Sony. The US government. The news is often filled with ‘the latest’ cyberattack. It seems like all of our data is vulnerable. What should we do about it? What can we do about it?
Can We Truly Secure Our Data?
I think the best answer is maybe, but always keep in mind that if someone who is talented and focused really wants to get to your data, they probably can. It might take them a little time, but no data today is completely secure. Whether it’s someone we know who wants to hurt us (the hardest danger to protect against), a vendor who is careless or not doing their due diligence to protect the data they have, an email or website link we clicked on that gives someone access to our data, or some malicious person sitting on the same public WiFi network we’re using to do some quick shopping, our personal and corporate data is more accessible than we’d like to believe. And if our position in life is such that we become a ‘public’ target, we increase our vulnerability many times over.
Are Some Computers & Devices More Secure?
The quick answer is yes, but that doesn’t mean we’d be willing to focus our lives on the ‘more secure’ systems. Remember that even the US government gets hacked, and we’d like to believe it is doing all that can be done to protect data we have entrusted to it (though we give it some data because if we didn’t— like when we send in our tax returns, we’d be breaking the law).
There are conferences around the world for ‘security’ people that attract a lot of hackers too. The conferences often set up computers for attendees to try to hack, and there are usually rewards given to those who are the first to hack them. Typically, they set up three current computers with current configurations: a Mac OS system, a Windows system, and a Linux system. The Mac OS system is usually the first to fall (often in less than five minutes), followed by the Windows system (usually within an hour), and the Linux system is often the one nobody can hack. But most of us don’t want to work on computers that run Linux; we prefer our Mac OS and Windows systems.
Regarding iOS and Android devices, there are a small number of exploitations for them, but the data they carry is usually much less than computers carry and the risk is, thus, fairly small. Of the two, iOS devices seem to be more secure, perhaps because their filing system is not typically available to users.
What Should We Do?
Be careful! But keep in mind that even if you are careful, your data could still get hacked. Here are some things I recommend:
- Keep your computers and other devices up to date regarding the patches provided by their operating system and application manufacturers. Many patches close up vulnerabilities that have begun to be exploited.
- Run anti-malware on your computers, and make certain your email is scanned to prevent most of the SPAM that is sent to try to take advantage of you.
- Reconsider whether you can really trust public WiFi. I rarely use it— never on my computer, and only sometimes on my iOS devices. If I need my computer to connect to the Internet while away, I use my smartphone’s hotspot feature so that my connection is more secure. Public WiFi is an easy way for malicious people to gain access to your systems and data.
- Reconsider which websites and public cloud solutions you can really trust with your sensitive data. Some very popular public cloud solutions have track records of poor security.
- Use good passwords that are more difficult to hack. I recommend passwords with a minimum of seven characters that are a mixture of upper and lower case letters, numbers, and common punctuation.
- If you use a digital wallet, don’t let it sync your identity and security-related data to a public cloud server. Even though that public cloud vendor may do a good job on their security, they are a target in the hacker community. You personally may not be a hacker target, and so having that kind of data only on your local devices (encrypted, of course), your security may be elevated by your obscurity.
- Some data is more prone to problems than others. Carefully read each email, tweet, post, and text message you write before pressing ‘Send’ to make certain nothing you send can be misinterpreted or used to hurt you or someone else. The best strategy is to assume each of those communications over any system could show up on the news and be read by everyone you know.
Does It Really Matter?
I was consulting with a church recently when one of the younger pastors said he thought ‘data security’ was a “generational thing”. Unfortunately, he is correct! Many who are younger think the entire data security topic is overplayed. But those of us who are a little older know people whose lives have been significantly damaged because of data theft, identity theft, and other data security breaches. Recovering from some of those data security breaches takes a very long time, and some people never recover from them!
Yes, data security matters. And if there are simple things you can do to improve your data security, even though doing them won’t guarantee your data will be secure, it makes sense to do them.