As Data Security Improves, Low-Tech User Behavior is the New Battleground

Today’s world is more reliant on data technology than ever before. From protecting work data to personal information, from safeguarding financial accounts to one’s social media presence, there are multiple kinds of potential damages and personal loss associated with a security breach. As software and mobile device security keeps getting better, more and more thieves are turning to low-tech methods of hacking your smart devices and stealing sensitive information.

In the ongoing struggle between code makers and code breakers, the X factor continues to be consumer behavior. Here is a rundown of today’s high-tech and low-tech data security risks and solutions.

Software and Device-Based Security Technologies

Software security has improved by leaps and bounds over the past decade. The most important data is often secured by two-factor authentication, which requires a passcode and physical possession of an item. In addition to providing a username and password, you may be asked to provide a one-time code that’s sent to your phone. ATMs are another good example of two-factor authentication, requiring physical possession of the bank card and the passcode for that card.

A common trope of spy movies, cloning a cell phone is still possible but has become increasingly difficult to do remotely as modern phones have defenses against remote scanning. Today, it’s more common for a thief to try to gain physical access to your SIM card for scanning and cloning a phone.

Stealing (or “sniffing”) information from public Wi-Fi also remains a high-tech vulnerability, but this too isn’t as common or as catastrophic as it has been in the past. More and more apps are using end-to-end encryption technologies to keep data secure, even when traveling through public Wi-Fi.

Img source:

Password Security, Password Managers

One of the top recommendations from cyber-security experts is to use a password manager. However, this solution does require you to find a software provider you can trust, put all your eggs in one basket, and remember a long master password. These programs work in multiple ways to protect your password vault including strong 256-bit encryption, software architecture that hides your password from the provider software itself, two-factor authentication, scanning the dark web to make sure your password hasn’t been revealed, and prompting you to change your master password periodically.

This solution isn’t just secure; it’s also convenient. You no longer need to remember a dozen different passwords for numerous accounts you created over the years, all with different password-creation requirements.

Social Engineering, Phishing, and Lazy Passwords

Too often, the easiest way to get access to someone’s phone is to ask them for it. It’s a horrific strategy that preys upon people of good nature and the people who are legitimately in a bind, needing to borrow someone’s phone. Most of the time, someone does just need to use  your phone to make a quick call, but there are also people trying to hack your phone in the few short moments in which they have access. They may simply download spying software that collects and sends information remotely.

Nefarious spy apps can be deployed by people without a lot of software skills. It’s not just social engineering, either. Often, these thieves dedicate their efforts to sophisticated phishing attacks in which they imitate a legitimate party through email or text. Look carefully at the email addresses in your inbox. Be highly suspicious of text messages you get from unknown numbers. And never click on a link that you’re not 100% sure about.

Finally, avoid the temptation to use common passwords because they are easy to remember. Any variation of password, repeating or sequential numbers, or qwerty should be strictly avoided. Even personal information is far from secure when it’s easy to find online. Take some time to think of long but memorable passwords that have a personal connection but aren’t widely known.

img source:

Shoulder Surfing and Spy Cameras

No matter how good software security gets, the software doesn’t know if someone else is physically spying on your phone screen after it’s been unlocked. A return to normal is also a return to close quarters with lots of people such as subway rides, workspace cubicles, and flying on full-capacity flights. Shoulder surfing is bound to become a growing problem once again. Another more sophisticated method is to use inconspicuous spy cameras in places where they’re likely to capture images of phone screens while in use.

It’s easy to tell yourself to be careful, but as important as regular smartphone use has become to our everyday routines, it’s unrealistic to be looking over your shoulder every time you have your phone out. Some smartphone accessory manufacturers have found a way to protect your screen privacy without disrupting your normal smartphone habits.

Option 1: Privacy screen protectors can obscure your phone screen display when viewed from a side angle. Take a look at Spyglass from BodyGuardz as an example.

Option 2: These specialty screen protectors can obscure your phone screen display when viewed from a side angle. Take a look at one of these privacy screen protectors here.

Body Movement Analysis

Some data thieves operate by trying to steal subtle eye, hand, and shoulder movements in an attempt to discover password inputs. This type of body language analysis has been one way Face ID has enhanced smartphone security over Touch ID, especially as masked faces are once again becoming less of an issue, and Face ID is working reliably. Yet, at the same time, there is a growing segment of consumers who are concerned about consumer privacy and facial recognition technology specifically. More consumers are looking to deny apps access to images of their face as well as their locations. It wouldn’t be the first time a data security solution creates a new type of security issue.

While longer passwords are more difficult and time-consuming to break for the most powerful software programs and supercomputers, they are also better at protecting you from low-tech theft. Reading those subtle shoulder and eye movements isn’t easy or 100% accurate and with enough characters it becomes altogether impractical.

Img source:

Do Your Part to Ensure Data Security

By taking the time to come up with strong passwords you won’t forget, by staying skeptical and diligent in the face of spam emails and text messages, by picking a smartphone with reliable biometric security access, and by practicing good smartphone habits, you can do your part to protect your most sensitive data while letting cybersecurity providers take care of the high-tech solutions.