Posts Tagged IT security

Better Alternatives To Setting Passwords

Till date, passwords were the most widely used way for authentication and to keep critical information secure. However, given the present scenario and state of cyber security it can be stated that traditional password systems have not been able to meet the security challenge. As per a report by Verizon, 81% of data breaches in 2017 were either due to stolen or weak passwords.

What Is The Problem With Passwords?

First, passwords are not secure at all. A weak password can easily be guessed or hacked by the cyber attacker leaving the user’s confidential information at risk. Secondly, a strong password is formed by the combination of alphabets, numerals and symbols. With an intention to set a strong password that is not very easy to hack, people complicate it too much and quite often forget it (now that’s a valid paradox).

Thirdly, employees often expose the organization to risk due to their carelessness. Writing the passwords and sticking them up on their desks in order to remember and keep them handy is the most common mistake and is a serious security threat. Also, it is very difficult to remember so many passwords for different login credentials which is why an alternative to setting passwords is required.

Better Alternatives To Setting Passwords –

Biometrics
– With things like Apple Touch ID, Face ID passwords, unlocking using fingerprints etc. biometrics has gradually ingrained itself into our lives. It is an excellent alternative to using passwords as it involves our unique biology which makes it difficult to forge or hack. From fingerprints, eye retina scans, face scan etc. are all widely being used by people today. Also with time, more and more devices are becoming compatible to biometric verification.

Two- Factor Authentication
– It provides an added layer of security. It uses a piece of information that only the user knows apart from the username and password. Either a one-time password that is sent to the user on their mobile phone or a specific user information that only he/she knows makes it difficult for cyber criminals to hack the password.

Heart Rate – Another safe alternative is using a security technology that resorts to heart rates of a person. Now this is something that is quite difficult to hack as each person has a unique heartbeat.

Security Tokens – There are two types of tokens – soft and hard security token. They are not connected to a network and generate one time passwords instead making them a great alternative.

With the evolving technology, there has been a paradigm shift in techniques that are opted to protect the confidential information. As predicted by Bill Gates in 2004 at a RSA Security Conference, passwords would soon become extinct as people are now opting for other alternatives which seem to be safer somehow.

For more information on IT Security, call Centex Technologies at (254) 213-4740.

,

No Comments

Tips For Educating Employees About Cybersecurity

Computers and smart devices have replaced traditional methods of operation at the workplace. Internet has taken over the charge and our world has become a global village. While we have been able to leverage numerous benefits from the technological advancement, complete cybersecurity is still a major question.

Cyberattacks pose a major threat, however not all cyberattacks can be blamed on outsiders. Some of them might just be launched due to the negligence of your employees. Businesses are increasingly becoming vulnerable due to insider threats and the lax attitude of employees. So, in the wake of high ended cyberattacks and with the growing BYOD culture it has become vital to educate employees about cybersecurity.

Here we have listed some tips to educate employees about cybersecurity –

Educate Employees About Social Engineering Activities

Cognize your employees about social engineering attacks. Tell them not to click on suspicious links and emails from unknown sources. If there is something wary about a certain website, blog, link or email and the sender is unknown then it is best to ignore them.

Train Employees At Top Level Of Management

Cybercriminals generally target employees at top level of management who have access to sensitive information and the level of financial damage is greater. So it is important to impart additional training to CEO’S, CFO’S and other employees at that level of hierarchy to safeguard company’s confidential information.

Back To Basics

Provide training about rules for web browsing, email, social networks etc. Through this training they would be able to know the potential ways in which a cyberattack can be made and also take preventive measures to avoid the same. Also, regularly test their cyber security knowledge.

Tell Them What To do In Case They Come Across Something Suspicious

If there is something your employees feel wary of, then they should immediately contact the IT employees who are trained in handling them. Also they should notify the administrator if they come across a suspicious email, link or unusual activity. In case something major happens then unplug machine from the network.

Create A Formal Plan

Have a pre-listed set of instructions about what to do if an employee witnesses a cyberattack. The employees should be well trained to handle this situation and should know what to do if they are hacked. IT team should also draft a formal plan for cybersecurity training, This plan should be reviewed and updated every now and then keeping in mind the latest attacks and risks.

Also, important & confidential passwords as well as information should not be shared with all your employees. Practice the golden rule of giving limited access to only trusted employees. This will ensure that only those people have access to company’s sensitive information who actually need it for performing their operations.

Thus, it is extremely important to train employees about cybersecurity in order to prevent a cyberattack. For more information on IT Security, call Centex Technologies at (254) 213-4740.

,

No Comments

How To Defend Yourself Against Adware

You might have come across a number of advertisements while browsing on web. Have you ever wondered why such advertisements pop up from nowhere and sometimes even crash the programs that might be running on your system.

Adware is nothing but an advertizing based software. The advertisements that are displayed on your screens may seem legit and harmless but can install adware into your computers. When once it is installed, it can track your personal information such as age, location, buying habits etc. Also it can gain access to your browser history which means your personal and confidential information is no more private. The main reason behind the whole mechanism is to fool you and make you install illegitimate programs that display hoax advertisements.

How Do You Know If Adware Is Installed In Your Computer?
You can identify if your computer has an adware in it or not. Here are some signs that you must lookout for –

  • You are subjected to a numerous number of pop- ups and advertisements.
  • The performance and speed of your computer becomes slow for absolutely no reasons.
  • An unfamiliar search bar appears in the web browser.
  • There is continuous change in the browser homepage.
  • You search for some website but you are redirected to another website.
  • Programs start crashing.

