Embrace Encryption

Update 05/28/2014 - TrueCrypt is now defunct

Update 01/3/2012: I now recommend the free, open source AESCrypt in lieu of AxCrypt as a simple, easy to use cross-platform encryption tool. Find out more here.

Enigma...encryption tool.
Source: http://www.flickr.com/photos/belenko/4295901360/
Isn't it sad that the same thing that happened in a large school district in Texas recently--hackers working their way past District protections--and to the State Comptroller of Texas also just happened in Birdville ISD?

Two students from Birdville schools hacked into a school district network server and downloaded a file with 14,500 student names and Social Security numbers, officials said... "Everything I've seen does not give the indication that they were specifically seeking anything. They came across these files and when they did, they downloaded them," Thomas said. "They did it from outside of the district.
Read more: Star Telegram

Let's review...unencrypted social security numbers placed on a server accessible via the Internet accessed by school district students.
39% of the teens surveyed think hacking is "cool" and 16%, or roughly one in six, admitted to trying their hand at it. Only 15% of the entire sample has either been caught or knows someone who has - particularly disturbing considering 7% of young hackers reported they did so for money and 6% view it as a viable career path. (Read Source)
Isn't it time organizations implemented more strict data encryption protocols? How many more data breaches will it take before school organizations realize that the way they "secure" confidential data is out of date? Consider the past....
Two students of 'Riverside High School' launched a hacking intrusion into the computer database of the 'Durham Public Schools'. The young hackers downloaded the 'Social Security numbers' and personal information of numerous school employees, the 'Durham Sheriff's Office' said on 14th December 2006. (Read Source)
After all, when students can connect to a server--I seriously doubt that they "hacked" anything--and download social security numbers from 2008-2009...well, that clearly says the people who made the data available didn't take advantage of GPG/PGP, TrueCrypt, NCrypt or any of the technologies that would have made encryption a simple reality.

Let's stop, take a breath before we throw more kids in jail for hacking, and ask ourselves, how long will it take for school organizations to embrace encryption?

Time for more modern encryption tools.

School districts and anyone who deals with confidential data, here are some suggestions to get started....
It's easy for folks to get angry about lost confidential data. It takes only moments to use one of the approaches above to secure it. If you have confidential data on your computer, at the very least, use TrueCrypt to protect your data. Try the other solutions to go further.

Finally, it's important to consider that "hacktivism" is on the rise....

"Hacktivism is the cross between hacking and activism, so they're out there to make a statement against people who have taken a stand against them," said Evans.
Evans said anyone, from individuals to government and corporations are potential targets.
Source: KSAT 12 News - Law Enforcement Officials (Texas) Victims of Hacking

If you encrypt confidential data on your computer, and hackers bypass your organization's security protocols, your data is still safe.

Similar Stories:

Get Blog Updates via Email!
Enter your email address:
Delivered by FeedBurner

Everything posted on Miguel Guhlin's blogs/wikis are his personal opinion and do not necessarily represent the views of his employer(s) or its clients. Read Full Disclosure


Popular posts from this blog

Rough and Ready - #iPad Created Narrated Slideshow

Old Made New: Back to Bunsen Labs Linux (Updated)

The Inside Scoop: EdTech 2020 Virtual Conference #edtech #zoom