How awesome is it to have a full copy of your “stuff” somewhere out on the internet? Most of your data is already being synchronized (sometimes without your knowledge) to some online service automagically™ . This is great if you lose or damage your phone or computer, but are these services leaving you vulnerable? If access to everything you own sits behind a single user name and password – then yes. Take the recent story of how Gizmodo got hacked and a much scarier story unfolds: Mat Honan was hacked, hard. In a matter of minutes someone remotely wiped his iPad, iPhone and Macbook Air – along with it all of his data. To make matters worse the hacker also deleted his google account – and with it his google voice phone number and all other things associated with it. As much as I love “the cloud” I can’t bring myself to rely on those that give a hacker (or malicious employee) the ability to completely demolish my digital life. So I put together a few tips for those who would like to know what we (as digital citizens) can do about it.
- Stay away from cloud based router management tools. Imagine this: a hacker configures your router so that he can intercept your communications? Not cool. You don’t need to manage your routers using the internet so opt out of this whenever possible.
- Anything that opens up your LAN to the outside world is risky business – if you need to open up ports for a survaillance system why not segregate that traffic from your actual LAN?
- Purchase a little NAS with redundant drives to keep your data backed up at home or in your office. Don’t open any ports to it.
- You should secure all of your devices to the best of your ability. Password locked with full disk encryption, auto lock due to inactivity, firewalled and antivirused.
- Setup a VPN if you need remote access to your machines – no need to trust some random company with remote access to your computers.
- Keep at least one device with remote wipe disabled – enable full disk encryption if you need to protect your data Note: the iPhone does not offer full disk encryption but rather a data protection system enabled in the settings which comes with an API for developers. That does not require developers to use this so some of your data may be unencrypted.
- Keep your cloud backed up. This is a tough one to give instructions for because we have so many different services, options, preferences and interfaces.
- At a minimum you should use a spare PC/Nas (see: a little NAS above) to backup your gmail or other email service.
- Apple has a very lengthy article on how to backup iCloud data. Unfortunately they don’t seem to provide an automated method, furthermore the instructions are for OSX only! I’m not surprised.
- So far AllwaySync is the best tools I’ve found to deep dive into synchronizing your data between services. AllwaySync can backup/synchronize S3, Azure, Google Docs, WebDAV, ActiveSync, Dropbox, Amazon Cloud Drive, Skydrive, as well as SSH/SFTP/FTP.
- Consider switching to a paid email solution like a $4 / month single user exchange account directly from microsoft. If anything happens to your account you have 24/7 live 24/7 IT-level phone support. That’s worth the 4 bucks right there.
- Whenever possible setup synchronization / backups to occur automatically. If you have to plug something in you’re going to forget:
Leave questions or thoughts in the comments, thanks.