An Endpoint Protection Platform (EPP) is an enterprise solution typically comprised of capabilities such as port and device control, a local firewall, and anti-malware software. One of the things which most strongly characterizes an EPP is its ability to provide anti-malware scanning, based on detection methods which rely on known signatures, in other words antivirus software.
Advanced Endpoint Protection Platforms
Some EPP platforms go a bit further than this, providing detailed monitoring of endpoint file activity, as well as the detection of suspicious or malicious behavior from such files, which may be completely missed by other layers of security. Going one step further, when this kind of suspicious activity is detected, some EPPs even provide the means of managing it.
This can be an extremely important part of any security system. The truth is that it’s impossible to be 100% protected from malware attacks, and some will break past your firewall and your antivirus software. When they do, having such monitoring of file activity on your endpoints can provide just the kind of alert that you need to spot an attack, before malware has a chance to do any serious damage.
What is Endpoint Detection & Response?
By contrast, Endpoint Detection & Response is a security system comprised of at least four major capabilities:
- the detection of security incidents
- the localization of any incidents right there at the endpoint of detection
- the ability to conduct a full investigation of any potential security incidents
- and the restoration of endpoints to their original status prior to infection.
From this it can be seen that the difference between EPP and EDR is that EPP tends to be more of a front-line defense and EDR tends to be more of a second or third line of defense. While the hope is that any Endpoint Protection Platform will detect almost all malware attacks, the EDR security provides many more tools for managing attacks which have been identified, and have already been carried out to at least some extent.
Hybrid EPP and EDR Systems
It was inevitable that security vendors would develop a package that includes elements of both an EPP and an EDR system to provide the ultimate security system. The market for such products is definitely there, because there are many small businesses and large corporations which have woken up to the dangers of ignoring security, and have now swung their security pendulums entirely to the opposite side.
You can never have too much security in place at an organization, and anything which provides a full toolkit of options is a good idea when it comes to security. For that reason, some companies now provide hybrid systems which include features of both an EPP and an EDR, so that threats can not only be identified, they can also be dealt with right on the spot.
Here are some of the features you might find in a hybrid security platform:
- threat identification using signature-based methods
- ‘sandboxing’ capabilities that perform on-the-spot analysis of files against hundreds of known behavioral indicators, to detect suspicious activity
- malware detection and blocking, using techniques such as signature matching and fuzzy fingerprinting at the endpoint prevent network breaches
- when potentially harmful files slip past the front line of defense, the secondary features can be invoked. That means a continuous analysis of files that enter the network, regardless of what their status is. If later analysis should indicate suspicious behavior, an alert can be sent to the security team, along with the recorded history of file activity thus far. Your team will have a full understanding of where such files came from and what it’s been doing once it entered your network. You’ll then also have the capability of controlling it and deciding what to do with it.
Which is Best for Your Enterprise?
Deciding which approach your company should take to protecting its valuable data assets and network infrastructure will depend on a few things – but one of them should NOT be that you’ve been immune from attacks in the past. That’s the kind of mindset which can easily make your company next on the list for a harmful cyberattack.
Instead, you’ll probably have to take cost into consideration, especially if your security budget is somewhat limited. Then too, you should consider the offerings available from a short list of vendors which you’ve prepared, or which you have been advised about by a security consultant.
Don’t forget to take into account what you already have in place, so that you won’t have to gut the system and completely replace it. Whatever you end up with, make sure to use all the information provided to you, keep it as current as possible, and back up your data files.
It’s safe to say that your API keys represent the keys to your cloud kingdom. Anyone in possession of these API keys can access your applications, hardware, and other software in a given cloud environment.
API keys, or access keys as they are sometimes known, are necessary in today’s computing environments. They provide the means to pass credentials between a cloud provider and an enterprise.
Potential for Harm When Access Keys are Stolen
Access keys are created when an organization is first setting up its cloud management services, and a great deal of damage can be done if they fall into the wrong hands. This is not just a possibility; this scenario has happened several times in the past. A cyber attacker breached OneLogin’s databases after gaining access to a set of Amazon Web Services (AWS) API keys.
There is a definite need for collaboration between organizations and cloud providers. The benefits offered in such arrangements are powerful business enablers and can help keep enterprises afloat in a very competitive landscape. That being the case, there needs to be a very solid approach to securing API keys, so that they can’t be stolen and used in criminal ways.
Some companies have learned that hard-coding API keys into their applications is a big mistake, because these can easily be intercepted. Access keys can be coded directly into applications and scripts and then forgotten about. Then they are left sitting in the applications, available to the first clever cyber attacker.
