PDF Version – All-You-Need-To-Know-About-WannaCry-Ransomware
Author: centexitguy Page 61 of 142
Times have changed and this has brought a significant switch in business sector too. With BYOD (Bring Your Own Device) culture now ruling the picture, more and more employees are bringing in their own smartphones, laptops and tabs at the workplace to perform their tasks. There are certain things which go well with BYOD and have benefited the organizations whereas there are some limitations too which it has brought along. Let’s go through the pros & cons of BYOD culture.
Pros Of BYOD
- Convenience – The greatest advantage is that they do not have to carry two devices along. Since, they can work from their own devices, they are easily reachable if a sudden or urgent business task arises. So next time if you ask your subordinate to send you an email they can easily send it from their own device.
- Employee Satisfaction – When employees are allowed to work on the devices they are already comfortable working on, then it can significantly contribute towards employee satisfaction. Also, this way their productivity increases which gives them enough time to think innovatively.
- Cost – If employees work on their own devices it means that the company need not invest on laptops and PC’s for them. So, it is a cost effective strategy that helps companies in saving thousands of bucks.
- Take Advantage Of Newer Technologies – Updating company software and upgrading hardware on regular basis equates to shelling out dollars at the company’s end. Whereas, when employees are allowed to use their own devices, you don’t have to worry about this at all. Employees will themselves get their devices upgraded with latest technologies & software’s which shall indirectly help company reap huge returns.
Cons Of BYOD
- Security – One of the major concerns surrounding BYOD is security. It is very difficult to overcome this challenge. Many employees have access to confidential information as well as logins & passwords details. If a virus creeps in their device it might also leave your official information susceptible to data breach.
- IT Support – It is always easier for people from IT team to fix and deal with devices of similar kind. Things have become complex with the rise of BYOD culture, where each employee brings in their own device. Somebody’s device might not support a program/ format that runs on the other person’s device. In such a case, it becomes difficult for the IT department to fix these issues and ensure that all the systems on the network are compatible with each other.
- Difficulty In Retrieving Data – Since all the official data is available on the employee’s device as well, it becomes difficult to retrieve it when once he/she leaves the organization.
The smartest move is to educate your employees and keep them informed about device safety. For more information on IT Security, call Centex Technologies at (254) 213-4740.
Till date, passwords were the most widely used way for authentication and to keep critical information secure. However, given the present scenario and state of cyber security it can be stated that traditional password systems have not been able to meet the security challenge. As per a report by Verizon, 81% of data breaches in 2017 were either due to stolen or weak passwords.
What Is The Problem With Passwords?
First, passwords are not secure at all. A weak password can easily be guessed or hacked by the cyber attacker leaving the user’s confidential information at risk. Secondly, a strong password is formed by the combination of alphabets, numerals and symbols. With an intention to set a strong password that is not very easy to hack, people complicate it too much and quite often forget it (now that’s a valid paradox).
Thirdly, employees often expose the organization to risk due to their carelessness. Writing the passwords and sticking them up on their desks in order to remember and keep them handy is the most common mistake and is a serious security threat. Also, it is very difficult to remember so many passwords for different login credentials which is why an alternative to setting passwords is required.
Better Alternatives To Setting Passwords –
Biometrics – With things like Apple Touch ID, Face ID passwords, unlocking using fingerprints etc. biometrics has gradually ingrained itself into our lives. It is an excellent alternative to using passwords as it involves our unique biology which makes it difficult to forge or hack. From fingerprints, eye retina scans, face scan etc. are all widely being used by people today. Also with time, more and more devices are becoming compatible to biometric verification.
Two- Factor Authentication – It provides an added layer of security. It uses a piece of information that only the user knows apart from the username and password. Either a one-time password that is sent to the user on their mobile phone or a specific user information that only he/she knows makes it difficult for cyber criminals to hack the password.
Heart Rate – Another safe alternative is using a security technology that resorts to heart rates of a person. Now this is something that is quite difficult to hack as each person has a unique heartbeat.
Security Tokens – There are two types of tokens – soft and hard security token. They are not connected to a network and generate one time passwords instead making them a great alternative.
With the evolving technology, there has been a paradigm shift in techniques that are opted to protect the confidential information. As predicted by Bill Gates in 2004 at a RSA Security Conference, passwords would soon become extinct as people are now opting for other alternatives which seem to be safer somehow.
For more information on IT Security, call Centex Technologies at (254) 213-4740.
Spoofing is nothing but a form of cyber-attack in which the hackers camouflage their identity. The term spoofing means to deceive or trick and involves presenting a deceptive thing in the right & truthful way. In this, the hackers disguise their identity to beguile the user and inject malware into their systems. The most common way to launch a spoofing attack is through emails.
How Do Cybercriminals Spoof Emails –
The hacker generally spoofs the email address to makes it look genuine. They work on “From” field such that the sender’s name and email address appear to be legitimate & authentic. This is done so that the receiver opens up the mail thereby giving hackers an opportunity to inject virus.
Another high end attack called BEC (Business Email Compromise) is being initiated by the cyber attackers. It is generally targeted towards executives at the top level in order to gain access to their company’s confidential & sensitive information. The primary loophole is in the SMTP (Simple Mail Transfer Protocol) technology, as it does not verify the sender’s email address. Cybercriminals generally use services of a free SMTP server available online to spoof the email address in order to dupe the target user and steal their private & confidential login credentials.
Ways To Spot Spoofed Emails –
- The best way to spot a spoofed email is by closely looking at the sender’s name and email id. Do not click any link in a mail that has some strange content that you are wary & suspicious of.
- Gmail provides an additional security feature and allows the user to check ‘mailed-by’ and ‘signed-by’ fields apart from sender’s email id. If the fields are incomplete then there is high probability that the email is spoofed.
- If the content in the email is strange and weird then ask for a confirmation by replying the email. Now the best part is that the reply you send is directed at the original address. If you get a genuine reply then its fine. Otherwise, you will get to know if the email was fake or genuine.
What To Do If You Detect A Spoofed Email –
- If you spot a spoofed email then immediately inform your internet service provider.
- Next change the passwords for all your email accounts.
- Ensure that you have enabled sender & recipient filtering options.
- Make sure that you do not respond to any email you receive from that fake email id in future.
How To Prevent A Spoofing Attack –
- Don’t open emails that do not contain the sender’s name or are sent from an unknown source.
- Update your system regularly.
- Install a good anti-virus software.
- Enable the feature that allows you to filter blank senders.
Other Common Types Of Spoofing –
- Caller ID spoofing
- GPS spoofing
- Referrer spoofing
- DNS spoofing
- IP address spoofing
For more information on IT Security, call Centex Technologies at (254) 213-4740.