We use cookies to improve our services and provide a better experience. By continuing to use this site, you agree with our Cookies Policy.

Common Security Pitfalls: 12 Rules to Keep Data Safe

hashtag_big [11]
October 21, 2014
| Articles

If you ask a hundred experts about the main rules of data security, you risk to receive a hundred sets of rules. Even though they boil down to quite a few, the approaches can be different.

 

The twelve rules listed below are all in “do”or “do not” form. Although that may seem kind of strict, reducing options available in many cases, there are dangers that should not be tried just to feel how deadly they are.

 

Well, even if they are deadly to your data. We live in the age of the Internet, when data, once appearing in public access, trends to remain there forever. That alone has many consequences.

 

1. Keep Backups

 

Every piece of important data should have a copy. If you manage to keep many copies in physically different places, that’s even better. If you manage to make sure not all the copies can be easily accessed online, that’s even better. How about keeping a data storage device somewhere, like in a bank’s deposit box for instance?

 

If you can make paper copies for your important data, it’s even better. You can’t be sure that data storage devices available at the moment can be still accessible in several years. Paper, when properly stored, can outlive all the other known means to hold your data.

 

2. Do Not Share Private Data!

 

The less you make available to public access, the safer you are. People are fantastically careless nowadays; social networks, mobile devices… there are too many means to ruin your privacy.

 

People often see no danger in posting yet another photo about themselves, although it might be as dangerous as leaving your credit card data known to anyone who wishes to take advantage of your carelessness.

 

Internet never gets rid of any information that gets into it. Just keep that in mind when sharing your sensitive data on the Net.

 

3. Make Strong Passwords

 

An obvious piece of advice, yet many people forget to keep passwords really hard to guess, unique and frequently changed.

 

Note that if you use insecure connection when passing data, you are technically allowing everyone to intercept and learn it. If you find generating strong passwords quite hard, try services like LastPass.

 

4. Use No Defaults

 

In every case when you receive default (initial) credentials, change them as quickly as possible. You know no history of them, and it might be that the credentials could be too widely used to consider them safe enough.

 

The same advice applies for cases when you can change settings, making them far from default. For example, changing SSH port used to connect to your server can save you from certain amount of troubles, such as scanning/bruteforcing your server.

 

5. Dispose of Data Reliably

 

If you happen to use someone else’s flash card, do not assume your data cannot be recovered.

 

I do not imply that the person you borrowed the memory stick from isn’t reliable. But every thing, especially every small thing, can be lost. Unless you make sure you leave no trace of your data when you don’t need it anymore, you risk exposing it to third (yet not so friendly) parties.

 

Try Eraser to fully remove your data. It’s simple and easy to use.

 

6. Encrypt If You Can

 

There’s no extra security measures, you know. If you can afford and have the ability to encrypt your data, definitely do that. If your data is accessed by someone you do not wish to share with, encryption can be an additional insurance of your data safety.

 

You can easily find references to GnuPG and TCNext, as free means to apply encryption wherever possible.

 

I can say the same about computer systems. For example, encrypting /tmp and swapping space on Linux servers will provide you with an additional level of security in case your server is physically accessed by someone you don’t know. Of course, it’s just a small matter of what security measures should be taken for server security.

 

7. Keep Informed

 

Many operating systems have built-in tools to check for available security updates. It’s worth at least get notified about them; applying security updates received from OS vendor is usually safe enough.

 

For every hardware and software piece you use, it’s useful to keep informed about its security aspects. It could save you from crucial security risks.

 

8. Only Allow Access If Required

 

If your operating system allows creating multiple accounts to allow multiple users to access it, create a separate account for every single user. Even if you are the only person using the computer, do not make use of anything created by default. Make your account, for better safety.

 

That said, do not allow anyone use your account for whatever reason. If you need to allow someone to do something on your computer, create a separate account for them.

 

9. More Rights Mean More Power

 

It’s a common practice to do everything as an administrator of the computer system. Although there are pieces of software that require admin’s access, it’s definitely a bad idea to work as an administrator every single time.

 

It’s too powerful. Imagine what could happen if a malicious code and/or a malicious piece of software is run under such user.

 

Use the means such as ‘sudo’ Unix command, to apply for greater power only when absolutely necessary. Keep your “power” at the lowest possible level.

 

10. Don’t Leave It Unattended

 

If you have a computer, some storage devices and other stuff, that is of great importance to you, never leave it if you can’t be sure no one can access them.

 

Similarly, if you happen to leave your computer in such a situation, it’s better to assume its entire data could be compromised when you regain it. Thus, either treat all your data on it as possibly dangerous and unreliable, or take measures to always keep your devices watched.

 

11. Don’t Fall for Tricks

 

Social engineering is popular means to force people to pass their credentials to people with (possibly) malicious intentions. Although there’s no universal recipe, just try to keep a sane level of skepticism if you have to pass your credentials and/or personal data if you are not sure who will receive them.

 

That includes the so called ‘phishing’ practices. They are all aimed at creating a feeling of anger, to force you to immediately do anything (such as entering your bank’s account credentials on the link you are advised to visit).

 

A simple rule: if you feel uncertain and have even the slightest doubt, do not do what you are expected to. A single call to bank can save you from trouble, if you are told that you have problems with it, and email doesn’t greet you by your real name and/or otherwise looks suspicious.

 

12. Let Experts Do Their Work

 

If you aren’t good enough with information security, find the resources to learn, or find someone (a person you can rely upon) to assist you.

 

Doing nothing could be as dangerous as doing it wrong. So, since no one can be an expert in everything, make a decision, whether you can handle all the security issues by yourself. If unsure, find an expert to do that.

 

Conclusion

 

Security is knowledge, skill and discipline, all in one. Neglect any of them, and your data is in danger.

 

As in case of diseases, to preventing data leakage or theft from happening could be far more easy than to fix the situation afterwards. Being careful doesn’t take too much time. Also, it teaches you to be careful and thorough.

 

Good luck! May your data remain safe!

By Konstantin Boyandin
Categories: Articles
No Comments Leave a Comment
Leave a Comment

Archive