All of your important data is already in the cloud, so embrace the danger.
The danger includes all kinds of things, bank and retailer screw ups, social media profile hacks, some sort of monthly bug or attack like last week’s Heartbleed. My prediction, in the future they’re going to start naming these digital bug storms like hurricanes.
A few months ago, I was trying out the much-maligned healthcare.gov site, mostly out of curiosity and to make sure we’re getting decent rates on our healthcare costs. I waited until all the initial complaints about the website had died down to give it shot. The experience wasn’t bad, but as I was putting in my entire family’s Social Security numbers, and a ton of other information, I realized just how much data we all have in the cloud.
If you have a bank account, use a credit card, email or file your taxes electronically, most of your important data is already in the cloud. What is the cloud? It’s a server in a data center, most likely secured behind a steel door guarded by an entry-level member of the nightwatchman community. It really doesn’t matter how many steel doors or security guards they have because that’s not how people break into these facilities. The real security guards are the coders and often former hackers these companies hire to keep bad guys, bugs, and viruses from visiting the server from the other side of the world.
When the term cloud computing became popular many of the major hosting companies just added the word cloud to a lot of their existing server packages – “boom” we are in the cloud and so are you. We’ve all been in the cloud for a while. The cloud is not going anywhere, sort of like this past winter.
You can’t hide from the cloud
There are entire books written about becoming digitally invisible and they have very little to do with deleting your social media profiles. Many of them have titles like “how to disappear” and involve living on a deserted island and spear fishing for survival. Most of the people who are reading these books have much bigger problems than someone snagging their debit card number and pin from the Target database.
So, years back, I decided if the cloud is everywhere, I need to embrace it, understand it and put a plan in place to minimize risk. I run my entire business in the cloud so I had an additional incentive to make this happen. I was an early adopter of all kinds of cloud-based tools like dropbox, evernote, basecamp, wordpress, google apps for business. Naturally, I had concerns about managing passwords and security for these accounts.
Tame the beast
The cloud has some big advantages including eliminating commuting and paper documents. However, much like piles of paper and awful commutes, the beast must be tamed. Once that’s done you find the cloud’s benefits outweigh the risks.
So here is The Frug’s cloud strategy.
Embrace the danger. Make a list of financial, social and other websites which use passwords. These are your cloud accounts.
Get a secure password manager. I like 1password.
Avoid built-in browser password managers from Microsoft, Apple or Google. It’s best to keep actual passwords in one encrypted file on your computer. A password manager like 1password will allow you to add an auto fill extension to your browser to access the secure file.
Put all of your cloud accounts into your password manager. File your master password away somewhere safe in case something happens to you.
Don’t use words or names in passwords and use more random numbers and letters.
Create a password nomenclature so you don’t need to use the same passwords across multiple sites. You can do this by having one long password made unique by a couple letters from the name of the bank or website. ex. Op8899e8BA. Or you can use your password manager apps random password generator.
Back up your stuff. Lots of companies are offering five gigs of free encrypted storage for your random digital stuff.
Use a password on your phone, tablet, or laptop while traveling.
Once you have an encrypted password file, back it up with other files.
Practice subterfuge. Many random news and entertainment sites are now requiring emails and passwords. Create a separate free junk Gmail address and junk site password you can reuse for any sketchy, salesy site you need to log into but don’t want to hear from again. Avoid using this email or password on anything important. Use it on everything unimportant. Femail@example.com may be available.