Net Neutrality Friday

So, I had a couple of topics that I could talk about this week. I decided to focus on Security and Cloud Security in particular. This is based off the celebrity information stolen recently as well as other hacking events. I know this is not a Net Neutrality issue, but has relevance to many folks. I want to start with my assertion: Given enough time and money, ANYTHING can be stolen.

I stand by my assertion whether this is cloud information or a physical object. We have been working a very long time on building vaults. Yet, banks are still robbed. So, if you are expecting perfect security you are simply mistaken. You need to remove that from your head.

The challenge with on-line security is that the thief is not going to be physically present. We understand physical security. That is why we have locks on doors, walls around prisons and safes in banks. But I want you to think about these items in a more abstract way. Our goal is to make theft harder. All we really need to do is put enough security in place that thieves decide to rob someone else. The amount of security required is directly proportional to the value of the theft.

So, there are some equivalents to this in the on-line world.

The first of this is to LIMIT the information that you store on-line. There are two benefits from this. First, an account that does not exist can not be hacked. But this creates a trade-off similar to the physical world. On-line bank account access is handy, but having it increases the chance that your money will be stolen. Second, the less personal information about you stored on-line, the harder it is to pretend to be you. Never give out bank account information, passport numbers, driver's license number, or social security numbers on-line.

Beyond limiting your scope of information, your passwords are the first and most important "lock" on your information. I am sure you have heard all the advice, but just keep away from real words and strings of numbers. Hackers use programs that go through all the basic passwords (password and 123456 for example), and then try all the words in the dictionary. Special characters, uppercase, and longer passwords are all great ways of having your password be a stronger lock!

I personally choose financial systems that have Multi-Factor Authentication (MFA). This means there is a second step to log-in to systems. Very typically this uses a device called a Digital Token that gets assigned to your account. When you log on to your account, you need to have the Token generate a random number that is used as a second sequence. These Tokens are not perfect, but for most information they can be very powerful. These devices defeat the basic hacking techniques and a lot more sophistication is required to get past them.

Finally, remember YOU are likely the weak link in the chain. Beyond poor passwords, people fall prey to loading up malware (literally meaning bad software). This can do things like add a keylogger to your systems. Keyloggers, watch what you type and report it back to the hacker. So, clicking on links is a risk. You need to be absolutely sure they are safe before you click them

If that was Too Long and you Didn't Read it (TL:DR): - Limit what you store online - Create strong passwords - Consider Multi-Factor Authentication - Be careful what you click

Have a great weekend!

Jim Sackman Focal Point Business Coaching Change Your Business - Change Your Life! Business Coaching, Sales Training, Web Marketing, Behavioral Assessments, Financial Analysis