2. Sensitive documents (tax returns, wills, military records).

3. Current collection of tax documents (tis the season).

4. Family photos and videos.

5. Contact Information for Family & Friends (the Christmas Card list…).

6. Professional Documents (Resumes, headshots, writing samples, transcripts).


Apart from personal documents, professional materials, and sentimental items, financial assets may also be lost. Whether it is cryptocurrencies, income-generating websites or investment accounts, or intellectual property rights (copyrighted photographs/pending patent applications), these materials may (should) also be digitally secured.


Cyber-criminals love to steal this information (especially login credentials and encryption keys), so relaxing standards in the event of a freak accident and untimely death is unwise. Instead, there are alternate means to preserve the information security of valuable personal and professional assets, while not leaving loved ones and business partners lost.


Below are three considerations for INFOSEC professionals looking to maintain information assurance while offering legitimately interested parties some piece of mind:


1. If Keeping Data Files Stored on Current Devices: Make a list of the encryption keys, password manager login keys, and phone code(s) on paper, then place in a brown envelope and store it in a safety deposit box at your bank or a fire-proof, built-in safe. This list will have to be updated as relevant codes and passwords change. If you think your current safe is “heavy enough” to prevent theft, just remember the story of Tommy Lee and Pamela Anderson’s Sex Tape (safe link).


2. If Moving Data Files (which are unlikely to change) to an External Device: Put the same list of encryption keys, password manager login keys, phone codes, photos, videos, and relevant data files on an external hard-drive and place it in a safety deposit box at your bank. If you encrypt the hard-drive, you can keep the hard-drive locally in a climate-controlled environment and place the encryption key in a brown envelope in the safety deposit box.


3. Ensure your partner (life/business) has the name and contact information for a trusted agent (lawyers are a good choice) who can assist him/her with accessing your digital assets according to your instructions.


Regardless of the option chosen, it is also extremely important to remember to keep old cell phones (with the corresponding codes) and store the phones with the materials in the safety deposit boxes for the two reasons: 1) Old phones are actually data retention devices, which may prove useful; and 2) If the access code for the current phone is incorrect or improperly updated, you may swap out SIM cards to activate the old phone to utilize it when Multi-Factor Authentication is required for access to specific online accounts.


A morbid topic, but with COVID-19 and INSOFEC experts stereotypically embracing less-healthy dietary choices, it is an important consideration.

28 views1 comment

1 opmerking


scott.guidry
24 jan. 2021

If you use LastPass to manage and store your passwords, they have a way to setup emergency access in cases like you describe.


https://support.logmeininc.com/lastpass/help/set-up-and-manage-emergency-access-lp030013

Like
Post: Blog2_Post
bottom of page