Right now we only have the illusion of digital security, and there is little incentive to change that. We have the technology and ability to add multiple levels of security but in almost every case, we’re only covered by the most basic layer.
Since most companies have no real incentive to provide deeper security, few companies provide anything beyond the basics, and even those leave dangerous holes that can be easily opened. Often, the most protected systems are business intelligence systems and proprietary databases that provide a monetary advantage over competitors, and customer information is left poorly protected because there is not financial incentive to do so.
This isn’t even for elite hackers – though those problems exist too. Mostly I mean that individual consumers leave themselves extremely vulnerable to identity theft and exploitation. Some common examples:
- Using the same password on multiple sites
- Using the same “security” code word to bypass the password entirely (what is your mother’s maiden name, etc.)
- Using a security code that is easily researched (what is your mother’s maiden name)?
- Not securing information “hubs” such as a common email address which – if accessed – can be used to reset all your other login information
- Not securing the information on your smartphone
Smartphones – iPhone, Android, Blackberry and Windows – all leave users open to exploitation. Specifically, smartphones are almost always “logged in” to accounts, like your Facebook, Email, Bank, or whatever else you have on your phone that can expose personal information and be used to access additional secured areas.
Proper and professional app development can help protect user information, but hackers can also create legitimate-looking apps that secretly steal information.
Even password protected phones, which are only secured by 4 digits, could be manually guessed in a matter of hours (only 9999 possibilities, right?). But approximately 40% of users use one of the same 10 variations (like 1-2-3-4), so it’s more likely that it would take a matter of minutes. Android’s new facial recognition is helpful, except that you also need a 4-digit passcode as a backup in case it doesn’t recognize your makeup.
Or as another example, Facebook recently reported that .06% of its accounts are compromised every day. While .06% in only a tiny fraction, it amounts to 600,000 accounts per day. Or as Sophos.com notes, one account is compromised every 140 milliseconds (by comparison, a blink of the eye takes 300-400 miliseconds).
In other words, it doesn’t take hacking into a bank’s database in order to get your information. As phones, computers, sensors, wallets, cars and homes become more integrated, losing your phone might even mean that someone could steal your car, rob your house, overcharge your credit cards and empty your bank account.