Friday, September 23, 2016

Personal Data Security

Whether you use a Yahoo account or not, the news that Yahoo was breached by hackers nearly two years ago and that 500 million accounts are at risk is a reminder that we all need to pay closer attention to our personal security.

My concern here is all of our personal accounts, not school accounts.  We all have an increasing amount of personal data tied into multiple accounts that we use and become more reliant upon each day.

Because of where we live, we don't have to worry that much about physical security.  But if you lived in a rough neighborhood where break-ins and assaults were common, we would all raise our level of concern.  We'd make sure we had really good locks on our doors, we'd never leave our cars unlocked, and we might even hook one of those cool chains to our wallets.

The point is, the internet is a rough neighborhood and we really don't have a choice about living there.  Is it is worth the "cost" (of time and convenience, not money) to put better locks on your house?

At a minimum, we should all do these things...

  • Do not use the same password or even slight variations for multiple services.  That is a hacker's dream!  If I get one of your sites, I have them all!  Especially do not use the same passwords at work that you use for personal stuff.

Of course, the problem is that it's very inconvenient to use different passwords for all the accounts we have.  The only realistic solution is to use a password manager.  You don't need to be a tech-geek to use one, but you do need to invest a little bit of time in setting up a password manager and seeing how it works for you.  The two main advantages of a password manager are that your passwords will be much more secure and that you will not have to remember them.

  • Change your passwords fairly regularly (every few months or once a year), especially if you have the slightest suspicion that something "funny" is going on with one or more of your accounts.  This is where your time investment in a password manager pays off, it makes this process much easier and more practical.

  • Enable multi-factor authentication for any account that has access to sensitive information.  This simple strategy will foil anyone who gets your password!  It's pretty easy to use, and it's like adding a second, blast-proof door to your home.  

Let Patty or me know if you'd like more information or to visit with us about personal data security.  We'd be happy to provide demonstrations, recommendations, or workshops to help everyone increase their personal safety and data security.