DocAndersen
It can’t happen to me
It is a line all of us have heard before. It is one that we have to consider, and ultimately we have to choose to apply it or ignore it. I am wandering two distinct ways that people consider, discard or accept the reality of yes IT CAN HAPPEN TO YOU.
The first is the reality of CyberSecurity. Cyber, represents everything outside of your home, that is not physical. IT can however also represent physical devices in your home. CyberSecurity is the application of security services to your personal space in the world beyond your home. It represents the platform on which this blog sites, and the reality of how you got there. Based on many years of experience I have come to realize that the most important thing to do to keep your world secure is to listen. I have a couple of suggestions to make your life a little easier.
- When possible always use social media login. Write down the sites you connect to and don’t use one social media platform to log into everything. Never use social media (SM) logins for banks, online transactions or auction sites. Those require a unique username and password. Why? Because you can create one very complex password that will reduce your risk of hacking significantly. Pass@word is not secure. H4you@theOperA. Using the number 4 for is, however fairly common, so not a great idea but you get the idea. The more complex your password, the likely you are to forget, so only having it used once reduces your exposure and increased your security
- Most computer problems are local. All security is local. The passwords you create are what separate and protect you. Malware and Anti-Virus is the most important thing. That said, the free versions of that software are very good. They respond just as quickly as the larger vendors do, to update and protect.
- Keep your computer up today with patches!
Those three simple rules help!
Earlier today I shared something I share with crowdfunding campaigns that also applies in this space of IT can’t happen to me..” Sadly it can. I have talked to many young innovation teams with brilliant ideas. Simply some of the smartest people, open to ideas I’ve ever worked with. They, like some people I talk to, suffer from the arrogance of “It isn’t me, it can’t happen to me.” First off, if all the problems you’re facing are not your problem, you need to consider where and what you are doing. Look inward first, then look to where you are, then if all of that is working perfectly, assume it is something between you and what you are trying to do. Last, once you have removed all the variables, consider starting over with a vanilla implementation. 99% of the time the issue is on your end. All of this is why I built the three rules I shared with innovators below.
1. Never assume all things will come together.
2. Prepare for the failure of every component.
3. When you’ve completed 1 and 2, add a month!
It can happen to you, make sure it isn’t an issue you’ve created first.
that’s a good one, but it isn’t really an option
i can understand that, sometimes the complexity is more than we can take, sometimes it is the frustration of not having the freedom.
I meant from an economic standpoint. End users can turn their machines off whenever, but a corporate mainframe is expected to be up 24/7/365
In the modern compute world of cloud, we don’t require 24/7 mainframe operations (plus mainframes are slowly declining). In fact many companies should take a hard look at the time they have to be up!
the cloud still needs to be up 24/7 and there are plenty of things you can’t trust to the cloud
mainframe, server farm; same thing in this context…
Yes but the cloud is spread over multiple data centers and systems. Plus, and most importantly, there are more highly trained security people that see 10, 15 and even 20 times the attacks most company security see every day. Cloud is more secure than on-premise.
I am not sure there truly is a workload that can’t be run in the cloud.
Can’t be run in the cloud? Probably not. Shouldn’t be? Definitely- sensitive information needs to be kept on-site and properly secured
“sensitive data” is a very interesting term. It means nothing. Yet it could mean something. Are you talking about the Intellectual Property of an organization? Even if it is wholly on-premise, it is still in the cloud. People access that data from home, Starbucks and so on. Its already in the cloud.
If you are speaking rather of organization structure data system of US Federal Government, State Governments and National Governments of other countries, that is already moving to the cloud.
The question isn’t should it be in the cloud anymore. It is more, what is the most cost-effective way to secure information so that it can be used but still secure.
Honestly, I am one who is rather lazy to change passwords regularly. Later, I started doing it more often and will be more often after reading your advice.
It is a simple way to reduce your risk! Sometimes that is all we can do!
You are right and I know, but that’s my weakness. But in the past two months, I have changed my password more frequently on all sites.
Thanks, Doc.
That is awesome Albert I am really proud of you! I know it is hard!
when it comes to security, you trade convenience for safety…
That is a very apt statement Alex. The same is true as a whole for the internet, but people forget that.
Trust is hard to come by on the net, but there are exciting possibilities with blockchain technology
Blockchain is an interesting technology implementation today. The speed today of Etherium and other “chains” is the huge delaying factor in more and broader implementations.
Today some of the chains can process 1,000 to 4000 or so transactions per second. On a bad day, Visa and Mastercard do 2,000,000 transactions per second.
sure, but there are uses for blockchain which needn’t require so much speed- things like voting
even if it turns out that blockchain isn’t efficient for currency, it may have many other applications
Voting is a great example of a solution appears to not need speed but in fact does. 190 million voters voting over the course of a 15 hour day (East Coast to Hawaii) results in more than 10 million actions per hour. That would overwhelm a Blockchain system today.
Smart Contracts is the one area that we can use today. We still need more speed in the transactional system of Etherium and other chains. It is coming very soon, but still not quite there.
Even if the tech were capable of handling voting on a national level, I doubt the populace is ready for it yet. It would have to start small and roll out to larger deployments
That being the case, we can hope that blockchain is able to scale up as the technology matures
In 2018 roughly 60% of US voting will be wholly digital. It increases the speed, reduces dangling Chads, and allows for faster results.
What I would like to see is an electoral system that supports the technology. IE, get rid of the electoral college. True majority wins period.
I’ve been wanting to get rid of the electoral college since I was in high school because it seemed like it could oppose the will of the populace…
You are so right Doc. We all know what happens when we assume. And we can never be too safe with our computers.
I have a good friend that does Cyber Security for a bank. He gave a talk in DC once and a General stood up and said at the end of the talk. “So you are saying there is no hope?” My friend’s talk was very negative about the state of Cyber. My friend looked at the general, smiled and said “there is hope. PC’s have off buttons.” Even the General laughed
that’s a good one, but it isn’t really an option
I turn mine off every single night. I never leave a computer on in the house. I also run a couple internet security boxes on my network, that shut off inbound traffic.
My production machine is sandboxed, but there are two networked machines which are only powered up when they’re being used. And my whole network is wired- can’t sniff packets off a CAT5 cable!