The Challenge: Meeting Business Needs While Ensuring Privacy

Posted by Tobias Eichenseer Thu, 06 Nov 2014 14:37:00 GMT

Stories about privacy invasions and hacking attacks make the news each week: from social media to government surveillance, our lives are becoming more and more public. In the corporate realm, the costs of a cyber attack can be huge: an IBM-sponsored study conducted by Ponemon Institute reported that the average cost of a data breach for an organization represented in the study was $5.9 million. Is the principle of privacy worth fighting for? How can modern businesses avoid cyber attacks?

Privacy: Everybody’s Prerogative

Many people claim that they are not concerned about privacy, declaring that they have “nothing to hide.” However, the nothing-to-hide argument is misguided because its underlying assumption is that privacy is about hiding bad things. This argument focuses only on surveillance or the disclosure of personal information, overlooking other privacy problems. It presumes a narrow perspective of what privacy involves, excluding much of the personal data that is actually at risk.

Although it may seem harmless for companies to collect small amounts of personal data, combining several sources of seemingly innocuous data can yield considerably more telling information. Another problem is secondary data usage, when data obtained for one purpose is then used for a separate purpose without the subject’s consent, such as when email addresses collected for a contest are sold to a third party. There are several additional forms of privacy invasion, including blackmail and the improper use of personal data to commit identity theft and other crimes.

Computing: Ideality vs Reality
In today’s world, blurred lines exist between personal and corporate computing in the case of smartphones, tablets, notebooks, and desktops. Independent of the type of device and location, most of these devices contain both personal and company data.

According to Consumer Reports, some 3.1 million mobile devices were stolen in the US in 2013. Not only is this figure almost double the number of devices stolen in 2012, it’s also of great concern considering how many employees have corporate data intermingled with their personal photographs, private events and email on their devices. People do not want to carry multiple devices or have an extra, dedicated machine at home to access work material. As such, there is often an unavoidable combination of both private and company data on a given device – whether the device is personally bought and used for work, or company bought and used for personal purposes.

Fixing the Problem
Smartphones can be attacked just like computers, and consequently should also be protected from unauthorized access. With the right software, security and productivity are both achievable. For instance, in the case of mobile phones used for business purposes, innovate solutions exist that allow 24/7 and location-independent access to e-mail and other enterprise resources via data stored on corporate servers. The main advantages here are two-fold: the user can work with data larger than the device can handle, and, importantly, the data are never downloaded onto the phone. Therefore, data cannot be lost or stolen if, for example, the smart phone is lost. All data is completely and securely located in the central corporate network (more information on the HOBLink Mobile website).

Moving Forward
Ultimately, it is our responsibility to adopt defensive measures that prevent the dissemination of sensitive information. With the right mobile tools, we can ensure security and performance, making it possible to safeguard sensitive information.

no comments |

Cyber Security: No longer an Issue for IT Departments Alone

Posted by Stefanie Kober Tue, 04 Nov 2014 13:51:00 GMT



In the past couple of years, we have witnessed a significant increase in the amount of data that can be heard, accessed, downloaded and captured via Internet devices. This advancement is not without drawbacks: everything that is said or done online can be traced, shared and archived, threatening security. 

Cyber Security: A Shared Responsibility
Cyber attacks take place when an anonymous entity – either an individual or a group of hackers – targets a vulnerable system and steals, alters or destroys data. In terms of data sharing, leakage and theft, the risks to businesses are critical: no business can stay passive in its approach to cyber security. Every CEO’s attitude towards a potential cyber threat is of outright importance; cyber security is no longer an issue solely for IT departments. In fact, cyber security readiness should be at the forefront of every business’ agenda. Cyber security begins with personal responsibility, and safeguarding against the numerous types of potential cyber attacks requires a unified team effort.

Cyber Security Readiness
Cyber security readiness means being able to respond to and rapidly recover from a cyber threat or attack, such as distributed denial of service or phishing attack. Knowing what to do in these types of situations should be an important consideration in every business continuity plan. Regardless of their size, companies that plan ahead will be prepared to address any potential threats or disasters that could potentially damage their online systems.

