I have committed security worst practices, and this is a learning moment for everyone.
Two years ago my friend Adam Burns (https://operatingops.org/), wrote a fantastic article “Hygiene Checklist for Paid Subscriptions”.
This article is recommended and required reading for every independent consultant and freelancer out there.
Reading this article will save you time and money.
Over to Adam for the intro:
==== Start Adam ====
One day I get a text from the illimitable Kai Davis. He’s had a Bad Moment.
Adam. I have terrible OpSec.
A former user had deleted a bunch of files. Luckily, he was able to recover.
Teach me how to OpSec.
No worries buddy. I got you.
Kai is a power user, and in today’s Internet that means he subscribes to two dozen hosted services. How do you manage two dozen services and keep any kind of sanity? I do it with checklists (read this book).
Before I show them to you, we need to cover one of the Big Important Things from Mr. Gawande’s book. Kai already knows how to manage his services. He just needs to make sure he hasn’t forgotten something important like disabling access for former users.
I wrote Kai two checklists. One to use monthly to make sure nothing gets missed and one to use when setting up new services to reduce the monthly work. I assume he has a master spreadsheet listing all his services. Kai’s Bad Moment categorizes as OpSec, but I didn’t limit these lists to that category.
==== End Adam ===
The reason this article came to mind?
Today, American Express sent me an email to let me know that they were sending me a replacement card for my business account. The card was in the name of a person that no longer works for me.
The email was just an automated “we’re replacing your card with one with new features!” message. Nothing to worry about.
I snap-called AmEx and had them shut that down and remove that person from my account.
Have you ever sat down and thought about what your Security Hygiene looks like? Have you…
- Updated those out of date passwords that 1Password is warning you to change?
- Set a reminder to review your recurring subscriptions and cancel what you aren’t using?
- Shut down your accounts on those services you signed up for ages ago and don’t use anymore?
I sat. I thought.
I got scared.
Then, I remembered that Adam wrote this excellent checklist to teach me how to OpSec.
It’s time for me to implement these best practices. I encourage you to read Adam’s excellent article and do the same.
Read Adam’s article over here: https://operatingops.org/2017/03/18/hygiene-checklist-for-paid-subscriptions/.
The “set a reminder to review billing” tip will save you thousands of dollars.
And if you like it, subscribe to Adam’s mailing list here: https://operatingops.org/subscribe/.