With the recent Adobe security breach we should all be reminded how vulnerable our data really is in the hands of hundreds, sometimes thousands of data providers and online businesses. We are relying on others to keep our information safe and out of the hands of these bad guys. Going back 20 years, would you ever have thought to trust so much personal information to so many? Not me. It has almost become 2nd nature for us to hand over personal info without a thought. It is a little scary to think how complacent we have become with not only our own personal information, but also our employer’s and client’s information.
I have the pleasure of being in great communities of investigators and security professionals, who for the most part will give you free advice that for many is invaluable. Most professional groups have some type of Listserve or online group through which they communicate. But, being a member of a Listserve can come at a price. Listserves are a convenient way for malware to be spread to thousands of people via one single email address. When one person is complacent and allows their email account to be hacked, it puts many of us at risk. Not to mention yours and your client’s data. What should be done?
There is something called Multi-Factor or Two-step authentication that has been around for years, but has just in the recent few become mainstream and widely available. Multi-factor authentication provides a second layer of security to online accounts in addition to your standard password. This 2nd layer could be a hardware device like Yubikey, or a 4 digit code that is sent to your cell phone. I use both. Multi-factor authentication is now available through most major online service providers such as; Google, Yahoo, MSN, Facebook, Twitter, PayPal, etc.
My question is…why not? It’s very much like your bank asking you for your telephone password in addition to your name or locking the deadbolt on your front door in addition to the handle lock. These two things have become acceptable to us, and so will securing your online accounts. We just need to place the same importance on those accounts as we do our homes and finances.
This Gizmodo article does a good job at getting you started: How to Enable Two-Factor Authentication on All Your Accounts
Stay safe and keep following those virtual breadcrumbs. ~ The Hi-Tech P.I.