Security vs Convenience
You’ve heard the phrase “you can never be too safe”, but it’s not true in every situation. A good example is driving; there are more than 30,000 driving-related deaths in the United States each year, but there is a very simple solution. Flood the streets with police, and lower the speed limit to 20 mph on every road, strictly enforced. The number of deaths would drop to nearly zero, but it’ll never happen. Why? People would never give up the convenience of getting places in a reasonable amount of time.
The same can apply to securing your technology — you want to keep things secure, but too much security can create headaches.
A great example is anti-virus software. While things have changed in the past few years, traditional anti-virus software can be a huge resource hog on computers. It can make your computer run noticeably slower, costing you hours of productivity over the course of a year.
If you keep your computer updated, use a secure browser, get your email scanned for viruses (which most providers do) and don’t download any shady files, your odds of catching a virus are virtually zero. Further, some of the biggest security issues with computers in the past few years have been security holes in the anti-virus software itself (such as this issue with Norton). I’ve not used a true anti-virus program in many users and haven’t had any issues. However, it still may be wise to install it for your less tech-savvy friends and family members who might need the help or are more apt to click on misleading popups.
In either case, Microsoft’s “Windows Defender” is now baked into Windows 10 and does a nice job and Chromebooks are essentially virus-proof by design, so things are getting easier for everyone.
Whatever your use of anti-virus software is, you want to make sure that all of your stuff is reliably backed up. There are two main ways to do this:
- Keep it backed up using an Apple Time Capsule, an external hard drive, or a remote solution such as Carbonite.
- Keep all of your items in online accounts, so you can access them from anywhere and they’re essentially always backed up.
I work with option 2, which I’ll explain below, but option 1 is perfectly fine depending on how your life is structured.
Secure your accounts
With item number two above, the big issue these days is controlling access to your various accounts. In my case, I typically use at least six different devices in any given week; a desktop at home, a desktop at work, a Windows laptop, a Chromebook, phone and tablet. Having access to all of my tools everywhere I go is great, but if a hacker were to gain access of one of my accounts it would be killer.
Like many people, my most important account is with Google. This has my email, calendar, contacts and all of the stuff I save in Google Drive and Google Keep (as discussed here).
Google, like most major online services (Dropbox, Facebook, etc), allows you to set up two-factor authentication. They explain it here, but it essentially requires that you provide your password and prove that you have your phone with you (by entering a code) before you can log in. The logic is that even if someone gets your password, they’re unlikely to also have your phone (and vice-versa).
Going back to the beginning of this post, you have to weigh the “security vs convenience” of two-factor authentication. I’ll be honest, it can be a pain sometimes. You just want to log in, but now you need to dig out your phone and get a code. However, on this one I’ll push you to set it up anyhow. While the threat of desktop viruses is waning a bit, online hacking is only getting worse. Losing your Google/Facebook account would be killer for many of us, and this is worth taking the time to do.
A great example is the case of the Democratic National Committee hackings near the 2016 US Presidential elections; a major factor was that chief Hillary Clinton advisor John Podesta didn’t have two-factor authentication set up on his email. That alone would have helped prevent that entire mess. Just do it.
Securing your phone
The biggest problem I see lately in the “security vs convenience” debate is PIN locks on cell phones. Do you have one on yours? Studies show that 30–50% of cell phones have no lock on them at all. If they’re stolen, the thief has full access to everything on the phone. It seems like an easy to decision to put a password/PIN on your phone, but with the average person checking their phone 85 times/day, entering that PIN becomes a pain very quickly which is why many people don’t want to mess with them.
So what’s the solution there? Part of the solution might come from your smart watch. While Android and Apple handle things a bit differently, both allow you to keep your phone unlocked if it’s in range of the watch, but have the password show up if no watch is around. This means that you don’t need to deal with a PIN in your day-to-day life, but if your phone is stolen or lost in a taxi, no one else will be able to access it.
In the case of Android, you can add other “trusted devices” and “trusted places” to keep your phone unlocked.
Trusted devices are things such as your watch or the bluetooth connection in your car.
Trusted places are GPS-based locations, such as your home or office.
If your device is in a “trusted” situation, it’ll unlock with no PIN. If not, then the PIN shows up.
With 2.1 million phones stolen last year in the US, it’s crucial that you make sure your phone is protected — even if it’s less convenient to use.
How do you make sure your stuff is secure without causing unnecessary headaches?