Equipment protection
The phrase “protection of a device” can act (and in Czech, it is probably the same) as securing a hardware device against theft or damage. It is true that we could also include the topic of maintenance and simple cleaning of equipment, methods of transport or replacement of components. Still, we would like to focus on issues that, in our opinion, are more important. Primarily because a technician will solve some of the problems mentioned above and because most measures are associated with elementary judgment. It would certainly be possible to say some details such as the hard drive - if not SSD. The hard disc must not be flipped or dropped.
The first area that is undoubtedly interesting from the point of view of security is mobile devices. In addition, the current BYOD trend expands the possibility of using personal devices in the work environment, which can bring with it many problems. It should be noted that the topic of mobile device security is still not much reflected - not so much by the professional community, but rather by the users themselves. Impacts on monitoring or locking the phone, eavesdropping on calls, etc., can be severe. Undoubtedly, mobile phones are in some ways more durable and more secure than, for example, Windows, into which any user can upload any executable files from the Internet and possibly even install them, but this does not mean that they are without problems.
The second area that is no less important to us is network security. We do not mean work on social networks, which we will deal with in the following chapters. But especially the topics of network security, where we may encounter the fact that, for example, unchecked and unsecured public Wi-Fi to access personal and sensitive data such as banking or email. The Internet, as initially proposed, was conceived as insecure because no one assumed that communication on it could be acute or criminal in any way.
Undoubtedly, the device's security also includes choosing suitable passwords or encrypting and encrypting communications or files. It must be emphasized that encrypted data or communications, or determined strong passwords, do not necessarily mean that one protects the content that one would perceive as highly personal and sensitive. Primarily, it is safeguarding private space, just as people use curtains at home, without assuming they were doing something wrong. Privacy and its perception and feelings have a robust cultural dimension and overlap in this regard.
At the same time, however, a balance must be struck between safety and practicality. It is not possible to design security measures that are so demanding, costly, or inconvenient that users will not comply with them. The well-known principle applies that man is the weakest part of the entire security chain.
Mobile phones or tablets have probably become the most widespread technical devices. We perform many tasks associated with traditional telephony from before the smartphone (telephoning, messaging). Still, at the same time, users have many applications that allow them to use the device much more comprehensively. It is a computer, still, with a different operating system and a different mode of information behavior. We carry the device everywhere with us, so there is a risk of losing it. Instead of traditionally stronger passwords, many users have screen unlock (and thus access to all data) with a trivial password or a PIN code that can be easily traced - either by simple observation or by greasy parts of the screen.
When we talk about mobile phone security, we mainly think of three significant areas - working with applications, working with a lost or stolen phone, and questions about the data available to mobile operators.
The last group is fascinating because it is almost impossible for users to influence it, and at the same time, it is one of the most distinctive and detailed digital tracks they ever create. The mobile operator has - for a limited time - an exact idea of where and how a person moves in terms of people with the same mobile operator and whom. At the same time, a mobile phone is a device that most people carry with them all day.
Mobile operators can use this data in various ways - they can primarily serve the police. Still, they can also monitor how aggressively a person is driving, going on holiday, or eating. This data is then interesting for banks or insurance companies, to which the operator can (with the consent of the data owner) provide it. However, the problem may be that, for example, the bank forces the data by a significant disproportion of interest rates for clients who offer them and to others.
Thus, the result may again be a form of access to personal data as a form of currency. Its value is determined by service providers depending on the willingness of users. However, there is a significant difference compared to other currencies - they can pay more than once with one personal date. Individual subjects can then handle them in different ways. In extreme cases, data leakage can occur.
Mobile operators thus have data available that are an order of magnitude more accurate than any sociological survey and can use it for various purposes. Their results can, for example, reveal patterns of behavior of ski resort customers or provide a good overview of which regions are going for what a holiday-looking holiday is. Another example is the estimation of the number of participants in a demonstration or their socio-demographic composition.
The only way to prevent such monitoring may be to turn off your mobile phone or mobile data tablet. Alternatively, it is possible to use the phone with two SIM cards, which switch and thus reduce the track's clarity. An essential element can also be prepaid cards (i.e. buying credit), where the possibility of practical work with a particular user (and the availability of data about him such as gender or residence) is lower.
