Archive for August, 2016

How To Improve Your Organization’s Mobile Security

29 August, 2016

Mobile security is becoming an important issue for the organizations to address. There is no denying the fact that mobile devices help to save time and increase employee efficiency to a great extent. However, the potential security risks posed by these devices cannot be overlooked. It is seen that most employees use the same mobile device for personal and official purposes. It means that connecting to an unsecure network or downloading a malicious app puts both type of data at risk.

Listed below are some tips to improve mobile security in an organization:

  • Use Strong Passwords: A lengthy and difficult password is the first line of defense against a potential data breach. Therefore, encourage your employees to keep their devices protected with a strong password. Besides the basic mobile security options like PIN numbers or patterns, they should opt for more sophisticated ones like fingerprint scanner, facial recognition, voice recognition etc.
  • Install Anti-Malware Software: Owing to the ignorance of users, hackers are constantly targeting mobile operating systems to initiate a malware attack. It is important that the devices used by your employees to connect to the corporate network have an anti-malware software installed. They should also regularly update the software to stay protected against the recent forms of malware.
  • Avoid Unsecured Wi-Fi: Many organizations today are allowing employees to work from remote locations, which increases the risk of your company’s important data being accessed and shared over public Wi-Fi connections. Make sure your employees are aware of the potential security risks and access corporate data through secure Wi-Fi networks only.
  • Encrypt Confidential Data: Encryption of sensitive information sent and received on mobile devices can go a long way in improving your company’s cyber security. Organizations can implement encryption policies according to the employee groups or the level of data confidentiality.
  • Choose Mobile Applications Carefully: You should limit or block the use of third party software on mobile devices being used for official communications. This can help to prevent the occurrence of a breach resulting from unintentional drive-by downloads or installation of applications having backdoors to transmit company’s information to the hackers. Employees should be allowed to install only reliable and a limited number of apps from a legitimate source.
  • Create Secured Mobile Gateways: You can consider directing mobile traffic through a special gateway with targeted security controls, such as firewalls, web content filtering and data loss prevention. This will restrict the employees from using the company’s internal network for personal communications, thereby preventing unwanted software downloads.

For more tips on improving your organization’s mobile security, you can contact Centex Technologies at (855) 375 – 9654.

,

No Comments

How Can Organizations Guard Against Phishing Scams?

23 August, 2016

Business organizations are a worthwhile target for the hackers to carry out phishing scams. Whether it is to steal passwords, employee details or any other sensitive data, just a single click from an ignorant employee is sufficient to give out the information sought by the hackers. Though most phishing emails are detected by spam filters, it is important for the employees to understand the risks and consequences to avoid falling victim to such attacks.

Listed below are some steps organizations should take to guard against phishing scams:

Initiate A Security Awareness Program

The reason why phishing attacks have a high success rate is because they target the end users, i.e. people who have little or no technical knowledge about data security. Therefore, educating your employees about this aspect can help to decrease the probability of a potential data breach. As phishing attacks mainly involve a fake email, malicious attachment or ad, unsolicited friend request on social media etc., security awareness program will help your employees identify such suspicious activities more easily.

Keep Software Regularly Updated

Though security software do not offer complete protection against phishing attacks, they can prevent application downloads or website redirects that seem to be potentially dangerous. Hence, it is important to install and update anti-virus, anti-malware and anti-spyware software on all the computers in the organization. The same rule applies to the operating system and other programs installed on the systems. Keeping the software patched will protect you against the latest security threats and vulnerabilities.

Use Layered Security

Make sure your organization’s confidential information is protected by multiple layers of security. With this, even if a phishing attack is successful, the hackers would not be able to gain access to all the data stored on the victim’s computer system. Use secure user IDs and passwords, followed by data encryption, access control protocols, user activity monitoring and other such types of layered security.

Follow Best Password Practices

Encourage your employees to follow the best practices when it comes to maintaining confidentiality of their official email accounts. Make sure they create strong passwords and change them at frequent intervals. Also, the login credentials should be stored in an encrypted format in the computer system. By combining difficult and lengthy passwords with two-factor authentication, you can considerably reduce the consequences of a phishing attack.

