Any security is as strong as its weakest point !

I was discussing with some of my friends today on cloud security. The friend who initiated the topic, discussed about Dropbox security how the unencrypted files might be vulnerable for unauthorized access by drop box employees etc., There were discussions about  encryption tools like boxcryptor , datalocker, axcrypt  and other secure cloud providers like spideroak etc., His concern was not to trust these cloud providers. My friend was really paranoid with all these security issues. He said he makes sure everything is secured and encrypted etc., So, i asked him is he sure about it. He said yes. I asked him few questions. 

1. Do you transfer documents as attachments on gmail ? 
Answer : Yes

2. Do you encrypt them ?
Answer : No

3. Do you use flickr, picassa and other photo sharing tools ?
Answer: Yes


4. Do you use social networking sites like facebook, google+ , twitter etc.,?
Answer: Yes

So, i asked him how he is sure that all his data is safe when the data in any of the services mentioned above can be accessed by the employees of that respective company ? Am not saying employees of these firm would check these files. When talking about security , you have to consider all the possible aspects. After all "Any Security  is as strong as its weakest point".

Ok, Don't get me wrong. Am not trying to offend my friend here or trying to make him more paranoid or trying to say that the data in gmail , flickr would be seen by its employees. Even though theoretically its possible , they have standard security process to follow. My only point is , when we go online we have our data out in the cloud. It is not just about the Dropbox, skydrive, box, icloud . Even before these things existed , we started to put our data in the cloud. 

So, whats the point ?

Ok, let me get to it. Just BoxCryptor, truecrypt or any encryption tool might not help or in the same sense only your anti virus/ anti spyware can not alone protect you. 

Cloud is inevitable in this generation. So , when thinking of security , it is all common sense and that should be applied in everything. Eg., You keep all the files secured and send a mail to yourself the password so that you don't forget it. This is a real life example and i have seen people doing it.  or people would use all the good encryption tool but keep the password as "test123" or "password" or their name. Hope you are getting the point.

 Any Security is as strong as its Weakest point.  It is not only for cloud storage. 

Have you checked the document properties of your CV/Resume ?

I have to deal with lot of word documents , presentations , excels in my Professional life. I get to see a common mistake done by most of us even by professionals . They over look the document properties ( Ok, i do not know how many of you ever seen that window/detail). We all copy from different articles, documents from all over. We do not start anything from scratch. We just start from what is currently available  or what we get from other resources . We change the contents according to our requirement. While doing such changes , the one thing which we overlook is the document properties. The Document properties has some basic info about the details such as the Author, Title of the document , tags, Company details etc., For those who does not know where to check this "File -> Properties" on Microsoft office for Mac and Office Button on top left corner -> Prepare -> Properties on Microsoft Office for Windows. You can select Advance properties from the drop down from the document properties appearing on the top.

Document Properties Menu - Windows

Sample Document Properties - Windows

Sample Document Properties - Mac

Ok, what is so fuzzy about it ?  

When we copy a document it retains the old properties. We change the content of the document but forget to change the properties of the document. This would create very embarrassing situations sometimes. I had a colleague who had created a document to be sent to the client. When it came for an internal review , i found he had forgotten to change the document properties and it had our competitor company name in the Author/Company field. My friend had copied some materials from his earlier life when he was working with our competitor. Think of what would have happened if our client would have seen this. This is just an example. I have seen many such mistakes. 

 This is a very common mistake everybody had done or still doing (including myself). For Eg., i hope everybody would have their CV/Resume on a word document. Am sure this would have been prepared by taking some samples from internet or copied from a friend/colleague. How many of you checked the document properties before using it ? If you haven't done yet. I would strongly advise you to check and correct it if required. 


Have a nice day !