Securing your creative agency data (PC and Mac)

Security is always important whether you keep the information on your home / work  desktop, or laptop. We all “talk the talk”, and mention how important it is, but do we do enough to actually reduce security threats ? Or more importantly, DO YOU do enough to reduce security threats to your own data ?

Historically, your main concern was simply to make sure you do not get anyone accessing your computer with a virus, a computer worm, or simply stealing your computer from your office or home. As we move to a portable world (lets face it, everyone is buying a laptop these days), we add more risk to the above list. You can simply forget your laptop somewhere (on the bus / train, at a restaurant etc), or someone can walk by you on the street, and snatch the carrying case off your shoulder.

There are multiple ways to improve the security of your environment:

1) Create a hard to guess login password to your computer

Your login credentials have to be complex enough for a third party not to be able to guess, but should also be simple enough for you to remember and not pull your hair out whenever you login to your computer. Most people find this balance too hard to manage, so they invent “great” passwords such as “qwertyuiop”, their own names replacing o’s and i’s with 0’s (zeros) and 1’s (al0n sab1), or simply go with the “1234567890”.

Guess what ? this is not a long term strategy to keep your personal information safe.

For passwords that I need to actually remember, I use words that are  meaningful to me and construct them into a sentence that makes sense (to me), for example a character from a book I have read 15 years ago, together with a set on numbers that I create a geometrical shape on the keyboard (1-9-3-7 for an X) plus a few random characters that I know that I can remember.

Make sure to have characters, symbols and numbers as part of your password, and make it into a sentence, so it is nice, long and most importantly that you can easily remember.

2) Manage your online service credentials (online banking for example)

Most people just give up on making good passwords or even different passwords for their online services because we all have between 10 and 50 online services we subscribed to over the years (I have 180, but I am crazy).

Remember that using the same password across all of your online services is not a long term recipe for success. Online services get hacked on a daily basis. If you used the same password with multiple service providers, and someone gains access to your account on one, they can (and will) try to use the same credentials to other services.

I use 1password to take care of this problem for me. It is a product that works on Mac and Windows, as well as IOS and android devices (all harmoniously syncing)

You can read more about it in this blog post that I wrote at the beginning of the year:

http://www.functionpoint.com/blog/bid/93835/Mac-Apps-Soup-My-favorite-Apps-for-use-on-my-Mac-at-Function-Point

3) Encrypt the file system on your computer.

There are multiple levels of file system encryption, you can encrypt your whole home directory (for example using file vault on the mac), or you can encrypt areas of you file system on a case by case basis (or both).

I chose to do both in my environment. As a Mac user, I use file vault to encrypt my home folders, but I also encrypt super sensitive data using another application. You probably ask yourself why ?

The answer is simple. If someone figures out my mac credentials, they gain access to my whole drive, including the encrypted portion, so using a separate process to encrypt other sensitive information using a different mechanism with a separate (*** DIFFERENT ***) password makes sense.

If you use a Windows / Linux  operating system (works on Mac too), you can use Truecrypt ( http://www.truecrypt.org/) to encrypt an area of your drive / a usb drive. If you do end up using it, be nice and donate to that person, it is an amazing product, open source).

The beauty is Truecrypt is that it is portable (between operating systems). The downside  is that the size of the encrypted drive needs to be predetermined.

If you use a Mac, you can use knox (https://agilebits.com/knox), which happens to be developed by the same guys that did 1Password.

Knox has the advantage of expanding and contracting as you need it, the disadvantage, is that it is not portable (works only on Mac based OS).

Summary

We all like to think that we are safe. The important fact to remember, is that security does not happen by itself (like the old indian phrase states – “Rocks don’t fall by themselves”). A secured system is only as secure as its weakest link. If you have a simple password that anyone can guess, you might as well not have a password at all (all you do it spend time typing it every time).

Make yourself a nice long password that you can remember for the things that cannot be automated (like login credentials to your computer), and use applications that make your life easier for everything else.