How secure are our systems?
Photo: David Wheelan. Source: Pixabay
Computer security is essential to modern life. There are dark places and dark minds out there, who want to hack into our systems and devices and steal or corrupt our data and our money. There are viruses, malware, bots, cookies, and other junk that can compromise our personal and professional systems. These hackers are intelligent, motivated, and seemingly everywhere. What can we do protect ourselves?
For most of us, cyber-security begins with a user name and password. Behind that mundane entry-point is a host of firewalls, protocols, and server restrictions that we hope will keep us safe. Security is omnipresent: American smartphone users unlock their phones, on average, 80 times per day. Prior to using our fingerprints, most devices required PINs – something far less secure. But how secure are our PCs?
Logo for a hacking conference. Illustration: Dagmar D’Surreal. Source: Wikimedia
When organizations require long, random passwords that change every 30 days that require two upper-case letters, two lower-case letters, two numbers and special characters that change from site to site, it’s no surprise that we continually circumvent and misuse the controls designed to protect us and our organizations. Some of the most common workarounds include post-it note stalactites with passwords, or notebooks in desk drawers, or spreadsheet files entitled “passwords” saved among the user’s most accessed documents. Proximity sensors designed to log us off when we’re not there have Styrofoam coffee cups placed over them. Junior team members are detailed to regularly push the space bars on everyone’s keyboard during meetings to keep everyone logged in.
Folks don’t see these workarounds as hacking. They’re just trying to do their jobs. But when these security circumventions become part of a new worker’s de-facto job orientation, greater security becomes lower security – or even no security. The weakest link in the chain is the one that breaks when stressed. And a padlock that’s left open because the lock is rusted is worse than useless.
With autonomous vehicles that talk to each other and wearable tech where we can receive advanced medical treatment at home, cyber-security is more important than ever. Security breaches cost billions of dollars every year. It’s equally important, though, that our protections be realistic and usable – like touch ID on our phones, or two-stage authentication. Otherwise, they’ll just inspire insecure workarounds. And that won’t be secure for anyone.
Douglas R. Tengdin, CFA
Charter Trust Company
“The Best Trust Company in New England”