Defending your data is important—if you don’t, you can suffer severe consequences
It’s easy to overlook security. Everyday people forget to “lock things.” Sometimes it’s a car door or the locker at the gym, and sometimes its data. Most of the time, nothing happens. But when something does happen—it can wreck havoc in our lives. Recently the social network Formspring was ravaged by a hacker. The hacker broke in to one of its development servers and used the access to collect private user account information. Securing your data is important. If you don’t—you never know what could happen to your clients, your work, or your career.
Here are 10 easy ways to secure your data:
1). Start at the beginning: Don’t assume that the project you’re working on is insignificant or “unworthy” of hacking. It’s a lot easier to start a concrete foundation in the beginning of a project then implement one half-way through.
2). Generate Artificial Data: Keeping live user data in a development setting is a bad idea. GenerateData is a great tool that generates realistic artificial data. It can be used in place of real user data.
3). Avoid unsecured wireless networks: Although it might be fun to hit up a local coffee shop or restaurant while working, you should avoid using public networks. It’s essential to lock down ports, use public/private key authentication, and restrict development server access to specific IPs.
4). Keep everything up-to-date: Your operating system, sever software, and anti-virus software should all be kept up-to-date to alleviate attack, new viruses, and resilient hackers.
5). Remove data imprints: Tools like Eraser and CCleaner can erase any data imprints from drives. You should securely delete elements of your development infrastructure that you no longer use or need.
6). Never take shortcuts: Ensure that data backups and checked-in-code are both encrypted and stored in a safe, secure location. Never take short cuts when it comes to securing your backups.
7). Test within a closed environment: Use strong, unique passwords for all of your test accounts. Test within a closed environment—especially if you’re developing a social element to your application.
8). Physically secure your work: Your work should always be physically secure—it doesn’t matter if your infrastructure is a complex load-balanced network of app and database cloud severs or your personal laptop. Physical machines are easier to access. Lock screens and encrypt all drives. If your data is stolen, encryption software like TrueCrypt and PGP can ensure your data is useless in the hands of a hacker.
9). ISO 27001: If you are using a hosting environment, select one that is ISO 27001 accredited. A hosting environment that is ISO 27001 accredited meets the international baseline information security management standards of availability, confidentiality, and integrity.
10). Use strong passwords: The longer the password, the better. Ideally, your passwords should be at least 15 characters long and contain uppercase, lowercase, symbols, and digits. Don’t use the same password across multiple accounts.
Securing your production and development environments is critical to your success. It’s easy to cut corners when you’re stressed or when you have a lot on your plate. However, in the long run it’s better to take the extra time to ensure your work is secured—you never know how much time and reputational damage could happen if your work falls into the wrong hands.