Your Personal Data and the Internet

By Michael Patino on 2015-03-24 13:22:53 -

Security, the Nemesis to Convenience

Losing not just data also dollars

 

by Shawn Faulkingham on 2015-03-17 14:06:59

Security, security, security. That’s what everyone is talking about nowadays in the world of Information Technology. Why has this become the biggest topic of the year so far? Faltering trust and faith in corporations and government. There may have been a time when we trusted companies, vendors and individuals not to do bad things. We thought Microsoft delivered secure operating systems because they said so, or Cisco delivered secure routing systems because they said so. Not anymore. As you grow and expose your digital footprint to the Internet, there are many individuals (good and bad) out there interested in who you are and what you have. Would you take a photo album with your personal information in it to the library and hope that no one checks it out? That is what we are doing when we put “stuff” out on the internet. Email, photo’s, documents and even data just traversing the Internet could be a target for someone wanting to find out more about you. If you want these items secure, so that others cannot intercept it, you can’t just use simple passwords anymore. If there is one thing that computers are good at and that is doing a lot of repetitive stuff over and over again. Hackers are using computers and clusters of computers to hack passwords. Easy stuff. I have programs that can “hack” users passwords to their PC’s, documents and PDF’s. The longer the password and the more special characters I use, the longer it takes my computer to crack it. But it will.

Now most companies offer 2-step or 2-factor authentication. This is where you have a password and then another form of identification; could be a device that creates a number, pictures with sounds, or one-time application specific password. Your indoff.com email supports 2-step verification and it is easy to use and easy to setup. Just give us a call to help set up your devices.

Setting up a secondary form of authentication is a great first step, but it is not all you can or should do. In a world where allegations of the NSA and other government entities spying on you through various means, backdoors being created in software for access to information, cipher cracking through backdoors, you need to do more to protect yourself. I firmly believe we all have a right to privacy; modern day technologies have made it far easier for other entities to invade your privacy. There are many ways you can significantly reduce your “digital surface” that is exposed to these types of invasions of privacy. I will be discussing these techniques in my next blog post.

Here is one tidbit for you iPhone users: Apple encrypts your iPhone automatically in the case that someone steals it and tries to get access to it. The strength of the cipher used to encrypt your phone is in the passcode. 4 digit passcodes are easy to crack and their cipher is easy to crack. Use 8 numbers, or use a password with characters in it; it makes it much more difficult to crack. Keep texting to a minimum with non-important information. Don’t use location services on your smartphone. Use apps from trusted sources only and check their terms of service and privacy policies. I know, most of us just click the accept button, but for folks who did that with an application called ZocDoc, they pretty much allowed them to sell, transfer and use your personal information with anyone, including SSN’s, addresses, your name, etc. All the info needed to steal someone's identity. Even if you delete your account with them, they still retain the right to hold your information indefinitely and on servers outside the U.S.! Pretty scary! And the recent Anthem BCBS hack should have you concerned as well. The State of Missouri has now become #3 in fraudulently filed tax returns. It was in the 40’s before the Anthem hack. And of course you are the one that has to jump through hoops to prove your identity.

I could write pages and pages about security (and I will, just not with this article) and how important it is to take the time to manage it. This post is really to create more awareness about security and how it relates to you and your “digital surface” or “digital footprint” that you have on the Internet. My next article (in just a couple of weeks) will be about best practices when it come to digital related security!

 

Shawn Faulkingham

CIO

shawn@indoff.com

Content licensed under CC By-Nd

https://creativecommons.org/licenses/by-nd/4.0/