Portable Storage
Portable devices which are used as storage and for transmitting sensitive information between locations, such as portable hard drives, memory sticks or even CDs and DVDs, should always be encrypted and require a password to un-encrypt. Some of the highest profile data leaks in recent years have occurred when such devices have fallen into the wrong hands and it easy to make a mistake by misplacing a portable device but harder to justify not securing it in the first place.
Laptops
As with portable storage, the first step to staying secure is to ensure access to your laptop is password protected. With modern security you can even use advanced techniques with biometric security measures such as finger print recognition/scanners to ensure that only the specified owner can access the laptop and its contents.
It is also vital that your laptop, as with all PCs, has a firewall in place, to prevent unsolicited access from the outside world, and up to date anti-virus software installed (running regular scans) to prevent and detect any malware trying to access information on your device.
Moreover, it is advisable that printer sharing is disabled, as this can present a vulnerability which hackers can then exploit, whilst local folders on the laptop should only be shared (i.e., have status of shared) if they really need to be (because shared folders will become visible to anyone on the network who can see your PC). As with portable devices, individual partitions, folders or files can be encrypted to provide a final layer of security. Although this can be laborious to set up and use, it is essential if you have sensitive data which could be at risk from prying eyes.
Mobile Phones
More and more business is being conducted on mobile phones than ever before and the widespread adoption and even popularisation of smartphones means that vast numbers of employees now have the capability to work effectively on the move wherever they are. With the array of new smartphone functions and the shear amount of sensitive business and personal communication that is conducted through them, the risk of information leaks has increased however. Again, the first security step, in case the phone is misplaced, is to set up a passcode lock so that the phone locks itself when inactive and then requires a passcode to unlock. As with portable storage devices, mobile phones are perhaps easier to lose than bulkier laptops and tablets, while the fact that they are used more often in all parts of peoples lives, both business and personal, means it is even more advisable that smartphones are not used to store sensitive business information unless absolutely necessary.
It is also worth re-iterating the risk of accessing, intentionally or otherwise, unsecured wireless networks on mobile phones too as they are often not considered to be as vulnerable as a laptop, for example. However, with the proliferation of smartphones, cyber-criminals are becoming more effective at taking advantage of such security lapses to access your device’s data so considering wireless security is a must.
Secure Email & Cloud Storage
Email security has improved significantly in the last couple of years. All the major webmail services such as Hotmail and Gmail now offer the option to encrypt the information the information that you transfer via email. To check whether your email is secure, look for the “https” at the start of the page’s web address, when viewing your emails through an internet browser, which indicates that the information you send is encrypted. Your internet browser will also show you a padlock symbol somewhere alongside the address bar to confirm that the security certificate for the website is active (this verifies that the information is being sent to the appropriate server when you transmit it). You not only need to look for this when logging in but also on every subsequent page if you are transmitting sensitive information via email.
Even when encrypted, email should not be relied upon as being entirely secure because you are always at risk (to some extent) of communications being intercepted and you cannot necessarily guarantee the level of security that is in place when your recipient receives the email.
If you want to use cloud storage to store your files so that they can be accessed anywhere on the move, you will again need to look for the “https” and padlock symbols as indicators that the information you transfer is being encrypted. In addition, each storage provider may offer further levels of security when it comes to how the data is encrypted, where it is stored (private servers) and how much of it is visible to staff at the storage company so it is worth comparing providers across the market.
VPN
The most secure method of interacting and communicating with your work place whilst on the move is by using a Virtual Private Network (VPN) which creates a secure ‘tunnel’ across the internet. These can be used to not only to allow you to store all data securely on shared drives/servers ‘back at the office’ but even to log on to the work place network in its entirety as if you were logging on from your desk.
Data can vulnerable when being accessed, transferred or swapped with those shared servers but that is when a VPN Provider can be used to create a secure tunnel through which the information travels, encrypted and safeguarded against interception.
Businesses will have often have their own VPN implementations for use by roaming employees but there is plenty of free or affordable software on the market which also allows individuals or small businesses to access the technology.
There are plenty of procedural and technological solutions to help keep your work, business details and personal details secure and by taking a few basic steps you should really be able to minimise the chances of becoming a victim to cyber-crime. With technologies such as VPN becoming more affordable, flexible and commonplace it really is a good time to take stock of what you and your business are doing to stay secure.
No comments:
Post a Comment