From a podcast w/ Carrie Kerskie and Brad Deflin on Private Email, August 2022.
Welcome back to another episode of the Privacy Mentor podcast. I'm your host Carrie Kerskie and today I have a very special guest with me, Brad Deflin. He's with Total Digital Security. So, Brad, welcome to the show. Why don't you introduce yourself to the listeners? Tell us about what's your day job. What do you do?
Brad Deflin - Hey, Carrie, thanks for having me today. I started Total Digital Security almost 10 years ago, 2013. At that point, I had been called on Wall Street, in a variety of positions, senior leadership positions in the private banking industry, and in 2012-2013 with some of my ultra-high-net-worth clients. It was the first time we saw cybercrime and online fraud moving in, to the personal lives of these people. Now, these were captains of industry and they have corporations and enterprises and IT departments that are doing a great job around that particular domain. But we didn't see that transcending into their personal lives. And after some conversations, a few of those families became my angel investors to start Total Digital Security to act as a platform.
We don't invent anything because the industry is doing that for us. A lot of innovation coming around in cybersecurity enhanced by artificial intelligence in these other things. But our clients weren't seeing that Innovation. It was being sold to the large enterprise. It was being sold to the public entities. The ones that you read about in the headlines even though the risk was beginning to migrate into our personal lives. So, the platform acts like this - we find Best in Class, that is suitable for our end-users and the personal technology and the environments, their home environments, their home office environments and provide that and work to Eight and manage those elements for our clients and act as a resource. We have relationships with every one of our clients. There's, as you say Carrie, there's no call center here. You deal with an individual you know, and you trust. And so that's what we've been doing. Like I say, for almost 10 years is providing what we call cyber security for Life enterprise-grade best-in-class stuff for our personal lives and our personal technology,
Carrie Kerskie - You have a known brand and I think that is so important and I see that too because with all the victims that we work with, it's something that people don't consider because, for some reason, when it comes to technology, people think what happens at work or the technology at work and the technology at home or two different things in their house, email is email, you know, social media, social media, whatever platform. It's the same thing. But yet, when they're in the work environment, they have the security, their most places to protect them. But when they get home, or when they're using the personal device, there are left to their own devices of. Hey, Justin, install this antivirus program or just do this. So I really love what you guys are doing and disclosure. You know, we've worked with Brad and his company for many of the clients where we do The Human Side, they do the tech side and they do really, really great job.
But one of the things that I wanted Brad to come on and talk about is we see a lot with not only our clients with the victims that we work with, but people that we also work with, for the prevention side is most of them use the free email. Services. Such as your Gmail, your Hotmail, that's even around anymore, you know, your AOL at all these other ones. Yeah. And those come with an elevated risk. Now, here at Privacy Mentor, we'd always give tips about how to protect your privacy. And we say, if you're using these free email Services, then you are the product because they're scanning your emails, they're looking for keywords and buzzwords so that they could send you targeted ads and marketing and whatnot. So what Brad's company does is they help people create their own private email accounts, so I thought it'd be great to have him. Come on and talk to you about what that is what's involved with it and how does one go about it? So let's start at the beginning, Brad explain. What is a private email account?
Brad Deflin- Sure. So, you're absolutely right about cyber security pand rivacy. You know there are many elements to that and in our strategic partnership with you, I think we provide a really good interface to holistically address those many elements. However, email and we're going to talk about emails, sort of singularly. Today is so important that we always start with email because honestly, it's where most of the problems either start or email is involved. In Microsoft, says something over, 90% of all the bad stuff that happens to people, on the internet, starts with an email or ends with an email. In the U.S., domestically, because we've been kind of conditioned to think that anything on the internet should be free. And we know better that there is no free lunch and that there's always some other agenda when it's free. And yeah, the other agenda for free email providers is you are the product, you are their profits, enter your activities are creating the kind of information that they can resell for marketing purposes, or what have you, and that in many cases, doesn't end well, so we say get off the grid of free email consider getting off the grid of free email and taking your privacy and your personal information as it pertains to email and think about it. I know I'm old enough to know that when we first started using email back in the 90s I don't think any of us really were able to think forward in terms of what that email address would would serve as a tool in our everyday lives and that's why when I see old AOL, email accounts, old Yahoo accounts. Sometimes, the name of the email is really silly because people just didn't know how to think about it right now. They're kind of stuck with it and they're still using it.
Carrie Kerskie – My favorite is when they have their first name. Last name, followed by their year of birth. That's my favorite right?
Brad Deflin - Exactly. And so that we didn't know how to think critically about it and I use that term think critically a lot, but I can't think of a better term but hopefully it resonates and people find it very relevant but we didn't think know how to think forward. So but now we do know We have our lives through email, the most intimate, important sensitive information in our lives, personally and professionally for that matter, tends to be involved in some shape or form with email.
So email is as important is our front door is anymore. In terms of how we secure it, how we think about it as a defense, how we think about it as part of our everyday lives and when it's on a free platform that front door is Is not as secure as it could be when you privatize. So what does it mean to privatize eating?
