Online security: 'If you think that you're safe ... you're wrong.'

Reports of online hacking on a grand scale are an almost daily occurrence. From credit card data breaches at Target and Home Depot to the unauthorized access of female celebrities’ personal photos from password-protected cloud accounts, it seems like everything is fair game to sinister online forces.

The Internet has come a long way since its humble beginnings in ARPANET. The rise of the smartphone has connected every corner of the globe, which means there are now hundreds of millions of potential targets for hackers.

“If you think that you’re safe, that there’s nothing interesting about you and no one wants your information, you’re wrong,” security specialist Krista Trovato told a captivated audience at the recent Drupaldelphia convention in Center City.

Trovato’s presentation on security in the open-source publishing platform Drupal hit home for her attendees, many of whom are business owners or work for companies that count on them to keep websites secure. Her company, Peerless Design Inc, sells security services to such businesses.

“All users and organizations of all sizes are targeted by hackers,” Trovato said. “Hackers target different users and organizations for different reasons.”

Those reasons range from stealing classified files on government websites (Google Edward Snowden) to gaining epic bragging rights for stealing naked pictures of famous women.

Whatever the reason, it’s become clear that all corners of the Internet are vulnerable to breaches.

Behind the breakdown

One explanation for the recent wave of security breakdowns comes from the companies themselves.

In business, a lot of important decisions depend on budget and available resources. When those resources are limited year after year as the result of a slowly recovering economy, companies large and small are forced to make cost-cutting decisions with far-reaching consequences.

One of the biggest areas of contention is the amount of money a business invests in technology. Businesses should really be factoring in online security costs with the costs of computers, software, and hiring a contractor to build their website.

But replacing an office’s entire computer inventory is expensive and time-consuming, so companies use the same computers year after year, with outdated, unsupported operating systems that put their entire office and web presence at risk.

And if it’s a company that sells its products online, like Target or Home Depot, that risk trickles down to their customers.

According to Krista Trovato, having qualified manpower is another area where businesses are leaving themselves open to attack. One organization that suffers from a lack of experienced online security personnel is our own federal government.

“Government agencies are easy marks [for hackers] because they ... tend to have trouble attracting the best of the best and hire companies based on nepotism rather than qualifications,” she said.

Our devices, ourselves

Devising an evolving, ongoing process to keep computer systems up to date is only part of the solution for keeping hackers at bay. It is equally important to empower the users. Networked devices are only as safe as the informed individuals who use them.

The National Cyber Security Alliance, a Washington, D.C.-based non-profit, has launched a campaign designed to protect online users called Stay Safe Online. The campaign’s website offers hints to businesses, parents of children who use the Internet, and other individuals.

For home users, Trovato recommends using secure passwords, keeping computers and devices updated with the latest firewall and antivirus software, and paying for online transactions with a pre-paid credit card.

Pre-paid credit cards, like the Visa gift cards you see in CVS or Rite Aid, can be anonymous, requiring a one-time activation online or by phone that will not compromise the security of personal identifiable information in the event of a breach.

Web users can take advantage of services like LastPass, a password-generating program that remembers all of your passwords for various websites in a secure account so you don't have to.

According to LastPass’s website, 73 percent of online users have the same password for multiple websites. While having one password may be easy to remember, it makes the process of gaining access to your personal accounts easier for hackers.

Whether you’re an individual user or the web producer for a company’s website, your online experience depends greatly on your own vigilance. For Trovato, pleading ignorance is no longer an excuse.

“The more connected we are, the more aware we need to be.”


commentary by Marta Rusek  original article

What our clients are saying

...provided us with excellent, expert service in a professional and personable manner.
... incredibly impressed with what you brought to the table
...dedicated, competent and driven to get the job done and done well.
...can do anything any other designer can do and generally quicker, cheaper and better.
A great experience and a much improved website.
I would highly recommend her for any position requiring IT design and development
...I have no doubt we will have the best site in the 2010 election of any PA candidate
I had a very tight deadline and budget, and they met it, seemingly with ease.
... they also made suggestions which showed me that they fully understood what I wanted to accomplish.
...continued to monitor it closely and is still always available to help me if I have any questions
I have seen the first layouts and they are awesome...
...a pleasure to work with, combining patience (for my busy schedule and at times overwhelmed brain) with her strong motivation and energy to keep me going
...took my less than mediocre site and completely revamped it into a beautiful, professional, and easy-to-navigate site
" PDI provides us prompt, effective and efficient service in maintaining our Drupal based website."
...we just want you to know that we are appreciative!
Thanks so much for everything! to translate technical information in an accessible way...
...creative, independent, responsive...
I would highly recommend her for any position requiring IT design and development
I realized that I had picked the right company to work with soon after beginning a project with Peerless Design, Inc. to take my abstract ideas and add their expertise to bring them to life in a way that was better than I could have imagined!
...very responsive to our questions and needs
I'm so happy we chose to work with PEERLESS Design.
I love directing our customers to our new site knowing that they are going to be able to find exactly what they are looking for...
...your punctuality, your casual and open personalities, and both your hard copy and online portfolios speak very highly of you and your business as well