May 01

Security Breaches and your Personal Information

Computer Security Add comments

Here we go again, another major security breach where we discover a serious lack of controls at a major corporation. Sony announced that credit card information has been put at risk. Also, reports have suggested that Sony were storing passwords without encryption.

The security of personal data is a major area of concern as we’re constantly hearing about more frequent online security breaches. Unfortunately, this will continue so you need to be more aware.

Self protection is a simple way to help mitigate lost as you have some control of where and how you enter information. Ask yourself the questions, do I trust a particular organisation to look after my personal data? Should I let a particular company hold my credit card information?

Below I have listed some simple rules for entering data on the Internet

  • You can use multiple email addresses. This will allow you to have separation between the type of information received. Think about it, do you always need to use your main email address when signing up for stuff on the web?
  • Use multiple passwords. Have a password for trivial stuff like this signing up to download software or newsletters. Have another password for email, social networking, etc… which you change on a regular basis. Then there are the financial institution passwords which should demand the use of additional password security (Well I hope they do).
  • Do not allow your credit card information to be stored. Websites like Amazon or web applications like iTunes store your credit card to speed up purchases. I recommend deleting this information after every purchase. However, it’s all about trust, do you trust Amazon or Apple to look after this data? Corporations which have a business model which relies predominately on website sales, or financial institutions (banks, credit card companies, PayPal) will most probably do a good job.

I can’t remember different passwords you say. Consumer users tend not to set strong passwords. They also tend the use the same password for multiple websites. Unfortunately, password separation between general web, email, social networking & financial logons is essential.

Consider the Sony incident. The breached information includes your credit card, email address and password (because the password wasn’t encrypted). Now imagine if you had used the same password for your email, social networking, etc… Now can you see why password separation is important.

This is not new information, I’ve just related it to the Sony security incident. Unfortunately there will be more incidents  so it worth taking a minute to consider this simple method the protect your personal information.