In an age where technology is all around us and IT companies are flourishing in the APAC region, everything is going online by default and there is exponentially more data available on the internet every year it is more important than ever to ensure businesses keep their data private and have the right security measures in place. As Founder of Bitspark, a Bitcoin fintech company, nothing keeps me up at night more than security and its something that is a constantly evolving field. Below I share some of the top 5 ways we use to keep your data safe, save money and make any organization’s life a bit easier in the process.

1. Use Open Source where available. Open Source software means the code is freely open for anyone to view, copy and make their own anywhere in the world. When code is auditable anywhere in the world, especially for larger projects it means a different set of eyes are vetting it, for free and security issues and fixes can be found and patched quickly leveraging the crowd. A good example of this is the Firefox web browser which is faster and scores higher in security tests than incumbents like Internet explorer. Indeed, most day to day office tasks you’ll generally find there is an open source alternative (like OpenOffice or LibreOffice) have a look around, you may be surprised.

2. Encrypt sensitive information. If your business holds sensitive customer information like usernames, passwords, names, addresses, billing details, credit card numbers, confidential documents etc it should be encrypted by default. Encryption is the transformation of data into a form thats not readable by anyone else without the proper key or password and is fundamental to IT security. Important data (documents, spreadsheets, customer information, website forms) can be encrypted with various local storage devices (Hard drives, USB’s), open source software (like AEScrypt) and cloud services like Mega. Encryption enforces privacy, is easy (and free) to do and provides your customers and employees reassurance their data is safe from prying eyes. Even in the event your data is exposed it is unintelligible and useless without the proper key.

3. Crowdsourced auditing. Sites like Crowdcurity and Bugcrowd are innovative new examples of leveraging the crowd for high quality, cheap and fast auditing of your website or application. Bounties are paid to security researchers from around the world who compete to find holes in your service which ensures you pay for actual results not time spent and it’s active 24/7. This is a much more effective way of ensuring a high quality product than paying a contractor not for results but hours spent and in the past, that contractor would only deal with the code presented to them on the day, next week when a new feature may be introduced a new unforeseen vulnerability may be exposed rendering prior auditing redundant. Thousands of brains on the task are better than just 1.

4. Use a VPN to connect to the net. When connecting to any public WIFI while travelling, in public places or other business locations the connection itself could be insecure with your passwords and data vulnerable to snooping and collection by an entity monitoring the network you are connected to. VPNs (Virtual Private Network) ensure you connect directly to another secure server which then connects you to the outside web with all good VPN providers ensuring your data is encrypted all the way, they are cheap (or free) and easy to setup even for the non­technical. A VPN ensures if anyone was snooping on your connection all they’d see is garbled data that is unintelligible ensuring you stay safe when connecting outside your own network.

5. Authentication can be easy. By authentication we usually mean a username, password maybe a captcha or a physical number generator banks like to give you. Frankly all of us would agree our lives would be better if we had less usernames and passwords to remember. Many people use the same username or password for multiple applications which is a security risk and some organisations force people to change the password frequently or require ever more complex combinations which most people are too busy to make a new unique password every few days and instead just increment the existing password by a number to keep it easy to remember. I stumbled upon Clef and have been very impressed. Clef uses secure public / private key cryptography and enables users to securely login to any supporting website by pointing their smartphones camera at a picture on the screen (the awesome ‘Clef wave’). No username, password, physical key required and no private details being transmitted over the web.

The above mentioned tools and methods we’ve found to be of assistance to us and when applied effectively, we can all help make the web a safer place!

Contributor

Recently Published

Top Picks

Key Takeaways: Albert Einstein’s theory of general relativity has been remarkably successful in describing the gravity of stars and planets. However, gaps in our understanding start to appear when we try to apply it to extremely small distances, where the laws of quantum mechanics operate. A new study, published in Nature Astronomy, has now tested […]
Key Takeaways: Digital money is a form of currency that uses computer networks to make payments. It is not the digital nature of cryptocurrencies that differentiate them from digital money, but how they ensure the ownership of digital property that mark them as transformational. The Counter Currency Laboratory, a new initiative based in the Department […]
Key Takeaways: For many people, Buddhism appears to be uniquely compatible with modern lifestyles and world views. Buddhist mindfulness has influenced many schools of contemporary psychology. Buddhist philosophy embraces constant change and the inherent impermanence of all things. The 19th century Burmese monk Ledi Sayadawtravelled the nation teaching meditation and founding study groups. The forms […]
Key Takeaways: Elon Musk proposed a range of controversial changes to the Twitter platform. One of the ideas was to charge US$8 a month to obtain a verified status. The paid verification change has already been rolled out in several countries, including Australia, under the Twitter Blue subscription service. Musk’s proposal is not only misguided […]

Trending

I highly recommend reading the McKinsey Global Institute’s new report, “Reskilling China: Transforming The World’s Largest Workforce Into Lifelong Learners”, which focuses on the country’s biggest employment challenge, re-training its workforce and the adoption of practices such as lifelong learning to address the growing digital transformation of its productive fabric. How to transform the country […]

Join our Newsletter

Get our monthly recap with the latest news, articles and resources.

Latest Titles

Login

Welcome to Empirics

We are glad you have decided to join our mission of gathering the collective knowledge of Asia!
Join Empirics