3 “P” of Personal Information Security

Most of you might hear about information security. It is quite an important field today, when almost all companies and state governments have their data stored and processed by computers. One could think that it is manageable only by cool IT guys called CISO (chief information security officer) or security engineers and it is very complicated, requiring a lot of experience and knowledge from the participant. Yes, for large companies with complicated infrastructure it is. But what can you do to keep your personal information secure? How to understand all these points like threats, protection and etc.?

It's OK, you don’t need to be a wise expert to make yourself safer in modern digital world. Just follow a so called 3 “P” rule.

1^st “P” – patching. Using laptop, desktop or smartphone one could sometimes see notifications like “Update is available”. Most people just close it or don’t pay attention to. But this is actually important, as together with new features or interface improvements, software developers close known security breaches. Once a breach is discovered, it is started to be used by bad guys for attacking the computers over internet. And the simplest way to protect yourself is to apply software updates on regular basis. Just assign some time for this process and shut the door for bad guys.

2^nd “P” – passwords. No doubt it’s convenient to have passwords you can easily remember, like your Mom’s birthday or so on. It’s also convenient to have one password for several services. Let’s say, for your Facebook page, email and computer login. But imagine that such a password gets leaked. In this case bad guys get potential access not only to some particular resource but to everything you have with such a password. 

Sometimes the attackers don’t even need to steal a password as open-source intelligence (OSINT) may be used. For example, your name is Sam and on your Facebook page you mentioned that you were born in 1990. Hm… Most probably, you might use password like Sam90, Sam1990 and etc. Such associative passwords are quite simple to guess and use while bad guys try to gain access to some system. But what can we do to prevent bad guys from their bad job? Make your passwords strong, have different password for everything and perform regular password change. Sam1990 mentioned above is a weak password. But making it like $@m_199o&! leads to quite a serious security enhancement. Simple rule: not less than 8 characters, small and capital letters, numbers and special characters. This will drive mad anyone who will try to guess such a password.

3^rd “P” – personal awareness. IT is the most dynamic branch of human business today. We are all inside of the Matrix – we have smartphones, computers, keep data in internet and so on. But there are also lots of bad guys who are eager to take control over your device or some service account and send malicious software on behalf of yours or steal your data and blackmail you – give us money or we will publish/destroy it, etc. New technologies appear but new threats also do. Once you are aware of that threats and the methods to overcome it, you are ready to fight and win! 

Where to take this information? Nowadays there is a great number of media, agencies and single experts specialized on information security. They have sites, social networks accounts, blogs. Just search a term “infosec” in your favorite social network and you will see a great plenty of accounts and users who write on this topic. They share their findings, experience and often provide a way to resist known threats. Subscribe and once you have a free minute and just sit scrolling news feed – you may make it not just funny but also useful.

So, now you are more powerful in this fast and complicated IT world. Got questions or need to discover the ways to make your business IT more secure? Contact Technopeak for audit and together we will make it better!