Are you creating a Cyber threat to yourself?

Are you creating a Cyber threat to yourself?

Blog

The majority would agree “Cloud Computing” has revolutionised the way we work. Several years ago, working without a fixed location would not be considered, yet with the evolution of technology – along with the increasing demand to access required information 24/7, remote working has become the norm.

While being able to relax on a beach or nipping to your local coffee ‘hotspot’ whilst filing those imperative documents, along with fueling your creativity is indeed a plus, growing concern around security of confidential information is amplified with the surge of Cyber-Attacks over recent years.

Our awareness around personal possessions - the expensive equipment, purchased to accommodate accessing those secure files whilst on the go is evident. We look out for suspicious characters who may be lurking next to our bags; we lock our cars and house’s, deploying alarms to deter potential thieves. Alarmingly, the criminals we need to focus our attention on, to avoid catastrophic and irremediable implications go further than just the ones in immediate sight. We could be unintentionally inviting these criminals into our personal records due to naivety and lack of security on sensitive data. Cyber Criminals are clever and with the growth of technology, their expertise is expanding - increasing the risk to you and you and your organisation.

Most people will be wise to suspicious unsolicited communications such as emails known as “Phishing” from unknown sources; yet emails that appear to be sent by a colleague may be harder to decipher whether the sender is in fact a trusted source. Common ways attackers will infiltrate their victim’s accounts is to create the sense of urgency i.e. an email that appears to be from someone in seniority, fooling the victim to respond quickly without thinking. Now ignoring all your boss’s emails “just in case” may not be the best solution for your career yet being alert to the following could save your organisation:

  • Emails that come from different addresses to what you’d expect.
  • Documents that ask you to enable macros or editing before you can see the contents.
  • Language used throughout the email-are the phrases they are using out of the ordinary i.e. are they addressing you in a different way to the norm?
  • Windows Explorer has the option to show file extensions to protect you against misleading filenames.
  • Double file extensions (e.g. .pdf.htm) or extensions you aren’t familiar with (e.g. .js, .wsf, .lnk).
  • Hover your mouse cursor over links to see if they go where they say they are going.
  • If in doubt, call or speak in person to your friend or colleague and ask them if they sent the email. (Don’t use the number in the email you’re concerned about – look the number up in a different way!)

Of course, cyber criminals find many ways of accessing your precious data. The widespread rise of “smart” gadgets collectively known as “The Internet of Things (IOT),” while providing a plethora of benefits for the user-also opens up many options for hackers, who seek out vulnerabilities such as weak passwords or dated software to find an easy route into your private details. Throwing away your fit-bit or switching off your “Alexa” may not be appealing to you, but selecting secure passwords; using multi-factor authentication; and connecting devices via PC’s and Laptops that hold the latest software and antivirus installed, collectively minimises the risk.

Similarly, many organisations encourage their staff to use their own devices for work purposes. While this reduces business expense, a far greater cost could occur if necessary precautions are not adhered to. “Jailbroken” or “rooted devices” are in danger of being vulnerable to compromise and should be pre-approved by your IT department before linking to business applications. One precaution organisations take is to set up data encryption and Virtual Private Networks (VPN’s).  Additionally, storing critical business information without necessary cause is leaving you subjected to attack, worse still-should your device fall into the wrong hands, you could end up losing more than the just the value of the item. Such circumstances cannot be completely avoided but being vigilant and taking definitive actions such as reporting theft and remotely wiping your device can certainly lessen the extreme outcomes that can prevail if you don’t.

Statistics report that WIFI related security incidents are common in today’s society, with 62% occurring in café’s and coffee shops. Depriving yourself from your favourite latte may not appeal to the majority, yet being alert to the risks, such as limiting file sharing; opting not to be “discoverable” by other devices around you; sticking to well-known networks and limiting the amount of public networks you sign up to; accessing sites that only consist of “https” rather than “http” in the web link; sticking to well-known networks and limiting the amount of public networks you sign up to, will all reduce the threat of uninvited guests.

Remote working is certainly the way forward, allowing workers freedom and flexibility. Taking these essential precautions will offer you (and your boss!) peace of mind, safe working within “The Cloud” and diminishing exposure to criminals looking to take advantage from right under your nose.

Man sat in a cafe drinking a coffee with a laptop and mobile phone