How To Defend Yourself –

  • Don’t download free programs as they can increase the chances of injecting adware to your system.
  • Install pop-up blockers to keep unnecessary advertisements at bay.
  • Be wary of files and links from untrusted sources. Make sure that you do not download or click them.
  • If you are suspicious of the content of a particular website then it is best to avoid it for security reasons, lest you will lose your important information and credentials.
  • Usually permission to install such adware’s is deeply embedded in the licensing agreement. So ensure that you read it thoroughly before granting any permission to install or download a particular program or file.
  • Do not click on forwarded emails and messages unless you are sure about the source from which it is sent.
  • Update your system regularly.
  • Install an appropriate anti-virus software.
  • Remove the cookies every now and then.
  • Install a firewall to stay away from such adware.
  • Do not click ‘OK’ or ‘YES’ without reading what a particular pop up says, as this sudden haste can lead to a multitude of problems.
  • Adjust your browser settings such that your internet zone setting is on medium security or above.
  • Do not install an unwanted program or software even if it is free.
  • Run an anti-adware software on regular basis to prevent any major issue.
  • If you witness a suspicious activity which can result in installation of adware or some malware onto your system, then it is best to turn off your computer using the power button.

It is extremely important to be aware about adware and the effect it can have. For more information on IT Security, call Centex Technologies at (254) 213-4740.

, ,

No Comments

Most Common Mobile Threats

Mobile phones have become a part and parcel of our lives. As per Statista, by 2020 there would be 9,038 million mobile phone users globally. With their increasing use, another important issue that comes into picture is the mobile security. Here we have listed some common mobile threats you must be aware of –

Data Leakage – Fraudulent apps seeking personal information can lead to data leakage and are a serious threat to mobile security. Mobile users need to be extra careful while granting permissions to various apps to gain access to gallery, notes and other folders. If a certain app requires you to fill in more information than what is generally required then it is best to avoid it.

Spyware – Your private information remains private no more. Spyware is a type of malware that collects information about the websites you visit, whereabouts and sometimes even your personal information. The collected data is then sent it to a third party without your consent or knowledge.

Viruses & Trojans – Viruses often masquerade themselves and come along with a program that seems legitimate. They can then hijack your personal information as well as sensitive login credentials or send unauthorized premium rate texts. Viruses can also enter your mobile when an app containing malware is installed on your phone.

IoT Threats – Almost all the devices are now connected with our smartphones. If a hacker gains access to your mobile phone then chances are that they can hack information available on other connected devices as well.

Network Spoofing – This often happens when you browse the internet using unknown Wi- Fi networks. Cyber criminals spoof the access points and then hack your emails, contact information etc. to use it for their benefit.

Out–Of-Date Software – There are higher chance of falling prey to a malware attack when your mobile phone runs on an outdated software that hasn’t been updated. Out-of-date software don’t have appropriate security patches often resulting in your pivotal information getting hacked.

Tips To Avoid Mobile Threats

  • Update your mobile system regularly.
  • Don’t set up easy passwords if you browse sites that contain sensitive login credentials.
  • Install a good mobile anti-virus software.
  • Download the apps from App store only.
  • Try to avoid using unknown Wi-Fi networks.
  • Read the end user agreement before actually downloading an app.

For more information on IT Security, call Centex Technologies at (254) 213-4740.

, ,

No Comments

Building A Successful IT Security Program

12th July, 2017

The increase in the number and frequency of hacking attacks in the recent years has led many to organizations to strengthen their cyber security. Having a well-formulated IT security program is not only essential to safeguard sensitive data and conform to legal requirements, it helps to boost employee productivity as well as reduce bandwidth consumption.

Given below are some tips that will help you in building a successful IT security program in your organization:

Establish A Core Team

First and foremost, it is important to formulate a core team to handle the information security of your business firm. The team should have complete knowledge of different aspects of network security such as managing IT assets, minimizing threats and vulnerabilities, establishing policies and regulations, conducting regular audits, training the employees etc. Make sure that you include employees from all levels, instead of assigning the job solely to the IT department.

Create An Inventory Of Organizational Assets

In order to be able to identify and manage potential risks, you should have a clear idea of what all you need to protect. Therefore, you must create a detailed inventory of all the hardware, applications, FTP sites, network drives, databases etc. Categorize these assets according to their level of importance and confidentiality. This will help you to apply security controls in a better way, making sure that the more sensitive assets are safeguarded on priority.

Assess Threats And Vulnerabilities

The next step involves identifying all the threats and vulnerabilities in the organizational assets. Make a list of all the risks, classify them and assign a rank on the basis of the potential damage they can cause to the company. You should also note down all the back doors in the software programs, applications and network that may be exploited to initiate a security breach against the organization.

Implement Security Controls

Access control mechanisms also need to be put in place to minimize risks arising out of unwanted and unauthorized use of data. Set strict guidelines regarding the use of computer systems, hardware, software etc. Forbid the employees from connecting removable storage devices to the organization’s computer systems. Downloading unwanted software or applications should also be prohibited.

We, at Centex Technologies, can help to create and implement an IT security program in your Central Texas based organization. For more information, feel free to call us at (855) 375 – 9654.

,

No Comments