Data Security

A very scary story about how Twitter was hacked. This was a major breach that gave someone outside the company access to financial projections, meeting minutes, personal financial data of employees, even the Twitter domain itself. I've been in IT in one form or another for over 2 decades, and I don't know that I have an answer. Some things are obvious: passwords should not be any form of personal information (your name, your dog's name, the pet name for your spouse, etc.) no matter how obscure. They should be reasonably long, contain characters, numbers and special characters. But from there is gets more difficult. Technically, every site you log into should have a different password. But given the proliferation of sites that people log into, it would be nearly impossible for the average person to remember that many passwords without writing them down, which solves one problem by creating another. That is especially true if you change all those passwords every month. The bottom line, mentioned in the article, is that there is no defense against a really determined person, whether we are talking about locking down online access your bank account or physically securing your home. The best you can hope for is to put enough obstacles in the way that trouble-makers will move on to an easier target. (Dirty little secret of home alarm systems: they don't secure your house as much as they give burglars incentive to rob your neighbor instead of you.)

All I can say is, "Let's be careful out there."

(Bonus points if you can relate this topic to my oft-repeated phrase, "Get fast; get small.")