10 Lessons Learned from Climate Scientists' Stolen E-Mails (
Page 1 of 2 )
As the United Nation’s Climate Change Conference, or COP
15, in Copenhagen, Denmark,
gets under way this week, the
summit has been muddied a bit by the details found in scientists' stolen e-mails.
The e-mails contain information that has given those who believe global warming
concerns are overblown a new lease on life. They are now supporting their
opinions with those details. And all the while, the heated debate over global
warming is becoming even more divided.
But there are valuable lessons to be learned from the stolen e-mails. No, this
won't be a discussion on global warming or climate change—that’s a debate for
another day in another place. It will be a discussion on what can be learned
from this incident to ensure that employees or consumers with sensitive
information in their e-mail won't
fall victim to those planning to steal information.
That said, it's important to note that no security plan will be absolutely
effective. Sometimes, data is stolen. But the fact that scientists themselves
didn't have proper security conditions in place to safeguard their e-mail
points to a dangerous trend: We just don't secure our e-mail as well as we
should. So let's take a look at some of the lessons learned from the stolen
data and how we can protect our own e-mail going forward.
1. It's about the password
The first step in any e-mail-security plan must start with the password.
Too often, users make a simple password that's easy to remember, believing no
one would care what's in their inbox. That's a mindset that gets many people
and companies into trouble. E-mail accounts are not places where a simple
password can be used. The stronger the password, the better the chances that
users won't have their e-mails stolen.
2. Think about encryption
Encryption is a great way to ensure e-mails that might have otherwise
slipped out into the wild don't. Encryption is admittedly a pain. It requires
more credentialing, it increases the amount of time it takes to access data,
and most users consider it an extra step with limited benefits. But the reality
is, encryption provides an added layer of security that users need. If e-mail
security is important, encryption should be used.
3. Don't share credentials
One of the main issues facing e-mail security is a user's willingness to
share credentials. It doesn't make any sense. Why should a user who is trying
to keep data secure and private share his or her username and password with
others? Sharing credentials is a surefire way to lose sensitive data.
4. Don't believe phishing scams
As malicious hackers realize there is big money in scamming people through
e-mail, they
will increase the number of phishing attacks they send out. And
unfortunately, those attacks have a high likelihood of working. E-mails from
banks, credit card companies or other firms that request sensitive, personal
information probably aren't legit. Users need to always consider phishing scams
and remember that, in the end, no one is entitled to that information unless
it's deemed absolutely necessary.
5. Credentialing has an expiration date
Companies should remind employees that credentialing has an expiration
date. In other words, keeping
the same password for an e-mail account for six months to a year is just too
long. The more often users change passwords, the greater the likelihood
that they will stay a step ahead of those people who want to steal sensitive
data.
/ 3 
IT Security & Network Security News & Reviews News & Reviews 