Securing Your Company’s API Keys
Here are some of the best ways to secure your company’s access keys against criminal attack:
- Identify and list all keys – there are some very good discovery tools available, which can scan your entire cloud environment for any and all API keys that may have been left unprotected. After enumerating all these access keys, you should then check any infrastructure weaknesses which may exist, and gather together all audit information relative to key usage.
- Eliminate embedded access keys – after having found all hard-coded access keys stored in your executable scripts and software applications, remove them so no one can access freely them. It’s a good idea to also cut all direct access from your own employees.
- Make your API keys secure – protect your access keys by storing them in a secure data vault with strong access controls, so that only authenticated users and authenticated applications can gain access.
- Rotate API keys – change your access keys every so often so they don’t remain static for a long period of time.
- Apply least privilege principle – use the principles of least privilege in granting access to your secure API keys. Grant access only to those entities that need them to carry out their normal functions. Also, cut any redundant permissions which were set up for the account role associated with the API key.
- Automate securing your credentials – to avoid direct access by employees, make sure that all API key access to your digital vault is automated by whatever tools and scripts are necessary to carry the process out securely. Guarantee that API access to applications is secure by using application authentication and machine IDs where appropriate.
API Keys are Necessary, but Keep Them Secure
Securing access keys may seem like a hassle, but it should be remembered that there are enormous benefits to cloud computing. It should also be kept in mind that by establishing that kind of setup with a cloud provider, a greater attack surface is made available to criminal-minded individuals on the Internet, and great care must be taken to deter their efforts.
If a cyber attacker were to gain control of your company’s access keys, they could control your entire cloud infrastructure. That would allow this person to disable any security controls and steal any sensitive company data or customer data.
Your company can avoid this doom-and-gloom scenario by following the steps listed above. When access keys are properly managed and kept as secure as possible, you can have peace of mind about the threat of cyber attackers, and can focus on leading your business to sustained growth and success.
The Internet of Things (IoT) is a concept in the computing world which defines the notion that ordinary physical objects can be connected to the Internet, and can have the capability of identifying themselves to other connected devices. This is extremely important, because any object which can digitally identify itself to others becomes something much greater than it would be on its own.
Whatever the object is, it no longer relates just to its owner but can be corrected to an endless number of other machines.
If this description sounds a little nebulous, it’s understandable, since it’s a somewhat difficult concept to grasp. The digital innovation expert who coined the term IoT, Kevin Ashton, put it this way, “If we had computers that knew everything there was to know about things – using data they gathered without any help from us – we would be able to track and count everything, and greatly reduce waste, loss, and cost. We would know when things needed replacing, repairing, or recalling, and whether they were fresh or past their best.”
What Can IoT Do?
There’s a subtle capability included within this quote which you may have missed, but which is the central concept behind Version II of the Internet itself. The original Internet was entirely comprised of data created by humans, but in its second incarnation, the Internet will also include vast amounts of data generated entirely by objects, without human intervention.
Another important point made in the quote by Mr. Ashton is that some of the data generated by objects relate to performance and everyday operating conditions, and back-end software can evaluate this data. When such data is analyzed and compared against other data, it can provide extremely useful information about the status and performance of the object sending the data. That’s how we know if a device is not operating correctly and can make necessary replacements as soon as possible. However, this capability is only one of the many uses advantages which will result from objects connected to the Internet of Things.
One of the ways that the Internet of Things will change life in our everyday world will be through the greater adoption of smart technology in the home setting. Although there have already been several ways that IoT technology has improved life, even more, are just around the corner. Today you may have your coffee pot, your thermostat, and your Amazon Echo connected to the IoT, but even more innovative ideas like this are currently being tested and readied for production. Expect to see IoT versions of washers, dryers, refrigerators, security systems, and lighting systems very soon.
Last year, approximately 85 million wearables were sold in this country, and within two or three years, that figure is expected to exceed 400 million. In the broad category of wearables are included fitness trackers, virtual-reality headsets, smart watches, and other devices. All of these wearable devices are generating literally tons of data, for which practical uses have not even been defined yet. To be sure, there are endless possibilities and potential applications for this data, and when some of these are put into practice, the Internet of Things will become a far busier place.
One of the most tantalizing uses of IoT technology is in smart cars, which are now very close to becoming a reality. In a few years, more than 80% of all vehicles on the road will be connected to the Internet. This will increase the potential for navigational guidance, diagnostic tools, and most exciting of all, self-driving cars.
The automobile industry has made major investments in exploring the potential for IoT technology relative, and as a result, self-driving cars are a virtual certainty in the near future. Many such cars have already been built and tested, and have performed admirably under controlled conditions – which means general rollout won’t be far off.
