15

Jan

2019

Six Security Practices to Teach Employees

No matter how strong your security and defense systems may be, there is always one flaw: human error.

No matter how big or small a company is, the fact behind employees being the biggest threat will never change for IT security. However, there are steps that can reduce the effect of human error, one of which is educating your employees on basic fundamentals of security and awareness.

Other steps that you can take include:

  • Avoiding Unknown Networks. Sure, you can send an email through a Starbucks Wi-Fi network, but these are open doors for hackers to gain access to a device that may contain corporate data.
  • Always Have a Passcode. Everything has gone mobile, and that includes the devices we use both at work and at home. Most of our devices don’t require passcodes, but they should. Teaching employees the importance of having every device require a passcode will pause the threat of an unknown visitor gaining access to critical information.
  • Watching What You Click. Antivirus software isn’t always the answer. Employees have become relaxed in what they click because of the “protection software.” Helping them understand that this is not the case, and the consequences of opening up documents from unknown people or websites.
  • Do Not Share Credentials. Purchase additional login accounts rather than sharing one account. That mentality needs to be done away with, and employees should learn value behind guest or role-based accounts. This is what keeps systems safe and secure.,/li>

Saying Something If You See Something. Keeps your eyes open for any suspicious documents, emails, or websites. Awareness goes a long way towards preventing cyber-attacks and hacks.

Comments (0)
Number of views (5896)
Article rating: 3.0
Read more

Categories: TIG Blog

Tags:

3

Jan

2019

What’s Your Data Worth?

Have you ever wondered what your data is worth on the dark web? Recently, RSA went undercover in the dark web to find out just how pervasive “dump” selling was and what your information is worth.

RSA and Fox Business News Report found the following:

Social

  • Instant Messaging ($1-$5)
  • Emails ($1-$3)
  • Dating Sites ($1-$10)
  • Social Media Websites ($3)

Finance

  • Financial Services ($7-$10.50)
  • Online Money Transfer Services ($0.0-$15.50)
  • Bank Accounts ($3-$24)
  • Credit Card Websites ($3-$5)
  • Accounts from Recent Breach ($1)

Travel/Leisure

  • Airlines ($3-$10.50)
  • Hospitality Services ($0.7-$1.50)

The scariest part of these findings is that dating accounts have quickly become the third & fourth most valuable type of account to resell on the dark web. The reason? It provides the attacker with enhanced knowledge giving them the ability to generate a ‘Synthetic’ Identity. They glean intimate personal details about your life to create a new physical and virtual you in order gain credit, buy property, and obtain enough knowledge to take over your existing accounts by answering deeper security questions such as, “What was your first car?”, “What’s your dad’s middle name?”, or “Who was your favorite teacher in high school?”

So why do businesses & organizations care about this new trend?

Many organizations deploy technologies that are based on the same “Personal Question” methodology. An attacker who knows the answers to these questions can gain access to password reset mechanisms. Likewise, employees often use similar passwords across work and personal sites. More cases are being seen involving blackmail and corporate espionage – when people feel subject to embarrassment or criticism over information they posted on a dating site or social media outlet, they are more susceptible to do unnatural things to keep that information private.

How are you protecting not only your networks and Intellectual Property, but how are you educating your users and protecting them?

Be Vigilant, Stay Aware!

Christian Rolland, BVP, CCDP, CCNP+S, CCNP+R&S
Sr. Practice Director, Enterprise Networking

Comments (0)
Number of views (7255)
Article rating: 5.0
Read more

Categories: TIG Blog

Tags:

RSS