I like choice, in the same way that I like water. It’s refreshing but I don’t want to drown in it.
Just as mass consumerism – with its cheesy retail adverts, Black Friday hype and Boxing Day sale punch ups – ruined Christmas for me, too many work options can make work life stressful.
Similarly, the expectation that we can happily and safely juggle lots of different simultaneous jobs at work – what’s usually called “multi-tasking” – may actually increase our error rate and make us more vulnerable to cybercriminals, according to one study [12MB PDF].
Removing this sort of operational clutter is the core of a technique called Spark Joy, a new method to prioritizing and focusing on what you want to keep.
Japanese author Marie Kondo, who devised the KonMari tidying method, explains that we need a simplified decision-making discipline to augment it. You can’t fold everything and put it away, so you have to decide what you are going to keep. But how? I usually want to keep everything, just in case.
Kondo has honed that tough decision making process. The discipline comes down to this: Ask yourself if something ‘sparks joy’. If it doesn’t, ditch it. If it does, fold it and put it away.
This is a principle that could be applied at work to put us back in control of our technology. The flipside of the digital revolution means that servers, systems and apps have multiplied. If you are not decisive, you can be overwhelmed by the number of options you have.
Much like having a drink, having too many apps can go to your head and you end up becoming confused. You overindulge, lose focus and forget where things are. Sometimes, it’s not the apps you choose that make the difference, but the attention you pay to them once you have decided they ‘spark joy’.
Here are some ideas for keeping your digital choices tidy and effective:
- Stick to one account, one password, with each account’s logon details and URLs stored somewhere like a password manager, where they can’t get mixed up.
- Pare apps and plugins down to the ones you need, not the ones you might use in 3 months time. Keeping things you don’t need only helps cybercriminals – they’ll relish the extra “attack surface” you’ve generously provided them.
- Reduce access rights to no more than you need for the task at hand. Not having admin privileges “just in case,” will bring you great happiness and calm. You’re free from worrying about ransomware or firefighting, because you haven’t left anything for the arsonists to touch.
- Apply patches promptly, so you don’t leave a pile of downloaded-but-still-pending security updates lying around.
- Perform orderly backups, and make sure they’re encrypted and securely stored for later.
Knowing that everything you value is tided away safely and securely brings great peace of mind. Make sure your security sparks joy, rather than ignites tension.
Image of decluttering courtesy of Shutterstock.
Steve
2 thumbs up!
Laurence Marks
Ummm, [Link.] is not a link.
Paul Ducklin
Fixed, thanks!
S.A.
Quite possibly the worst security advice I’ve seen on a security blog:
> Stick to one account, one password, with each account’s logon
> details and URLs stored somewhere like a password manager,
> where they can’t get mixed up.
If you’re using a password manager, you have a grand opportunity to allow it to manage ONE UNIQUE PASSWORD PER SITE that will provide a high level of security. Assume every site will eventually get compromised. If you have one password for all sites, that silly blog compromise now affects your bank! Don’t follow this advice!
Jim
I think they meant each account gets it’s one password. I noted the wording as well, but this blog harps on “never reuse passwords” more than any other I’ve seen. So, I’m certain it’s just weak wording.
Bryan
S.A, I’m assuming you’re not a troll: you may not return to Sophos, considering you misread the intent of ‘one account, one password’ and will assume advice here is largely dismissible. However if you return, please read it again–or search this site for that phrase and read more.
In short, it’s been fervently re-re-peated here to NOT recycle passwords anywhere for precisely the reason you mention, among others. It doesn’t say “one password to rule them all.”
Paul Ducklin
Ah, when we say, “one account, one password” we mean that each account should have a password *of its own*. It’s meant to be a sort-of echo of the old-time slogan for universal suffrage: “One person, one vote.” (That means everyone gets their own, individual, private chance to vote as they choose in a secret ballot… not that everyone has to vote for the same candidate :-)
We did not mean, “choose one password and use it for all sites.”
Nick Booth
It’s a great compliment that you read my article all the way through. especially since your english comprehension skills don’t seem to be that great. I wasn’t saying have one password for all sites. Completely the opposite in fact.
But the fact that you followed the article all the way through, and took the time to comment, is a great endorsement. Thank you.
Duhmo
hooray! Good work, impressed that you are well read… S.A. Think that’s exactly what the author meant, as it’s a ‘common theme’ here: one account/password repository to many individual per site