Skip to main content

Some tips on data security

I am putting together some tips on data security.  This is not the most air tight security setup, but it is good enough to protect against basic security threat and they are relatively simple to set up.

Photo credit: Pixabay


Strong Password
Will not elaborate on this as there are plenty of articles out there on this.   My rule of thumbs is that the password is at least eight characters, with combination of alphabet, number, and special character.  I also suggest not to use the same password for all logins.  Example, don't use the same password for your Hotmail account, Skype and company online system, so that they don't all get compromised just because one does.

Google Apps (Google Suite)
We run a lot of our software in SaaS (Software as a Service) and most of them integrate with Google Apps authentication for single sign-on.  This would mean if someone gain access to my Google Apps login, he will gain access to a lot of my company data.  I enabled "2-step verification" on my Google Apps account and I installed a Google Authenticator on my BlackBerry.  What happen now is that whenever I login to Google Apps with a new device, it will require my password and also a 6-digit PIN generated by Google Authenticator.  I can choose to save it on the device for 30 days (and I will have to re-enter the PIN after that).  Since the PIN is time sensitive, you need to make sure the timezone setting on your phone and Google Apps is the same, and more importantly the time cannot be off for too much (this was the first issue I encountered when setting this up).  Another challenge would be to set up all the applications that integrated with Google Apps, like you Calendar, Address Book, E-mail apps, on iPhone, iPad, Blackberry, even Google Chrome Sync, since your password is no longer the real password without the PIN.  You will need to manage all these passwords here, you can generate a different password for different apps (it is recommended to do so instead of using one password for all apps in case you need to revoke the access of one particular apps).  So far, I will just need to generate once for every apps, the only time I need to re-generate one is when I reinstall my device OS or wiping out the configuration.  Good thing about this is that now I can login to my Google Apps account on a public computer (like in a cyber cafe, hotel's computer, airport computer, etc) if I really need to, I just need to make sure that I don't check Remember this computer for 30 days  when entering the PIN generated by my mobile phone and also to log out when I'm done.

MacBook Pro
First thing I did was to set myself to run as "Standard User" under System Preferences > Users & Group. This setting will prompt for admin credential whenever I change any settings under System Preferences that is locked or whenever I want to install an app.  Besides that, here are some of the security settings under System Preferences > Security & Privacy that was not turned on by default:

  • Under General, set Require password immediately after sleep or screen saver begins.  Make it a practice that when you are away from the device (for a toilet or water break), click Control-Shift-Eject to send the display to sleep and hence locking it immediately.
  • Turn on FileVault and save the recovery key.  This will encrypt the hardrive and make it inaccessible without proper login credentials.  It will prevent non-authorizer from accessing the data inside the hardrive using external disk reader tools without the recovery key.
  • Turn on Firewall and check Automatically allow signed software to receive incoming connections.  Generally, firewall is good to have and I don't see this firewall creating much problems during day-to-day usage.
Other Devices
Since I'm using Blackberry and iPad to access some of the systems, I also make sure that the device is password protected and auto locking time is set to minimal.

Comments

Popular posts

Is AsiaWorks a scam?

First of all, let me disclose that I have attended the training, I did my AsiaWorks Basic training back in 2012, then Advanced and Leadership Program (LP) in 2014.  All these three trainings were conducted under Asiaworks Training Sdn Bhd in Malaysia.  The reason I'm writing about this is because when I did a Google search on "AsiaWorks review", almost all results point to negative reviews.  Best yet, some of these reviews are from hearsay of the writer's friends, family members, colleagues, etc.  I will bring you through my journey based on my first-person experience. Photo is for illustration purpose only, not a real photo of the training.  Photo credit: Luis Quintero Cult and Secrecy Imagine someone told you Bruce Willis is dead before you even watched the movie "Sixth Sense" (sorry to those who have not watched "Sixth Sense").  This is the main reason why they want to keep the content of the course so secretive.  The course is

Malaysian woman searching for her son separated at birth

If you are a Malaysian male (of Chinese/Malay ethnicity) and were born on October 28, 1977 (plus minus a week), please read on. You may have been told by your parents that you were adopted at birth, or you may doubt that you were adopted, or you may even have started looking for your birth parents with no avail. Photo credit: Luciana Ferraz I have just got to know that a friend's mom has a son who she has given away at birth.  She was then a 19-year-old young lady and she wasn't sure what to do with the unexpected pregnancy.  She insisted on not aborting the baby and followed her mom's advice to give the baby away when the baby was delivered in a clinic in Petaling Jaya, Malaysia.  She didn't get to see the baby at all and the only information she had was that the couple who adopted the baby are Malaysians (of Chinese ethnicity) in their 40's back then.  Her mom has passed on now and she has limited information on where to look for her son. She is

Outsource vs. in-house

In my digital marketing company, we outsource a lot of the tasks in the office.  The following considerations are weighed before we decide outsourcing or hiring: Is this role a core competency of our business? If the answer is yes, we will hire if we have enough jobs to keep him/her busy.  If we don't have enough jobs yet, we will outsource until we can get enough jobs to hire one full-time. Photo credit: rawpixel.com Is there a career path and environment for this role to grow in our company? We would like all our team members to grow professionally and personally.  We may have enough jobs for a particular role to be more cost effective hiring in-house, but if we know that we can't provide the right environment for this person to grow, we will outsource the jobs. We outsource our accounting, payroll, systems administration and office boy (despatch) jobs.  There is pretty much no career path for an accountant, a systems administrator and an office