The cyber security readiness process begins with recognizing and understanding potential threats, as cyber attacks and other potential disasters vary depending on a company’s size and industry. A threat is anything that could make a company vulnerable, or increase the probability that its system will not be able to function effectively. Once you are aware of the threats facing your company, cyber security readiness becomes a call for action, or a way of being invariably prepared to tackle any possible flaws that could harm your systems.

When it comes to cyber security readiness, it is important to distinguish between prevention and crisis control. For example, having a strong, difficult-to-guess password, and changing it periodically, is a good way to prevent cyber attacks, while always backing up your data is a good measure for crisis control.

Ideally, it is best to always be prepared and assume that your system is always at risk. Maintaining a cautious attitude will help keep your preparedness level high.

Investing in Education
Even the most thorough cyber security readiness program can never be foolproof – a company can take all the necessary precautions but it may still be insufficient; the system is only as strong as its weakest link. Arguably, the most basic threat to security is lack of awareness and misinformed individuals. Providing awareness and education to all staff members will go a long way in protecting against security breaches. After all, an investment in knowledge pays the best interest.

If you are interested in reading more about Cyber Security, we invite you to have a look at the wide range of our free eBooks. Also, visit our website to learn more about the latest security software solutions from HOB.

no comments |

Does Your Online Presence Pose a Security Risk?

Posted by Stefanie Kober Fri, 31 Oct 2014 09:36:00 GMT



Would you hand out your name, social security number and email address to a total stranger on the street? Probably not. However, when it comes to giving out the same information online, we are somewhat less adamant. Is it really easy to gain information on an individual from seemingly trivial data? How could your online presence be used against you? In this article, we answer these questions and discuss how to mitigate these risks.

Would You Give Out Your Email Address?

A social experiment conducted by People’s ID Bot Project and London agency Abundance has shown how incredibly easy it is for fraudsters to glean a disturbing level of personal information online, by simply using an email address. Bar customers wrote their email address on a sham mailing list, then researchers used their email addresses to evaluate the target’s details online. Within a matter of minutes, the researchers had gathered so much private information on the individuals that they succeeded in convincing the patrons that they had known them for years. Would the same have happened to you?

Sharing Your Life Online
The shocking experiment highlights the dangers of leaving yourself open to online identification fraud – it reveals how easy it is for a stranger to research individuals. People should be aware of the how much of their personally-identifiable information is freely available online. In the wrong hands, this information is used to commit identity theft or sold to other criminals. Usually, the victim is only made aware after a crime has been committed against them.
Often, people disclose all types of personal information on the Internet that allows identifying data to be deduced. Social media services such as Facebook, Twitter and Instagram are libraries of personal minutiae – school and work chatter, snapshots of family vacations, and books read are just the tip of the iceberg. Such seemingly superficial pieces of self-revelation can gradually be gathered and reconstructed by computers to help create a picture of a person’s identity, sometimes even down to the Social Security number.

How to Prevent Victimization
People can increase their defenses against identification in social networks by implementing tight privacy controls on information in personal profiles. Unfortunately, an individual’s actions are not sufficient to protect privacy in the interconnected world of the internet. In today’s online world, personal privacy is no longer an individual phenomenon; although you may not disclose personal information, your online friends or colleagues may do it for you, denoting your gender, education or employer, location, and interests.

Take Away
The Web offers us excellent value and convenience, however it is important to be vigilant in protecting our online identities. It is essential to exercise caution and implement these simple adjustments to online behavior in order to prevent victimization. People should exert more caution with personal details – it is by obtaining such data that the process of identity theft starts.
 

no comments |

4 Critical Advantages of Pure Software VPN Solutions

Posted by Stefanie Kober Tue, 28 Oct 2014 14:08:00 GMT



Most companies are turning to virtual private networks (VPNs) to reduce costs and increase security and performance. By using a public network, VPNs can connect off-site users, such as teleworkers and remote workers, vendors, and customers, to a larger centralized network. A VPN is considered as important as the internet connection itself, therefore choosing the right VPN solution is essential.

VPN Solutions
There are several different VPN solutions in the market today, therefore extra caution must be taken to ensure that the best possible decision is made when choosing a business VPN solution.
The two main product categories are dedicated VPN hardware appliances, and software VPNs (also called server-based VPNs). In the case of software VPNs, the VPN endpoint is actually software running on the device itself, whereas a hardware VPN is a virtual private network based on a single, stand-alone device.