The Internet of Things will affect more than just individuals and will change the way we do business. For instance, physical inventories will no longer have to be conducted by employees spending their entire weekend in the warehouse, because smart devices will be able to track inventory automatically.
Inventors and creators of appliances and other gadgets will be free to get creative in developing new devices which can provide consumer benefits by being connected to the IoT.
The number of employees working remotely or from home will increase dramatically in the future, as more devices are connected to the IoT, permitting closer integration with work facilities.
Businesses will closely analyze all that data which is being generated by objects connected to the Internet of Things, and a great deal will be learned about where they should put their focus regarding where to innovate, what to innovate, and how to innovate.
Cyber attacks of recent years have grown in number and size, making it crucial to alert the computing world at large of the need to protect data assets and network infrastructure. Large corporations, small businesses, and even private individuals are all subject to attack from criminal-minded hackers who are bent on profiting from illegal penetration into your computing system. Many of the most high-profile cyber attacks of recent years targeted large corporations, simply because of the potential for extracting more substantial sums of money from them in exchange for the safe return of business assets (ransomware). While attacks against small businesses (SMB’s) have not garnered the headlines nor the high visibility of major attacks against big corporations, that doesn’t mean they aren’t taking place. In fact, small businesses now are being hit much more frequently because hackers have realized that, all those small profits from SMB’s do add up to big money in total. Statistics show that over the past several years, more than half of small businesses have had network security breached in some way by hackers. This alarming development should clearly point out the need for small businesses to be on the alert, small business cyber security should be taken seriously.
Managing the Risk of Cyber Attacks Against Small Businesses
In addition to the cumulative appeal of profits from small business attacks, there is another reason why criminals have been turning their attention to SMB’s. With fewer resources allocated to cybersecurity, and less formalized training and education against the potential for cyber attacks, small businesses often present very inviting targets for the criminal-minded.
It’s also true that limited budgets make small businesses cyber security not as readily accessible. However, even with limited resources, there are at least a few necessary steps that all small businesses can take, which will reduce the likelihood of an attack, and at least provide some measure of security for valuable business assets.
For instance, at least one person in every small business can be designated to stay abreast of all known cyberattack threats, so that it’s at least possible to take preventive measures against specific threats and risks. This would typically be an I.T. person who’s also responsible for keeping system software updated with any security patches made available by vendors. Soon after the newest cyberattacks appear, software gurus are at work developing fixes to patch whatever weakness allowed the attack to take place, and these should be applied to your software system as soon as they are made available.
It’s also imperative to take regular backups of business-critical data so that in the event of an attack like ransomware, there is always a safe and current version of data to fall back on, without surrendering to the demands of a hacker.
Education and Training on Small Business Cyber Security
It’s fair to say that the biggest vulnerability for small business cyber security is the lack of employee education and training. This, of course, is not limited to SMB’s, because even corporate giants are frequently exposed to cyber threats by the weakest point in their networks, which is the actions of employees.
Hackers are naturally aware of this, and much of their time and effort is spent trying to dupe unsuspecting company employees into providing them with crucial information like passwords or account data which will allow them to carry out attacks against the company network. All this should make it clear that one of the top priority investments in small business cyber security is to properly educate and train employees about cyber threats, and how they’re carried out and resolved.
Every employee needs to be aware of the potential for cyber attacks and should treat anything suspicious with extreme caution. At the bare minimum, all employees should be educated about the necessity for safeguarding passwords, credentials, and account information. Such attacks can be carried out through email phishing scams, or possibly social media, where cyber attackers are known to be listening, and waiting to exploit unsuspecting employees to obtain vital security information in a seemingly harmless environment.
Hackers can also obtain business details information from employees via social engineering, wherein cyber attackers manipulate employees by pretending to be clients, banking institutions, or other characters of authority or importance. Some of these attacks are made through phone calls where a supposed colleague requests to know changes made to account information need to be reminded of specific passwords to gain access to system software. Hackers posing as managers from other departments have also exploited unwary employees with phone calls asking for similar information, which can then be used to breach the computing system and hijack valuable company data assets.
Some small businesses in the country have gotten the message, and have taken whatever steps they can to prevent cyberattacks, or at least reduce the potential for them. If awareness is the first big step toward improving your small business cyber security, educating employees about cyber attacks can be said to be an essential second step. Hackers these days are determined to victimize small businesses as well as corporate giants, and that means SMB owners and managers have to be just as committed to preventing those attacks.
A study recently conducted by RiskVision, a respected developer of Risk Management software, determined that more businesses today are concerned about company reputation than they are about potential breaches of security which might impact them. It has long been known that companies consider a brand name to be one of their most significant assets, even though it’s an intangible that has value to no one outside the company itself.
