19-07-2017 | | By Paul Whytock
Cyber security and the stealing of personal data is big news these days and so its not surprising that I receive a regular stream of press releases from expert companies expounding their theories on how to keep data secure.
But how much are you going to worry about your financial and family data and the codes and software that protects it when you’ve checked into the horizontal Hilton or, to put it more plainly, departed this mortal World?
Not a lot of course. The worrying will be done long before that and for most of us that means jotting down lots of things like code words account numbers and a whole host of family related information that will be essential at a later date and then finding a suitably secure places to squirrel it away in a location that is known to trusted family members.
But is there a better way? According to one company, Keeper Security Incorporated, there is and its called a digital vault, something this company has been operating for sometime. Now it has just launched a new feature called Emergency Access. This allows up to five family members or friends entry into a customer’s secure digital vault to access important files, passwords and documents in the case of an emergency or tragic event causing the sudden demise of the digital vault customer.
The designated family member, administrator, executor or beneficiary of the customer’s will or estate can be provided secure vault access after a specified wait period.
Basically this security service works on software for smart phones, tablets and computers. It provides password management and secure digital files and helps people maintain important passwords, files and other sensitive information in one secure place The system, which uses encryption technology 256bit AES and is SOC-2 certified, then creates high-strength random passwords.
Now all this sounds much more secure than a list of code words, passwords and family finance details stored in a box under the floorboards or in the garden shed. But as with all security systems none of them are indefinitely impregnable and one of the major problems currently hindering cyber security is the involvement of humans. Unfortunately, as a species we are prone to human error, and temptation which for some of us is the rewards of dishonest actions.
A recent study conducted in the United Kingdom, Benelux and Nordic countries by cyber security company Alert Logic showed that technical expertise on its own is just not sufficient to fight cybercrime. The survey revealed the three biggest obstacles to stronger cyber security are lack of skills and resources. A total of 37% of the surveyed participants cited a lack of skilled employees as a major barrier holding their organisation back from implementing security management more effectively.
OK so there could be a skills shortage but I also think that company management may be demeritorious in contributing to the situation by being less than communicative with employees when it comes to the security policies of the company they work for.
And so says another different survey. This one was conducted by security systems specialists Expert Security UK which found almost a third of the UK public are not aware of the safety and security policies implemented by the company they actually work for.
The survey suggests company management can build trust and involvement from employees by sharing company objectives and communicating clearly on the processes being implemented to achieve them. Staff need to understand the importance of the procedures and how they protect their clients.
Transparency and communication with staff has already been mentioned but using the right tools for the job is of paramount importance. Businesses should make sure they know what tools are available and best suited to enhance security and thwart cyber incursions. Single sign-on systems for users and system managers with varying levels of secure access are a typical example that should be implemented.
But despite all the emerging improvements to cyber security systems it still has as its weakest link the involvement of humans. Would robots be a better option when it came to cyber security? Some would support this idea.
Robots produce more accurate and consistent work. Robots rarely make mistakes and are more precise than us humans. They can work constantly with no breaks or time off and they can perform applications with more repeatability and greater security than humans.
All that sounds great, but until artificial intelligence takes over it will still be the humans programming the robots with all the quirks and vagaries that implies.