Conventional logic argues that electronic security should improve in tandem with progressions in computing technology. Unfortunately, this is not the case. When companies such as ADT, Honeywell and others began including automated home security in their packages, leaving remote access to homes available via smartphone, it was inevitable that a new threat would arise from the addition of digital systems. Suddenly, potential thieves were present in the online world as well as the physical. Home protection aside, the recent hack of celebrity nude pictures shows just how vulnerable our information on the cloud and other wearable/portable devices really is, affecting many areas including financial information, to private correspondence and intimate personal details of our day-to-day lives.
Although it is convenient to store data outside of our own computers’ hard drives, the cloud is oftentimes less secure. While Apple claims that the iCloud is highly secure, hackers have repeatedly proved otherwise. Following the celebrity photo hack, Apple executive Tim Cook was quick to provide a band-aid solution. Now, Apple users will receive an e-mail whenever anyone uses a new device to restore their iCloud accounts. Yet this warning won’t be enough to prevent the vast majority of information leaks and identity theft. Users of Apple products should opt into the two factor authentication process and be aware that it might take a minimum of 3 days for it to be implemented.
Another problem with modern day log-ins and cloud storage is the pathetically simple security questions that are employed to recover a user name or password. Asking users questions about their personal life, like their pet’s name, is by no means a foolproof way to prove one’s identity. Such information can be easily gleaned with a little digging into a target’s life. Instead, companies should develop safer methods of password retrieval including the snail mailing of a recovery key to a physical mailing address. Or, individuals who lose their password could prove their identities by physically showing up at the company’s retail outlets. Unfortunately, these methods are only in the formative stage, and none have been adopted.
New security measures mean additional overhead expenses on infrastructure, employees and necessary user education. Customers must ask themselves if they want to risk their personal security in return for fun and convenient products, or if they can wait for companies to adopt serious security measures before rewarding them with their business. After all, if a company values its users and their data, why wouldn’t they take extensive steps to protect them?
Apple recently released Apple Pay, which allows users to hold their phones up to a retail sensor and press their thumbs on a Touch ID to make a purchase. Users’ information will be shared with retailers and a series of banks. However, little attention has been given to the possibility of a hacker breaking into the fingerprint scanner and stealing the unique fingerprints of millions of customers. Users of this highly advanced technology need to ask themselves if taking such a risk is really worth added convenience – since unlike passwords or usernames, a fingerprint is irreplaceable.
On Apple Pay’s heels is the new Apple iWatch, which will arrive with its own set of sensors that monitors very personal information, including one’s heartbeat, blood pressure and activity. Such “wearable” devices reveal intimate details about our lives that could wreak havoc if obtained by hackers and identity thieves. While it would be more financially devastating to lose one’s credit card information and personal details, revealing medical data to a stranger would be incredibly uncomfortable and potentially embarrassing. It is worth noting that the 1996 health privacy law (HIPAA) does not protect any health information that is entered into apps.
In the end, it’s the consumers who have the power. We can force companies to fight for our business by rewarding those that heavily invest in meaningful security measures, and avoid those who do little protect our information, or we can watch as our personal lives become increasingly public.