DATA



Security Measures

Media technology has shifted from a solid mostly interoperable hardware-based fundament to a software-heavy landscape that runs on cheaper general purpose computing hardware.

In this transition the rigor with which vendors used to test and verify their products was replaced by shorter innovation cycles leading to more formats, richer features, broader and faster collaboration. The price is a higher complexity which naturally means an increase in sofware bugs. Since more computer systems are networked today, the attack surface has also tremendously increased. Public exposure combined with higher complexity has enabled most of today's security nightmares. The only way out when we don't want to lose the benefits of innovation and collaboration is to improve and update our software.


According to updates remember to:

  • update often
  • prefer software with trusted (digitally signed) updates
  • enable auto-update functions
  • without (security) updates for a year, consider a device outdated and broken
  • when an update breaks functionality: tell your vendors
  • when your vendor does not listen, buy somewhere else next time


Internet Security Best Practices

Most online services are accessible via Web-Browsers today. This makes browsers an attractive target for criminals who aim to steal your passwords, credit card data, personal information and infect your computer with malware. Having collected enough information about you, criminals try to impersonate you, logging in to services under your accounts, steal, modify or delete data, purchase goods and services online using your credit card and more.

Always be alert when handling sensitive data for your business or personally:

  • never enter passwords or confidential information into websites without https at the beginning of their URL
  • check for a (green) lock icon in your WEB browser's address bar
  • double-check the domain name of the website before entering sensitive information
  • use different, randomly generated passwords for each of your online accounts
  • use 2-factor authentication when available
  • use an AdBlocker and maybe a ScriptBlocker to limit malware infections
  • disable or deinstall Macromedia Flash and Java
  • use different browser accounts for each project, your business and private issues
  • use your Browser's private browsing mode
  • use a personal firewall like LittleSnitch on OSX
  • upgrade Web browser and operating system often


Authentication Best Practices

Login credentials such as self-chosen passworda are often the only means to authenticate yourself with a remote service. Attackers may guess your password when it's too simple, may steal it by sniffing unencrypted network traffic, by watching you typing it in public or by stealing the entire database from a service provider (which is sadly happening very frequently). Whenever your password is compromized in either way, an attacker will try using it to gain access to your accounts with other public services, such as your email provider.

Good Passwords are **unique** combinations of **words**, **numbers**, **symbols**, and both upper- and lower-case letters.

Bad Passwords are **short**, **simple** or **guessable** such as words you can find in dictionaries, usernames, personal details (birth dates, phone numbers, etc), adjacent keyboard keys.

Recommendations

  • use 2-factor authentication when available
  • never use easily guessable words, dates or numbers, not even as part of a password
  • use password generators and password managers for creating unique passwords
  • use a personal passphrase scheme that yields a unique password by mixing something you easily remember with something unique about the service
  • change passwords regularly (between once a month and twice a year)
  • never reuse passwords across different websites and services
  • never share your passwords or scheme with anyone including your own administration staff


Author: Alexander Eichhorn

Related Articles: