Security – online and in the office
Security is an ongoing headache for most of us. Each week between now and our talk on security to the Inspire group on 13th May we’ll be delivering three security suggestions you can act on easily and quickly to tighten up computing security within your company.
Security of Public wifi
Going to a friend’s house and logging into their wifi is one thing. Yes you subject yourself to the security your friend may or may not have applied to their connection – ask questions if you need to or if the sensitivity of the data you’re sending requires it (in which case you shouldn’t really be doing it round your mate’s) – but it’s likely to be less risky than the sort of public wifi you can connect to in a café, hotel, hospital or other public space that selflessly provides wifi as a public service.
There are various models for providing free public wifi but be sure that someone somewhere is profiting, and it’s not just because you’ll drink three lattes while you use it. The security of the connection is completely beyond your control for a start. Secondly you have no idea what information the provider is taking as you communicate. Thirdly simply by logging onto that network you show up as an entity – one reason to be careful how you represent yourself.
Don’t click on unsolicited attachments
Attachments – don’t you just love them? Fortunately some scammers are very bad at their jobs and make their dodgy attachments blatantly ones to avoid; others are far more subtle. The subject line and sender’s name can both seem very relevant to current projects, which is disturbing in itself, but nothing compared to what happens if you open the attachment.
Simple rule of thumb: if an unsolicited attachment comes from someone you’ve never heard of, ignore it. if you’re worried it’s something you need, ring the company (via a number you find independently, not the one provided in their nice helpful email) and use lots of judgment and scepticism.
If the attachment is from someone you know but still unsolicited it might be worth a text or call to find out what it is. Even genuine documents can contain viruses, so really be sure it’s worth the risk before you click.
Password protect devices
You know about the obvious things – phones, tablets, PCs. If you haven’t password-protected them do it now. A shape drawn on the screen, a number, a phrase or something more sophisticated such as facial recognition. Whatever your preference, implement some form of protection as a first line of defence.
Where it’s an option, employ a remote wiping utility such as Android Los/ a kill switch. The ubiquity of this sort of app is, so we read, having a huge impact on the number of smartphones stolen with thefts down 40% in London.
Look more closely at other devices you use, particularly infrastructure such as routers and other home network devices. If you can change the password, do. Leaving this sort of device with the factory-set password makes it very vulnerable to exploitation.
Lastly anything you own that can come into the Internet of Things category: CHANGE THE PASSWORD.