Computers and information technology (IT) have drastically transformed the way we live our lives. We use computers to shop, to communicate, to bank, to teach, to work, to read, to research, and everything in between. Despite making our day-to-day experiences and tasks easier, computers have also introduced new challenges, such as security and privacy.
To acknowledge the importance of computer security, Computer Security Day was first introduced and celebrated in 1998. While we’ve experienced the colossal advancement of computers and IT since 1988, some aspects concerning security and privacy of the computing world remain the same.
Today, computers are still used to perform primary tasks, such as creating documents, processing numbers, and hosting data. We also use our computers to access other computers where even more data lives – such as Facebook, Instagram, and Twitter. Generally, we like to protect our data and control who can and can’t access it. We also interact with other users via computing systems, and we also like to ensure our interactions are protected and no one else can initiate interactions in our digital homes.
Protecting the data that we store on our private computers is relatively straight forward in today’s digital landscape. Most modern operating systems can enforce a login and possess a built-in firewall to block inbound connections by default. Many users connect to the outside world using a broadband technology, and most of these technologies have a modem with a fundamental firewall that also blocks inbound connections. Barring an invasive malware or other type of attack that can bypass these measures and allow an external threat to access our computers, our local data can remain relatively safe.
It’s critical to note that interacting with external systems is when users are truly vulnerable. When we interact with outside systems, we are relying on their security measures and the ability to protect our data is now out of our hands. A system, no matter where it is, is only as safe as you make it.
With external systems, the only thing we can control is the password that we use to access it. My best advice is to assume that every site will eventually be breached. The absolute worst thing anyone can ever do is use the same password for multiple sites; if one of those sites is breached, the hackers could potentially gain access to all the other sites you visited, such as your personal banking.
The solution is to use strong and unique passwords for every site. If you have a hard time remembering all those different passwords, I suggest using a password manager. When using a password manager, you only need to remember one password and the tool does the rest.
The second part of the password battle is maintenance. The National Institute of Standards and Technology (NIST) has recently changed their stance on the frequency of password updating. The previous recommendation was for people to change their passwords every 30, 60, or 90 days. This frequency was problematic because as humans, we often opt for the easiest route.
For example, when people knew they had to change their passwords at higher frequencies, they chose easier passwords or would only slightly change the password. I personally see greater benefit in someone choosing a 16+ character, multi-word phrase that’s significant to them and keeping it – unless of course you know that a specific site has been breached.
With our propensity for propagating data here, there and everywhere, Computer Security Day is an important reminder that our digital security should not be overlooked. We all should be taking the appropriate measures to protect and educate ourselves on computer security.
Enjoy Computer Security Day, and safe computing to all.