by Art Piccio . September 4th, 2014
While I *hate* using the “World Wide Web” out of principle, it’s pretty much describes the whole thing. It covers the whole planet, is much wider than anyone can possibly fathom, and is incredibly sticky – if not outright frothy.
Mental imagery aside, internet security is no joke. The iCloud breach has demonstrated all our greatest fears about private data becoming public. Even more than recent credit and debit card data breaches recently suffered by Home Depot and Supervalu.
Going back to the celeb data leak, Apple unconvincingly maintains its systems were functioning as intended and that it wasn’t responsible for the incident, the fact of whether the breach was nothing but an updated con, a “brute force attack ” or the result of a hole in the system pretty moot at this point.
You could probably rest a bit easy though. You probably aren’t as famous as some of the names mentioned in the breach, which makes it less likely you or your business will be specifically targeted.
There is always a risk that your data can fall into the wrong hands. This is regardless of how many precautions you take. Then again, we’re always at risk of meeting an accident when you drive, or that next Quarter Pounder resulting in your untimely stroke.
Let’s get this out of the way:
This applies not just to data security, but darn near every single little step of your entrepreneurial journey. The key is to reduce risks, while maintaining a reasonable expectation of functionality.
This is why we can’t necessarily blame anyone who’s lost their data in the iCloud breach. There was totally a reasonable expectation that the system was secure enough to have prevented this incident, and that anyone who used it understand that any data out of their hands is literally just that.
Perhaps one should consider security and privacy issues differently if they’re famous. While probably unfair, no one even seems to care as much about the identities of the men who had their data leaked in the same breach, or the non-celebs who probably got victimized as well, just because they happened to look similar to someone famous. This only underscores that if there is a huge demand, there will always be people who will try to fill it.
The key is to use cloud features in a way that reduces the inherent risk.
Secure from what? If you’re really into worrying, well data thieves aren’t the only thing to think about. Your building could burn down, or your hard drives or servers could fail. You could get caught in an earthquake or a tsunami.
Plus, data isn’t the only found in computers. The moment you convey an idea, whether on paper or voice, you are sending out analog data that could be converted digitally and perhaps sent over the internet.
You get the idea. It’s highly impractical to insist on a totally secure system, especially if your business does not necessarily demand it. E
Of course, let’s assume you’re just concerned with human threats to your data. All you could really do is transfer your data to a computer or storage device that isn’t connected to the internet. You could also disable USB ports on that device to prevent easy access by unauthorized users physically present in the room.
Various methods can be used to gain access through a window. Attackers can case your joint for one. They may also be able to derive important data from what they see. If the window’s covered with glass, they may use lasers to detect vibrations on the glass caused by the sounds in the room – such as a conversation.
It has been suggested that Osama Bin Laden was discovered with this technology, as it allowed the CIA to determine a person who was not visually ID’d outside the compound existed.
2.) Disable all microphones.
Researchers have demonstrated different keys make different sounds — making it possible to fairly accurately detect what someone is typing.
3.) Never allow devices with gyroscopes near your “secure” computer.
Gyroscopes/accelerometers can act like a mic, detecting sound vibrations from the room.
4.) Disable speakers in all designated “secure” devices.
Computers can have their speakers hijacked, say via an unsecured USB. The speakers can then transmit sounds beyond the range of human hearing, relaying instructions to a computer with a mic, or a mobile device that is connected to the internet.
Far from it. However, we should be realistic about the threats we face and how we react to them, not give in to media hype. Threats can sometimes be very real, but totally avoiding them is often a fool’s errand. The only thing preventing millions of head on collisions in highways all over the world is often just a strip of paint. There are drunk drivers and many other potentially lethal obstacles, but most of us travel on these roads, usually every day.
Data breaches are little different. Always remember the goal is risk reduction – not risk elimination. Apply this approach to everything else you do, and you should get far.
Image credits: Lamerie via photopin ccDBduo Photography via photopin cc ardenswayoflife via photopin cc Marshall Astor – Food Fetishist via photopin cc GabboT via photopin cc FutUndBeidl via photopin cc
Arthur Piccio manages YouTheEntrepreneur and has managed content for major players in the online printing industry. He was previously BizSugar's contributor of the week. His work has appeared multiple times on The New York Times' You're the Boss Small Business Blog. He enjoys guitar maintenance and reading up on history and psychology in his spare time.