On December 12th, hackers were able to compromise and download the user names and passwords from a highly visible and respected blog media network. The account database itself was only for the login information to the commenting functions of these sites. In itself there was very little that could be exploited with the information. However, it called out the widespread practice of using poor quality passwords, and worse, using the same passwords on multiple sites.

The two most frequent and devastating errors and omissions made by computer users is 1. not backing up and 2. using poor quality passwords. Both of these present significant risks in day to day life but have an added risk when it comes to burglaries, theft, and loss.

First, take the odd burglary Marc Fisher wrote about this week in the Washington Post. Marc’s home was broken into and, among other items, the burgler took his son’s laptop. The burglar, illustrating a bizarre lack of discretion, actually posted a picture of himself to son’s Facebook account (the only insight here is don’t assume a burglar will do or not do something because it seems rational to you or me). Now not only does does the son not have a backup, he has lost data that is important to him, but burglar has access to his data and potentially his passwords.

The 5 steps in minimizing the damage if your computer is lost or stolen:

1. Make multiple backups. Follow the 3 - 2 - 1 approach which is three backups, in at least two different formats (e.g., DVD-ROM and Hard Drive), with at least on off-site copy.
2. Use complex passwords of at least 8 characters and preferably 12 characters. Mix numbers into the password characters. The Wall Street Journal article analyzed the Gawker leak and illustrates how poor many passwords are.



3. Use a different password for each site or at least the sites with sensitive data. Your email account can be a treasure trove of information since not only the archived emails are accessible but someone can “reset” the password on other sites often with only access to you email account. Some hackers setup sites the entice people to register only to get their email address and password knowing a significant percent of those passwords will work on the users primary email account.
4. Encrypt sensitive data. Microsoft Windows 7 has the BitLockers feature and Apple Mac OS X has FileVault.
5. Store your laptop (and all other valuables) serial number in a safe and accessible place (e.g., a Google Doc). One of the few ways electronics may be recovered is if you are able to provide your serial number to the police. They will register your stolen device in a database and if they thief tries to sell it at a pawn shop the police will be notified.

And the best defense is of course keeping it from being stolen in the first place. Don’t leave electronics or valuables visible from outside your home. If they can be seen through the window the chances of being stolen are much greater. Arm your alarm system for instant mode even when you are home in the middle of the day.

Backup Resources:

I use a Mac and backup locally with Apple Time Machine. This is a free application that comes in OS X.

Available for on-site and off-site backups on Mac, Windows, and Linux is CrashPlan. This is a very flexible free and paid application which give you multiple options for cost effective backups.

For off-site backups I use Mozy AND JungleDisk. Both offer large abouts of off-site storage (think 300GB of photos) for very reasonable costs.

Password Management Resources:

Having a different complex password is easier said than done. A management application which keeps track of passwords, generates secure passwords, and brings up the information when you need it is helpful. 1password.com and lastpass.com are feature-rich and effective. (CM84QPQQ3ER9)

• About Us
• Residential Alarm System
• Commercial Security
• Multi-Unit Properties
• Alarm Monitoring
• Access Control
• BLOG
• Media Resources