A Gentle Reminder about Security

[Editor’s note: We will publish a follow-up post tomorrow about the Heartbleed Bug, which has been making headlines this week. You can read this follow-up post here.]

There are a lot of benefits to doing much of our work online. Collaboration with far-away colleagues is easy, we can have ready access to our work no matter what device we’re using, and having our work backed up in the cloud can be reassuring.

But there’s danger as well, unfortunately. In just the past two months, at least four universities in the United States have been victims of data breaches: the University of Maryland, Indiana University, Johns Hopkins University, and the North Dakota University system. That’s more than a little frightening, and there isn’t always a lot we can do (at least, not directly) when others are responsible for keeping our data safe.

When we’re the ones responsible for securing our data, however, there are some steps we can take. We could take the William Adama approach and simply refuse to use networked computers. Period. Most of us aren’t likely to find that approach either realistic or attractive, of course, so we need to take reasonable precautions to make sure our data is protected.

Fortunately, there are some useful things that are fairly simple to do, if the data you’re working with needs to be secure. If it does, the following courses of action might be helpful:

• Consider using a “zero-knowledge” cloud service such as Spideroak for your most sensitive files.
• Encrypt your files before backing them up or syncing them via a cloud service.
• Use a password manager to create strong passwords that you don’t have to remember yourself (just be sure you don’t forget your master password!).
• Use two-factor authentication with any service that offers it.
• Be sure to secure your phone and/or tablet with a passcode.

What additional approaches to security would you recommend to other readers? Let us know in the comments.

[CC-licensed photo by Flickr user Uwe Hermann]