Lots of people. Still think it means. It's a server in your basement like Hillary Clinton. No, that's not what it means. What it means is. Number one, we take down a domain. We help you find a domain name, right. I have an unusual last name. My family domain is Deflin.net. So, my kids are Billy at and so on and so forth, right? If your name is Smith, you're not going to find Smith. n. That makes sense to you isn't too long and we say, look, you're going to live with that. So, let's take time getting the right domain name. We don't want it to be too long. Nobody likes typing long, like total digital security.com is a little bit to get TDS.com would have cost hundreds and hundreds of thousands of dollars, but that's another story. So, anyway, we get the domain and we take it down for five years, you have first rights and refusal you own that domain. And so, remember when you own call it, you know, xyz.com, that's the domain name, only, now, you create an email domain, which is at xyz.com as our example, and then we start attaching boxes carry at, you know, whatever the boxes, whatever, the family members, whatever the team members their names are their initials however you want to construct the boxes. Then we Step on a secure server that's built for email. Is that a secure facility? And includes four filters before an email gets into your inbox, antivirus anti-spam a variety of third-party data aggregators that help us identify who the bad guys are. So that we minimize, we don't eliminate kind of hardly eliminate anything in our business, but we minimize the bad stuff that's coming in, which is a big start now, You are at own your personal information when you are with a Gmail or an AOL or anybody in between, they owned by contract, your personal information, the attachments, the contents of your email, the metadata which is kind of a electronic envelope around your email that tells so much about you. What kind of computer you're using where you are, where you were the people, you communicate with the software patches, you have not installed yet. That's all in metadata. And now that's all retained on servers for information mining. The other thing about email accounts that are used by many people is the hackers. You know, they're hacking volumes of people. There are still targeted exploits and you and I share clients that are, you know, a very high profile and can certainly be targeted. But most of our clients, most of us are not targeted, but most of the exploits are not targeted. They are done. On a mass volume basis. With stolen email, addresses looking to get some percentage of that mass exploit to click the wrong link, respond in the wrong way and so it's a volume based business. So if they're going to do a volume based business, they're going to figure out what are the routines specifically to a Gmail. What are the password policies specifically to an MSN email? They're going to create an exploit That can be used against many different people so they're targeting more. The people that are on Gmail more, the people that are on AOL or whatever other free email provider, you're talking about because they know the process, they know the screenshots they know the logos. They know how to fish it better. They know how to fool you into some sort of a password diversion better. So when you're off that grid and you are hosting your own private email and Or owning your own information. You have lopped off an enormous amount of risk as it pertains to loss of privacy and as it pertains to your overall digital security and digital footprint on the internet. It is probably one of the most effective things that we can
Carrie Kerskie - So you bring up a good point and if you're a longtime listener of the show, we did an episode before, if you haven't listened to the episode, will make sure I'm put it in the show notes, but we About exactly how this works. We had a client who somehow all their Gmail and it was the I'm sorry not Gmail, they had an Outlook account and it was done through Outlook and what it was is the criminals they created this phishing email with a link and if you click on the link it looked like it really wasn't doing much of anything. But what it did is it added a rule to your outlook which said, copy all, incoming email and send it to and it was a third email address. Now, if your you having your own private email.
As it was written specifically for that program. So again, will reference that that our previous episode in the show notes, but that's another one. And the other thing too, I just want to reinforce what you said. If you're using these free platforms, they own your content icon. What's in those emails? They own those attachments they get To all the metadata, which is where you are, what you're using and everything else. So it's not just what I don't do anything in my email. So I don't care what they see. This is much bigger than that and if you are a executive of a major corporation or if you are someone in a position of influence and power they go for the low hanging fruit, the trend that's going to be your Gmail your Yahoo your AOL that's how they're going to get into you to then get into To your company.
Brad Deflin - This is the on-ramp. You're absolutely right about that.
Carrie Kerskie - Yeah, so I think having your own private one and I've had it for years. I mean, obviously, I started out having it for business where I registered, you know, Kursk e.com, because like you said, I didn't want a big huge, you know, long one. But since then, I've registered different variations, a little bit of a side topic. I've also bought the domains for my name and my children's names. My husband named, I own all of them. Because we don't know what's going to happen in the future with the way. Technology is so that way, you know, one of them ends up becoming in a key position. Nobody's going to be able to create a website, or do something around their name. So that's this little side thing. But that alliance with why it's so important to have the private. Now, I know a lot of listeners, probably narrow thinking, oh my gosh, I have to buy a domain and I have to set up this email. I have to manage it. What happens if something goes wrong or if I need help talk about what you all do and how you make this so easy for people,
Brad Deflin- Yeah, so we do all the heavy lifting. We guide you hand in hand. We set everything up so that it's ready to go and essentially hand you the keys. Now we hand you the keys but we stay on as administrator we stay on in terms of service and support and we stay on in terms of your trusted advisor as it pertains to privacy and cybersecurity which is you know, a fast evolving field and so you will have a relationship with people again you know and trust have been around a long time. You communicate with Regularly. So when you see something on email and you don't know, is it legit? Should I trust it? Why am I getting that? It doesn't look legit. Why am I getting it? What should I be concerned about you? Have somebody to go to it. Did that, will look at it with you and really our job, you know, the technology part of it carry is the easiest part. Because the technology is taking care of itself. There's been more fresh Capital coming into, cyber security and the industry over the last 10 years, quarter and quarter. Order out. Then there was four years and years beforehand. It was kind of a kind of a stagnant oligopoly, and suddenly privacy and cybersecurity again around 2012. 2013 for the first time was recognized as a growth industry.
