If thoughts about keeping your devices secure from hackers and malware gets you on edge to the point where you don't like to think about it, ignore the problem, and know that by avoiding solving the problem you are creating a worse problem, try this:
Free Cyber Security Course for Beginners from Heimdal Security
I'm into day 10 and so far, the course is great! It's sent to you daily for 21 days. It offers great advice and guidance for keeping your computer and devices secure - and it includes guidance for backups in case someone does take your device (and use the passwords and information on it).
I've been learning a bunch and am getting a refresher into what makes a secure system.
They present insights into how hackers do their thing - what they look for, how they think and what they do. It's great knowledge to have, especially at a time when pretty much any device that is connected to the Internet can be hackable (this is why the Internet of Things movement is so scary to many technologists - there are a number of devices out there that don't have any security support and are based on older technology that has many weaknesses to exploit. The healthcare industry is most at risk for this.).
But Security Still Has a User Component...
The biggest challenge I keep seeing with security is validating someone's identity online. This is difficult not just online - but offline - and I'm not sure will be resolved any time soon. Here's a longer piece where I discuss identity indepth.
We can't even validate someone's identity today offline today when we travel (ID cards don't count. They are really nothing more than a key or combination for a lock). There really isn't a model we can use, except:
- Biometrics, which comes with its own risks (who owns that data)
- Voice, which needs work
- Gestures, which also needs a lot of work
- (And maybe more - technology is getting more intriguing every day!)
Maintaining passwords for security is where security truly collapses and has one of the biggest holes. Hackers look for weaknesses - either in the code of a site itself or through access. Randomizers help with breaking into accounts - so the more complex a password, the safer you account is assumed to be. However, we are still depending on users to provide this.
Good security is based on someone having different passwords for different systems, but most of us can barely keep track of a single password, nevermind a different password per system. In come the stickies on the computer or a notebook of passwords.
These passwords may be secure online, but not secure if you happen to lose that piece of paper.
Given the number of devices we have today, the number of apps we use, and types of accounts we have, this practice can be overwhelming.
From a UX perspective, there has to be a better way.
We keep coming back to establishing identity online. Once we do that, many of these security issues will be resolved and based on software rather than the concept of a key - which has been a flawed security approach since it's first use.
But until then, prioritize security over usability (a good security UX in this case is keeping your info secure at all costs. The technology needs to get there).
Keep a complex password in mind for your systems that uses letters, numbers, and special characters, use virus protection.
Oh yeah, and take that course! It's awesome!
You can follow this conversation by subscribing to the comment feed for this post.