The following four key points highlight how software VPNs are superior to hardware VPNs:

 

  1. Cost-Effective
    VPN software is generally considered to be a relatively low-cost way to deploy a VPN; dedicated hardware VPN appliances are more expensive than a software VPN because, generally, the VPN software is installed on an existing device. This means there is virtually no other investment required apart from software upgrades.

  2. Easy Network Management
    A further advantage to the software VPN approach is that the network does not change. No additional devices need to be installed, and management of the network remains the same. In contrast, a VPN appliance involves adding a new piece of equipment to the network, therefore increasing the complexity of the networking environment.
     
  3. Less Training
    Another benefit is that generally, less training is required in the case of software VPNs. Conversely, in hardware VPNs, the IT staff would require more intensive training since the configuration and management tools will probably be different than the ones used on the corporate routers.
     
  4. Performance and Scalability
    The performance factor is equally as important. The ability to expand the VPN to support more sites or users should not be underestimated when choosing a VPN. Pure software VPN solutions benefit from high scalability. This is not the case for a hardware VPN. If a company were to start with a VPN appliance designed to support 50 simultaneous VPN sessions, and later experience considerable increases in personnel, the VPN would need to accommodate more users. This would require scaling up the VPN will require the purchase of more appliances. Selecting a VPN that is not scalable can easily double the cost if or when the VPN capacity is outgrown.


SSL VPN
When choosing a VPN, special attention should be paid to the merits of the various deployment models (SSL VPN vs. IPsec VPN). Modern, pure software SSL VPNs do not require the installation of specialized client software on the end user’s computer. This translates to high scalability and the ability to support many different platforms (such as Windows®, Mac, Linux/Unix), from virtually any device. SSL VPNs enable secure server-based computing environment with strong SSL encryption and strong authentication.

HOB RD VPN is a very performant software SSL-VPN solution, which was only recently certified by the German Federal Office for Information Security. If you are interested in VPN solutions, don’t hesitate to visit our website www.hobsoft.com and inform yourself about HOB software solutions “Made in Germany”.
 

no comments |

Cybercrime Prevention Tips (Part 2)

Posted by Stefanie Kober Thu, 23 Oct 2014 13:24:00 GMT



In one of our previous blog posts, we started our discussion with cybercrime prevention tips. In the following article, we shall further provide advice on how to prevent cyberattacks, with a more in-depth focus on mobile technology and deployments.

Preventing Cybercrime
Many cybercrime attacks can be avoided with the implementation of straightforward preventative steps. Cyber criminals prefer to attack easy targets, thus the more difficult you make their job, the more likely it is that they will move on to an easier target.
By implementing the following precautionary measures, you can effectively fight cybercrime:

 

  1. Protect your computer with security software
    Several necessary security software elements are required for basic online security. Antivirus programs and firewalls are just two examples of security software essentials. Generally, a firewall is the first line of cyber defense, as it controls who and what can communicate with your computer online. Firewalls block connections to unknown or phony sites, and will prohibit certain types of viruses and intruders. Antivirus software monitors all online activities such as e-mail messages and Web browsing, offering protection from viruses, worms and other types of malicious programs. More recent versions of antivirus programs also protect from spyware and potentially damaging unwanted programs, such as adware.   
     
  2. Secure your mobile device
    Mobile devices, such as smartphones and tablets, are also vulnerable to cyberattacks; these devices are attacked by cyber criminals in a similar way to computers. A more in-depth look into smart phone security can be found here.
    When smartphones are used for business purposes, a number of safety practices should be followed, such as not saving any sensitive business data directly on the device, to prevent unauthorized data access.
     
  3. Turn off location settings
    Numerous smartphones, tablets and even some digital cameras now come GPS-enabled, allowing geotagging (the addition of GPS coordinates to your online posts or photos) is especially popular with photos. A geotagged photo is the most marked threat for the user’s personal privacy and security.
    The problem with such location-based services is not the information they provide, but rather the information they might also provide to other parties. Providing information about your current location is risky, but even more precarious, the data may be permanent and searchable, allowing criminals to build up a clear picture of your activities through time.
    To mitigate these risks, the best thing to do is to completely disable the location settings when requested by applications and refrain from using geotagging. Alternatively, in some cases, these may be turned on only when you specifically need it, then turned off again immediately after; even in this scenario, only a restricted number of friends should be able to see the information of where you are and where you have been. 
     
