Good Security Hygiene Is All About the Little Things

You can’t stop Russia from hacking your gmail. The DNC couldn’t. And neither can you. If Vladimir Putin really wants to know what your weekend plans are, there is little you can do to stop him. But there is a lot you can do to stop your nosy neighbor in the next cubical from dipping into your personal information.

The real security threats you face are not likely at either of those extremes, but somewhere in the middle. Your corporate data is definitely at risk. And the sooner we realize that security is everyone’s responsibility, the better. Everyone bears some responsibility in keeping corporate data safe.

It is past time we bring home the lessons we have learned from corporate security. It is usually not the big things you have to worry about. Most of the big things are beyond your control anyway. Good security hygiene is all about the little things.

The easiest way for a burglar to enter a well-fortified house is to knock. There are a thousand little things that you can do to foil most efforts to compromise your data. Here are three:

Protect Your Devices

It is a truth so big and obvious that it is easy to miss: You can’t protect your data if you don’t protect your devices. All of those interesting iPhone cases you see everywhere you look are not just about a splash of decoration, they are about protecting the device containing all of our personal information.

One way a case helps keep our data safe is that it makes the phone more visually impactful. It is less likely we will leave it behind on a restaurant table if it catches the eye. It is also less likely to get mixed up with someone else’s device on those conveyer belts at airport security.

Another way a case protects our data is by keeping the device from being broken and taken to a repair shop. Your personal information is not safe at a computer repair shop. All of your security efforts go out of the window once the bad guy has physical access to your equipment.

Underpaid repair techs have all the access, time, and incentive necessary to exploit all manner of your personal data. By not losing or breaking your devices, you keep it in your hands, and out of the hands of others who could exploit it. Protective cases are little things that make a big difference.

Use Two-factor Authentication

In this 60 second video, Bank of the West explains two-factor authentication better than most have done with pages of text. Here is what you need to know about two-factor:

  • It is slightly less convenient than not having it
  • It is vastly more secure than not having it
  • If you carry your cell phone all the time, there is no reason not to activate it

There was a time when 2FA was such a mess, the most likely outcome was that you would end up being locked out of your data. But as of now, there are no such reports for all intents and purposes. Almost every bad thing someone will try to do to you remotely will be thwarted by implementing 2FA.

Don’t Click the Link

Remember that the easiest way for a thief to gain access to your home is to knock. The same is true for data thieves. The easiest way for them to get your personal information is to ask for it. They do this by pretending to be someone you trust. This is called phishing.

It usually comes in the form of an email, ostensibly from a company like Apple, or perhaps your bank. The email will usually come around to asking you to click on a link and update your account information. The only right thing to do in this situation is to delete the email without doing anything at all.

If you are concerned that the message is legit, do not follow the link from the email. Go directly to the site. Google the address if you have to. Only update your information if prompted to do so at that time.

Everyone can do the little things that add up to big security. Protect your devices, Youse 2FA. And never click on the link.