Common Security Pitfalls: 12 Rules to Keep Data Safe
The twelve rules listed below are all in “do”or “do not” form. Although that may seem kind of strict, reducing options available in many cases, there are dangers that should not be tried just to feel how deadly they are.
Well, even if they are deadly to your data. We live in the age of the Internet, when data, once appearing in public access, trends to remain there forever. That alone has many consequences.
1. Keep Backups
Every piece of important data should have a copy. If you manage to keep many copies in physically different places, that’s even better. If you manage to make sure not all the copies can be easily accessed online, that’s even better. How about keeping a data storage device somewhere, like in a bank’s deposit box for instance?
If you can make paper copies for your important data, it’s even better. You can’t be sure that data storage devices available at the moment can be still accessible in several years. Paper, when properly stored, can outlive all the other known means to hold your data.
2. Do Not Share Private Data!
The less you make available to public access, the safer you are. People are fantastically careless nowadays; social networks, mobile devices… there are too many means to ruin your privacy.
People often see no danger in posting yet another photo about themselves, although it might be as dangerous as leaving your credit card data known to anyone who wishes to take advantage of your carelessness.
Internet never gets rid of any information that gets into it. Just keep that in mind when sharing your sensitive data on the Net.
3. Make Strong Passwords
An obvious piece of advice, yet many people forget to keep passwords really hard to guess, unique and frequently changed.
Note that if you use insecure connection when passing data, you are technically allowing everyone to intercept and learn it. If you find generating strong passwords quite hard, try services like LastPass.
4. Use No Defaults
In every case when you receive default (initial) credentials, change them as quickly as possible. You know no history of them, and it might be that the credentials could be too widely used to consider them safe enough.
The same advice applies for cases when you can change settings, making them far from default. For example, changing SSH port used to connect to your server can save you from certain amount of troubles, such as scanning/bruteforcing your server.
5. Dispose of Data Reliably
If you happen to use someone else’s flash card, do not assume your data cannot be recovered.
I do not imply that the person you borrowed the memory stick from isn’t reliable. But every thing, especially every small thing, can be lost. Unless you make sure you leave no trace of your data when you don’t need it anymore, you risk exposing it to third (yet not so friendly) parties.
Try Eraser to fully remove your data. It’s simple and easy to use.
6. Encrypt If You Can
There’s no extra security measures, you know. If you can afford and have the ability to encrypt your data, definitely do that. If your data is accessed by someone you do not wish to share with, encryption can be an additional insurance of your data safety.
I can say the same about computer systems. For example, encrypting /tmp and swapping space on Linux servers will provide you with an additional level of security in case your server is physically accessed by someone you don’t know. Of course, it’s just a small matter of what security measures should be taken for server security.
7. Keep Informed
Many operating systems have built-in tools to check for available security updates. It’s worth at least get notified about them; applying security updates received from OS vendor is usually safe enough.
For every hardware and software piece you use, it’s useful to keep informed about its security aspects. It could save you from crucial security risks.
8. Only Allow Access If Required
If your operating system allows creating multiple accounts to allow multiple users to access it, create a separate account for every single user. Even if you are the only person using the computer, do not make use of anything created by default. Make your account, for better safety.
That said, do not allow anyone use your account for whatever reason. If you need to allow someone to do something on your computer, create a separate account for them.
9. More Rights Mean More Power
It’s a common practice to do everything as an administrator of the computer system. Although there are pieces of software that require admin’s access, it’s definitely a bad idea to work as an administrator every single time.
It’s too powerful. Imagine what could happen if a malicious code and/or a malicious piece of software is run under such user.
Use the means such as ‘sudo’ Unix command, to apply for greater power only when absolutely necessary. Keep your “power” at the lowest possible level.
10. Don’t Leave It Unattended
If you have a computer, some storage devices and other stuff, that is of great importance to you, never leave it if you can’t be sure no one can access them.
Similarly, if you happen to leave your computer in such a situation, it’s better to assume its entire data could be compromised when you regain it. Thus, either treat all your data on it as possibly dangerous and unreliable, or take measures to always keep your devices watched.
11. Don’t Fall for Tricks
Social engineering is popular means to force people to pass their credentials to people with (possibly) malicious intentions. Although there’s no universal recipe, just try to keep a sane level of skepticism if you have to pass your credentials and/or personal data if you are not sure who will receive them.
That includes the so called ‘phishing’ practices. They are all aimed at creating a feeling of anger, to force you to immediately do anything (such as entering your bank’s account credentials on the link you are advised to visit).
A simple rule: if you feel uncertain and have even the slightest doubt, do not do what you are expected to. A single call to bank can save you from trouble, if you are told that you have problems with it, and email doesn’t greet you by your real name and/or otherwise looks suspicious.
12. Let Experts Do Their Work
If you aren’t good enough with information security, find the resources to learn, or find someone (a person you can rely upon) to assist you.
Doing nothing could be as dangerous as doing it wrong. So, since no one can be an expert in everything, make a decision, whether you can handle all the security issues by yourself. If unsure, find an expert to do that.
Security is knowledge, skill and discipline, all in one. Neglect any of them, and your data is in danger.
As in case of diseases, to preventing data leakage or theft from happening could be far more easy than to fix the situation afterwards. Being careful doesn’t take too much time. Also, it teaches you to be careful and thorough.
Good luck! May your data remain safe!