Alisson Peres

Software Developer focused on making the WEB a better place for all.

Let's Talk IT Security Without Getting Very Technical

Most articles about IT Security get way too technical too fast. Let's change that for a second.
First let's reflect a little of what is IT Security, or Information Security. Instead of giving you a boring talk about the pillars of information security, I'll try to break it down for you. Making it simple, the information should be accessible only to authorized users, always be available and never changed by someone other than the users authorized. I didn't cover all the pillars here, but don't worry about that. If you would like more info on that topic, search for Pillars of Information Technology. You'll find many articles on that subject.
When thinking about improving Information Security in business, the best approach is to hire an IT expert, ask for a consultant to implement the best practices in your business. But I don't want to get too technical remember? So let's talk about Information Security for common users. What could common users do to improve their online information? Let's be honest, most of your files are digital these days(pictures, e-mails, work, and non-work-related documents).
I'll make a list for you and elaborate later, so stay with me here.
  • Use secure passwords.
  • Don't repeat your passwords for multiple apps and sites.
  • Be careful about oversharing on social media.
  • Use secure platforms to save your files.
  • Don't rely only on online platforms to save your files.
Starting with using secure passwords is probably the most important advice I could give anybody. There is a reason some websites request more secure passwords, with your password anybody could get access to your account. And when requested, don't just create a password like
Love2019
or
Myname@1985
.
I understand that having different and secure passwords for each website or app is a pain, believe me, I understand. But that's why I use a password manager. "Whoa hold on there, starting to get technical? But you promised." Stay with me on this one, I promise it's not going to get complicated.
I use a software called KeePass (in my case KeePass2), that works on Windows, Linux, macOS, iOS, android, toasters, etc. Not sure about the toasters, but most likely it does. If you don't want to install new software on your devices, search an online password manager like lastpass. I never used it, but it looks promising.
But what exactly would you get from a password manager, and why would you need one? Remember when I said not to use simple passwords, well a password manager not only saves your password in a secure file that is password-protected, it also generates passwords for you.
So you can get random generated passwords, like my Twitter password
M{)/TN!r/h
or my Facebook password
#P*yUMzL;]
. But if you have a secure password why have different passwords for each website? In case you are the victim of a hacker and he manages to get access to one of your accounts, with different passwords he won't be able to log in to your email account and hijack your files for ransom later.
Oversharing on social media is a pretty common thing for most people. Did you notice that I just shared my twitter and Facebook passwords? That is a(not that much) stupid example of oversharing(not my real passwords, by the way, just an auto-generated password from KeePass). Usually, websites will have some security questions that you could use to recover access to your account.
So if you post how you miss "cookie", the dog/cat/hamster/gerbil/whatever pet you had at your childhood, that could be a way into your email or Facebook account for a hacker. What can you do about this? Not post anything about "cookie"? No way! I would love to hear about her/him and see as many pictures as possible.
You could answer the security questions with a different auto-generated password from a password manager. I'm pretty sure your mother's maiden name isn't
:[Bjm;_sCF
, if it is don't use it.
You might guess what I could tell you about secure platforms. Yes, I'm talking about the online drives, like Google Drive, Microsoft OneDrive, Dropbox, Next Cloud, or whatever platform you choose that is from a well-established company. Those platforms are so reliable, that you probably won't have access to your data only if you don't have an offline copy yourself and are having problems with your internet connection.
For some people it's the only place they store their data, for others, it's a place to have a backup. You can choose how you want to use them, but please do use them.
But don't only rely on those platforms. Even if you use more than one platform to have multiple backups for the same data, that's good, but what if one day you don't have access to any of those platforms? Or if you get hacked? Always have a "hard copy" of your most important data with you. You could do that by having an external hard drive, or a USB drive, depending on the amount of data you have.
The most important thing to know is that technology fails eventually. Big companies get hacked, go offline, lose data, and they really don't care about pictures of your pet, I do, send pet pics, I'll love them. So if your data is precious to you, treat it that way.
Don't forget to checkout KeePass and LastPass for more secure and random generated passwords. I promise you that your accounts will be more secure.
Since I'm still talking about passwords, when a website gives you the chance to use an authentication key (token), or use your smartphone to connect to your account, that could be an extra step of security and that's a good feature, use it.
Since you came this far, I'll reward you with a cat pic.
And why not a dog pic as well.

Tags

More by Alisson Peres

Topics of interest