By now, I hope you’re aware that all of your programs can access your Quicken data. If you don’t care if your data is lost, destroyed, stolen, or published on the Internet, then you don’t have anything to worry about. For the rest of us, it’s an issue that needs to be addressed immediately. Here’s what you can do:
- If you think this information is important, tell your friends.
- Implement security sandboxes. (Learn what a security sandbox is.)
- Another potential solution is to run different programs as separate users. Still researching this. Will let you know what I find out.
- Review the data protection laws that govern your region. If you have any data protected by those laws, make sure the data is protected. It would be safer to move the protected data off PC and Macs completely, and onto servers inside your organization. In the US, some examples would be:
- any data protected by HIPAA
- any Personally Identifiable Information
- any data protected by security breach notification laws
- any data that could be used for identity theft
- If you have any personal data that you want to keep private (financial data, business plans, correspondence, etc.), the only way to guarantee that the data won’t be leaked to the Internet by a rouge program is to disconnect the PC or Mac from the Internet.
[…] How to Protect Your Quicken Data from All Your Programs […]
[…] This is such an important issue that I submitted a vulnerability report to CERT. It’s a long post, but I encourage you to take the time to understand it. It’s at the heart of many other security issues that I’ve written about on this blog. Also, make sure you read my follow-up post, How to Protect Your Quicken Data from All Your Programs. […]