Some of the advanced sciences that we've only seen over the last Three or five years, incorporated into these Solutions, the Innovations are tremendous, the hard work is with people. And how do we work with people and do the deep tissue work. That's required to advance their that critical thinking skills because digital is here to stay will envelope Our Lives more and more. We talk about the metaverse sometimes and so taking down your kid's name, domains and all that. That's a great defensive measure as we head into the Diverse where everything has some digital element to it? We need some autonomy or we you know or big Tech will be the tail that Wags the dog if you will, we need to take some of that back. We need to privatize it and the good news is it's very inexpensive and you have a trusted resource to work with and ultimately you know, somebody that's been on AOL or an email since 1995 and we get those people all the time, they have all their Save all their information. We get that. Guess what? Migrating, from the old to the new is much simpler than you would think it is that get Advanced tools, we do it hand in hand with you. And what we find is that once that's done, people feel empowered, they feel like they're in a good spot with their email. They feel in control. They don't feel abused that it is a very empowering effect. And I have to also add, it's a great way to begin talking with the other. Family members kids, especially around the importance of privacy which is a really important conversation to have these days because many cases, the younger Generations, do not recognize the value to privacy much less their security and personal safety. And so, having a family email domain is a great way to start those conversations and get these other Generations, a little more interested in these topics that are so important to them.
Carrie Kerskie - So you guys take The hard work and make it easier for people which I think is phenomenal and you know in case if you're wondering it's like well but everybody knows that email address everything is set up for the discount to be a lot of work. Here's what I recommend start with crucial first. That's your bank accounts. Your investment accounts, you know, anything where it's crucial online accounts, start making those changes first. Give it to your family, give the new email address to your doctors, you know. People again that's within your inner. Oil, if you want to still, you have that AOL or Gmail. And that's where all the junk mail. And if you're going online, and you're looking for a subscription for something, and you don't want to get spammed, fine. Keep that for that, right? Exactly. Anything. Sensitive, anything, crucial, anything? That if something went wrong, it would have a huge detriment to either your financial health, or physical health, or whatever. Those are the ones you definitely want on these private email servers.
Brad Deflin - Exactly. And, you know it when you see it and so we think of it as a process, it's not On off switch. It's not a transaction. It's really sort of putting up a new flag for the future and with some time making that migration really into something that is not a big deal at all. And after a period of months before, you know, it you're kind of there and then you re-evaluate do I want to shut down my old gmail account, or do I just want to leave it open? Like you say, I'm at the department store and they want my email address I'd rather give them that old gmail account and that's perfectly
Carrie Kerskie - Yeah, and like We have said, many times before privacy takes work but so does recovering from an event. So would you rather put a little more time and energy investment into it right now? Or do you want to scramble and spend more time, more money and trying to, you know, chase Your Tail trying to recover so definitely being proactive and protecting your privacy or I should say reclaiming, your privacy. It does take work, but that work is worth it because it makes it so much easier in the Long run. So Brad real quick. If people want to reach out to you or learn more about you and your company working, they find you.
Brad Deflin - So I have an unusual last name as I said Brad Deflin you can Google me and it'll come right up to the top, but I'm Brad at total digital security.com or just contact carry and I'm sure carryover. Put you in touch with us and then the company website is total digital security.com.
Carrie Kerskie - Perfect. And will also have links in the show notes so that way you'll have access Yes to it as well. So Brad thank you so much. I really appreciate you coming on and listening. I hope you really pay attention to this and consider it because this is the, age that we are moving into that. If you don't start reclaiming, we're going to lose more and more control of our privacy. The less control of your privacy, the greater your instances for identity theft fraud in cyber threats. So, take a moment, take control, and take these steps. Do what it takes and protect your privacy because it's worth it, Brad. Thanks. Again, so much for joining would love to have you back for a future episode and listeners. If you haven't already subscribed, go ahead and subscribe. So that way you'll never miss an episode. And if you have a few minutes, they write us a review. Tell us what you think. Because that way it helps us, figure out what you like, and what you don't like especially if you're on Apple, leave us a review that would help us with our ranking. So thanks so much for tuning in and until next time stay safe.
https://privacy-mentor.com/ep77/
For more about Total Digital Security and our cybersecurity products and services, please contact us.
To subscribe to Brad Deflin's CYberAdvisor Letter:
For more about private email accounts from Total Digital Security;