Currently Viewing Posts Tagged security

How to Protect Your Smartphone from Online Threats

Every day, hundreds of people have their smartphone hacked, exposing important data like contacts and even credit card details to criminals that prey upon poorly protected phones.

Whenever your phone connects to the internet, it is at risk from hacking by data thieves that target phones in particular, as they contain nearly all of our important information such as passwords, emails and even the login details to online banking apps.

Fortunately, there are a few steps anyone can take to protect their phones from harm and recover their data if their smartphone is damaged or locked my malicious software.

Use a Virtual Private Network App When Connected to Public Wi-Fi

When you are using public Wi-Fi, such as when you are at a hotel or café, your phone is at risk of being hacked by someone else using that network. Some data thieves are known to connect to these networks regularly in order to steal credit card information from shoppers and tourists.

Virtual Private Networks encrypt and conceal your web traffic, even when using a public Wi-Fi network. These services can also be used from home to protect your online shopping and browsing there, giving you extra peace of mind.

Use an App to Securely Back Up All of Your Smartphone’s Data

Sometimes when a phone is hacked, it can suddenly become corrupted and unusable, trapping your files like your phone numbers and personal photographs on the device. There are apps available that can back up data to an online cloud service, but sometimes they can be missing important and more recent files.

If you have data on a damaged or corrupted smartphone, there are services like mobile data recovery by Secure Data Recovery that can recover data from your device, sometimes even if it has been deleted by a hacking program.

Use a Password Manager to Encrypt and Generate Your Passwords

Our passwords are gatekeepers to a lot of our sensitive information such as emails and bank accounts. Too many people rely on using the same password, or maybe two or three, in order to log in to all their different accounts.

Password managers use encryption algorithms to generate complex passwords for you, and store them in a ‘digital safe’ in an app on your phone and online on a secure server. The password manager will auto-complete passwords on all your accounts, or they can be copy-and-pasted from the app to the login form. This means you have only one password to remember, the one that logs you into your password manager, and you can let it safely and securely do the rest.

We keep a large amount of sensitive data on our phones, and not just banking details and contact information. Your phone probably has hundreds of photos of friends and family, as well as pictures from social media accounts. This information needs to be protected, not just from theft, but also from accidents and problems with a smartphone’s components. With a few apps and the help of professionals, anyone can protect the data on their phone, and recover it if the worst happens.

Another Facebook security failure: millions of records leaked

540 million data records of Facebook users were compromised after third-party apps and sites stored the data on unsecured servers.

The leaked information included comments, likes, reactions, account names, and FB IDs, and some email addresses. The app called At The Pool even stored passwords of 22,000 users in plaintext.

Security expert tips: If you have used At The Pool, make sure you are not reusing the same password for any other accounts. All other Facebook users, beware of phishing attacks based on your account activity.

How to protect yourself

  • Don’t use third-party Facebook apps. These apps collect data on Facebook and deliver it to third parties who may not be secure. If you don’t want your private data showing up on unsecured servers, don’t use any third-party apps on Facebook.

  • Don’t use Facebook. This is a tough ask for many users, but the arguments for leaving Facebook are growing. With more and more data breaches and suspicious activities coming to light every month, more people are questioning whether this free service is worth it.

  • Reduce your Facebook activity levels. The less time you spend on Facebook and the less you do on their platform, the less they know about you. When creating or editing your account, don’t provide them with any more data than they need to provide their service.

Google to kill Google+ because of big data leak

 

Some time ago, on October 8, 2018, Google came out and admitted to a data breach in its Google+ social network, because of a software bug. This bug resulted in close to 500,000 user accounts getting compromised. There is no proof available so far that any user’s personal information was misused. If you recall, not too long ago, Google had to allay fears among its users that the developers were being given access to the users’ Gmail accounts, and could potentially misuse them.

As per an article published in the Wall Street Journal, Google chose not to come out with the details in the open, regardless of the fact that the data belonging to so many users was at risk. The company feared major damage to its reputation.

 

What exactly happened?

In the period between 2015 and March 2018, a good number of outside developers were potentially able to access the personal Google+ data of the users, because of a software glitch in the system. Although an internal memo warned about the potential ‘regulatory interest’, if the leak was made public, leading to comparisons with Facebook and the likes (owing to the Cambridge Analytica scandal), no notification was sent to the users of the social network.

