As we blur the boundaries between work and personal systems, we connect ourselves through dozens of apps with single sign-on. For example, most apps now offer the convenience of logging in with Gmail or Facebook. When you do this, you are connecting your 'locked' information through what is essentially one key. It's a double-edged sword that trades convenience for vulnerability to a chain of attacks with every new app you bring into the circle. You might benefit from the integrations between business systems. You may value fast access to information you have saved to your iPhone, Google Docs or Dropbox. The fatal flaw is that convenient interconnectedness brings the same ease of access to an attacker.
How do you nurture your inner security geek? The antidote is to reduce the connectedness. When you are offered the option to "log in with Facebook" to a particular app, simply don't do that. Don't increase your vulnerability to a chain of attacks through too many interconnections.
We often think of information security as the realm of highly technical geeks, incomprehensible and happy to remain so. But the truth is that each one of us, as we learn to navigate an increasingly digital, mobile and social info-scape, is getting in touch with our 'inner security geek.' Information security has broken out of the confines of the technically elite and is becoming part of everyone's job and day-to-day life. And that's a good thing.
In this slideshow, Yo Delmar, vice president of GRC, MetricStream, has identified five reasons why information security has become everyone's responsibility, not just the IT department.