Security

More and more, I realize you really can’t be too careful.

I got an email this morning, looking like it was from PayPal, telling me to login to my account and update my information. I have enough experience to know what to look for before hitting any link, and also to know what kinds of emails to be suspicious of in general, but I also know that a lot of people don’t. I used to think things like the personal images and extra security questions were overkill, but I’ve changed my mind. I’m taking security a lot more seriously now, because some of the tricks the bad guys are pulling are pretty impressive.

I’d bet that people who read this blog (and thanks for reading it; I really like being able to just “think out loud” on my PC and call it working) are pretty careful and knowledgeable too, but I’d also bet that everyone has at least one friend or relative who’d read an email like the one I got today and click that link that looks legitimate. So if you know someone like that, this would be a great time to remind them that emails aren’t necessarily from who they say they’re from. And that links don’t necessarily go to the site in their text.

And now back to figuring out how to get rich and thin.

I’m thinking a lot about information security lately. Not because we develop and sell eWallet, but because of two things that have happened recently:

Our office was broken into. Nothing but one laptop was taken (and it was just used for testing, so had no valuable info on it, plus was password-protected). We think that our alarm scared the person or people away, and they just took the nearest good-looking piece of equipment. While we’re all feeling a little rattled by the thought that someone was in our office, we’re also very aware it could have been much worse.

We stopped keeping the credit card numbers we get for sales several years ago, and are very careful to protect any confidential info – whether users’ email addresses or our own credit card numbers and passwords – on any of our PCs, so I know that anyone getting any of our equipment wouldn’t be able to get any useful information. And I know we’re good about keeping offsite backups of all the corporate and customer info. I hope we’re also good about keeping offsite backups of our own PCs, but I know at least I don’t do that every day. But we’d lose weeks of work if we all had to get new PCs and set them up. I’m not sure that 5-year-old PCs (mine’s at least that old) are even worth taking, but I hope I never find out.

The other thing that’s happened is that as part of two banks I use being acquired, I’m kicking off a long-postponed personal financial reorganization. Wow – there’s a lot of info to enter and keep with new bank accounts. Online security is a lot better than it used to be, which I’m very glad about. But it’s clear that no matter how excellent my memory is, there’s no way I could be without a good wallet program. And being able to enter free-form info – like my third boyfriend’s pet’s name, or the street my high school was on – is a lot more critical than it was when we first added the Notes fields to eWallet cards.

Anyway, I’m glad the banks are looking out for me, and I’m glad there’s good enough software that I can manage everything I need to. And I’m really glad we got an alarm when we moved into this office (we’d always planned to with the previous one, but never got around to it). It’s too bad we need all that, but since we do, it’s good that it’s there.

And, yes, I’m thinking a lot about mobile technology too, especially with all the new announcements lately. I just don’t have anything to say about it – yet – that hasn’t been said by many other people.