Have a question? Contact Us
Home » Posts tagged 'Security Tips'

Posts Tagged ‘Security Tips’

Smartphone Security: It’s Time to be Smart About It

Posted on: September 6th, 2011 by under Computer Security | No Comments

Smartphone SecurityAs the News International (Rupert Murdoch) phone hacking scandal proved, hacking into cell phone voice mails systems is not particularly difficult. Many people never change the default password or use easy-to-guess passwords. Unless you’re a celebrity, though, voice-mail hacking shouldn’t be a great concern. But that doesn’t mean there aren’t other Smartphone Security issues to worry about.

First, there’s the issue of privacy. Just last April, a security researcher revealed that Apple iPhones were tracking user’s locations and transmitting the information back to Apple. Apple called it a “bug” and quickly fixed it in their next update and gave users the option to opt out of location services. This however, gave pause to many as they were left to wonder what other information is being collected by their cellphone providers. Government officials are wondering also, having opened a federal grand jury investigation looking into mobile apps and whether they are illegally collecting users’ private information.

Secondly, there is the growing concern over the appearance of mobile trojans and malware. Many business professionals use their mobile devices like portable PCs, yet they take few if any of the security measures they use on their PCs.  Apps containing trojans have appeared in several online marketplaces, including Android’s own.  Google had to remotely remove these rogue apps from user’s phones using Android’s “kill switch.”

Just as millions of smartphone owners have begun to regularly use their devices for business and banking, criminals are finding cracks in mobile security practices. The primary targets are online banking accounts, credit card numbers, email communications that may contain confidential information, even photographs.

What can you do? Here are some tips from F-Secure, a well-respected international security research and software firm:

1. Keep your system updated

Don’t take this for granted. Keeping your mobile operating system updated not only allow you to enjoy the latest offerings, but also helps to protect your security. Similar to a good practice with your personal computer, having your system up-to-date could prevent malicious attacks that take advantage of unpatched security holes or vulnerabilities.

2. Install a security application in your phone

As your mobile device functioning more like a mini computer, it becomes an increasingly attractive target for attacks or theft. And that situation calls for a need to protect your physical device and the data it contains. Our Mobile Security application for instance, offer features that help to safeguard your data, protect against threats and locate your lost or stolen phone.

3. Watch where you click and land

We anticipate that scams and phishing to obtain personal or credit card information will be the most active attacks on mobile users. Social engineering methods would be used to lure users into clicking on malicious links or to trick them into surrendering valuable information. So, check out if a website starts with “https” before you enter sensitive information.

4. Refrain from doing transactions on a public network

A public network is useful and may help you save on data charges. However, keep in mind that the public Wi-Fi that your phone is connected to might not be secure. Just to stay on the safe side, limit your activity to browsing and avoid committing any important transactions.

5. Install or obtain applications from trusted source

Part of the fun (and convenience) in having a smartphone is making use of various applications which let you do a lot of things. There are plenty of applications out there, and some are offered through independent, unmonitored channel. Be careful of what you installed and watch out for the source. Some of the sources may contain repackaged apps that contain malicious content.

6. Make it a habit to check each applications’ data access on your phone

Some applications may have access to your data or personal information. Be wary of the access that is outside of the scope or purpose of the applications. For example, a game application that has the access to SMS (read, write and send), calling, phonebook entries, and system files should trigger your suspicion for why it requires such access. If you have any doubt about an application, do not install it.

 

The days of worry-free mobile phone use are over. You are most vulnerable when connected to unsecured wireless networks. I highly recommend against doing any online banking or making credit card purchases under those conditions.

Don’t Think Hackers Target Small Business? Think Again…

Posted on: August 22nd, 2011 by under Computer Security | 5 Comments

Don't Think Hackers Target Small Business? Think Again...There’s a dirty little secret in the hacking community. While the “big score” can be had by going after Fortune 500 and multi-national companies, the odds of success without getting caught are slim. The easy money is had by going after small businesses.