In this survey, damage to a brand name was considered to be potentially more damaging than security breaches, even though the two often go hand-in-hand today. Hackers who successfully penetrate into a company’s computing network often do inflict serious damage to the reputation of the business, and subsequently its brand name. It should, therefore, be kept in mind by all business owners that security breaches need to be taken seriously, to prevent damage to the company brand-name, as well as all the usual financial ramifications.
How a Security Breach Can Damage Your Brand Name
Typically, the first thing a customer considers when thinking about brand names, about products or services, is whether or not the product or service provides quality and value, and whether the cost is in line with the levels of quality and value delivered. However, any company which has suffered a known security breach often falls into an entirely different frame of evaluation.
Consumers will often think that any business which has allowed itself to be hacked by criminals is not worthy of their trust and patronage. After all, if their business practices were lax enough to permit the cyberattack in the first place, that may be a sign that other important aspects of the business are also conducted with inadequate attention to detail. This fact is borne out powerfully in a poll jointly conducted by CSO and OnePoll, which attempted to determine the connection between insufficient security and a company’s brand name, as perceived by consumers.
In the survey, a whopping 86% of customers declared that they were unlikely to patronize a company which had suffered a severe security breach, especially if the breach was related to customer information. This represents a definite shift in consumer thinking from the early days of cyber attacks when businesses were perceived as victims entitled to understanding and sympathy from the public. In the now-famous cyberattack against department store giant Target, sales for the entire quarter after their security breach dropped like a rock, falling almost 50% from the prior quarter.
Impact of Security Breaches on Small Businesses
Major security breaches perpetrated against small companies can have an enormous effect and can cause irreparable brand-name damage from which recovery is either very difficult or downright impossible. In 2016, a study was conducted by KPMG which determined that almost 90% of small businesses had suffered serious brand name damage in the immediate aftermath of a security breach.
In a white paper published by the National Cyber Security Alliance, figures were released which showed that as many as 60% of all small businesses completely collapse less than six months following a significant cybersecurity breach. Interestingly, both of the studies referenced above reported that less than one-quarter of all small businesses considered cybersecurity to be a top priority. The fact that there has historically been relatively little concern about cybersecurity breaches may account for the often devastating impact that attacks have had on those business entities.
Taking Steps to Secure Your Business
A cyber security plan doesn’t need to be especially elaborate, and it doesn’t need to be funded to the hilt, with every conceivable kind of virus detection software. There just needs to be a well thought out plan for cybersecurity, and a legitimate effort to enforce that strategy. There are some straightforward but very cost-effective measures which can be adopted to thwart the vast majority of cyber attacks.
Using strong passwords on all company computers is a good start, followed up by installing security software on company devices. It’s always best to keep hardware and software updated with the latest available security patches and to periodically back up business-critical data. The weakest point of any company’s network should not be overlooked, which means employees need to be educated about the risks of cyber attack.
The important thing to remember about any cybersecurity policy is just to implement as many of the simple steps listed above as possible and to do it immediately so that your system is not left vulnerable to penetration by cyber attackers. As some of the survey results mentioned above make clear, every kind of business from the corporate giant on down to the mom-and-pop retail outlet must take all steps possible to avoid the possibility of major security breaches. Failing to do this can cost you a lot more than money – it can cause irreparable harm to your company’s reputation.
If you haven’t heard about key reinstallation attacks yet, they’re the most recent form of Wi-Fi hacking. It’s also possible that you actually have heard about them under their media nickname, which is ‘Krack Attacks.’
Regardless of the nomenclature, key reinstallation attacks are attempts to exploit a flaw in the Wi-Fi encryption protocol which permits hackers to hijack all kinds of personal information, including photos, passwords, and account numbers. The first thing to know about key reinstallation attacks is that they’re not specifically targeting any particular hardware, but rather a weakness in the Wi-Fi protocol itself.
This means that all smartphones, mobile devices, routers, and desktop machines are subject to attack, and any or all of your personal data may abruptly come into the possession of someone with criminal intent. Today, we’re here to discuss what you should know about this new threat.
How Key Reinstallation Attacks Work
Researchers have uncovered a flaw in the WPA2 Wi-Fi protocol which allows hackers to replicate a user’s network entirely, and by falsely representing the Media Access Control (MAC) address, which is a device’s physical address, it can actually cause a switch in Wi-Fi channels.
When a bogus network is set up in this way, it can actually intercept signals from any remote device attempting to connect to the original system, causing such attempts to bypass the real network, and instead connect to the rogue.
