So many high tech security products (especially for protecting our computers) have come out over the past few years that most people have lost sight of the basic fundamentals.  Although those who make complex security solutions would like us to believe we can only be safe if we buy the most expensive and complicated product on the market.  Security happens to be one of those things where keeping it simple has great benefits, especially the benefit of using it because it isn’t a hindrance.

Most low tech security methods are physical rather than technical.  And quite frankly, a lot of this is what our grandparents thought was common sense, but we’ve lost track of common sense as we’ve been inundated by billions of marketing dollars telling us that we need something expensive and complicated to protect us.

According to the Federal Trade Commission’s 2006 Identity Theft Survey Report (http://www.ftc.gov/os/2007/11/SynovateFinalReportIDTheft2006.pdf), 16 percent of victims  knew the person who stole their identity.  So we’re talking about someone you know and potentially trust and allow into your house or business.  Although only two percent of thefts were known to have come from compromised mail, 56 percent of victims reported that “they were unaware of how their personal information had been compromised”.  So let’s leave it at there’s a significant risk posed to your identity that can be combated by some simple physical safeguards.

• If a piece of paper has any identifying information on then shred it before you dispose of it.  Tearing it up isn’t good enough because it can be put back together.  Make sure you get a cross-cut shredder, not a straight shredder, because it will cut the paper into smaller pieces.
• If you live in an apartment, don’t “politely” hold the door open for strangers.  If you don’t know who they are, then why do you want them roaming your halls?  Simply close the door behind you and say, “I don’t know who you are so you’ll have to get your host to let you in the building.”
• Never let anyone into your house or apartment without seeing some form of identification.  A t-shirt that says “Comcast” doesn’t guarantee that you’re dealing with a Comcast employee.  Not only does this protect your person and your physical possessions, but it also protects your computer.  We’ve read accounts of thieves going door to door pretending to be with broadband providers in order to gain access to people’s computers to install malware that steals personally identifying information.
• Always lock doors and windows, and buy a good lock.  Stolen jewelry hurts today, but the knockout punch could come months afterward with a stolen identity.
• Use motion sensing lights to illuminate your perimeter and doorway.  Thieves hate it when you can see them.
• Reduce the number of credit cards you have.  This way you’ll be more likely to notice if one is stolen or misplaced.
• Check credit reports annually for inaccuracies and potential fraud.
• Don’t go on social networks like Facebook and Twitter and announce that you’re traveling and your house is unprotected.
• At work, lock your personal possessions in a drawer. Many years ago I was conducting a physical security audit.  The manager who had hired me to conduct the audit had left her purse complete with wallet and credit cards on her desk in her unlocked office.

Here are a few low-tech ways to protect your computer:

• If you don’t need wireless network, don’t use it.  When properly configured, a wireless network can be completely secured.  Is your WLAN properly configured?  Why take the chance?  If you’ve got a desktop that’s going to stay put right next to the router then use an Ethernet cable and skirt the whole wireless security issue.
• Remove the keyboard and mouse.  One of my clients leaves a computer in the reception area of his business, but when the receptionist gets up the computer is unprotected.  He chained it to the desk, but it’s still vulnerable, so I instituted a policy where the receptionist locks the keyboard and mouse in a drawer when she gets up.  No keyboard or mouse means no computer access.
• Use strong passwords.  I’m filing this under common sense in this day and age.  Password should be eight or more characters, contain a mix of letters and numbers, and not use words that can be found in the dictionary.  Avoid using words with personal significance – I always tease my friend who has a dog named “Toto” that I know here passwords are all “toto123”.
• Speaking of which, don’t use the same password for every website.  If one is hacked they all are.
• Consider having one computer for going online for entertainment and casual surfing, and one for doing sensitive work.  This cuts down the chances that your “serious” machine gets infected with malware while you’re having fun.

No related posts.