For more tips on preventing and managing phishing attacks, feel free to contact Centex Technologies. We can be reached at (855) 375 – 9654.

, ,

No Comments

What Is Cryptography?

15 August, 2016

Cryptography is a form of information security technique that involves converting cleartext into an indecipherable format, known as ciphertext, so that it can be securely transmitted over the internet. It ensures that the encrypted information can be read and processed only by the user it is actually intended for. Cryptography software makes use of mathematical algorithms to encrypt information and requires the user to enter a key in order to change it back to plain text.

Types Of Cryptographic Algorithms

  • Secret Key Cryptography: Also known as symmetric key cryptography, it uses the same key for both encryption and decryption of information. The key is known only to the sender and receiver.
  • Public Key Cryptography: In this, the sender encrypts the information using a public key and the receiver can decode it through a private key. It is also referred to as asymmetric key cryptography.
  • Hash Functions: This form of cryptography does not involve the use of any key. Hash functions, also called one-way encryption or message digests, are mainly aimed at ensuring data integrity. In this, the plain text is converted in the form of a fixed length hash value. If the data is modified at any stage, the hash value gets changed and indicates unauthorized access.

Benefits Of Cryptography

  • Confidentiality: It prevents the information from being accessed by anyone else except the end user.
  • Data Integrity: It safeguards the data against undetected modifications, either during transmission or after being stored on the computer.
  • Authentication: Both sender and receiver can authenticate each other’s identity.
    Non-Repudiation: The sender cannot deny the authorship of the information at a later stage.

Drawbacks Of Cryptography

  • A strongly encrypted information may make it difficult even for the authorized users to access it if they do not have the key.
  • The sender cannot allow selective access to the information with the use of cryptography.
  • Cryptographic algorithms are based on complex mathematical computations. Thus, it may slow down your computer’s speed to encrypt and decrypt the data.
  • Cryptography is a time consuming process. It takes too long to create the code and transmit it to the receiver.
  • It does not protect the information from other potential threats arising out of poor infrastructure and security procedures.

Centex Technologies provides efficient IT security solutions to the business firms in Central Texas. For more information, feel free to call us at (855) 375 – 9654.

,

No Comments

Ways To Fortify Your Firm’s Computer Security

9 August, 2016

Data breach has become a common occurrence these days. However, owing to the increasing focus on computer security, many organizations have taken the necessary steps to protect themselves against online attacks. As a result, small businesses are turning to be an easy target for the hackers due to the absence of a stringent cyber security policy.

Listed below are steps to fortify your firm’s computer security:

Understand The Potential Risks

Though technological advancements, BYOD policy and cloud computing have simplified business operations to a great extent, they have also increased the risk for a potential data loss. Therefore, you should evaluate the risks and benefits before implementing these in your organization. Make sure you employ strong password policies, enforce installation of security software and enable remote wiping in case a device is stolen or lost. Devices that support data encryption should only be allowed to access the corporate network.

Restrict Access To Confidential Data

The computer systems that have confidential information should be accessed only by a limited number of employees. Important official accounts and server room should also be protected against unauthorized access. Password protect all the computers and encourage the employees to lock the systems when they are not around. You can also use biometric authentication to further intensify computer security.

Educate Your Employees

Even with all the cyber security measures in place, your organization is at risk if the employees are not well-informed about the potential threats. It is important to educate your employees on the adverse effects of these attacks and the best ways to protect against them. They should also be informed about the common attack vectors, such as spear phishing and drive-by downloads. Make sure they understand the rules and regulations regarding handling of removable media, operating official email accounts as well maintaining privacy of sensitive information.

Regularly Backup Your Data

Even if you have implemented an infallible cyber security policy, it makes sense to backup all the important information stored on the computer systems. In case your computer is infected with a malware, it may manipulate, delete or restrict access to the files. If you have a backup on Cloud or an external removable device, a data breach would not have much effect on your company’s operations.

We, at Centex Technologies, can review and suggest measures to fortify the computer security of your business firm in Central Texas. For more information, you can call us at (855) 375 – 9654.

,

No Comments