5 tips personal information protection white hat hacker: what those of us in the industry call IOT: 'the Internet of things' that encapsulates everything connected to the Internet.
These things range from Amazon's Alexa and video ringtones to cloud computing and software to make sure they're safe.
I often do this by replicating the actions of a malicious computer hacker to seek countermeasures to protect a system. A lot of what I do is paint pictures of what could happen and assess the risks that are involved if it happens.
'Grey hat' hackers may violate ethical standards, but they have no malicious intent. He's the Black Hat hacker best known in television and film.
These are the types that maliciously break into computer security for personal gain. They want to ruin the reputation and steal money, like when Garmin was recently compromised.
My days range from the creation of systems to try to catch people who try to compromise our systems, patching of compliance (the process of deploying software updates to help solve failures in critical security or vulnerabilities that could be exploited by attackers) and the 'diving in trash', which refers to the recovery information that could be used to carry out an attack to a computer network such as Post-its with passwords written on them, or the credit card number of a client on a slip of paper.
5 tips personal information protection white hat hacker
I also perform internal audits and even retrieve company laptops that people have left lying around the office.
Initially, I obtained my CISA (certified Information Systems Auditor) certification that must be recertified every 3 years, as well as my CISM (Certified Information Security Administrator) Certification, a 4-hour exam that required 3 years of work, one year in it and 8 months of study.
Both certifications are from ISACA, The Information Systems Audit and Control Association, a global partnership focused on IT governance.
My credentials require that I comply with local and federal laws or policies as a first priority and then with company policy. Next, I will get a risk certification.
Before I worked at you, I worked in the hotel and retail industry. In the 1990s, computers were beginning to be seen in a lot of companies, and as the new guy who just got out of college, I was the one who always had to deal with technological problems, because no one wanted to deal with that.
I remember at that time I was working at the Holiday Inn and was in charge of preparing new hotel reservations. We were making the transition from the old green screen terminals to Windows 95. I spent a good amount of time showing my older colleagues how to use a mouse.
Before I even considered a career in it, I was 23 years old and worked as an assistant manager at Walgreens. That's when I managed to catch a cigarette smuggling scam at the store.
I did it by analyzing the cashier's part of the scheme, which means I was looking discreetly over his shoulder for information on what they were doing.
I also checked the transactions they were forging, monitored his body language, and took notes that led to his arrest. The regional manager of the company awarded me the employee of the Year award in loss prevention.
Later, when I was working on you, the company's system alerted me that a contractor working for me was visiting pornographic sites.
I checked, my curiosity appeared and I began to investigate. Turns out this person was using one of my test servers to buy government badges and uniforms on Etsy.
After further research, I discovered that I kept photos of NYC-NJ bridges and reservoirs hidden inside some nested folders and was also looking for car rental options. All this was after September 11 and ended up being deported by the FBI.
I can hack someone on social media in about 5 minutes using the information they share. It's a kind of combination of social engineering and forcing old-school locks.
I could post on my social networks that I have a puppy and I need some ideas for dog names and ask how people call their dogs. Do you know how many people use their pet's name as a password and now I have access to that?
There are many ways hackers can access your personal information and wreak havoc on your life.
Here are some common tactics to watch out for:
1. Do not use public Wi-Fi unless you request credentials or consent
Suppose you're in the bank line and, while you wait, you decide to log in to your banking app to verify your balance. You log into Wi - Fi to access your bank account and see a Wi-Fi server with the bank name. You use it because you imagine your bank server is secure.
Guess what? Unless that server requests your credentials or consent, it's likely to be a trap. I could be sitting in my car myself and have created a fake server using your bank name to log into your account.
2. Be aware of your surroundings
Hackers take advantage of places where people drop their guard. A common trap is to place a mirror over the ATM, which allows them to see your PIN number and access your account, so they always look for something suspicious before entering the number.
It is also common for hackers to add skimmers, card cloners, to service stations stealing your information, so to protect you always pay by credit card instead of using a debit card, especially for the amenities of service stations.
3. Be alert when using your credit card in public places
Currently, phone cameras can zoom from almost 5 meters away, so be careful and don't leave your credit card on the restaurant table or at the cashier, where someone could take a picture and then zoom in to steal the card number.
4. Change your password every 45 days
The biggest mistake people make is to feel comfortable and keep the same passwords for long periods of time. You should really change your password every 45 days and set passphrases instead of passwords because they are harder to hack.
Also, do not use any password reminder application because they can all be compromised.
The safest way to keep a list of your passwords is to create a password-protected Excel spreadsheet. Just remember not to print it because you don't know which hands it might end up in.
5. Be aware of your access line
If you use payment apps like Venmo, PayPal, and Zelle, it's important to know how many access points there are to your bank account.
Link those apps to the credit card instead of the bank account, and then make sure you regularly monitor the cards for any fraudulent activity.
6. Don't give up your permits easily
All apps, from Angry Birds to TikTok, require users to accept permissions that, in effect, can waive your right to privacy on things like location, camera, and microphone.
Keep in mind what permissions you are granting and avoid dangerous permission groups like these, where you are essentially giving permission for a company to gain access to your whereabouts, images, and conversations.
5 tips personal information protection white hat hacker