The way WPA2 encryption is supposed to work, it would require a unique key for any encryption request, but the flaw uncovered in the WPA2 protocol does not always need that specific key, and instead, reuses a previous one. The problem is particularly acute with Linux and Android, because of the way they make use of the WPA2 protocol. In these operating systems, a unique encryption key is not demanded every time an encryption request is made, leaving the system vulnerable to hacking.
In layman’s terms, the Wi-Fi protocol can be exploited when hackers can find a vulnerable network and take advantage of the WPA2 weakness, ultimately directing users to the rogue network for data hijacking.
Researchers Proof of Concept
Previous minor flaws had already been uncovered in the WPA2 protocol, so researchers were already fearful that some even more significant problem might be lurking within the software. The key reinstallation flaw was discovered by those researchers, who then conducted proof of concept experiments to attack a theoretically vulnerable Wi-Fi system. On an Android system, the researchers were successful in intercepting and decrypting all the test victim’s data.
According to these penetration experts, the same kind of ‘success’ could not be achieved on a system setup with HTTPS secure socket layers but would wreak havoc on sites which have been poorly set up and missing HTTPS. While Linux and Android are most severely affected because of how they use WPA2, other operating systems like Windows, MacOS, and OpenBSD would also be compromised but to a lesser degree. How serious is the issue for Android? Experts recommend that owners of Android devices shut off Wi-Fi until known fixes have been applied to close up the weakness in the protocol.
What You Can Do to Avoid Krack Attacks
One of the best things you can do to avoid the possibility of a key reinstallation attack is to look for the ‘https’ at the beginning of any URL for websites which you visit. That ‘https’ is an indicator that the site uses secure protocols, and you would be safe in visiting. You can also simply avoid using Wi-Fi for the time being, while software gurus hurriedly develop a fix for the vulnerability. This may be inconvenient, especially when you’re away from home or the office and might need Wi-Fi, but it’s much safer than having your sensitive data fall into the hands of a criminal.
One of the interesting things about these attacks is that a hacker must be within the physical range of your machine before the attack can be carried out, and while that does serve to shield many users from harm, an actual attacker can’t be identified beforehand so you know if he’s close enough. So naturally, you can’t rely on remaining safe because you aren’t within range of a criminal – after all, what does a criminal look like?
Fortunately, the fix will be relatively easy to develop in this case and should be forthcoming relatively soon. All that’s necessary is a simple change to the firmware so that during the ‘handshake’ between devices, a unique key is requested every single time, rather than sometimes relying on previously used ones which can be exploited. Get in touch with your provider and ask when fixes will be made available, and as soon as those security updates are released, make sure they are applied to all your devices.
A sandbox is an isolated environment that mimics an entire computer system. This protected space can be used to test suspicious programs and analyze potential threats. Sandboxing is a vital security feature that prevents malware and other viruses from entering and damaging your computer.
Much of the software you already use, like web browsers, have sandboxes that filter most of the code your system uses to perform daily tasks. You can create your own sandboxes to test whether a piece of software is safe, in a controlled environment that won’t damage the rest of your computer’s system.
What Is Sandboxing? Why Is It an Essential Security Feature?
Sandboxes give specific permissions to a piece of code, allowing it to perform its functions, while restricting it to a tightly controlled environment. Programs are then run within this environment, where no additional code permissions can be abused.
In everyday computer use, you come across many sandboxing security techniques. Your web browser, if you use Chrome or Internet Explorer, runs the webpages you visit in a sandbox. These webpages are limited to the access granted by this browser’s sandbox, meaning that this site can’t do things like open your webcam without your permission or snoop on your personal files.
Web Browsers With Sandboxing Capabilities
Browsers with sandboxing capabilities are especially useful for recognizing advanced persistent threats (APTs). These APTs are designed to escape detection, breaking through conventional security barriers, and gaining access to Personally Identifiable Information (PII) on your computer. Sandboxes help isolate these viruses and prevent them from spreading.
Sandboxing browsers don’t have access to your entire computer, because they run in a low-permission mode. If a malicious webpage manages to take over your browser, it would still have to get past the browser’s sandbox to do any damage to rest of your system.
If a webpage happens to contain malicious code, a browser without a sandbox wouldn’t be able to protect the rest of your computer system. This creates a security vulnerability through which malware or viruses can be introduced. Most browsers, with the exception of Mozilla Firefox, have sandboxing capabilities.
For the most part, the fewer permissions granted to the browser or any other program, the more secure your system will be.
Sandboxes Are Already Protecting You
Browsers are among the many sandboxed programs on your computer. There are plenty of other programs that are already being sandboxed for your protection.
