If you’ve been paying attention to the news — literally any news — you’ve seen an avalanche of stories coming out of President Trump’s White House. Many of those reported stories originated with a leak (or many — some have cited as many as 20 sources in one article) inside the White House, traveled to a journalist to then be printed, published online, broadcast over the airwaves, or some combination of all three. Even on issues of national security, multiple damning reports have come from leaks to the press.
When one of the most security conscious organizations in the world — the U.S. intelligence apparatus — is either having trouble keeping secrets or willfully divulging them to serve their own interests, it highlights a massively important concept in cybersecurity: namely, humans are often the weakest links in the security chain.
There are reports that White House staffers are now using encrypted messaging apps that offer self-destructing messages which cannot be screen shotted. From the reporting I’ve read, it seems they’re doing it both to protect themselves from prying eyes within the White House as well as allow them to leak information to journalists without leaving their digital fingerprints on it. While this could be a boon for journalists, it raises a lot of alarms for transparency advocates as well as possibly landing those employees in violation of the Freedom of Information Act (but that’s a story for another time).
Intellectual property, be it code, new products or simply the conversations your star employees have within your walls, are privileged for a reason. They can result in massively valuable products and serves, or possibly open you up to massive legal liabilities depending on what is discussed or prototyped therein.
The biggest and best companies in the world work tirelessly to safeguard their IP as much as is possible. Data breaches are one of the most costly things that can happen to a modern company or organization (just ask the Clinton campaign). But, the weakest link in the security chain is almost always a human.
Whether it’s using weak passwords, not changing those passwords often enough, repeating passwords across sites because you can’t remember a bunch of crazy complex ones, choosing security questions easy to guess (or research), not utilizing two-factor authentication, downloading attachments or clicking links you shouldn’t, staying logged in and authenticated on your most vital apps within your mobile device, or another of 100 different ways, humans are often the greatest vulnerability in any digital security system.
Just look at the leaks I referenced earlier. Even though the White House and the U.S. intelligence apparatus set up rigorous security protocols for everything the government does, a few leaks from humans render much of those efforts moot.
What can we learn from this saga? Well, digital security is more important now than ever before. These problems are not unique to you — they go to the highest level of the most security conscious organizations in the world. Humans are often at fault for weak links in the system, but there are some great steps you can put in place to aid those humans in their own defense.
First, end-to-end encrypted messaging apps like Signal and Confide are great tools to keep your communications away from prying eyes and ears. I cannot recommend enough password managers — instead of memorizing passwords, forgetting them, choosing ones that aren’t strong enough, etc., a password manager assigns incredibly complex passwords for you, and all you have to remember is one super-tough password to unlock the digital safe.
It works like this:
This is one of a number of different best practices that can seriously up your digital defenses. Now more than ever, IP is at a premium, and you would do well to insulate yours from dangerous leaks, hacks and carelessness.