Oh, I use relatively strong passwords, and I look at my log files, and run all the security tools that make sense (or that I'm advised to by the security folk I know and respect). However, as most of my life is online and in email, there's one simple security measure above and beyond the standard practices I always take: I use a digital signature. If you get mail from me, you'll know it's from me, and you'll also be able to tell that the content you get is the content I sent. Once I set up my email client to handle my personal certificate it was all automatic and I could simply leave things running.
I pretty much forgot about it (apart from the time a commercial client's email system decided not to show certified mail and it took a couple of months longer than I'd have liked to get paid).
Something new happened the other day, something that took that digital signature and used it in a new way.
It started as I was filling a NDA that I needed to complete in advance of a trip to see a company in the US. There's nothing unusual in that - Non Disclosure Agreements are part and parcel of the world I work in, and are essential if I'm to get an early look at the features of some new software or hardware. It was the usual sort of thing, a PDF document that contained the dates I could talk about the product and space to fill in my name, title and sign the document. I get a couple a week, and I either fill them out in Word or print them, and then scan and email the filled out document.
What was new was that the PDF was a PDF form. I didn't need to print it out, I could just quickly fill in the details on screen. Finally someone was using the technology the way it was meant to be used. I looked for the scan of a signature I keep for letters, ready to paste it in to the PDF. Then I noticed something very interesting: a red arrow in the signature field. I clicked on it, and it gave me a list of the certified digital signatures I had on my PC. I selected one, saved the PDF, and emailed it off to my contact.
Then I realised what I'd done, and just how significant it really was.
That's the first time I've digitally signed something that's legally binding.
It's an interesting development, and one that looks to make my life easier (and greener) the more people start to use it. The existing public key infrastructures that S/MIME uses to secure email make it easy to take those personal digital certificates out into the wider world, and to make things like this possible.
Perhaps it's finally time you got your own digital signature.