Content from plug-ins like Adobe Flash or Microsoft Silverlight are run in sandboxes. An online game made with Flash is much safer when played on a web page than when it’s downloaded and opened as a standard program. As a sandboxed plug-in, Flash contains the game within the browser, and severely restricts what it can do to the rest of your system.
PDFs and Other Documents
PDFs have become a common source of malicious executables. PDFs and other documents can contain malicious embedded links, and without sandboxes, these viruses could compromise your system’s security. Adobe Reader now runs in a sandbox, and Microsoft Office also has sandboxing capabilities that keep unsafe macros from infecting your computer.
Smartphone apps run their code in a sandbox. iOS, Android, and Windows mobile apps have far fewer permissions than their standard desktop counterparts. In order to access functions like your location or camera roll, they must ask for the user’s permission.
By keeping mobile apps in low-permission mode, you’re able to keep the information on your smartphone safe. Sandboxes also isolate apps from each other, so one app can’t affect each another’s functionalities.
If your computer runs on Windows, User Account Control is a form of basic sandbox security that you come across frequently. Essentially, User Account Control restricts desktop applications from modifying files within your system without asking the user for permission.
This form of sandbox security offers very minimal protection, since desktop programs can still run in the background and log your keystrokes. User Account Control merely stops unwanted programs from accessing system files and system-wide settings.
How You Can Apply Sandbox Security to Your Programs
Sandboxing your own programs isn’t really something you need to worry about, since so many of the apps and programs you use on a regular basis are already sandboxed. However, it’s useful to know that most desktop programs aren’t generally sandboxed by default.
If you want to run a program without letting it harm the rest of your system, you can sandbox any program. As mentioned before, User Account Control (UAC) doesn’t do much to protect your system.
Virtual machines like VirtualBox™ or VMware create entire operating systems within your existing OS to test programs. This simulated operating system is completely sandboxed, so it doesn’t have access to the rest of your system, and the programs you are testing within the virtual machine can’t access anything outside of its designated boundaries.
Virtual machines allow you to install programs on the virtual operating system and run them as if they were open on your actual OS. You can then analyze the installed program to determine if it contains malware.
They also have snapshot features, which allow you to reset your virtual machine to state it was before malicious executables were installed. You can then continue to test programs in your virtual machine without worrying about crowding or damaging the virtualized operating system.
Sandboxie, unlike virtual machines, is a program that creates a protective bubble around your existing computer system, effectively sandboxing the parts of your system you specify. With Sandboxie, browsing the web is more secure. Any cookies, cached files, and search history, can all be cleared from your browser when you close the sandbox program. You can even send apps directly to Sandboxie to be examined.
All Things Cyber Security With Geek Aid
If you’re still confused or just want to find out more about how to keep your computer absolutely secure, Geek Aid is here to help. Our professional geeks know your computer system by heart, and can protect you against viruses and malicious content to keep all of your devices in working order. Call us at (877) Geek-Aid to speak with our geeks today.
Increasingly, people are choosing ridesharing apps like Uber and Lyft over traditional cab services. This is partly because the rates are cheaper, but also because passengers can lower their fare further by carpooling with people traveling in the same area.
Anyone who has used an app like Uber knows that it uses GPS technology to show where drivers and passengers are, in real-time. This in itself raises some questions about privacy. But recently, ridesharing apps have given travelers even more to worry about.
Uber has granted its employees access to data on thousands of customers, including when and where each client travels. This data even includes how long a customer stayed at a particular location. The implications of this are far-reaching. Data breaches of this kind could leak the personal travel details of thousands of customers. Additionally, this information could be used to spy on politicians and other high-profile figures.
Uber currently has 40 million users, claiming that these info distribution practices are in compliance with their legal responsibilities and offer sufficient protection for their users. However, in 2014, Uber revealed a “God View” tool that displayed an aerial view for tracking customers in real time. These examples raise suspicions about how much ridesharing apps care about customer privacy.
What Kind of Data Is at Stake?
The privacy policies of ridesharing apps bring to light how these companies store, employ and keep our personal data safe. Most of these apps require that users connect their social media profiles to their account. Sites like Facebook are giant databases of personally identifiable information (PII). If these details are leaked, customers’ personal, professional, and social lives may be at stake.
Using-link Facebook accounts can be an easy method for new users to sign up and log in, but linking to social media accounts means that apps are also collecting information unrelated to getting a ride. Birthdays, friend lists, which college or university you attend, and interests are also gathered.
Credit Card Account Information
In addition to these concerns, how ridesharing apps handle our payment credentials has also come into question. These apps are usually cashless and require their users to link credit card accounts to pay for rides. While this seems like a more convenient payment method, our account numbers are only as safe as these companies’ privacy policies.
