How secure are our computer systems?
Photo: Kerstin Riemer. Source: Pixabay
Computer security is essential to everyday life. There are dark places and dark minds out there, who want to hack into our computers and devices and steal or corrupt our information. There’s viruses, malware, bots, and tracking cookies can compromise our personal and professional systems. These hackers are intelligent and motivated. What can we do protect ourselves?
For most of us, cyber-security begins with a user name and password. Behind that mundane entry-point is a host of firewalls, protocols, and server restrictions that we hope will keep us safe. Security is omnipresent: American smartphone users unlock their phones, on average, 80 times per day. Prior to using our fingerprints, most devices required PINs – something far less secure. But how secure are our PCs?
Poster from movie “Hackers.” Source: Wikipedia
When organizations require long, random passwords that change every 30 days that require two upper-case letters, two lower-case letters, two numbers and special characters that change from site to site, it’s no surprise that we continually circumvent and misuse the controls designed to protect us and our organizations. Some of the most common workarounds include post-it note stalactites with passwords, or notebooks in desk drawers, or spreadsheet files entitled “passwords” saved among the user’s most accessed documents. Proximity sensors designed to log us off when we’re not there have Styrofoam coffee cups placed over them. Junior team members are detailed to regularly push the space bars on everyone’s keyboard during meetings to keep everyone logged in.
Folks don’t see these workarounds as hacking. They’re just trying to do their jobs. But when these security circumventions become part of a new worker’s de-facto job orientation, greater security becomes lower security – or even no security. The weakest link in the chain is the one that will break when it’s stressed. And a padlock that’s left open because the lock is rusted provides no protection at all.
With self-driving cars that talk to each other and wearable tech that allows us to receive advanced medical treatment at home, cyber-security is more important than ever. It’s equally important, though, that these protections be realistic and usable – like touch ID on our phones, or two-stage authentication. Otherwise, they’ll be circumvented. And that won’t be good for anyone’s security.
Douglas R. Tengdin, CFA