The Internet can create serious issues for your organization, educate yourself to avoid danger
If you work with the Internet a lot, and that includes pretty much all of us at this point, understanding digital security is a crisis management must. There are endless examples of trouble sprouting from a lack of ‘net security, but most people are still not aware of the information shared in a recent Poynter article by Casey Frechette, “15 things journalists (and everyone) need to know about digital security.”
The whole list of a must-read, but here are a couple of the most important, and commonly misunderstood, points:
Most of the Internet is not, by default, secure.
Most of the protocols that make up the Internet — including HTTP (the Web), FTP (file transfers) and SMTP (email) — aren’t secure. That means data transmitted with these technologies are open for potentially anyone to see. This is, in one sense, what makes the Internet and the Web so great: open access to knowledge. But, in the case of personal or confidential information, openness does more harm than good.
The problem with online communication is the false sense of privacy we have when we, say, send an email to a friend or log in to a website. Though all we see is the end recipient with whom we’re communicating, our message is actually passing “in the clear” through any number of other computers before reaching its destination. In principle, anyone with access to those computers can monitor the communications that pass through them. We think we’re sending a sealed envelope, but we’re really mailing a postcard.
No password is more important than the one for your email.
Email is a skeleton key. Someone who gets unauthorized access to your email will be quickly able to access any number of other accounts. That’s because most sites allow for password resets by clicking email-based confirmation links.
Often, these confirmation-link emails can be generated by providing the email address itself, so a would-be intruder doesn’t even need to know your account usernames to reset your passwords. All of this adds up to the need to use strong passwords first and foremost on your email accounts.
Security breaches can happen in the moment, or months or even years later.
Digital communications, while fleeting on one hand, are also permanent. Once you publish something on the Web, it’s best to treat the communication as more or less indelible.
It’s true that messages come and go, never to be seen again, but much of what you put online is stored in one form or another. Even if the initial transmission isn’t compromised, you’re counting on whomever’s storing your information to take appropriate measures to protect it, especially when it comes to encryption.
Because it’s not likely we’ll suddenly pull a 180 and move away from using the Internet and digital communication in every aspect of our lives, understanding what the potential risks are, how to avoid them, is a crisis management must.
The BCM Blogging Team