How Your Personal Information Can Be Leaked
What does this mean for ridesharing passengers at large? Generally, a bulk of the information is collected for marketing, general usage statistics, and app functionality purposes (service improvements). This information can also be sold to advertisers or third parties.
There are three ways in which a data breach could occur: the information could be leaked during the transmission of it to third parties, the ridesharing company itself may mishandle the information, or the data might be mismanaged by advertisers or third parties.
What Can You Do to Protect Your Privacy?
Ridesharing apps are obviously an innovative idea; in an increasingly interconnected world, the concept of using technology to facilitate carpooling is incredibly useful. Ridesharing is both a green way to go about your daily commute and an inexpensive way to reach destinations inaccessible via public transit.
But because extremely sensitive personal data is at stake here, choosing a ridesharing app is not a trivial matter. These companies’ privacy policies are available on their websites and should specify what individual user data is being collected. All apps collect usage statistics and other general facts, but privacy policies tell you which companies send out user specific details (credit card numbers, birthdays, emails, etc.) to third parties.
You can also read other users’ reviews to see what they have to say about their experience. Reviews are very telling of how a company handles their business, how much they value their customers, and how their policies affect the end-users.
The Future of Ridesharing Apps
Conventional car services like taxicabs and black cars/limos are regulated by law. With the emergence of apps like Uber taking over the car service scene, questions have been raised concerning legality and classification. Institutions of political power, like the U.S. Senate, have come to ask companies like Uber about their privacy policies. This industry is still fairly new, and comprehensive security standards have yet to be put in place.
Until then, it’s always a good idea to keep yourself updated on the privacy policies of the services you are using. Today, data breaches carry the weight of bank robberies in decades past. Because all of our information can be accessed in one place, it must be properly safeguarded.
While app developers should be obligated to make sure their software protects the data being collected, it is still the responsibility of the user to educate themselves on how their data is being handled.
What Is the Cloud?
“The cloud” is one of those popular tech topics people talk about but can’t always define. The cloud is essentially a network of servers that does two types of things. One kind of cloud server stores data and while the other uses its computing power to help applications run.
We all come across the cloud frequently in everyday life, especially for storage. Every time you use an app like Instagram, a cloud server is what holds the pictures uploaded to your account. These photos are not saved in your phone’s internal memory, but rather in Instagram’s network of servers. Dropbox is also an example of a cloud server. Every time you save something on your computer that doesn’t take up your computer’s memory, you are using the cloud.
Other companies like Adobe use the cloud to deliver services. Previously you could buy the Adobe Creative Suite™ in a physical box. Now, all of these tools exist in the cloud and users pay a subscription fee to access them in the Adobe Creative Cloud™.
How the Cloud Benefits You
When businesses decide to move their resources to the cloud, overhead costs can be reduced. Before cloud technology became widespread, businesses would have to purchase hardware and computer applications that lost their value over time. With the cloud, applications previously downloaded on physical computers are now run and updated through the Internet.
Businesses can also be more flexible with their resources. The cloud allows them to pay for only what they use since cloud computing is a subscription-based service. It can also accommodate for businesses that have growing bandwidth demands since cloud capacity can be scaled up and down easily. This kind of agility makes these services cost-effective and adaptive.
The cloud can make your business more secure in a variety of ways. Lost laptops are a security breach for companies every year because many of them contain highly sensitive information. Not only that, valuable documents may be lost forever when devices are misplaced.
With cloud computing, you can access files at any time via your Internet connection. This allows you to remotely wipe the memory of lost devices and not have to worry about information falling into the wrong hands.
The cloud benefits the environment by decreasing your carbon footprint, by reducing unnecessary hardware and only using the required amount of cloud storage. Even in the digital age where more and more companies are going paperless, sustainability is important.
Is the Cloud Secure?
Contrary to popular belief, the cloud is quite secure. However, it requires you to take measures to personally secure your company’s data. When businesses “move to the cloud,” it requires that you have knowledgeable security staff that understands what that entails. Your team must know that the data you are moving is sensitive, and apply end-to-end encryption to the data during both storage and transfer process.
A recent study found that 82% of public databases are not encrypted. Make sure the cloud provider you are using suits your data needs and has what it takes to keep your files secure. Whatever service you choose, it is still the job of the user to define who can access the data, move it, add data, etc., and how those permissions change with each cloud provider. Defining these terms is known as Identity Access Management (IAM).
In addition to these steps, it is wise to back up your data in separate fault domains. Fault domains are basically stacks of servers. They include features that, in the case of a network failure, make sure only the server with the failure would stop working. This means you have multiple copies of your data, achieving maximum file resiliency.
