Great American Privacy Makeover

Makeover: The Consultant With 50 Accounts

Hands-on Help: We contacted three survey respondents who wanted help on improving their privacy practices. Andrew Brandt, our Privacy Watch columnist and security expert, made house calls to help diagnose their problems and offer tailored solutions.

Makeover: The Consultant With 50 Accounts
Photograph: Andy Goodwin
Name: E. Webb Bassick IV, CEO of Compensation Strategies, an executive compensation consulting firm based in Bannockburn, Illinois.

I met Bassick at his office in a suburban village surrounded by forests and neatly trimmed lawns about 30 minutes north of Chicago. Most of the PCs he and his eight employees use contain sensitive information about the compensation programs of some of America's largest companies. The nature of his business requires Bassick to run a corporate firewall to keep hackers out; nevertheless, he still could use a little help with internal security.

PC use: Two laptops, one of which travels between home and office; a home LAN with several PCs, a wireless access point, and a server.

Frequent tasks: Conducts business, sends files to clients, surfs the Web for business and entertainment.

What he does right: Bassick's IT consultant helped him set up a firewall and file server for his home LAN. He updates his antivirus definition files and does not open e-mail attachments he doesn't expect.

Biggest problem: Password management. "I have 50 accounts, for everything from my e-mail to my utility bills that I pay online, and one password that I use for all of them," he says. He also has one other password to an Excel spreadsheet that contains all the details of his online accounts. Moreover, Bassick e-mails drafts of the compensation plans as PDF file attachments to his clients in advance of face-to-face presentations, but he rarely password-protects them.

Solutions: To help Bassick build up a stable of different, strong passwords, I directed him to the WinGuides Network site. There, he could use the site's secure password generator tool to create strong passwords on the spot for his various accounts. Run by a company called GuideWorks (unaffiliated with Microsoft), the WinGuides Network site publishes downloadable guides with security tips and system tweaks for Windows.

I also gave Bassick a Fellowes SecureTouch biometric mouse, which puts a variety of functions literally at the tip of his finger: The mouse will let him log in to his laptop or desktop using just a finger press on the mouse's scanning pad. It also keeps track of his new passwords in an encrypted file and enters them into the file automatically after the first time he uses the passwords. The software included with the mouse can encrypt files he keeps on his PC or sends out as e-mail attachments, too (though the recipient needs to use the same software for decryption).

Andrew Brandt

Subscribe to the Security Watch Newsletter

Comments