Most people are a bit contradictory in the way they think about security. We rush to lock our front doors and password-protect our PCs, but we leave the keys under the mat and prominently place sticky notes with the computer passwords above our desks. The time has come for us to take responsibility for network, data and application security. Here are some tips on how to do that.
- Know your network: Think about who you share your data with. Be conscious of who is on your network and what you share. An email sent to your HR person with personal information can easily be shared whether intentionally or accidentally—we’ve all hit “reply all” when we only meant to reply to the sender.
Another important aspect we don’t often consider is where we access data from (i.e. Public Wi-Fi). It’s rather simple for someone to intercept your data in a man-in-the-middle attack by first setting up a network and naming it “Free Wi-Fi;” ask restaurant and airport staff the name of the network. Better yet, learn how to tether your phone and turn it in to your personal hotspot. Also keep in mind when traveling —if you sync your phone to the rental car system, remember to wipe it before returning the car rather than trusting that the rental company.
- Set permissions on your data: Learn how to set up permissions to keep others out of it.
You ultimately have responsibility for your data. If your bank account is hacked, you may need to prove your password was protected and you did what was necessary to guard against a breach. You must also be careful of the apps you download and if these apps require a password, don’t regularly repeat the same one. When picking a new password, use common sense and don’t check “Remember Me.” It might be easier, but doing so gives the site or application a cookie that is open to misappropriation.
- Less is more: Keep your most sensitive information on the fewest number of different computers or cloud-based tools as possible.
Having fewer copies of your most sensitive documents helps protect it. While the cloud provides convenience and ability to access information from multiple devices, are you really going to need to access all your bills, bank accounts, and investment statements from everywhere? Disable Remote Desktop (RDP) unless you require these features. Additionally, it is best not to enable remote connections to your PC unless needed at the time. Instead, enable the remote connections when needed, and disable them when you’re finished.
- Encrypt your data
Add an extra level of security to your sensitive data. In our mobile world, this will especially help as your data goes back and forth in the cloud. While encrypting files can be a little difficult, it’s like anything else —practice makes perfect and once it becomes a habit, it is easy. Better yet, automatic authentication frees us from even thinking about it. Full data encryption solutions encrypt the entire hard drive from the operating system to all applications and data stored on it. As information is read from the disk, it is decrypted and then any information written to the disk is encrypted in turn. Without the encryption key, the data stored on the disk remains inaccessible.
No comments:
Post a Comment