Cloud Computing Creates a Level Playing Field
Anyone can utilize cloud computing services since they are inexpensive and require only an Internet connection to access. It also allows small and growing companies to use enterprise-level technology, and even make faster business decisions than larger, more established companies.
Cloud networks facilitate collaboration from your team members, meaning that they can work and share files with everyone, from anywhere. Cloud-based workflow applications allow real-time remote collaboration and streamline communication. Gone are the days of attaching files to emails and ending up with incompatible file formats, and ineffective version-control.
Moving data to the cloud means that even the smallest companies are becoming more globally involved. Since growing businesses can be financially nimble using cloud computing services, they can now disrupt a market dominated by Fortune 500 corporations.
If you need assistance in moving data to the cloud, don’t hesitate to contact Geek-Aid. We’re here for all of your technology needs and computer repair questions.
Network Security on Your Home Computer
No matter how much time you spend on your work computer, your home computer contains some of your most important files. Our personal machines help manage our finances, social relationships, and professional lives, but we often don’t put in as much effort into keeping them secure. Our computers contain a variety of personally identifiable information (PII), and it’s important to maintain sound computer and network security to protect your files.
Connecting Your Computer to a Secure Network
A network router is your first point of contact with the Internet. Don’t just rely on your ISP (Internet Service Provider) or cable modem to perform comprehensive security monitoring. An Internet connection starts with your modem, connects to your router, and feeds this information into your computer. Your router should be secure before connecting to the Internet.
Here are a few tips to maintaining network defense, once you are connected to a secure network. First off, use a web browser with sandboxing capabilities. A sandbox is an isolated environment that mimics an entire computer system, which targets suspicious programs and analyzes potential threats.
Browsers with sandboxing capabilities are especially useful for recognizing advanced persistent threats (APTs). These APTs are designed to escape detection, breaking through conventional security barriers, and gaining access to PII on your computer. Sandboxes help capture these viruses and clear them out.
When you own a business, you want to keep your home computers well-defended because any crossover information between work and personal machines, through email or messaging apps, can cause a data breach. A recent study found that 60% of small companies fail due to poor network security measures.
Sandboxing can be applied to a number of different programs, such as PDF readers. A common means for viruses to attack your computer is through embedded URLs, where malicious executables can gain entry via PDF files.
Keep Everything Up-To-Date
While this may seem self-explanatory, many malware attacks occur because personal computers are not as diligently updated as company devices. Make sure your computer has current versions of all software you run.
Updating programs like Microsoft Office to the 2007 version or a more current iteration is a good idea, since word-processing is a common function on home computers. Microsoft Office 2010 offers a “Protected View” that opens documents in read-only mode, which blocks any viruses embedded in unfamiliar files.
Many applications have a feature that enables automatic updates. Updating frequently is a good network security practice, since attackers typically exploit hosts that don’t have their software applications fully patched. Additionally, evaluate which programs you use most frequently and those you never seem to use. Do some research on the software you wish to delete, and determine if removing them is possible. Fewer applications on your computer workstation mean fewer channels for hackers.
Social Engineering and Phishing Attacks
Some of the most common attacks are executed through email. A social engineering attack uses human interaction to obtain sensitive information on computers with vulnerable network security. In these infected emails, a person can claim to be an employee, cleaning service, or someone else offering qualifications that would allow them to gather your confidential information.
Phishing tactics also use emails from attackers masquerading as reliable organizations to obtain personal details. Often, these phishers will take advantage of events in the news (i.e. fake natural disaster fundraisers) and holidays (i.e. Christmas shopping deal scams) to steal account information. They even go so far as to pose as reputable banks to issue fraudulent warnings, hoping that alarmed card holders will hand over their account credentials.
Keeping Your Home Computer Safe From Attacks
To avoid these attacks, install anti-virus and anti-spyware software, firewalls, or email applications that filter your inbox. Whenever you are asked for sensitive information such as your credit card number or even your birthday, verify that your information isn’t falling into the wrong hands.
If you suspect that you’ve received a phishing email, call the organization the message claims to be from. Use the contact info on the legitimate website, and ask about the email.
In general, don’t open unfamiliar links or messages with attachments, especially from email addresses not in your contacts. Also, find out how to build a strong password and employ those methods for all of your accounts. Secure and complex passwords should not only be used for WLANs but also for any devices in your home and work that use web interfaces (i.e. printers, self-automated light switch systems, etc.)
When it comes to protecting your personal information, there’s no such thing as taking too many precautions. At Geek-Aid, we specialize in every kind of cyber security. We all rely heavily on personal computers to manage many aspects of our lives, and keeping these devices secure is a top priority.