  4. Secure your offsite workers
    Offsite workers, such as teleworkers and remote workers, including vendors and customers, making use of any type of mobile device (e.g., laptops, smartphones and tablets) should be equipped with remote access solutions or other modern solutions, so as to assure a secure access to the corporate network.
  5. Back up critical dataAlthough this is not strictly a way to prevent cybercrime, backing up critical data is a crucial step in the event of an attack. Recovery of data and return to normal operations is essential for business continuity; any down time to mission-critical systems may be harmful. Details of the backup processes should be part of the business continuity and disaster recovery plans.


Keeping Balance

The most really effective steps taken by a computer user to avoid being a victim of a crime render the user’s computer somewhat less convenient to use. Every user must balance how much security is considered enough to keep unauthorized intruders at bay. The German software developer HOB offers its customers the perfect balance between user experience and security. The Secure Remote Access Suite HOB RD VPN allows users to remotely access corporate files and servers from anywhere, at anytime. Due to SSL-encryption and modern authentication methods, HOB RD VPN offers its users a maximum of security. The recent Common Criteria (EAL4+) certification is yet another independent proof for the high security level of HOB RD VPN. If you are interested in learning more about HOB products, please visit our website www.hobsoft.com.
 

no comments |

Cybercrime Prevention Tips (Part 1)

Posted by Stefanie Kober Tue, 14 Oct 2014 09:32:00 GMT



Every week, we hear new reports of new cyber breaches and the exploitation of security flaws. Internet connected activities are as susceptible to cybercrime as physical crime, and both can lead to severe damages and lasting negative consequences. Ultimately, it is the responsibility of the individual to protect themselves and their families against cybercrimes through safe online practices.

Cybercrime Prevention Strategies

Preventing cybercrime is not an easy task, however cybercrime prevention can be achieved relatively rapidly and in a cost-effective way. The following tips help prevent cyber attacks:

Install the latest patches and updates
By regularly updating your computer operating system with the latest patches and other software fixes when they become available, you can block attackers from taking advantage of software flaws that would otherwise compromise your system.

Keeping your computer up-to-date renders it much more difficult for cyber criminals to gain access to your system. Although updates alone do not guarantee protection, they block several basic and automated attacks completely and may discourage a less-determined hacker to look for a more vulnerable computer somewhere else. Fortunately, most Windows-based systems can be configured to download software patches and updates automatically. 

Choose strong passwords… and protect them
Choosing a password, meaning one that is not easily guessed, is the first step towards keeping passwords secure and out of the wrong hands. Strong passwords use a combination of upper and lower case letters, numbers and special characters or symbols (such as ?, @, $ and &). Any type of personal information or dictionary words should be avoided.

A different password should be used for each service used; although this makes it more difficult to manage your online accounts, it is well-worth the effort. Passwords should be changed regularly so as to limit the damage caused by someone who has already gained access to one account. It is essential to store passwords in a safe place. If you suspect that one of your online accounts may be hacked, one of the first steps to take is to change your password.

Shred old or unwanted paperwork

Any paperwork that contains personal details should be shredded or made illegible before discarding or recycling it. Criminals can go through your trash to recover sensitive information such as receipts and letters from banks that they can use online.

Protect your personal information
Refrain from revealing personal confidential information in the public domain, for example social media websites. Overexposure can lead to social engineering, whereby attackers gather small bits of personal information from several portals, such as Twitter and Facebook, to launch an attack.

Although absolutely not divulging any personal information is rarely possible, the following is a checklist for how to share personal information safely online:
 

  • Pay attention to privacy policies on websites and in software
  • Steer away from fraudulent websites used to steal personal information
  • Keep an eye out for phony email messages – do not open email attachments unless you are certain that they are authentic
  • Do not respond to email messages that ask for personal information
     

Be social media savvy
Check your security setting to ensure that your social networking profiles (such as Twitter, Facebook and YouTube) are set to private. Once information is posted online, it is extremely difficult to remove it!

