With security breaches becoming a common occurrence, how can we feel safe that our digital lives won't fall victim to the next breach to hit the news?
The Sad Truth About Security
In today's highly connected world, there is almost no way to guarantee security. Security is a moving target. It's a race between those with sensitive data and those who want to steal it. As the technology to keep our data safe advances, so do the tools to bypass them. This usually makes for a close race and the bad guys only need to win once. Staying on top of the security race all the time seems like a losing battle.
As long as there is the motivation to steal data, whether it be for money, political or personal reasons, the bad guys will find a way to steal it.
Maybe you're thinking, no one would be interested hacking into your accounts because there isn't much valuable information there. For the most part, you're right. Most of us are not high value targets, meaning we aren't celebrities, politicians or someone with access to secure data. The bad guys are willing to pour more time and resources digging into these high value targets in hopes of a bigger pay day or to execute some political agenda. So, chances are no one is interested in breaking into your social media accounts but they might sell your data along with thousands or millions of others to someone that is interested.
The risks are many, but the fear is they will use the information they find to gain access to your back accounts and / or steal your identity. Losing all your money can be a gut wrenching set-back but identity theft can be an out-right nightmare. They can leave you with a mountain of debt, bad credit, traffic tickets and even a criminal record.
Before you close all your accounts and hide in a dark closet, let's look at what can be done.
Bringing The Fight Closer To Home
One would think the increase in data breaches in recent years has fueled the urgency to be vigilant in security. After all, a 2013 study by ASIS International and IOFM finds security is a $350 billion industry. That's lot of money and motivation to keep the bad guys out. But securing our data is a two sided coin.
Even the best security system can't protect us from human error or negligence. Quite often, weak passwords are the cause of a security breach. This means we have to do our part to protect ourselves. Yes, in addition to holding companies accountable for security, we should take an active role in our own security by strengthening and maintaining our passwords.
Following these password tips as your first line of defense.
- Don't use easy to predict or simple passwords (believe it or not, "password" and "123456" are two of the most common). See more common passwords to avoid
- Create unique passwords for each online account. This will limit your exposure. Using the same password everywhere opens you up to a world of hurt.
- Passwords should be at least 8 characters long with upper and lower case letters, numbers and special characters.
- Change your passwords every couple years. Change them immediately if there was a data breach.
- Use two-factor authentication for accounts, when available.
While setting your passwords, be mindful of which are most important and use your strongest passwords for these accounts. Financial and banking account are naturally important, but so is you email account. If someone has access to your email, most sites allow you to reset your password by sending yourself an email.
Where Do We Go From Here?
Even if your data was breached, the chances of someone actually using that data to pry into your life is pretty low. Of course this doesn't mean the risks aren't real and that we shouldn't be vigilant.
It a good idea to check your credit report on a regular basis. The Fair Credit Reporting Act (FCRA) requires each of the nationwide credit reporting companies — Equifax, Experian, and TransUnion — to provide you with a free copy of your credit report, at your request, once every 12 months. Take advantage of this.
If you are wondering what your exposure is to the currently reported breaches, search for your email addresses in the following website.