The second problem area, which the users themselves already influence, is working with applications. At one time, there was a “brightest flashlight” app that did nothing but fill the phone's screen white so that it could be used as a flashlight - fast, easy, and accessible. The problem was that it demanded access to photos, calls, data, etc. All the information one had on the phone and even had the right not only to read but also to send it to the network. The user paid for his data for the trivial application, of which there is an unlimited amount in the store.
This example shows one of the problematic parts of the approach to thinking about tools on mobile devices - it is not possible to make sure that the tool works as it should and is reasonably priced. The user can use it, but we must also include what data we let it access and why. Modern operating systems today can selectively reduce these permissions for each application. However, we still encounter a barrier with comprehensibility (for example, does the user know why the tool needs such rights?) And thus with one of the essential elements of security.
There is also the issue of viruses associated with applications, which in the case of mobile applications typically pursue two main goals - obtaining data or blocking the phone, with the need to pay a certain amount for the user to access their data. For example, if it does not back up regularly and ignores what tools it installs, it can quickly get into a very problematic situation. Modern payment methods, such as bitcoin methods, offer the possibility of a very fast and efficient covering of the transaction's recipient. Of course, operating system developers are trying to reduce these risks, for example, by increasingly detailed control of newly added applications to repositories (Google Play, AppStore, etc.), but there is still a significant risk.
As for security against physical theft, it is possible to use applications and tools that can locate the lost device using GPS. Some can activate the camera to transfer data, take a photo of the perpetrator, or delete data or block the device. For example, observing the movement of a thief (or the finder of a device) and taking his photographs can be perceived as legislatively at least controversial. On the other hand, locating a device can be an efficient function in an actual loss.
Much progress has also been made in the field of screen unlocking, where gestures or PINs are gradually being replaced by more modern methods, such as fingerprints or facial images. Both ways are significantly more effective in terms of safety than gestures or number combinations.
As much as it may seem that data is “eternal", this may not be the case in various life situations. From a technical point of view, each medium on which data can be stored has a certain limited lifespan. When it is exceeded, the risk of damage to the carrier increases dramatically to such an extent that data cannot be obtained, or at least such a process will be very costly and uncertain.
The data that a person deliberately and systematically creates, whether in the form of texts, photographs, or, for example, the results of various measurements, are among the most valuable articles, which are at the same time typically very difficult to substitute. Therefore, we recommend paying due care and attention to data protection. If the claim that "knowledge is power" is valid, it would be highly annoying to lose the power associated with knowledge or data.
Part of busy work with data is backup, and thus the security of backed up data. The first question most people are likely to address is whether the data should be stored in the cloud or in physical storage over which they have physical control. The feeling that we have data stored somewhere we can touch the device can be strong, but it is entirely wrong. The data we have on physical media is less secure than the data stored by large cloud companies. With typical fire, flood, or theft, both the primary and secondary media can be lost simultaneously. In this respect, cloud storage is usually cheaper, more secure, and because data is backed up on multiple continents, the risk of physical data loss is relatively small.
Cloud services also have their potential problems. The first is the possibility of terminating the service or changing conditions or functions. The user usually has no way to influence whether the service will operate in one mode or another or its pricing policy. What may look very convenient and functional can ultimately be a costly and problematic solution. Migrating data between web repositories can be accessed with just a packet of data without additional indexing or services. Still, it is challenging, for example, if you want to leave Google Docs and go somewhere else to transfer sharing settings. Revisions or comments are impossible.
Although we have also said that cloud services are generally more secure, their size attracts more attention from potential attackers. There are many services from which passwords and names have leaked to a massive number of accounts. Choosing the correct password, tracking security messages, or changing the password from time to time can be a perfect tool for increasing user security.
If you want to increase the security of data in the cloud, you can upload encrypted data. There are a large number of encryption tools that are often free and minimize the risk of password leakage (if the encryption password is different from the cloud storage). Above all, sensitive data or data is recommended to be encrypted. For specific data, it is to be considered whether one wants to take full advantage of cloud services together with their search, sharing, tagging, etc.