Cybercrime: No Intention of Slowing Down
As the technology evolves, so does cybercrime. This exposes new vulnerabilities which attackers can exploit, therefore implementing the rightful preventative measures is essential to stay one step ahead of attackers. Stay tuned for Part 2 of this blog series where we will discuss further methods to protect against the ongoing threat of cybercrime.

no comments |

How to Avoid Becoming a Victim of a Mobile Phishing Attack

Posted by Tobias Eichenseer Thu, 18 Sep 2014 15:38:00 GMT

The dependence on mobile browsers to accomplish security sensitive operations is increasing. With this comes an increase in mobile cyber threats, as cybercriminals are now moving beyond computers and shifting to mobile handheld devices.

A phishing survey reported that the number of phishing targets increased from 2012 to 2013, indicating that e-criminals are spending time looking for new opportunities. Mobile phishing occurs when identity thieves collect the user's information, including financial or account information such as user name and password, Social Security Number, date of birth, and credit card information from mobile devices, for the purpose of committing fraud or other illegalities.

Limitations of Mobile Devices
Specific limitations of the mobile platform make mobiles susceptible to phishing attacks:

1.    The mobile device’s much smaller screen size constrains the ability of the mobile browser to entirely display any anti-phishing security elements a website may contain. Most mobile browsers in use today simply lack any room to incorporate security indicators and certificate information that alert users of site identity and the presence of strong cryptographic algorithms, as is done with their desktop counterparts. This leaves users unable to verify whether the website they are logging into is legitimate or not; a critical security flaw rendering mobile browsers unsafe. 
    
2.    The permanent default browsers preinstalled on certain phones are another limitation. Their ability to automatically start up and display links the user opens makes it less difficult for cybercriminals, who can now focus on only one browser to exploit.

This combination of a radically reduced screen size and absence of security indicators makes it difficult for users to determine the security standing of mobile browsers, and makes mobile browsing more dangerous for average users, since it provides a false sense of security. Research has shown that mobile browser users are three times more likely to access phishing sites than users of desktop browsers. 

Advantages of Mobile Devices:
However, the mobile platform also has some benefits that reduce the concern of mobile phishing: 

1.    The mobile platform allows phishing targets, including online shopping and banking sites, to develop their own apps for customer use. Assuming there are no spoofed apps and there is a mechanism for constant updates, these legitimate apps facilitate more secure exchanges of information between organizations and their customers.

2.    Mobile browsers are increasingly becoming more powerful, and are able to process and run complex scripts. Websites that involve login details may take advantage of this fact to implement better security measures.

Protection Against Mobile Phishing

One can prevent mobile phishing from taking place by adopting and following the following best practices:

1.    Avoid opening links in emails, especially from suspicious or unknown senders. One should always verify the legitimacy of the email messages received.

2.    Utilization of official apps. If the website one is trying to log in to has an official app, one should use it rather than the browser.

3.    Checking the permissions of all the downloaded apps. One should exert extreme caution when choosing which apps to download, as some apps may be requesting too much data, which could result in a violation of privacy.

4.    The URLs of the websites one visits should be manually typed in and subsequently bookmarked for future visits. This procedure eliminates typographical errors in the URL that can be directed to a phishing website.

5.    Installation of a security solution. Modern solutions for mobile devices enable secure access to data located in the corporate network, without the data ever being downloaded to the device. This eliminates the risk of phishing.

Conclusion
The direction of cybercrime is shifting towards the “post-PC” era, as cybercriminals follow where the users and their money go. Cyberattacks on mobile devices can be prevented by adopting mobile computing best practices.

no comments |

Cyber Security is Everyone’s Responsibility

Posted by Stefanie Kober Tue, 16 Sep 2014 07:38:00 GMT



Cyber security starts with improving the individual responsibility of each user within an organization. A single user’s lack of responsibility may not only harm the individual, but could provide a platform for attack on other users within the network; older threats, such as viruses, have been replaced by sophisticated attacks that can cripple the entire organization’s IT system. Knowledge of how to protect computers and engaging in appropriate behavior while logged on to the corporate network, will decrease vulnerabilities.

How to Act Responsibly in Cyberspace

Cyber security is a shared responsibility, and each user has a role in preventing cyber threats. Every person should take these basic security measures to improve the organization’s cybersecurity. 

