Feeling Secure?

May 4, 2011

I suppose one answer might be ‘violent tendencies’, given the nature of so many of the games available on Sony Playstation, but it is a little harsh as my sister hasn’t slapped me around all that much since I got bigger than her. The correct answer, which probably qualifies you for 3.5 CPD points (ring Caroline Gould for details), is that all of them thought they had immaculate security, and they were all wrong.

News will undoubtedly have reached you about Bin Laden. Apparently one pointer was the absence of an Internet connection for such an expensive property. That shows that even {i}not connecting{/i} to the Internet is a security risk – it is safe to say that he has lost all his data.

The Sony debacle has not had quite so much coverage but I will be surprised if you don’t know all the gory details. There was a hack into the personal data of more than 100 million online game users. Sony said direct debit information for about 10,700 customers in Austria, Spain, the Netherlands and Germany was stolen. It also said credit or debit card details of some 12,700 non-US customers were compromised. Of course, Sony are not the only big corporate with recent problems but they do take the prize for 2011 (so far).

My sister was almost on the shortlist with Sony. She prided herself on avoiding all dodgy sites and following best security practice. But this supposedly intelligent woman (I’ve seen the degree certificate) only narrowly avoided giving lots of personal details to a phisher after receiving a message that was right on cue for her circumstances. My laugh of the week was in response to her enquiry: ‘But how did they know I was expecting a parcel from Africa?’

The lesson for the rest of us is that we are never as secure as we think. Not many of us need worry about Black Hawk helicopters (although if one lands in the Eastham family compound, the downdraft will ruin the wisteria) and only a handful of you have information of enormous value. But the ongoing lessons are that we all need to match our security to the level of our needs, and then double it. While nothing can be made totally secure, if it is more work to hack through your security than that of your cyber-neighbour then, unless you really do hold the information equivalent of the Crown jewels, the hacker will jog on to an easier target. Ally encryption and complex authentication tools and you are in with a chance of not being a victim.

Of course, I am tempted to point out that most security breaches still arise out of people being plain daft – but I will not give in to that temptation for fear that my sister will give me a whack for being cheeky.