Tuesday, 30 October 2012

Defense against Cybercrime Can Start From Yourself

Keeping yourself abreast of the latest news on online threat and security, and on ways how to address and combat them accordingly surely are of great help to keep you from the peril of many cybercrimes and attacks. What most people sometimes forget is that just like website owners and law makers, they themselves also have a huge role on protecting their security and privacy online.

Many people blame the lame and unsophisticated infrastructure of institutions and organizations for successful instances of phishing and malware distribution attacks. Consciously or unconsciously, most people always see the fault as beyond their control and responsibility. While this is partly true, the consumers’ uninfluenced and independent decisions to sign up, agree to the terms and conditions, and use the organizations’ services are enough to speak of their shared responsibility on the data protection and security.

Even before the digital signatures were introduced, and even before the shift from physical to digital was made, passwords have been, and are continuously being the primary defense of people again unwanted prying and compromise of data, especially private and confidential ones.

A recent study showed revealed the top 25 worst passwords of 2012 and they are as follows:
1. password (Unchanged)
2. 123456 (Unchanged)
3. 12345678 (Unchanged)
4. abc123 (Up 1)
5. qwerty (Down 1)
6. monkey (Unchanged)
7. letmein (Up 1)
8. dragon (Up 2)
9. 111111 (Up 3)
10. baseball (Up 1)
11. iloveyou (Up 2)
12. trustno1 (Down 3)
13. 1234567 (Down 6)
14. sunshine (Up 1)
15. master (Down 1)
16. 123123 (Up 4)
17. welcome (New)
18. shadow (Up 1)
19. ashley (Down 3)
20. football (Up 5)
21. jesus (New)
22. michael (Up 2)
23. ninja (New)
24. mustang (New)
25. password1 (New)

As passwords become the primary gate keepers to your account, make them as hard as possible to decrypt. While it is good to know and be assured that your bank or service provider had pledged to keep your data secured, it is also good to know that you are doing your part in making this possible.

There are a number of best practices available over the internet with suggestions for coming up with the best passwords ever. Some of these are as follow:
  1. Use at least 8 – 10 character-long alpha numeric combination for your passwords.
  2. Refrain from using your birthdate as your password as this is going to be easy to track and decrypt should someone want to expose your account.
  3. As much as possible, do not create a password which is just from the characters of one single row on the keyboard.
  4. Avoid using the same password and username combination for multiple accounts.
  5. While it is important that your password be difficult to know, make sure that it will not be very hard to remember that you still need to write it on a piece of paper or put it as a note on your desktop as this will only defeat the purpose of having a hard to guess password.

When passwords are not enough
With the complexity of today’s technological processes, passwords may only be good at keeping your records safe until the witty hackers found the right combination of characters to open and expose your account. As there are increasingly more and more tools to be used in decrypting account passwords, if users become laxed with their passwords, it will not be long before they experience data breaches.

It may sound cliché but it is true, prevention is always better than cure. One of the best practices today to ensure security in the online world is to take advantage of the freedom to generate the hardest to decode password coupled with the security services from trusted Certification Authorities.

Choosing the right and strong passwords for your account is wise, but having even the basic know-how to identify websites which enforce the right security protocols is wiser. Just a word of caution though, nowadays, there are a number of website with SSL certificates installed but then the issuing body is not a trusted one. Be sure to check the Certification Authority which issued the certificate and verify its credentials.
GlobalSign has been one of the world’s largest and most trusted Certification Authorities delivering trust services and products to people, organizations, and documents for 16 years. It offers a wide range of Digital IDs which can be used in many different ways. SSL certificates which may be Domain Validated, Organization Validated, and Extended Validation, are used to secure websites through a 2048 bit future proof encryption. SSL activates the yellow padlock, turns the browser address bar green, and protects web users’ sensitive information as it moves between the browser and the server.

The Digital IDs from GlobalSign goes beyond the websites, they may also be used to secure emails, documents, and applications. Through the two factor authentication, GlobalSign’s Document Sign, PDF Sign, and Code Signing proves the authorship and keeps the integrity and authenticity of signed files.

Contact us today and discuss with our security specialist your needs. Send us an inquiry at sales-apac@globalsign.com.