Last week alone saw two big headlines concerning data breaches: the first with notorious password storing guru Lastpass, and the second with the alleged corporate espionage between the St. Louis Cardinals and the Houston Astros. While internet security protocols and patches occur on a continuous basis for operating systems, web browsers, firewalls, and mobile devices, here are some tips to keep your information private with today’s security protocols.
Encryption is currently one of the most effective means of keeping one’s information secure. This process uses certain ciphers or codes to obscure data sent across the internet, which then is un-obscured at the destination by a corresponding code. Encryption is most often seen in communicating with certain website’s “securely,” as all of the data that a user inputs into the site is obscured and encrypted from the point of entry to the final destination. This process keeps peering eyes from examining data while it is in transit to the destination site, as only the user and destination have the keys to decrypt the information. This technique can also be applied to any kind of electronic device that stores data, to prevent unauthorized access if it were to be lost or stolen.
There are many good mantras and rules for making a good strong password for any sort of account-based service. Use a good mix of upper and lower case letters that don’t spell out any actual words! Use numbers and special characters! Use non-standard symbols and custom keyboard input mapping! Using these techniques improve account security, as it makes attempts to “guess” an account’s password more time consuming for a hacker. Users looking to steal account information will go for any “low hanging fruit” (weak passwords) before investing time in a complex password cracking algorithm. But once a hacker has a password, a user can limit exposure using multiple passwords for different sites and accounts, as this prevents that hacker from being able to log in to other accounts and services using that compromised information.
Two Factor Authentication
This method of account security has gained traction of late, as an add-on to the widely adopted user account authentication structure. This method of security requires two different forms of authentication to verify legitimate access. Typically, after entering in a username and password, the user may need to enter a code that was sent to a registered cell phone number via text message, or use a physical authentication device with its own cipher–like a pre-configured USB drive, or even a thumbprint–before the login is complete. Often, these second forms expire after a short amount of time, demanding the user having possession of the authentication device upon logging in with the first factor. The idea is that it is far less likely to have an account compromised on two completely different security fronts simultaneously, and this technique is starting to be adopted more and more each day.[/fancy-ul][heading]Lastly, keep in mind that all of these techniques and notes are not 100% foolproof. With today’s ever-evolving electronic landscape, it has become quite literally impossible to block all cyber-attacks and snooping attempts. As such, modern information security protocols are meant to limit and contain data exposure NOT prevent it.