Today, naked celebs. Tomorrow, contractors?
- By Tony Crescenzo
- Sep 04, 2014
Let’s face it: As trusted and credentialed government contractors that handle demanding cybersecurity, data centers, personal devices at work and cloud computing, most of us feel that our level of competence and sophistication is much higher than most Hollywood celebrities like Jennifer Lawrence, Rhianna, and Kate Upton using the iCloud.
But is it really so?
Can we say, as a community of practice, that the cloud is 100 percent secure (public, private or hybrid) by simply relying on universally accepted encryption protocols?
In my opinion, the answer is No. As government contractors, we are guardians of much more than personal photos and ergo our need to be vigilant as big data and cloud become consumerized.
In fact, I strongly believe that without aligning organizational behavior, user behavior, business processes and the application of proper information security protocols, we should not be surprised if a major government contractor or government agency cloud will fall victim to a Hollywood-type hacker attack.
It may not be cyber terrorism, but it may just be incompetence.
Let’s use some common sense and take advantage of the cloud, but make sure we follow the golden rules, which apply to our data centers and enterprise IT.
PROTECT WHAT’S IN YOUR HAND
With the phenomenon of bring your own device (BYOD), you should treat your device like your house. You don’t invite in strangers, you always lock your doors and windows at night.
Your device is tied to you, protect it like you protect yourself
On any device where you consume sensitive or company related data or email:
- Add a passcode lock to your device if email is resident on it.
- Disable automatic cloud backup applications
- Update your devices often to keep up with security updates
- Never store passwords, enter it every time you connect to a service
Do not open unfamiliar emails and do not click unknown links and avoid connecting to unknown or unsecured wireless networks.
SECURE YOUR TRANSPORTATION
You wouldn’t tell a stranger your home address. Treat the networks you connect to as either friends or strangers and trust accordingly.
For any apps, sites, or services, use two-factor authentication, two-step verification, SSL or VPN whenever possible
TRUST BUT VERIFY YOUR WIRELESS
- Minimize the use of Wireless. Turn off Wi-Fi and Bluetooth when not in use.
- Avoid connecting to unknown or unsecured wireless networks. Turn off automatically connections to networks.
STRENGTHEN YOUR CREDENTIALS, QUESTIONS & KEYS
For any questions use alternate information if you can remember it. E.g. if you know that your first car was a Ford Explorer, but you know you actually wanted a Chevy Trailblazer, use that as your answer.
- Use strong passwords and don't reuse them.
- Do not use any popular or simple passwords.
- Do not use the same password for different accounts.
- Change your passwords every 6 months.
For security questions and answers:
- Make sure answers are strong and not easily guessable
- Do not use info that can be identified through social media or research