Tech Issues - Security


It wasn't until the early 1990s that the internet first started becoming a part of everyday life. Since that time, however, there has been an inexorable march towards digitizing as much of our lives as possible. Financial, medical, professional, and personal information are all becoming digitized. Our social interactions - both cursory as well as intimate relationships - now take place as much in the digital world as in the physical one. We consider individuals that we never met as co-workers. In short, our digital lives no longer play second fiddle to our non-digital / "real" lives, but are instead part and parcel of how it.

The fact that so much of our personal affairs now reside in the digital domain has profound implications for online security. Getting hacked no longer means that someone is defacing a personal website or has brought down a business's e-commerce page. "Getting hacked" can now mean anything from someone gaining un-authorized access to your private messages, pictures, and conversations through Facebook, or a business "losing" your financial and personal information. This information can be used to not only cause financial harm (in the case of of the latter), but can be used to blackmail, intimidate, or shame (in the case of the former). Depending on who the target is, getting hacked can be a personal disaster or a matter of national security.

As the quality, quantity and type of information we store online continues to grow, so too does the importance of protecting that information . There will be no silver bullet solution to the problem of online security. Instead, we will likely have to address it via a cocktail of different measures - some technological in nature, others behavioral. From a technological standpoint, for example, two-factor authentication can go a long way in preventing hacks due to weak passwords. It is easily implemented, practical, and doesn't impose too much of a burden on the end user. Biometric measures - such as fingerprint or eye / retina screening - are less common than two-factor authentication, but as the technology improves they too can become another piece of the puzzle. More importantly, however, we will need to address the behavioral / human side of online security.

Despite the effectiveness of some of the technological measures, would-be hackers can always fall back on the vulnerability of human behavior. Phishing attacks and trojans executed by the user, for example, are best prevented by educating users as to what a phishing attack / trojan looks and feels like, and what measures to take if they suspect they are a target of such an attack.

In conclusion, as we continue to share and store more about who we are in digital form, the importance of protecting that information will increase. While technical solutions are good and becoming better, educating users on how to protect themselves is necessary for adequate security. Despite originating from a military-funded research project, the Internet was designed to share information, with little thought paid to limiting access. We are living with the consequences of those design choices, and will continue to do so in the future.