1.    Strong Passwords

Choosing a strong password cannot be stressed enough! Weak passwords are just as bad as no passwords at all, as they can be easily cracked by relatively simple hacking techniques. Strong, hard-to-crack passwords are normally the first line of defense against a security breach. Strong passwords generally cannot be found in the dictionary and include special characters or numbers.

2.    Beware of Social Engineering
Not all threats come from online. The term “social engineering” describes a non-technical type of intrusion that relies mainly on human interaction – a scam or fraud, where people are deceived into disclosing valuable data, breaking the normal security procedures. Social engineering can take several forms, and is normally considered to be the easiest and most successful type of attack. One of the most traditional cracks is simply to call a person and ask them questions. Users should never divulge a password to anyone, including people who claim to be from customer service, nor communicate a password via telephone, e-mail or instant messaging.

3.    Recognize the Importance (and Vulnerability) of their Data
One of the reasons social engineers are successful is because people are not aware of the value of the information they possess and are therefore not vigilant protecting it. Better security awareness by each individual facilitates businesses to safeguard their trade secrets and intellectual property, and decreases loss of productivity due to downtime. 

4.    Keeping Track of Business Data

In addition to keeping the information safe, protection of business data ensures compliance with relevant data protection rules and legislation. Employees downloading business documents to a public drive, attaching and sending unencrypted confidential documents from the workplace using personal (Web-based) email accounts, and downloading, storing and transferring unencrypted confidential documents from a workplace desktop to a generic USB drive are all examples of security risks that can arise in organizations involving negligent or malicious users.

5.    Back Up Data
Data is one of the most important assets of the business; a lot of information, such as employee records, is irreplaceable. Users should plan ahead and back up critical data as preparation for worst-case scenarios. 

Conclusion
Independent of the type of multi-layered defense one opts for to safeguard the corporate network, it must be combined with good judgment, common sense, and safe computing and safe Web surfing habits.

Author: Hazel Farrugia

no comments |

9 Ways to Avoid Identity Theft: Dos (Part 1)

Posted by Stefanie Kober Thu, 21 Aug 2014 09:55:00 GMT



Identity theft occurs when an unauthorized individual wrongfully obtains personal information and uses it to commit theft or fraud. Approximately 7% of all U.S. residents age 16 or older were victims of one or more incidents of identity theft in 2012. Nowadays, the threat of identity theft is more pervasive and the tactics are continually increasing in sophistication.

DOs: Protecting Oneself

To reduce the risk of becoming a victim of identity theft, there are a number of simple actions that everyone can take:

1.    Store Your Personal Information in a Safe Place

Personal information should be stored in a safe place, both at home and at work. It should not be left in the open, unattended.


2.    Check Your Credit Reports

In 2012, the National Crime Victimization Survey (NCVS) reported that the majority of identity theft incidents (85%) involved the fraudulent use of existing account information, such as credit card or bank account information.
Checking credit is the easiest way to find out if someone is abusing your financial name for personal benefit. The credit card statement should be reviewed frequently (preferably quarterly, annually at a minimum) for mistakes, such as debit of the incorrect amounts or unfamiliar changes.


3.    Be Wise with Passwords

Strong, hard to crack passwords are essential. Capital letters, numbers and special characters should be used for passwords, and changed at regular intervals. Obvious passwords, such as date of birth or simply ‘password’, should never be chosen. Password best practices also involve different passwords for different accounts, so that if someone hacks the password for one credit card, they will not be able to access brokerage or email accounts. 


4.    Destroy Old or Unnecessary Data

The majority of consumers do not pay attention to the multitude of personal information that they discard. Old or unnecessary documents should be shredded, including private receipts, junk mail, financial statements, billing statements and expired credit cards, before throwing them away. Any computer data storage, such as hard drives, should also be wiped prior to selling it or giving it away.


5.    Watch Out for Shoulder Surfing

“Shoulder surfing” occurs when an unauthorized person uses direct observation techniques to obtain personal information. Shoulder surfing is most effective in crowded areas, where it can be much less obvious, as it is fairly easy to stand beside someone and watch as they enter a PIN number at an ATM, fill out a form, or other similar activities. The threat of shoulder surfing has increased due to the prevalence of mobile phones equipped with cameras and video recorders. To prevent shoulder surfing, one should shield paperwork or the keypad from view by using his or her body or cupping their free hand.


