What is 'online security' and why should we care about it?
It's a broad term which covers the following areas:
Prevention of viruses/trojans or other malware.
These pesky items are very often the little guys that sneak in through the open door at the back of the mansion and open the main doors to let the enemy come in an ransack the building (metaphorically speaking).
But most users don't understand the actions they did that allowed that to happen. That innocent looking email attachment, using your USB stick in infected computer and then transfering the infection to every machine you come into contact with! These things are often how disasters start.
Protecting you data against theft, destruction or unauthorized disclosure.
Several ways of doing this, depending on your level of parnoia, but you might want to consider:
- Controlling physical access.
- Auditing access to data and reviewing it.
- Having a proficient backup strategy.
Protecting login credentials.
It's important to teach all users how to protect their login credentials. Even after using this method of authentication for many years, most users still have no solid way to secure their login credentials.
Choosing a strong/unbreakable password.
Surveys tell us that 95% of users have absolutely no idea how to choose an effective password and they have no strategy to remember or record high quality passwords.
This is probably one of the most important lessons we can teach people today. Most serious security breaches are due to compromised passwords, because the users had never been taught how to handle their passwords properly.
Ensuring that your information remains secure during network transports.
So your PC hard disk is encrypted 256bit encryption and you can only logon with your twelve character password made up of completely random characters, including upper and lowercase, symbols and numerals, which you have recorded only in your head, but what happens when you press send on an email, perhaps laden with attachments detailing your companies most intimate secrets?
In most cases, this date then leaves the relative safety of your internal network, without so much as changing it's slippers and grabbing a coat. It travels halfway around the world, through many different friendly and not so friendly countries, across networks where anyone with access can record the contents of your email for viewing later at their leisure before sending on a copy to your adversaries. Ten seconds later, you boss calls from the other side of your wall, to say, "Thanks, I got it.".
Who would ever suspect that that ten second journey could have been fraught with so much danger? But it's journeys like these that often spell the end of companies.
We can no longer consider it responsible to send a message in plaintext, outside of our own networks and the time will soon be here, when it won't be responsible to do so on internal networks either.
It's time that each one of us took the trouble to become familiar with how to encrypt the emails we send to protect ourselves, our recipients and even our families and businesses.
How bad will you feel, if it's your email which brings the company down?
Ensuring that your online habits/activities are not being routinely monitored so that they can be used against you or your company.
Limiting the damage caused when a company that you have entrusted with your data and login details is compromised or discloses those things (willingly or unwillingly) to others.
Developing a system of having strong passwords that securely stored in a user-friendly but difficult to compromise manner.
Using encryption to secure email.
Using encryption to secure stored data on local machines.
Protecting backups from being compromised (often overlooked).
Understanding how you are tracked through your mobile phone.
Understanding how you are tracked online using your IP address and/or cookies.
Assessing risks in connection with the use of The Cloud.
“Companies spend millions of dollars on firewalls, encryption and secure access devices, and it’s money wasted, because none of these measures address the weakest link in the security chain.”– Kevin Mitnick
One of the biggest threats to both individuals and companies nowadays, is theft and missuse (or disclosure) of their information.
While it's true that there are many steps we can take to protect ourselves from these attacks, it is also true that most potential victims are obliviously unaware that they are a target or even why it should matter to them.
Our founder feels passionately that every internet user, should be aware of the situation and given the knowledge that they need, in order to protect themselves if they wish to. This is why he makes himself available as an online security consultant, who is prepared to work with individuals, companies or groups to advise and assist them in securing their online operations.
Our founder enjoys lecturing to both small or large groups, which they usually find both entertaining and informative.
If you are responsible for the security of your company's data, remember: Security starts and ends with the users - educate them!
For more information, please contact us and tell us how you think we can help.