Google+ users normally provide access to their profile data to the apps run by Google+, through API. This bug resulted in apps getting access to all their profile fields, including the ones not marked as public. Google clarified in a statement that this data is usually limited to only optional and static Google+ profile fields, such as the name, age, gender, occupation and email address. The tech giant said in a statement, “It does not include any other data you may have posted or connected to Google+ or any other service, like Google+ posts, messages, Google account data, phone numbers or G Suite content.”

 

As Google keeps the log data of APIs for no more than two weeks, it wasn’t sure about the users that were impacted by this glitch. However, after carrying out detailed analysis that spanned over two weeks, before the bug was patched, Google disclosed that close to 500,000 accounts were impacted. The company claims that no evidence was found of developers being aware of this bug, or any account abuse happening.

It also posted the following on its blog, “”Our Privacy & Data Protection Office reviewed this issue, looking at the type of data involved, whether we could accurately identify the users to inform, whether there was any evidence of misuse, and whether there were any actions a developer or user could take in response. None of these thresholds were met in this instance.”

What is Google planning to do now?

As per an announcement made on the company’s blog, Google will be ‘sunsetting’ the Google+ service for general consumers and offer it only to the business customers from here on. It is also putting processes in place to tighten up its security systems, as well as various privacy measures throughout the Google suite. The company will also roll out various additional controls in the near future and will update the policies associated with its APIs.

Do not use Google Authenticator

After I change my old smartphone to LG Q6, I would like to transfer all apps to it. I used Google Authenticator for a bunch of websites as the Two-factor Authentication. I just found Google Authenticator cannot move all these accounts to my new phone. To do the transferring, I have to manually re-add it to Google Authenticator of the new phone.

So, I did a little bit of research. I found Authy is a good replacement. There is a blog post to compare these two facilities on Authy’s website.

For me, I personally like the following features:

  • Multi-device support
  • Support Windows and Mac as well
  • Support backups

Looks cool.

Continue reading “Do not use Google Authenticator”

4 Ways You Can Simplify How You Check-in Visitors To Your Premises

Visitor Access Management is a tricky subject for security experts. This is especially true for secure locations such as hospitals, schools, and office buildings. Visitor management has two sides to it – location security and visitor hospitality. Neither do you want to compromise the security of your premises nor do you want any visitor to feel unwelcome or annoyed by the entire check-in process. In this article, we will look at four ways you can simplify and better your visitor management process.

Automation: If you are in charge of a large organization and are required to check-in thousands of visitors on a daily basis, investing in an automatic visitor access management system will pay off in the long run. These systems work with minimum manual entry and allow security personnels to print plastic ID badges for visitors with all required data points in no time. Automation also involves the use of a robust software system in the backend which can hold the data for quick access.

 

Print reusable plastic ID cards: With the world getting conscious of our use of plastic, it is a good idea to invest in reusable ink for your plastic ID cards. If you need to manage a large number of visitors in a day, reusability will help manage cost as well. While paper printouts make for a good solution, the output looks unprofessional and clumsy. Plastic badges, on the other hand, look professional and last longer, especially if the visitor is in for manual labour.

 

Save data: It is a good idea to save the data of the visitors entering your premises. A good way to do that is to save certain unique fields such as phone number or email address and tag them to profiles. If biometric authentication is a possibility, that simplifies the process even further. Once a visitor checks in once, for repeat visits, it is just about pulling the previous data and printing plastic ID badges for visitors.

Continue reading “4 Ways You Can Simplify How You Check-in Visitors To Your Premises”

Windows 10 Tips and Tricks- Infographic

The world is jumping towards upgrade as new inventions are scarce and upgrades are a plenty. Microsoft Windows has been one such franchise. People are often heard saying, we are happy with the current windows and don’t need an upgrade. This argument is negated by the fact that no one uses Windows 95 or the millennium edition anymore. Windows 10 is the latest upgrade which you should get as soon as possible as you are missing out on a lot of features.

Some of the basic features to die for include:

Speed

The startup and boot takes less time than any windows version in history along with an inbuilt DirectX capability that enhances game play experience.

