I am curious as to how others view the current obsession with computer security. I understand that business has to protect their intellectual assets from theft, but as an individual I don’t feel particularly vulnerable. I’ve used personal computers since the 80’s without any loss from theft. Perhaps it’s because I haven’t used software that most of the rest of the world uses, or keep my data in predetermined locations. Any opinions on this issue?
I too do not feel the need to lock my door. I mean, no one is targeting my stuff specifically.
I too have had no thefts - to my knowledge - and only one very minor loss, caused by a minor malfunction of a device, in 43 years of using computers BUT
a small amount of personal data was stolen from an organisation to which I had password access - the organisation advised users who had used the same password for their organisation and for others to change their password - I had used a unique password;
some people hold data on their home computers related to an organisation for which they work; in the EU they are required to take measures to avoid any loss of or illicit access to that data.
You might not be specifically targeted, but the criminals are always out there hunting. You never know when you could be randomly selected, and what damage could be done using seemingly innocent information that is found.
You only need to be hit once by one of the worst scenarios.
Some examples:
https://www.rcmp-grc.gc.ca/en/cybercrime-an-overview-incidents-and-issues-Canada
I have seen cases of this:
This is typically done by illegally using the victim’s personal information to open new financial accounts, use existing financial accounts, or do some combination of the two.
In one case, someone used gleaned information to purchase a house in the southern U.S. with a mortgage in an unsuspecting person’s name, then flipped that house and ran with the cash. This left the victim held responsible for the mortgage, wreaking devastating havoc on the victim’s financial state. Last I heard, the victim was still struggling to get it straightened out and recover from the damage after a decade or two.
1 Like
I was employed by a computer manufacturer between 1979 and 1988 – computer security included avoiding that, a sales manager could walk into the main computer room and walk out with a reel of magnetic-tape containing the customer database – just before he left the company to work elsewhere …
Computer security on the customer side included turning a key – physical – like a door key – on the machine’s console to allow support staff to dial-in and access the customer’s machine for maintenance and trouble-shooting.
Physical security was having the underside of your car being inspected for a possible bomb before being allowed to drive onto the customer’s site – at that point in time, there were not infrequent bomb attacks in the London area …
And then, the Internet arrived …
These days I’m fairly happy with an ISP who blocks all external attempts to access my DSL Router plus, having a DSL Router which only allows external access via a service provided by the Router’s manufacturer.
The rest is basic IP knowledge such as, having a LAN with private addresses and knowing that, those addresses are not accessible from the Internet.
If I need a Server on the Internet, I purchase space on a Server owned by my ISP …
Security within the LAN itself –
- Only allow known MAC addresses to connect to the Router.
- Provide Guest access on your WLAN for house guests staying overnight – deny access to the devices on your LAN – they usually never notice because they usually have no need to print anything …
- Make sure that, all devices on the LAN have the default (factory) administration login user and password disabled or, at least that the default password has been changed …
- Make sure that, the family’s machines are all up to date and, if Microsoft then, that a usable Anti-Virus application is installed and running …
1 Like
In addition to what already has been written I can add: perhaps you as a private person have not been targeted, but a lot of the discussion on internet security goes for entities, organizations. In particular, if you live in a country with a high degree of digitalisation you may do a lot of your interactions with local or national government, like tax returns or booking a time for passport renewal, etc, via internet. Everything that requires sending/receiving credentials or any other sensitive information is subject to theft or any kind of targeting by cybercriminals.