By Neil Schwartzman
Senior Director, Security Strategy, Receiver Services
By now, you have likely heard about Alaska Governor Sarah Palin having joined the redoubtable ranks of famous people like Paris Hilton and Chester Charlie Bennington (the lead singer of Linkin Park) whose email accounts have been hacked.
Like the Alaskan tundra, the Internet can be a scary, cold, dangerous place. But if the proper precautions are taken, risk of obvious dangers can be reduced significantly. So, whether you’ve been thrust into the spotlight recently or not, we’d like to nominate the following precautions and hope they get your vote:
- Make sure your password isn’t something anyone can easily guess. In fact, the best strategy is to use a combination of upper and lower-case letters and numbers. For example, a “4” makes a nice “A”, example: “4pple” instead of “Apple.” Then, consider a “1” instead of an “l” as an easy to remember, but harder to guess replacement. So, were your password might have been “Apple,” we’d suggest “4Pp1e” as a replacement. Or, better yet, come up with your own character replacement scheme.
- Your answers to security questions at popular freemail accounts (Hotmail, Yahoo!, Excite, et cetera) should not be things that can be easily found elsewhere. I am attending my high-school reunion, and there is a group dedicated to it on Facebook, accessible through my Facebook page. So were I to use “Riverdale” as an answer to a freemail password reset/challenge question, it would not be too hard for someone nefarious to check around and find the correct word to plop into that box to gain access to my email account. (No, I’m not Archie, Jughead nor Big Moose @hotmail.com, but thanks for asking.) One of the best methods for dealing with those security questions is to use a word or phrase that you’ll remember, but doesn’t actually answer the question being asked. For example, Q: What school did you go to? A: Umbrella
- What have you got associated with your freemail account? “Personal” pictures between yourself and your significant other? Confidential work materials? Plans to go moose hunting? Do you use a wallet function, storing credit card data as is possible at Yahoo! and Gmail? First off, erase your sexy pictures, and remember they might be stored in the outbox as well as the inbox! Secondly, it is rarely appropriate to be using a freemail service for work-related email. This is against many company policies, and –depending on where you work – may even be illegal. If you only store your confidential work data on the email system your employer provides, it’s your I.T. department’s job to keep it safe and secure. Keep your job, and keep work email at work! Finally, some credit card companies offer one-use disposable numbers for online use. We suggest availing yourself of such a service for online transactions. And, although it is less convenient, don’t store your credit card number on any online service; enter it every time.
Like the tundra, if you stay alert, wear your parka, make sure your boots are leak-proof and your sled dogs are well-fed, your trip on the information superhighway should be safe and uneventful. Try making snow angels in your underwear, and the results will likely be less pleasant. Good surfing!