Vancouver-based entrepreneur and innovator Thierry LeVasseur has focused a large part of his career on digital security, having secured several different patents in the areas of email security and data protection. In this Q&A, Vancouver’s Thierry LeVasseur addresses questions about the use of passwords and their possible elimination and about email encryption and security.
Q: Passwords are used for websites, apps, and other devices, but they remain vulnerable to hackers and other bad actors. Do you think there will be a time when passwords are eliminated or when they’re no longer as vulnerable?
A: Passwords are undoubtedly the cause of nightmares for many network security engineers. Often, especially within professional environments where employees are responsible for creating and using their own passwords, passwords are a particular point of vulnerability and therefore a significant focus for those who are working on security. According to Verizon’s recent report on data breaches, 81 percent of breaches use weak or stolen password information, so it’s absolutely an area of concern.
Fortunately, there are developments that point towards a time when text or character-based passwords will no longer be the only option. Fingerprint access is becoming more common, as are authentication tools like facial recognition and smartphone proximity. In general, the public has become more aware of the need for stronger passwords, and therefore many people have adopted password managers and other systems to create more complex passwords that they change more regularly.
Q: What other authentication methods do you think are worthwhile or useful?
A: I think an interesting development is in the use of two-factor authentication security keys, like the ones that Google has made its employees use. Those security keys make it so that even if a hacker or bad actor were to possess your password, they still wouldn’t be able to access your information unless they also had in their possession the physical security key. It’s a different configuration of two-factor authentication that doesn’t rely on a texted code or an app-generated secondary password, which makes it incredibly secure.
Q: Even with the advent of systems like Slack and Workplace by Facebook, people and businesses still largely rely on email for quick communication. Email has security and privacy vulnerabilities that many don’t consider–why do you think that is?
A: I think that many people consider themselves too savvy to fall prey to things like spam or phishing schemes, and yet it happens all the time to individuals, employees, managers, CEOs, and the like. Scammers and hackers are capable of creating incredibly sophisticated phishing emails and sites that are designed to pass along malware, ransomware, and other types of viruses or schemes. The majority of email systems are not designed to provide maximum security and privacy and so offer a way for those scammers and hackers to attempt to gain access to valuable information.
In some of the solutions that I have patented, email can be transmitted in a secure manner and can be tracked as well. In addition, there’s a way for users to view data about the email messages before opening them, which can help users avoid opening malicious messages or attachments.
Q: How important is it for businesses and individuals to take their email security seriously?
A: I think it’s paramount. If you don’t want your information to be accessible to hackers and other bad actors, you have to take security seriously. The FBI released a report in 2017 that said that phishing—specifically business email compromise—had resulted in losses of over $675 million. That’s not a trivial amount. It’s essential that people be aware of their security practices and work to keep them current.