With the ever-evolving cyberspace landscape, our reliance on information is at an all-time high. Along with that reliance, comes an increasing focus on our devices. We can all relate to the common, daily scene of people so deeply entrenched in a mobile device chat session that they are almost oblivious to the outside world. This security awareness tip focuses on the boundary outside of that device and how situational awareness can affect security. Securing the physical boundary outside of that computer, laptop, or mobile device can often pay big dividends and thwart attacks. Below is a checklist of physical security awareness items you can add to your toolbox:
A Republican task force recently released a limited set of near-term recommendations for cybersecurity legislation that emphasized voluntary standards instead of regulation. Interesting. Several words jump out at me in that sentence. “Voluntary standards”, “near-term”, “not regulated”. I paraphrase.
Seems to me that something as important as a task force that was put together should be working on an overall strategy to address cybersecurity rather than trying to patch holes in the dike. Read More »
Cloud services. You may or may not think about them, but they are no longer a talk of the future. Some of you probably listen to Rhapsody and Rdio, which are cloud-based streaming music services. Others perhaps use a cloud-based compression service Onavo to shrink your smartphone data and your monthly bill. Storage (Dropbox), email, social media, banking, location-based services (GPS), just to name some, all at your fingertips. For small and mid-size businesses, there’s a wide range of cloud services including productivity, finance, and accounting. For many companies and organizations, cloud adoption is on top of their priority list.
Before we continue to ride the cloud at lightning speed, shall we pause a moment to reflect on the risks? After all, there are many things that can threaten our data and services. To learn more about the current threat landscape, watch a rich and compelling on-demand webcast by Patrick Gray, principal security strategist at Cisco. Here are some specific concerns and action to take.
When considering security, make sure you’re protecting the data on your phones, too
In July 2011, the world saw just how vulnerable voicemail systems can be when a phone hacking scandal took down the News of the World newspaper and created a huge public backlash against News Corp. and its CEO Rupert Murdoch. Reporters were illegally intercepting voicemail messages left for the British Royal Family, celebrities, British soldiers, and others in their quest to scoop stories. Public figures’ voicemail messages aren’t likely to reveal product secrets, credit card numbers, or confidential business strategies, but your employees’ voicemails can. Voicemail systems can be configured insecurely and easily hacked—if you don’t take the right precautions.
Whether you have an analog or IP-based phone system, your company’s private voicemails are vulnerable. Most voicemail systems require only a simple four-digit personal identification number (PIN) to protect a user’s voicemail, and hackers have a few different methods for figuring out those numbers and gaining access to voice mailboxes, including caller-ID spoofing, and social engineering.
The good news is that deleted voicemail messages can’t be hacked. Therefore, the easiest and most effective step you can take in securing your voicemail system is encouraging your employees to delete sensitive messages as soon as they’ve listened to them.
Social networking sites like Facebook are great tools for connecting with friends and keeping up-to-date with the good and bad things that are going on in your social circles. Unfortunately, the kind and amount of personal information that makes for great social networking can be used by people with bad intentions to cause real, physical harm. Sound far-fetched? After a referee made a controversial call in a baseball game, someone with his same name received threats meant for the ref. Today’s security awareness tip is about profile management: developing habits that help you to stay in control of the information that’s available about you online, to keep you safe in the real world.