In light of a recent multitude of security failures, service provider security is a hot topic. While many companies purport to have excellent security features, many of these features are hidden behind “opt-in” dialogues and fees. HTTPS encryption is an oft-used method of protecting network data, but many websites do not encrypt data. Encryption is especially important for users who access websites over public wi-fi networks, where hackers can easily sniff out any of your unencrypted data. For example, an op-ed by Christopher Soghoian from the Center for Applied Cybersecurity Research, discusses how Microsoft’s Hotmail service has the “option” of HTTPS encryption, whereas competitors such as Google’s Gmail enables HTTPS by default.
Soghoian also notes that privacy and security are not limited to the web. Phone providers often have security features such as pin-protected voicemail service, but most providers do not enforce the use of a voicemail pin – meaning anyone with your voicemail number a little know-how could access your messages.
When working in IT, it is always critical to assess the security features of service providers. Which security features are opt-in and which are mandatory? When security features are optional, you can bet that the majority of your users are not going to use them—or even how to enable them.
Read Soghoian’s full article here.
Interested in starting a career in IT? Achieve your degree and certifications at Stanbridge College. For more information, visit Stanbridge College IT programs online.