Definition

digital footprint

By

Ben Lutkevich, Site Editor
Ivy Wigmore

Published: Feb 09, 2023

What is a digital footprint?

A digital footprint -- sometimes called a digital shadow -- is the body of data that an individual creates through their actions online. Almost every online activity leaves some form of digital trace.

A digital footprint is relatively permanent, and once the data is public -- or even semipublic, as may be the case with social media -- the owner has little control over how it is used by others. For that reason, a major focus of digital footprint management is caution about online activities to control the data that can be gathered in the first place.

What are the consequences of a digital footprint?

Digital footprints are visible to a variety of entities, including the following:

data brokers
advertisers
phone carriers
internet providers
employers
cybercriminals
hackers
peers
co-workers

A digital footprint helps people online identify the person that it belongs to. There are several effects of having a visible online identity, including the following:

Access control. Providing information online lets users gain access to different applications and services. For example, people can use their email address, name and other information about them to create social media accounts, log in to a banking application or subscribe to an online publication.
Online reputation. The information a person posts, says or otherwise leaves online influences how others perceive them. Seeing someone's browsing history, likes on social media platforms or online shopping history provides information about their personality and interests. This is often a benign consequence of digital footprints, but a visible reputation can be bad if the digital traces reflect poorly on the person. For example, an employer might see a derisive social media post that somebody made and choose not to hire that person.
Targeted advertising. Marketers can use someone's digital footprint to market to that person based on their digital twin or digital identity. An internet user leaves digital traces that provide preference insights. Behavioral targeting uses these inferences to feed the user advertisements.
Hacking. A hacker could use information from a user's digital footprint to exploit them through identity theft or attack other computer systems. Exposed usernames and passwords could give hackers access to user accounts, and visible email addresses could be used to construct spear phishing campaigns.

These negative consequences can affect entire companies, as well as individuals. Companies need to manage their digital footprint and be aware of how their employees represent themselves online by doing the following:

identifying internet-facing infrastructure to determine the contents of the attack surface;
auditing the assets contained in internet-facing infrastructure; and
performing standard security processes, such as vulnerability testing and patch management.

Dumpster diving graphic — Dumpster diving online might entail scouring old or unused social accounts for information about a person.

Types of digital footprint

Digital footprints are broken down into two types:

Active digital footprints consist of data a user leaves intentionally. The user is also aware of the digital trace they leave behind because they have deliberately submitted information. An example of this would be a social media post or phone call. In both cases, they leave a digital history that they are aware of.
Passive digital footprints are composed of data a user leaves behind unintentionally on the internet. Website visits and actions, searches and online purchases are among the online activities that add passive data traces to a digital footprint. Passive footprints are harder to track and manage because they can be collected without user consent. When a hacker collects data about a targeted system, it is known as footprinting.

Examples of digital footprint

Virtually any data that can be associated with a person's identity can be included in their digital footprint.

Examples of data that could be included in a digital footprint are the following:

biometric data
geolocation data
IP addresses
Yelp reviews
passwords and login information
subscriptions
health information
fitness data
phone numbers
license plate numbers
social posts
phone calls
email addresses
usernames
passwords
search history
sensor data
payment details
credit card numbers
downloads
purchase history
cookies
images from surveillance devices

Activities that can generate data that appears in a digital footprint include the following:

online banking
social media
reading the news
fitness trackers
health care apps

How to reduce digital footprint

Oversharing online is the easiest way to create an unmanageable digital footprint. To reduce a digital footprint to a more manageable size and protect their information, users can do the following:

Check footprint online. Users can search their own names on Google or another search engine to see what comes up. Have I Been Pwned is another service that tells users if their sensitive data is public.
Delete old accounts. Old social media accounts hold information that may not reflect the user anymore.
Share only what is necessary. Avoid oversharing on social media -- even in more private social media features, such as messenger apps. Think of posting anywhere on social as permanently publishing something. Even after deleting, there is still a record of the post somewhere.
Use a virtual private network (VPN). A VPN can help protect digital footprints by masking IP addresses and making online activity harder to trace.
Visit secure websites. Websites with encryption add an extra layer of safety and online privacy while browsing. Users can tell a website is secure by looking at the URL to see if it begins with https rather than http.
Adjust application privacy settings. Go through application privacy settings to opt out of settings that share more information than desired.
Compartmentalize business and personal accounts. If possible, try and use separate accounts to limit visibility at work and control online perception.
Practice cyber hygiene. Learn how to avoid common phishing or malware attacks that could proliferate personal data. Regularly clean up and back up data to avoid data breaches.

Graphic comparing phishing types — There are several types of phishing attacks that use information about the target to fool them.

Background checking tools

Employers can use a variety of tools to check someone's background. A few examples are the following:

MOSINT. MOSINT is an open source intelligence (OSINT) tool for email addresses. It lets the user gather information about a given email. Employers can use MOSINT to verify if an email exists and find related domains, social accounts, phone numbers and pastebin information.
Nexfil. Nexfil lets employers find profiles by username on the web. An employer can enter the username and scan the internet for accounts with matching usernames.
Maigret. Maigret is another OSINT tool that companies can use to find websites associated with a particular username.

While individuals would generally be concerned with managing their own digital footprint, enterprises have multiple identity types to consider. Learn how companies manage three types of digital identity on the internet in their cybersecurity strategies.

Continue Reading About digital footprint

20 free cybersecurity tools you should know about

15 benefits of outsourcing your cybersecurity operations

10 best cybersecurity podcasts to check out

3 ways CISOs can align cybersecurity to business goals

5 tips for building a cybersecurity culture at your company

Search Networking

What is a bogon?
A bogon is an illegitimate Internet Protocol address that falls into a set of IP addresses that haven't been officially assigned ...
What is signal-to-noise ratio and how is it measured?
A signal-to-noise ratio compares the strength of a desired signal with any undesired signals created by background noise.
What is the OSI model? The 7 layers of OSI explained
The OSI model (Open Systems Interconnection model) is a multilayered reference model that shows how computer systems and ...

Search Security

What is post-quantum cryptography? Comprehensive guide
Post-quantum cryptography, also known as quantum encryption or PQC, is the development of cryptographic systems for classical ...
What is a message authentication code (MAC)? How it works and best practices
A message authentication code (MAC) is a cryptographic checksum applied to a message to guarantee its integrity and authenticity.
What is quantum key distribution (QKD)?
Quantum key distribution (QKD) is a secure communication method for exchanging encryption keys only known between shared parties.

Search CIO

What is a quantum circuit? Quantum vs. classical circuit
Quantum circuits are systems consisting of logic gates that operate on quantum bits (qubits) to process information and perform ...
What is prescriptive analytics?
Prescriptive analytics is a type of data analytics that provides guidance on what should happen next.
What is the Risk Management Framework (RMF)?
The Risk Management Framework (RMF) is a template and guideline organizations use to identify, eliminate and minimize risks.

Search HRSoftware

What is an applicant tracking system (ATS)?
An applicant tracking system (ATS) is software that manages the recruiting and hiring process, including job postings and job ...
What is manager self-service?
Manager self-service is a type of human resource management (HRM) platform that gives supervisors immediate access to employee ...
What is performance management software?
Performance management software is a tool that enables human resources (HR) teams to measure and track the performance of ...

Search Customer Experience

What is field service management (FSM)?
Field service management (FSM) is a system of managing off-site workers and the resources they require to do their jobs ...
What are customer service and support?
Customer service is the support organizations offer to customers before, during and after purchasing a product or service.
What is quality of experience (QoE or QoX)?
Quality of experience (QoE or QoX) is a measure of the overall level of a customer's satisfaction and experience with a product ...

Close