6.    Defend Your Computer

Computers should be protected from unauthorized access with the latest software. An updated Web browser ensures that one is taking advantage of its current safety features. Security software, such as firewalls, anti-spyware software and virus-detection software, should also be installed and kept up-to-date as a safety measure against online intrusions.


7.    Secure Your Network

Home wireless networks should be secured, as a hacker may gain access to anything done over an unsecured network within minutes. Using a password will not affect the way the wireless network is used, but will prevent intruders from getting ahold of your information.


8.    Recognize Phishing Emails


Be cautious of “spam” or junk email in your inbox as they generally are messages from phishers, and may contain viruses (Trojan horses) that can infiltrate the computer and forward information to cyber criminals. Since identity information in messages can be easily spoofed, one should also be cautious when the message appears to come from a safe sender. If an offer appears “too good to be true”, it probably is. One should be wary of email attachments and links in both email and instant messages.


9.    Care when Buying Online

One should avoid entering credit card number online unless it is encrypted in a secure website. Probably the best way to ensure that information does not get intercepted is by using only trusted, well-known online retailers, or smaller sites that use reputable payment processors such as PayPal. Regardless of the site, to verify that the page is safe, one should always look for the padlock icon in the browser window frame, and the web address should begin with https:// (where the ‘s’ stands for ‘secure’). 


Conclusion

Safeguarding personal, confidential data can prevent individuals from falling victim to identity theft. By taking simple but necessary precautions, one can be safe both offline and online. Stay tuned for Part 2 where we will further discuss preventative measures to avoid identity theft and reactive strategies for victims.
 

Author: Hazel Farrugia

no comments |

VPN functionalities for remote access technology: Fact or Fiction?

Posted by Stefanie Kober Thu, 14 Aug 2014 09:33:00 GMT



In the mid-1990s, virtual private network (VPN) technology was introduced by Microsoft, such that a secure connection could be created between a computer and a remote server. Since then, remote access technology has evolved to meet modern-day demands and overcome the shortcomings of the early versions of VPNs.
Remote access technology securely connects employees, customers and even partners with the company’s sever using the internet and/or intranets, including local area networks (LANs), as well as wide area networks (WANs).
Although VPN technology is essential in providing comprehensive security, safety and flexibility to businesses, in particular those which opt for the management practice of BYOD (Bring Your Own Device) and/or work from home, some individuals and companies remain skeptical of this technology. 
This article separates fact from fiction.

Fact or Fiction?

1.) VPNs do not affect the performance of the device
Fact.

Modern remote access solutions do not require any software to be downloaded onto the device, thus it cannot affect the device’s performance. Essentially, the device does not need to be “known” on the company network, as the VPN parameters used to log in these devices are configurable by the IT team.

2.) SSL VPNs support web and browser applications only
Fiction.

Early SSL VPNs began as HTTP proxies, enabling user access to web applications through a VPN gateway using an ordinary browser. Today, VPNs offer a variety of access methods, ranging from thin-client SSL tunneling to clientless browser interfaces. Today’s high-quality VPNs also offer browser-launched thin clients which can support virtually any application by tunneling non-web protocols over SSL. Moreover, VPNs also enable users to access Windows Terminal Servers and applications residing there, and further resources, such as file servers, desktop PCs or the company’s intranet.  

3.) VPNs only allow access to the organization’s data

Fiction.

Advanced VPN technology provides various services which help users maintain access to critical information. For instance, modern VPN technology includes remote VoIP capabilities, enabling employees to use the same work telephone number outside of the office.

4.) VPNs are different from other portals
Fact.

VPNs can supply highly-personalized portal views that are a function of each user’s individual access rights. Today’s VPNs provide dynamic access portals, whereby network managers can define server access with application publishing in such a way that the user only sees his or her personal, customized portal.

Summary
Remote access technology has come a long way. In an era where businesses are concerned with security breaches and unauthorized data access, VPNs continue to offer a highly reliable, fast and consistent approach to securely access data and applications stored in the company’s network, anytime and anywhere.

Readers, what are your thoughts on remote access technology? Please share in the comments below.

If you would like to explore more benefits of remote access technologies and learn useful tips for VPN solutions, download our free e-book: Debunking Myths about Remote Access Technology

Author: Hazel Farrugia

no comments |