Follow Devon Linkedin Twitter Facebook
Email Devon Email
Technology
Feb 15, 2016

Data Security For The Non-Geek

Sponsored Content provided by Devon Scott - Founder, Solutions Engineer, Blue Fission Enterprise Technology

My specialty is developing application systems for human wellness and business performance. As one can imagine, this involves monitoring and working with particularly sensitive data. Business activities and an individual’s health stats are considered among the most private breeds of data, and a compromise can mean not only losing your clients’ confidence, but also making vulnerable data available to malicious third parties. With this in mind, what is one expected to do about the delicate matter of privacy, and how should he approach it?
 
Good security is mostly good policy. Even a bad thief knows to check under the welcome mat for a spare key. That being said, most of your attacks come in through the front door, so to speak. Here are some general considerations for the non-geek when handling security.
 
In Business
 
Your office security can be locked down completely, but if an employee uses the same password for his Facebook account as he does to log in to your billing software, your business doesn’t need to be breached for someone to get credentials to your finances. A good password policy and auditing plan can help, and it’s best to have someone in charge of this effort. Keep it scheduled and enforce your policy, or implement two-step authentication.
 
If your business runs under a Bring Your Own Device (BYOD) structure, creating a strategy can be a real pain, but even a simple plan can help avoid huge threats. Catalog each device that an employee may bring that connects to your network. That means phones, tablets, laptops and even USB sticks. This will give you a real idea of what threats you might be bringing to your network from the outside and will let you know what type of BYOD policies you need.
 
The Cloud
 
The cloud is generally more secure than your own data center. On one hand, you have the security of “owning” your systems when you have in-house technology, at least in a geographic sense.
 
However that means all responsibility for those systems falls on you. A reliable third-party cloud company dedicated only to the storage, management and encryption of your systems and data will be dedicated to managing the infrastructure while you manage your business.
 
Of course that doesn’t mean that the cloud provides perfect security. Always read the fine print to figure out how your cloud provider encrypts and protects your data. If there is a blank spot on any of this in your provider’s terms, you should worry a little.
 
IoT
 
I know I said this would be non-geek, but IoT (Internet of Things) is now a mainstream concern. Every device you own that shares data without you necessarily interacting directly with it is essentially an IoT device. This includes FitBits, Google Nest, Iris, automatic pet feeders, front door cams, and a host of sensory devices. While you willingly allow these devices to monitor and spy on you, there are many cases where a third party can be listening in.
 
To start with, any time a device offers a chance for you to change its default admin username and password, do it. This applies to everything from routers plugged directly into the network to drones. Especially with popular devices, an attacker can gain remote access by identifying its signature to become a man-in-the-middle, listening to your communications. Often the only way to access these devices is through a Web or mobile application that is still communicating through WiFi or cellular signals. This means that for unencrypted channels, anyone on the network can “listen in” to what you’re communicating. At that point, you are whispering in a crowed but quiet room. When dealing with any new IoT device, make sure the vendor has protected its communication with a secure SSH key and an encrypted Web connection.
 
The Rest of Us
 
Keep your antivirus updated. The nature of business now means you will be collecting and sharing information just to keep operations going, and you shouldn’t trust yourself to be safely discretionary of everything that comes through your email. Your antivirus won’t catch everything, but it will stop more threats than having nothing in place.
 
In Short …
 
While developers and device providers like my colleagues and me work hard to create software and tools that take your data privacy into consideration, there are thousands of devices that I can’t account for. Personal privacy also is your responsibility as a consumer, so keeping savvy about vulnerabilities and using basic conventional wisdom should be on your list, at the very least. 
 
Devon Scott is founder and CEO of Blue Fission, LLC, a tech consultancy in Wilmington, N.C. Blue Fission focuses on strategizing digital technology decisions for startups and particularly enjoys working with health and wellness industries. To learn more about Blue Fission LLC, go to http://bluefission.com or call (910) 644-0977.

Blue fission 16jan blk
Ico insights

INSIGHTS

SPONSORS' CONTENT
Bankofamericaderekcohen 122316122315

Bringing Manufacturing Back To The U.S.

Derek Cohen - Bank of America Merrill Lynch
Stoyc 3 300x300

FHA Keeps Pace with Appreciation of Housing Market

Patrick Stoy - Market Consulting Mortgage
Adamshay 300x300

Leadership Lessons From The Battleship

Adam Shay - Adam Shay CPA, PLLC

Trending News

Organic Grocer Earth Fare Coming To Wilmington

Cece Nunn - Jan 19, 2018

Business Community Remembers Beth Quinn, Co-founder Of She Rocks

Christina Haley O'Neal - Jan 17, 2018

Piano Bar And Lounge To Fill Aubriana's Downtown Spot

Cece Nunn - Jan 17, 2018

Six New Tenants Lease Space At Waterford Business Center

Cece Nunn - Jan 17, 2018

Made Mole Brewing Coming To Oleander Drive This Spring

Jessica Maurer - Jan 17, 2018

In The Current Issue

MyBeeHyve Focuses On MLMs

Various network marketing companies – such as Avon, Thirty-One, Rodan + Fields and Mary Kay – attract a number of would-be entrepreneurs, es...


Growth Spurt

More than 15 years ago, experts predicted that explosive growth would come sooner rather than later to Brunswick County. Although the Great...


MADE: Making Inroads In A Medical Market

MADE in the Cape Fear: spotlighting goods manufactured in Southeastern North Carolina. Leland-based Lucid Innovative Technologies makes medi...

Book On Business

The 2017 WilmingtonBiz: Book on Business is an annual publication showcasing the Wilmington region as a center of business.

Order Your Copy Today!


Galleries

Videos

WilmingtonBiz Expo - Keynote Lunch with John Gizdic, CEO, New Hanover Regional Medical Center
Wilmington's Most Intriguing People of 2017
2017 Health Care Heroes