Hacking has been in the news repeatedly over the course of the last year. Everyone is wondering whether their information is actually safe – what the likelihood is that it might get stolen or corrupted. The fact is, no one can snap their fingers and make their entire digital life completely secure. There are too many factors involved. However, you can certainly protect yourself a lot better with a more seasoned sense of perpective and simple tactics such as website backup.
Here are a few facts about data protection that security specialists think should be common knowledge, as described by Annalee Newitz of Gizmodo, via interview with various thought leaders.
Fact #1 – Improving your password is an extraordinarily powerful anti-hacking maneuver.
Alex Stamos, CSO for Yahoo, has centered his life around determining flaws within systems and the ways in which cybercriminals can take advantage of those weaknesses. Throughout his career, Stamos has realized that there are two mechanisms that are absolute essentials for any user: complex passwords and two-factor authentication.
The security pro mentions that the press tends to discuss the most damaging and sophisticated attacks, making an ordinary person start to believe that protection is all but impossible. People should keep in mind that most attacks don’t involve the extreme measures used on high-profile targets by well-organized hacking coalitions – such as the screenshots and video feeds collected by the hackers of international banks.
Stamos says he thinks the way that data safety is presented in the press has an almost doomsday quality to it. As he sees it, many users are starting to feel like there is nothing they can really do to defend themselves, when they can actually take simple precautions.
“While it’s true that there is little most people can do when facing a top-tier intelligence apparatus with the ability to rewrite hard drive firmware,” he argues, that should not demotivate people from doing everything in their power to safeguard themselves from common day today attacks and security companies from developing functional tools to outwit the bulk of offensives.
Fact #2 – You can’t gauge security based on age.
Many people assume that a PC or tablet is “clean” when they take it out of the box. Unfortunately, says International Modern Media Institute IT director Eleanor Saitta, hardware often contains dangerous software before you even use it.
For example, the adware Superfish was fraudulently installed on Lenovo laptops – the best-selling brand last year. The malicious program “alters your search results to show you different ads,” reports CNET, “but it also tampers with your computer’s security so that attackers can snoop on your browser traffic.”
Fact #3 – All applications, even the strongest, have flaws.
It’s easy to think from outside the realm of security that it’s simply a matter of coding applications “correctly” in order to properly protect users. People who think in this way get very frustrated when hacks occur because it seems as if someone was grossly incompetent and simply wasn’t using the strongest technological standards.
Parisa Tabriz, chief of security for Google Chrome, says that safety is similar to healthcare, containing quantitative and qualitative components. After all, our systems were designed by people, and attacks are strategized by people too, typically to achieve real-world gain.
The ability to provide 100% security to the entire infrastructure means that the targets have literally no room for error: “The defenders have to make sure there are zero bugs in all software they use or write (typically many millions of lines of code if you consider the operating system too),” she says, “whereas the attacker only has to find one bug.”
Fact #4 – There really should be SSL everywhere.
Many people don’t think that HTTPS is right for their website because it’s only needed for login pages, payment pages, and similar situations. However, Peter Eckersley, a project contributor with the nonprofit Electronic Frontier Foundation, recommends that every website be protected with SSL certificates. If an SSL is not used for the site, it’s easy for anyone to spy on what materials users are accessing and even to doctor information.
Fact #5 – Cloud poses a different set of challenges.
Leigh Honeywell, a security developer for one of the most prominent cloud providers, said that data protection in the cloud versus that of an individual network (such as a business’s servers) is that the cloud is like an apartment building, while the traditional system is like a house. If the apartment building has a security guard, that person will have a lot more information and knowledge about how to protect the building than would the typical homeowner.
Cloud technology has an additional advantage too, a relatively simple and obvious one, says Honeywell: “Cloud services are able to correlate data across their customers, not just look at the ways an individual is being targeted.”
The value of backing up your site
As indicated by Parisa Tabriz, it just isn’t possible to achieve 100% protection from hackers – although some of the strategies discussed above can help. Plus, you are always better prepared with simple and secure website backups so that if you are targeted, you can quickly recover.
Related: 4 More Security Facts Experts Wish Were Common Knowledge [Coming soon…]