Insecurities in the Digital Age


Data is our life now, every single thing about you or I can be summed up in a simple QR code. Lots of people do their banking, trading and run their businesses online but know very little about basic Internet safety and the risk that inadvertent poor decisions can have on their life and livelihood.

Human beings have been bending the rules and subverting the laws since the beginning of time. Greed is a quintessential aspect of the human condition, some will act on these urges in a variety of different ways and hackers, social engineers, crackers, script kiddies and disgruntled programmers pose a unique challenge to our modern society.

When you visit a webpage and you see http:// before the web address that means that the website is not secure, your communications could be viewed by individuals with a little spare time and technical knowledge. On the green side of the grass https:// means that the website is secure for the most part and whatever the person that wants your data intercepts will be more or less gibberish.

If you work at an office and the evil IT guy mandates by decree all passwords must contain a number, letters, symbols, upper case, lower case, your astrological sign or first born I can guarantee that he isn't evil but actually looking out for your best interests.

When using social networking websites don't go into too much detail about your personal life! Your birth date is not something you should put out there either, much can be learned with this tidbit of information. Always keep your autobiography short and sweet so the shadow people don't know every stinking thing about you.

When you buy that nice fancy computer from your favorite tech store, you power it on and shortly thereafter you're prompted to setup a username AND a password. Do not skimp on the password part, believe me it can lead to many problems and situations you can easily overt by listening to this simple advice: make your password something you can remember but nothing about you, your life, your job, birth dates or years of significance because cleaver social engineers can craft these out of you.

If someone calls you at 9pm and claims to work with Microsoft's virus department and that they need to remotely access your computer in order to protect your computer from an explosion or identity theft, chances are they are actually trying to steal your identity. I've gotten a few of these calls and I generally play games with them until I get bored with it, they can be crafty and very persuasive but frankly Microsoft doesn't care if you get a virus and will never go out of their way to notify you of such let-alone try to remove it for you. They want your personal info and credit card number, that is all and once they have this information you'll hear nothing more than a click on the phone and you're done.

Black Hatters aka hackers aren't usually into this type of thing, the hacker / cracker culture has changed tremendously over the years. Hackers are usually highly idealistic and very intelligent. Pride is a hackers mantra and also his worst enemy. Lately the trends have geared toward political protest, civil rights and other points of ideology. So stay low profile.

Never assume because you're a CEO or a Director of Operations that you can securely configure a router or setup a home office on your own, if at first you have no idea, ask for help. Don't create a nightmare for yourself, you can't become a subject matter expert overnight.

If someone calls your direct line at the office which is conveniently available on your company website and notices on Face Book that you just landed a big account and the caller identifies himself as tech support and asks for remote access into your computer to fix a problem you may want to vet that person intensely or rather, ask for his supervisor and contact yours.

People that don't have a need to know shouldn't know. This is one of the primary rules of access control, if everyone understood a little bit more about IT and the extraordinary measures we tech folk take to keep your company from burning down from data compromise and trade secret theft we'd all be on the same page.

Remember, if you get a tingle up your spine, you're probably aware that something is wrong and your IT guy will not be upset if you ask him seemingly stupid questions, the only stupid question is the one not asked.

#1) Respect the privacy of others.

#2) Think before you type.

#3) With great power comes great responsibility.