When even trusted technology is hackable, how can you defend your privacy?

May 17, 2019
Tim Heywood


Zum Profil

Whatsapp Messenger is a highly trusted product used by something like 1.5billion consumers Worldwide. Its end to end encryption protocol provides users with a high level of assurance about the privacy of their calls and messages. But even a robust product like this can fall victim to software hacks. It’s a shame because we would all like to think these trusted products are somehow beyond the reach of anyone who might try to snoop on us.

It seems that the best we can hope for is that once a hack or a vulnerability has been identified, its users are notified promptly and advised on actions they can take.

In this case it seems that Whatsapp went public pretty quickly and offered a solution. The Whatsapp ‘hack’ does, though, offer us a timely reminder that taking basic cyber security measures should be part of our normal routine. In this case it might just be a matter of reaching for the ‘Update App’ function and downloading the fix promptly. But looking more widely across the range of devices and software we all use in our private lives and at work, the only sensible approach is to set up the devices you use so that they automatically and regularly download the updates provided for your operating systems (whether you are using Microsoft/ iOS or Android) for example. The security updates are provided specifically to reduce vulnerability so why would we not take advantage of them?

In the work context, if we aren’t taking basic cyber security measures then we are not just making ourselves more vulnerable; we are also potentially exposing our customers to additional threats. Increasingly, those customers are expecting suppliers to demonstrate that they do indeed take cyber seriously. They can do this by achieving a recognised cyber security standard such as the Government’s Cyber Essentials or the standard designed specifically for SME’s, the IASME Governance Standard. They offer an affordable way to demonstrate that you have basic security measures in place. Once you have the certificate you can use it repeatedly in tendering processes as a shorthand way of demonstrating your security posture.