Business Perthshire Magazine Online
Google Search BPM
Search WWW
Online Directory
Home
About Us
Current Edition
Archives
Good Food Club
Business Links
Information Sources
Lifestyle Links
Events Diary
Community Support
Financial News
Advertising Data
Contact
Work With Us
Link to BPMo
Weather & Travel
BBC Weather - Perth
BBC Travel News - Tayside & Central
Supplements
Perthshire Homes - Current Edition
Charlie Taylor
Modern Office Magazine
Lifestyle
Curve
Venue
Focus Magazine
Health Business
3R
Ikon
Financial Review of Economic Development in Perthshire
Links
Craigclowan Preparatory School
McDiarmid Park
Dewars Centre
The Red House Hotel
Arran House Business Centre
Tullibardine Distillery

.comment

Passwords are the key

by Peter A Bell, Pragmatix Communication

As I write this the media is full of a furore over the loss by HM Revenue and Customs (HMRC) of a number of data disks containing personal details of millions of people. Following what appears to be the common pattern for such things, the original story has been swiftly followed by further "sensational" revelations concerning the cavalier manner in which bureaucrats treat what we like to think of as confidential information.

But is any of this so very surprising? Can you honestly claim to treat the potentially sensitive data that you hold with any more respect than has been shown by these civil servants?

If you can then you are probably the exception. In my experience people tend to treat stored data with the contempt that is bred of familiarity. Advances in technology mean that data storage capacity is now massive and cheap. A couple of disks costing pennies and small enough to slip into your pocket can, as in the case referred to, hold information on half the population of the country. The very ubiquity of such disks means that, human nature being what it is, there is all too often a disconnect between the trivial cost of the storage medium and the potentially incalculable value of the data stored thereon.

Always one to look for the silver lining in any cloud, I dare to hope that the HMRC incident will induce people to take a long, hard look at their own security procedures - both in their personal lives and in relation to their business. Obviously, this is far too big a topic to cover in any depth here. Businesses should look to the published information security standards in ISO 27002 for advice on best practice (www.itgovernance.co.uk/standards.aspx). As there is a charge for this publication smaller businesses may find the Information Security Forum helpful (www.isfsecuritystandard.com).

But there is one aspect of data security relevant to both personal and business practice which we can look at in more detail. Passwords!

Passwords are the most familiar (and frequently the only) form of defense against intrusion. But they may not be as secure as you imagine. In the compromise between security and memorability it is invariably the former which loses out. And there are plenty of people out there ready to take advantage of the resulting vulnerabilities. So here are a few tips to help make your passwords more secure.

Always use a unique password. Don't use the same password for various different purposes.

Keep it to yourself. Don't share your password with anyone. Don't write it down. Get yourself a Password Manager such as the free KeePass (www.keepass.info) and use it to generate and store your passwords in encrypted form.

Make it obscure. Don't use personal information that may be available to others, e.g. names of children or pets. Don't use dictionary words - not even foreign ones.

Complicate things. Don't be tempted to KISS (Keep it Short and Simple). Use at least six characters, preferably nine. Use a mixture of letters (upper and lower case) and numbers.

Devise a mnemonic. Don't rely on your memory. If it is easy for you to remember, it is probably easy for someone else to crack. Instead of memorising the password, memorise the method used for creating it. This allows you to take a simple word such as "obscurity" and apply a rule such as changing certain letters to similar-looking numbers. The letter "O" becomes zero and "I" becomes one, for example. So "obscurity" could become "0b5curIty".

Make it even more secure by using a word and a number mixed together in a certain way. By adding the digits, "1234" to our password bracketing groups of three characters we get, "10b52cur3Ity4". Add the rule that vowels and "Y" are always capitalised and the result is, "10b52cUr3ItY4". As you contrive your own set of rules, it is extremely unlikely that anyone will be able to replicate them. And all you have to remember is "obscurity1234". Make this the master password for access to all your other passwords stored in your password manager and you have a degree of security sufficient for most purposes.

One last thing. Always keep a backup of your password manager's encrypted storage file. The main reason for this is obvious. But an additional benefit is that, using a portable password manager, i.e. on a USB drive, you can take your important passwords with you wherever you go.

Top
featured links
Miller Hendry Glenearn Flooring of Perth
Glen Abbot Ltd SCS Security Design
Bang & Olufsen Remote Data Services - The Satellite Communications Professionals
Castlecroft Double Loop Development
Links
Visit Perthshire
The Famous Grouse Experience
St John's Shopping Center - Late Night Shopping
Danscot
Symphony Hotels
Callum Walker Interiors
Perthshire Chamber of Commerce
Perth & Kinross Council Economic Development Unit
Perth College
Lorraine Law
Perthshire Businesswomen's Network
Perth City Centre Management
1Office Equipment
The Salutation Hotel
The Famous Bein Inn
Highland Adventure
Athole Design & Publishing Ltd

TOP

 Star Award

Website & content © Athole Design & Publishing Ltd - All rights reserved

Site visits 

 Counter

Last updated 08 January, 2008 17:38 by Pragmatix Communication | Sitemap

Page visits