One of the phrases sometimes heard in certain circles I have traveled in was “Don’t be a victim,” or its near cousin “Don’t allow yourself to be victimized.” While these words of wisdom were passed around in some of the rough, hard biker hangouts up in the Santa Cruz mountains, they are relevant to the world of Borderless Networks as well.
In terms of mitigating risk, one of the very best things you can do is actually one of the simplest. When it comes to passwords, pick a good one and use it. Mix in numbers, special characters, uppercase and lowercase and avoid names and dictionary words and you are going to be in a far better place. Oh, and as 4chan illustrated when they hacked a Christian dating site, never assume that your password will not be stolen – you may want to use different passwords. For mobile devices, which are prone to being left in various places, it is critical to have a password protected locking home screen.
Another very good but easy thing to do is retain control over access. Audit accounts and turn off accounts should not be active. An excellent example of this comes from The Reg where a Richmond, Virginia man who had been dismissed in June of 2008 retorted by using his admin account to wipe out his former employer’s website and delete a number of internal files. Although the company was able to recover, they could have avoided the entire scenario simply by turning off the admin account (or changing the password) when they fired the guy. Very simple stuff that has not changed since the invention of the login, but as Verizon’s PCI Report puts it, “Organizations are better at planning and doing than checking.”
So, choose a good password, and use it. Lock your mobile phone home screen and….
[to be continued]