Data Security…A Balance Between Convenience, Privacy, Stupidity
Instant information, instant entertainment, instant communications to and from anywhere in the world, with anyone is fantastic.
It’s all been brought to us by the computer and communications industries.
It’s a lot like Forrest Gump’s magic shoes, “They could take me anywhere.”
The problem is a lot of other people also have magic shoes.
Some just a major pain in the behind.
The good varies as to your needs and tastes.
The Working Bad Folks
The bad are the growing number of Black Hatters, Doom9ers, hackers, cyberthieves and cyberspies.
These folks are dedicated and ingenious.
And…they work really hard at their job!
They’re rather like rodents. They find software holes even the most conscientious programmers never thought were there. They spend hours and days testing, probing, tickling and trying to grab your information.
Sometimes it is hard and they really have to work at it. Most of the time it is surprisingly simple (as long as you’re bent on doing bad things).
Sometimes … we do it to ourselves!
It’s called click fraud and it is virtually unstoppable.
Sure most of the requests for assistance to transfer $1-2 million are improbable by “normal, rational” people.
Certainly the bank’s note that your account may have been violated or that you haven’t shipped the product to the buyer are dumb (especially if you don’t bank there, don’t do online banking or never sold anything online).
Surprise…it doesn’t have to work 100 percent of the time.
If only .01 percent of a million emails respond then BAM!!! they’ve got enough account information to work with.
As Forrest said, “Stupid is as stupid does.”
Since we aren’t the brightest pencil in the box we buy security software. Software that:
- protects our devices from “them”
- doesn’t impact all of the important things we’re doing
- doesn’t slow us down
- is the cheapest software we can find
Yep…a placebo will work just find!
Our Portable Stuff
People can “almost” be excused for giving up some of the stolen information they volunteer.
After all to get information you usually have to give information.
As you know there is so much fantastic, vital information and content out there today that we need constant access to it.
So we buy/use increasingly portable computers, higher capacity smartphones, portable storage/player devices.
- 1 in 10 notebooks stolen, 88% never recovered
- A Veterans Affairs employee lost a notebook with 27 million veteran records on it
- 10,000 FBI notebooks were lost last year
- 30,000 cellphones were left in NY cabs last year and never reclaimed
- Two major banks reported notebooks with client account information were stolen last year
- Government agency personnel have “misplaced” multiple backup devices containing citizen files/records
When hardware is misplaced or stolen, thieves are no longer interested in a device they can sell.
They aren’t even interested in the software they might be able to sell.
But damn the data? Yeah!!!
We have a little trouble keeping track of all of our devices, all of our content and we do a few online transactions.
Less that a lot of folks, more than some.
We know there are issues out there that keep many people from carrying out online financial transactions.
We’re not ignorant of the challenges or naďve enough to believe we’re immune to attack.
Instead we somewhat agree with Forrest, “I don't know if we each have a destiny, or if we're all just floatin' around accidental-like on a breeze. But I, I think maybe it's both.”
From our perspective, security is a major selection criteria for the devices and software we select as well as for the online outlets we visit.
As long as we’ve done some level of due diligence and feel reasonably comfortable/secure, we’re good to go.
As Forrest said,” That’s all I have to say about that.”
All of us want information security.
Unfortunately it comes at a price.
It their usual professional, knowledgeable manner the governments around the globe have had some degree of national cybersecurity management effort.
Ok so most of them suck but they are trying.
To protect “us,” they now have the authority to tap phone and computer lines in the U.S. Lots of other governments probably do as well but…who’s going to complain?
Oh sure the Brits are complaining because it is estimated that their images are captured on camera 300 times a day but that’s all in the name of security.
Truth is all that information is gathered and all of the video archived but it’s never looked at.
Privacy and security at every level is important. So important that the business side of “privacy management,” is growing in leaps and bounds.
Across the board, security is the most important capability of today’s social media initiative.
One of the major points of contention though is that in a shared pool outside the enterprise, we don't have any knowledge or control of where the content resides.
Granted, we have a huge body of standards and services that pertain to IT security and compliance. We also have guidelines for governing most business interactions that sorta, kinda apply to stuff that is done in the Web 2.0 cloud.
Ultimately, the user is responsible for maintaining the confidentiality, integrity, and availability of his/her data.
Large and small enterprises are investing millions to protect not only their information but also their customers’ content. But increasingly much of the information exchange is done in the cloud and no one is exactly certain how secure (or how vulnerable) it is in the cloud.
The challenge is the constantly changing environment as Forrest noted, “One day it started raining, and it didn't quit for four months. We been through every kind of rain there is. Little bitty stingin' rain... and big ol' fat rain. Rain that flew in sideways. And sometimes rain even seemed to come straight up from underneath.”
Most people who are really into this security thing say that companies are doing a pretty good job of addressing the content and data security.
Many went to the Andy Grove (Intel) school of security management training, “only the paranoid survive."
They have pretty good people in charge of their programs and spend a lot of money monitoring things, buying new stuff and…reacting to dangers.
Security managers’ biggest risks is one of the most difficult to address …the idiot sitting at the keyboard.
Talking to and training users (especially managers) is a tough, seemingly never ending job. As Forrest said, “Sometimes, I guess there's just not enough rocks.”
Of course for any manager it is pretty tough to resist grabbing a big chunk of a $1.5 M inheritance that belongs to a princess whose father was overthrown/killed. And what can she do with the money? Heck she’s dying of cancer, in the middle of this backward country.
Go for it dude.
Click on that return arrow.
Send over the miniscule information she is asking for after all you read the note, she found gawd!!!
You know what Forrest said… “Mama always said, dying was a part of life.”