“My social media account was hacked” has become one of the most cliched even-less-of-an-apology-than-a-non-apology-apology response by candidates and elected officeholders to embarrassing content being found online. But as the occasional bona fide case of real hacking or other cyber incident illustrates, taking online security seriously is now a must.
Here, then are some simple tips on what you need to get right if you hold public office, are seeking public office or otherwise help run a political party or campaign.
Have good passwords
Instead, pick good passwords and – crucially – have a different password for every system, so that if one account is hacked this does not put at risk all your other accounts. Password safes are the way you can manage this, letting you have unique passwords but without the headache of having to remember them all.
Use two-factor authentication
This was my 2014 new year resolution, thankfully, as it makes your systems much safer than simply relying on a password, however good that password is.
This, a variant on the con tried out by Samuel Pepys, is the crime, art and science of sending you a fake message which looks genuine enough to con you into entering your password into a fake system, handing it over to someone who then uses it to access and abuse your account. Variants on this include luring you into clicking a dodgy link that results in malware being installed on your computer. Either way danger, if not doom, follows from your click.
Google’s phishing quiz is a good way to hone your skills at spotting the fakes in your inbox.
Things will go wrong from time to time. You will at some point need to recover from a mistake such as the wrong thing being deleted. Which is why you need to keep backups.
Close your old accounts
Having defunct accounts hanging around online brings security risks. So if you’ve stopped using something, close it down.