Startup menu

The customizable startup menu has everything you need while running your computer. It incorporates the features compatible with advance mouse users and modern User Interface elements. The big menu can be changed according to your needs and can help you do anything without opening any hard disk partition.

Security

Additional firewall and data security ensures that you PC and data are always safe. The Microsoft passport and Windows Hello are the features that enhance the old security protocols. Data recovery software ensures that your data is secure and retractable even if the system goes haywire.

Snapping apps

A single screen can hold up to four snap-able apps which helps you greatly in multitasking work, entertainment, communication or/and social media.

Data recovery

One button data recovery enables you to never lose a single byte of data even when you are somehow locked out of the system. One button file recovery software gives you peace of mind that you will never lose your data in any circumstance.

Schedule updates

Automatic updates is one of greatest feature of Windows 10 which will help you remain updated, helping your computer guard against new viruses and running of old hardware in a better and efficient manner. All this at a pre-set time when you are not using your machine.

Infographic Source : http://www.easeus.com/infographics/windows-10-tips-and-tricks.html

Your Small Business Needs Cyber Security

Just because you own a small business does not mean your security threats are small. Small businesses are especially vulnerable due to their lack of security. Forty-three percent of cyber attacks target small businesses. Cyber criminals are aware of the shortcomings in cyber security small businesses face. They are working with cheap, outdated equipment and may have a less knowledgeable staff. It is time to make cyber security a priority for your business.

 

Targets

 

Your small business is a prime target for hackers. You have more digital assets than individual consumers and less security than larger businesses. Many small businesses underestimate their vulnerability, assuming they are not a target. There are many techniques hackers use to attack small businesses.

 

  •        Advanced Persistent Threats (APT) – These long-term targeted attacks use multiple phases to avoid detection.

 

  •        Distributed Denial of Service (DDoS) – Hackers intentionally overload a target’s website or network system with requests with the goal of causing the website or network to shut down.

 

  •        Malware – “Malicious software” is any program introduced into the computer with the intent to cause damage or allow unauthorized access.

 

  •        Password Attacks – There are many ways hackers can gain access to your password. The three main approaches include brute-force (guessing), dictionary attack and keylogging.

 

  •        Phishing – This is the most common form of cyber attack. Sensitive data is collected through legitimate-looking websites. These are usually sent via email.

 

Educate Yourself

 

Consider taking online courses to increase your knowledge of your risks and solutions. Schools like Maryville University offer courses and degree programs in cyber security. You can take self-paced training courses that allow you to educate yourself despite your busy schedule. Online learning is a great resource for busy entrepreneurs. You are not bound to physical class sessions. You can easily access classes from anywhere. Since you are pumping all of your income into building a business, you want to save money at every opportunity. Internet-based courses save you both time and money.

 

Once you have the knowledge, pass it on to your employees. Make sure they are aware of the reality of online threats. Make sure there are security practices and policies in place and make sure the staff is aware of them. Social networking is a common distraction in the workplace. Educate employees on safe practices. Hold employees accountable to your business’s internet security policies and procedures.

 

Be Safe

 

It is important to do your best to protect yourself and your business against cyber attacks. As a small business, you are a target. Here are five steps to help keep information safe online.

 

  •        Enable strong, two-factor authentication and create strong passwords

 

  •        Update your operating system, browser and other critical software regularly

 

  •        Make communication about cyber safety a priority around the workplace

 

  •        Use privacy settings and limit the amount of sensitive information shared online

 

  •        Always verify unknown links, attachments or emails before opening

 

Solutions

 

Different types of security software provide varying levels of protection. Antivirus software protects against most types of malware and is very common. Firewalls prevent unauthorized users from accessing your computer or network. This is a great added level of protection. It is also wise to invest in a data backup solution. If information is lost or compromised, it can be easily recovered from your backup source. Encryption software helps protect sensitive data.

 

Don’t delude yourself into thinking your small business has nothing worth stealing. Don’t allow yourself to be a target. Educate yourself and yourself on the dangers of cyber threats. Create enforceable internet security policies and procedures. Use safe practices to protect your passwords and sensitive information. Cyber security should be a top priority. Put protections in place and make sure to backup all your important information in case of a security breach.

 

 

  • Archives