I have hacked your system and I have all your information. I'm looking at your SSN, address, credit card numbers, and all other personal data. I'm laughing at that picture of you at what looks like a company party. Your system was just too easy to hack. Why did you allow me into your system? Did you not assess your data and realize that you had very personal and confidential data on your system? Of course, the preceding sentences are not true. I am just trying to get your attention. Did I? Good! Let's proceed.
I bet the majority of you reading this blog have some very important information and data stored on your computers. In fact, there is probably some very confidential data there as well. You don't want that data stolen do you? What you need to do is a Risk Identification. This is where you go through all your data stored on your computer and prioritize them based on their importance to you. Thing is, it is very tedious due to all the data on your computer, but it is absolutely necessary to help you identify any weaknesses with that data and the threats that are present that threaten that data (Whitman & Mattord, 2010).
First, look at all your data that is located on your computer. Don't start prioritizing the list, just jot down the data. You should have information jotted down such as your files, pictures, personal information among many other things. Now, look at the list and start classifying that data as either confidential (pretty much for your eyes only), sensitive (could harm you if the wrong person gets a hold of it but not quite confidential), and public (everyone can view this data). You should now have two columns with your data along with its classification. The last column you should make is the impact that data has on you. It can be critical (will harm you if in the wrong hands), high (potential to harm you still very high in the wrong hands), medium (not too harmful, but watch who you give it to), and low (shouldn't hurt you if put in anyone's hands). Examples follow:
Picture at company party - Sensitive - Medium
SSN - Confidential - Critical
I'm hoping that if you have your SSN on your computer you are treating it as a confidential and critical piece of information because if you are not, you are in for a rude awakening if you are hacked.
Now that you have an understanding of what you need to do, take the steps to help secure it. Go out and buy a security software that includes a firewall and anti-virus tool. Most of these tools will also come with an intrusion detection service; use it! If you are using a standard Microsoft office tool to save the data, use the encryption tool option within the save as method to help encrypt your data. Of course, there are other means of securing your data and this is a little tip. This blog was meant to give you the basics of assessing risks. Remember, a hacker can get into your system and gain all this information. Assess the data and the risks and help secure them.
References:
Whitman, M. & Mattord, H. (2010). Management of Information Security. Boston, MA: Course Technology, Cengage Learning.
No comments:
Post a Comment