Hackers Target Small Business:

Hackers know that small businesses often don’t have the resources or expertise to properly secure their systems. Whether it’s  your own network or your hosted website, they are being scanned non-stop by potential thieves looking for weak passwords or security holes. Once they gain access, they will often install difficult to detect software that will intercept all data being transmitted and forward it on to their own site.

Stealing credit card information that can be re-sold or used to make purchases is the primary goal. Identity theft and gaining access to online bank accounts are  close behind.

A 2010 survey by the National Retail Federation and First Data Corp. of small- and medium-size retailers in the U.S. found that 64% believed their businesses weren’t vulnerable to card data theft and only 49% had assessed their security safeguards. Talk about nice, ripe low-hanging fruit for the hackers…

On the web site front, current statistics estimate that every .65 seconds, a web page is infected with malware.

An agent in the FBI’s cyber division says that hackers targeting small businesses are a “prolific problem.” And, “It’s going to get much worse before it gets better.”

Proper security is all about creating multiple levels that have to be broken through. Think of a burgler approaching two houses. One is protected by a ten foot wall. The other has a ten foot wall, a ten foot barbed wire fence and a moat with man-eating piranha swimming in it. Which house will he try to break in to?

So, if you own or manage a small business, what do you do?

1) First priority should be installing a proper firewall, which does not mean a $99 home firewall you bought in the local office supply store. It also means hiring a professional IT technician to install and configure it. This is NOT a do-it-yourself job.

2) Don’t be lazy with passwords. Use strong passwords that are combinations of letters, numbers and special characters.

3) Every system needs to be running anti-virus and anti-malware software. While no one program is perfect, running without it is the equivalent of a hole in your barbed-wire fence.

4) Don’t skimp on backups – back up your systems daily at the minimum. And that includes your web site. Is your site being backed up? How often? Look into a free service from CodeGuard.

5) Talk to an IT security professional. In this technology crazed, always-connected world we live in, many people feel they know enough to  “do it themselves and save money.”  There are many areas where that may be true, but this isn’t one of them.

For the most part, you’ll only hear about computer security breaches when they involve large companies and thousands of potential “victims.” There may only be a handful of these every year. But every day, smaller businesses are being hacked and in many cases, enough damage is inflicted to close down the business. Don’t let that happen to you.

If you would like to read some more about this topic, including some real world examples of small businesses under siege, here are some good articles to check out:

Hackers Shift Attacks to Small Firms – Wall Street Journal

New Cyberattacks Target Small Businesses – USA Today

 

Handy Computer Security Tips From People Who Should Know – the NSA

Posted on: May 22nd, 2011 by under Apple, Computer Security, Microsoft, Operating Systems | No Comments

When it comes to our computer systems, it’s pretty safe to say that everyone recognizes the need to be security-conscious. But how many of us really know what to do beyond setting passwords?

If you work in information security, you don’t need our help. For the rest of you, where do you begin? The task can seem daunting to the average user.

Fortunately, there are plenty of resources to help you, even too many, probably. So where do you start?

Well, how about from the people responsible for securing the nation’s information – the National Security Agency (NSA).

From the NSA Mission Statement:

The Information Assurance mission confronts the formidable challenge of preventing foreign adversaries from gaining access to sensitive or classified national security information. The Signals Intelligence mission collects, processes, and disseminates intelligence information from foreign signals for intelligence and counterintelligence purposes and to support military operations. This Agency also enables Network Warfare operations to defeat terrorists and their organizations at home and abroad, consistent with U.S. laws and the protection of privacy and civil liberties.

Surprisingly enough, this agency that lives and breathes secrecy, publishes a wide range of security guides that are completely yours to use for free.

Whether you are an Apple, Windows or Linux user, there are two guides specifically for you at these links:

Operating Systems.

Best Practices for Securing a Home Network

For the main page where you can browse all of the guides (categories on the left), go to:

Security Configuration Guides

These guides are good starting points. Be proactive – don’t wait for something bad to happen.

 

Find us on Google+