CompuClever Blog

Digital Security – What can you do?

by

Synopsis:  If we are living in and exposed to a digital universe, and if this “universe” can be accessible through surveillance and by other parties, the real question is not “Are You Ready?” but “What Can You Do?” We take a look here at the first step – being informed. Edward Snowden has recently become an informant and has effectively unveiled mass government surveillance programs that have taken place without public consent or knowledge. The intent of this article is to avoid political comment and instead shine light on digital communication and what this means in terms of maintaining our privacy – what this means in terms of keeping our private information secure.

Trends

In a report by IDC[1], this current decade is declared as the “Digital Universe Decade” and asks: “Are You Ready?”  In this decade:

…the amount of digital information created and replicated in the world will grow to an almost inconceivable 35 trillion gigabytes as all major forms of media – voice, TV, radio, print – complete the journey from analog to digital. At the same time, the influx of consumer technologies into the workplace will create stresses and strains on the organizations [and individuals] that must manage, store, protect, and dispose of all this electronic content.

Despite a time of global recession, the “Digital Universe” expanded by 62% and by 2020 it will be 44 times as big.  We will have amassed digital information that can be described in zettabytes – that is to say, one zettabyte being a million, million gigabytes.  This would be the equivalent of a stack of DVD’s going halfway to Mars.

Up in the Air:
Are these current trends “inflated” and will they level off or come crashing back to Earth? How is it possible to support these communications? Just how far can service providers extend their range of communication and continue to pave the way for the information highway? Not many would say: “To infinity and beyond!” Actually… take a look at Google’s “Project Loon” as provided by CNET.[2]

We believe that it might actually be possible to build a ring of balloons, flying around the globe on the stratospheric winds, that provides Internet access to the earth below. It’s very early days, but we’ve built a system that uses balloons, carried by the wind at altitudes twice as high as commercial planes, to beam Internet access to the ground at speeds similar to today’s 3G networks or faster.

It sounds like it may be a bit crazy and Google acknowledges this as a bit “loony” but a pilot program is being tested in New Zealand.

Up in the Cloud:
The IDC report referenced earlier states that by “…2020, a significant portion of the Digital Universe will be centrally hosted, managed, or stored in public or private repositories that today we call “cloud services.” No one solution is completely safe and we recommend overlapping your important files in two storage areas – an external hard drive and with a cloud service provider such as Dropbox. You can refer to our previous newsletter for more information about this.

Surveillance

In the face of this massive amount of information you may say to yourself: “My data is but a drop of water in a vast ocean.”  You would be right.  But consider this… with the Edward Snowden news story that has surfaced, we can be sure that mass surveillance is occurring.  This means the surveillance of the majority if not an entire population.

Billions of dollars per year are spent by agencies such as the Information Awareness Office, National Security Agency, and the Federal Bureau of Investigation, to develop, purchase, implement, and operate systems such as Carnivore, ECHELON, and NarusInsight to intercept and analyze the immense amount of data that traverses the Internet and telephone system every day.[3]

What are we talking about when speaking of surveillance?  This includes: public transport tracking; workplace surveillance, examination of communications (collecting data on all phone calls, emails, chat room discussions and web-browsing habits); mobile phone tracking; vehicle tracking; DNA database sampling; overseas travel; collecting data on political and environmental protestors; and using unmanned aircraft systems (drones) for purposes of security.

Just one example:  According to a report on Privacy and Human Rights:[4] “Employees in nearly every country are vulnerable to comprehensive surveillance by managers. Legal protections are generally more lax in such circumstances because surveillance is frequently imposed as a condition of employment. In many countries employers can tap phones, read email and monitor computer screens. They can bug conversations, analyze computer and keyboard work, peer through CCTV (Closed Circuit Television) cameras, use tracking technology to monitor personal movements, analyze urine to detect drug use, and demand the disclosure of intimate personal data.

The report goes on to describe “how technology works to the advantage of employers:

  • Recent technology can analyze “keystrokes” on a terminal to determine whether employees are making efficient use of their time between telephone conversations.  (This is referred to as “performance monitoring.”)
  • Modern networked systems can interrogate computers to determine which software in being run, how often, and in what manner.
  • A comprehensive audit trail gives managers a profile of each user, and a panorama of how the workers are interacting with their machines.
  • The software also gives managers total central control over the software on each individual PC. A manager can now remotely modify or suspend programs on any machine.

Impact: Not all of this can be thought of as simply having a negative impact on our freedoms.  Some people indeed feel safer in the knowledge that surveillance cameras are being installed in public places.  There is of course a tradeoff between what we consider safe and what can be considered invasive to the point of exposing our personal rights and freedoms without our knowledge and feeling as though we are subject to scrutiny and examination.

Matthew M. Aid, an intelligence historian in Washington, said disclosures linked to Snowden have “confirmed longstanding suspicions that NSA’s surveillance in this country is far more intrusive than we knew.”

What is the motive?
In a CNN article[5] we are able to get a good indication of how data collection is expanding to Internet and credit card data.  The U.S. officials say that the information helps to stop terror plots.  Here is a subset of what is presented in that article: 

  • Internet monitoring data.  James Clapper, director of National Intelligence, states that this is “used to protect our nation from a wide variety of threats.”
  • Overseas monitoring: internet data collected overseas “is among the most important and valuable foreign intelligence information we collect, and is used to protect our nation from a wide variety of threats,”
  • Telephone records:  Clapper states these “allow analysts to “make connections related to terrorist activities over time.”

Where is this Going?

We’re not passing judgment here as to the tradeoff between national security and individual freedoms and rights.  Instead, we emphasize that today’s methods of communication are digitized whether for personal matters or for business.  Where the world once had vast outreaches and unexplored frontiers, we are now a global community and only our thoughts are in fact private.  In some situations this requires us to make adjustments where necessary.

With the onslaught of digital data we have to deal with information in new ways:

  • In order to locate digital data without painstakingly exhaustive measures we need effective search and discovery tools.  Most of the information we have is unstructured data.  The fastest-growing category in the Digital Universe is metadata, which is data about data.
  • In order to know what information we need to keep we will need technical solutions tied to storage and effective methods to manage our information.   We’ll need to know when it is alright to delete it.
  • In order to protect our information we need the right tools. We need to feel assured that proper methods of encryption are employed.  This is vital in considering that vast amounts of unprotected, sensitive data is available and can be accessed despite our wishes to have this data shared or scrutinized for whatever purpose or gain.

In essence we need: effective tools to analyze data, weed out the information that can be safely deleted, remove personal information that can cause us harm if it falls into the wrong hands (including hackers or unethical online businesses), and we need secure storage.

Moving forward

In our How To article we are going to identify where we as individuals give up data without knowing it.  We will also explore how to hide data from Internet snooping, and finally we will revisit a recommendation on how to clean up your data and protect the bits that are private and confidential.  We hope these strategies will help you as an individual increase your confidence in using computing technologies safely rather than taking extreme measures like living in a cave.