User Error Could Be The Core Of Network Security Problems
At some point, we just have to wonder why it all keeps going so wrong. After all the publicized vulnerabilities, security fixes, and updates in IE, Safari, Chrome, Firefox, and everything else that connects us to the World Wide Web, we are still just as vulnerable to attack. No matter what we do, we seem to be no better off than we were before the warnings and patches. At some point, we really have to start asking where the bottleneck is.
The sad truth about the way the world works can be summed up in these three cynical observations:
- Nothing will ever be so secure that someone can’t break it.
- Wherever there is something good, there will always be someone who wants to destroy it.
- Most of the time, the problem exists between the keyboard and the chair.
Blaming the Victim
If your house is robbed, is it ever right to say it was your fault? What if you left the door unlocked? How about if you left the doors and windows wide open? What if you also placed valuable objects in plain view of those open doors and windows? I am only trying to illustrate that victimization is not as clear cut as we like to think.
In a perfect world, we should be able to do just that in the middle of a heavily populated urban area, and still be perfectly safe from theft. But we do not live in a perfect world. And we all know it. In the same way that we know it is our responsibility to take care of our home security, we should also accept responsibility for our online security. In the same way we should keep our physical doors locked, we should keep our online doors locked as well.
Passwords: The Locks to Our Online Doors
Almost everything you do that touches the Internet has some kind of password attached. The reason the average adult has a ring full of keys is because they have multiple doors they need to open throughout the day. Every password is like a key to a specific door. The more doors you have to open, the more keys you need to have. Furthermore, the keys should be of high-quality, and very unique. As a keyring organizes keys, a password manager organizes passwords.
Password management software can be described as managing, “…all your website login IDs (user names and passwords) in one secure location, so you only need to remember one password.” This is what you should expect from any such software. Some companies differentiate by a low annual rate, cloud syncing across devices, and having cross-platform operation.
The whole point of the software is that you can stop using weak passwords like “password123”, and start using strong passwords that you don’t have to remember. You just have to remember one master password. The software remembers the rest. Weak passwords are equivalent to leaving the doors unlocked.
Open Ports of Call
There are 65,000 ports on your computer. They are network ports that you cannot see. But they are there, and are likely wide open to the bad guys and their malware. According to Bright Hub:
The best approach is to block all ports and allow only the few you really need. These few ports are 80, 443, 8080 (an alternative for http) and any other port your applications will need. For instance, if you are using FTP, then leave port 21 open.
They provide a nice primer on how to close and open ports. It all sounds terribly complicated. And it is, a little. But it can and should be learned. Leaving all the ports open on your computer is like leaving all the doors and windows open in your house. Learning about ports is worth the effort.
Stop Downloading Toolbars
The Ask toolbar is not your friend, nor any other toolbar downloaded from the web, or third-party programs. If a toolbar just shows up after installing some other program, you should think of it as a hack. Get rid of it right away.
Using weak passwords, leaving ports open unnecessarily, and downloading toolbars are the sorts of things that could have been forgiven ten years ago. Those days of innocence are past. The security of your online experience is your responsibility. Own it.