Security

Ask LH: Can I Get Penetration Tested?

Dear Lifehacker, I consider myself fairly good with online security. I have strong passwords, use a password manager, have difficult secret questions and enable two-factor authentication wherever I can. However I feel that there could be some small chink in my armour somewhere that could leave me vulnerable to being hacked. I know that there are companies out there that do penetration testing for businesses but are there any similar (reputable and affordable) services for individuals? Thanks, Paranoid Android

Risks picture from Shutterstock

Dear PA,

Security isn’t just about using the right technology: it’s also about risk management and a sense of proportion. While on one level it’s commendable that you want to double-check your own security environment, as an individual hiring a penetration tester is something of a disproportionate response and doesn’t really make sense.

Penetration testing is designed to meet the needs of corporations storing highly sensitive data who need to be sure that there aren’t easy ways for that data to be accessed by hackers. It’s often a time-consuming and expensive exercise. For that reason alone, it’s hard to imagine a penetration testing service aimed at individuals.

There’s also a more fundamental issue: as an individual consumer, the chances are that you make use of external services you don’t control (whether that’s Gmail or SkyDrive or iTunes or Dropbox). There’s no point in penetration testing performed on those services, since you have no way of implementing any changes that might be suggested. Why spend all that money if there’s nothing you can do about it?

If you’re already using a password manager and two-factor authentication, then you’re well ahead of the curve compared to the average consumer. Does that mean there’s potentially a “small chink in your armour”? Quite probably; no security system is perfect. So remaining alert and noticing new trends is definitely worthwhile, but penetration testing isn’t the answer in your case, I’d suggest.

Cheers
Lifehacker

Got your own question you want to put to Lifehacker? Send it using our contact tab on the right.