As this issue of Marina Times goes to press, the Middle East is reporting a widespread and sophisticated computer infiltration that has been covertly copying and relaying information from computers in that region and sending the data who-knows-where. It is just the latest reminder of the vulnerability of even heavily protected government and industry computers; in such a world, what chance do you have with your personal hardware
and software?
You have one good thing going for you: You aren’t a government or (probably) business engaged in dangerous activity, such as building nuclear facilities in Iran. So it’s unlikely that foreign governments or international conglomerates of competitors are spending millions of dollars trying to break into your computer network.
However, you have a bad thing going for you, and it’s a problem nearly everyone has: You likely have multiple, connected devices on your desk, in your pocket, and on your living room coffee table, each of which contains passwords and private information that can be valuable to the seemingly endless number of scammers, hackers, and all-around ne’er-do-wells who want to get such information.
A decade ago, I interviewed the brilliant computer security expert Peter Tippett, then an executive with Cybertrust and now a part of Verizon Business Security Solutions. After he explained the constant and growing threats that individuals and organizations face from hackers and viruses and other cyber-threats, he outlined the many possible ways to protect yourself and your technology systems.
“Don’t sweat the big stuff,” Tippett said. There are some things that will simply be beyond your abilities and that will need to be done at the internet service provider or corporate level, if you are in a company. But he stressed that if people would just do the common sense basics well, it would protect them from the overwhelming majority of the threats.
Post-It Notes: Walk into just about any home or office, and you can find people who have written down various computer or program passwords on sticky notes and stuck them to the fronts of their computers. These notes will, naturally, be invisible to people who only interact with you online, but there are few homes or businesses that don’t have visitors, and people who look to do bad things are very aware of your vulnerabilities. It’s the easy open window that a thief can use to sneak into your garage; in this case, it’s the easy “open window” into your computer system. Therefore, never stick your password to your computer or any other easily visible place.
Updates: You’re hard at work (or playing) online, and a popup on your Windows or Mac appears, informing you that it has a software or system update to run. It might or might not sound serious; it might or might not even tell you it has to do with security. But every bit of software on your computer that isn’t up to date is a vulnerability, and the people who are trying to steal from you spend a lot of time investigating and exploiting those vulnerabilities. So the least you can do is disappoint them by running the updates.
Complex passwords: By now, everyone knows not to use their birth date, child’s name, or other obvious candidates for passwords. Those are the first things someone will try when they are trying to break into your system. But go beyond just not using those types of passwords; make sure your password includes capitalized and lower-cased letters, a numeral, and a non-alpha-numeric character (such as an exclamation point). The more complex you can make your password, the more astronomical are the chances of someone discovering your secrets.
Information promiscuity: It is very difficult to do much online without divulging some of your personal information. Facebook is arguably the biggest offender, but it is by no means alone in seeking to collect and profit from your data. That, at least, is legal. But the more information you put out there, the more you have to be aware of how that information is shared with sites and programs beyond the one in which you put it. Assuming you’re not going to let the social networking revolution pass you by and you’re not going to refrain from ever buying anything online, at least develop a healthy skepticism about each new Facebook application that demands access to your information before it lets you use it. (It’s okay to ignore pleas to use new Facebook apps.)
Just as washing your hands in the bathroom is a common sense way to protect yourself from biological infections and viruses, these basic good-effort procedures are a necessary starting point for keeping your personal and business data out of the hands of people who shouldn’t have it.
