Data Security & You
There has been considerable interest, and dismay, at the number of times sensitive data has been lost or stolen, indeed the amount of data lost seems directly proportional to the technological advances in devices and perhaps the stupidity or arrogance of their owners.
Desktop computers - these are sitting on our desks giving access to vast amounts of data, yet many people get up and leave their desks without a thought to the risk they are taking. I always lock my desk computer before leaving it, even for a few minutes, because I understand that a moments inattention could put my data at risk and seriously damage my reputation as a security conscious individual.
Laptop computers - these are becoming smaller and smaller. My latest acquisition has an 8.9 inch screen, no hard drive and is small enough to slip into my briefcase. The down side of this is that it is even easier to lose. I encrypt my data so that would not be a problem but the loss of the thing would be very inconvenient. The data is, however, safe.
Memory sticks and SDHC cards - probably the greatest threat to data known today. These tiny devices can hold giga bytes of data and yet can slip easily into a pocket. These devices should always be encrypted, but sadly many are not. All my data sticks have the ability to lock and encrypt data.
Mobile phones and PDA devices - most people do not activate the pin number lock to prevent unauthorised access and a s such they risk having their phone numbers taken, their email contacts list taken and if secret pin numbers and passwords are stored, then these are at risk. Add to that the ability of many devices to access business based systems and email remotely then it is easy to see what a major security threat these unprotected devices can pose.
I use a pin to protect my PDA and have set a pin to protect the sim card as well. If my device was lost or stolen, I can send it a text message which locks the PDA and no amount of fiddling will unlock it, even if a new sim card is inserted and the factory defaults enabled.
A recent survey mounted by the BBC shows just how many electronic devices are left in cabs. The number is staggering. The value of data and equipment is vast.
Moral - keep devices safe, encrypt data, activate pin numbers on phones and PDAs.
Desktop computers - these are sitting on our desks giving access to vast amounts of data, yet many people get up and leave their desks without a thought to the risk they are taking. I always lock my desk computer before leaving it, even for a few minutes, because I understand that a moments inattention could put my data at risk and seriously damage my reputation as a security conscious individual.
Laptop computers - these are becoming smaller and smaller. My latest acquisition has an 8.9 inch screen, no hard drive and is small enough to slip into my briefcase. The down side of this is that it is even easier to lose. I encrypt my data so that would not be a problem but the loss of the thing would be very inconvenient. The data is, however, safe.
Memory sticks and SDHC cards - probably the greatest threat to data known today. These tiny devices can hold giga bytes of data and yet can slip easily into a pocket. These devices should always be encrypted, but sadly many are not. All my data sticks have the ability to lock and encrypt data.
Mobile phones and PDA devices - most people do not activate the pin number lock to prevent unauthorised access and a s such they risk having their phone numbers taken, their email contacts list taken and if secret pin numbers and passwords are stored, then these are at risk. Add to that the ability of many devices to access business based systems and email remotely then it is easy to see what a major security threat these unprotected devices can pose.
I use a pin to protect my PDA and have set a pin to protect the sim card as well. If my device was lost or stolen, I can send it a text message which locks the PDA and no amount of fiddling will unlock it, even if a new sim card is inserted and the factory defaults enabled.
A recent survey mounted by the BBC shows just how many electronic devices are left in cabs. The number is staggering. The value of data and equipment is vast.
Moral - keep devices safe, encrypt data, activate pin numbers on phones and PDAs.
Labels: computer security, data security
Posted: Monday, 6 October 2008
Phishing and Computer Security
I am sure everyone has received an email advising them that their bank has introduced some new security method which requires them to enter passwords and other security details into a web page or face discontinuation of a service.
This is called PHISHING and is usually carried out by criminals to persuade innocent victims to give away information that they may use to gain access to bank accounts, credit card accounts or other financial accounts.
It usually starts with an email
'The xyz bank has recently upgraded its security systems to make your account more secure and to protect your account from unauthorised access. To ensure that these new security measures are applied to your account you must change your password.
Click on the link www.any1bank.co.uk.'
If you click on the link you are taken to a web-site which looks remarkably like the web-site for your bank, cheekily, it may even have a warning on it that you should take care to make sure any information you provide is secure. You are invited to enter your security details. By doing this you have provided the phisher with information to permit theft of your money.
No bank or other financial institution would ever ask you to enter these details on an email.
If in any doubt carry out the following:
Phishing is the number one method at the moment for fund generation by criminals.
Don't fall for it
This is called PHISHING and is usually carried out by criminals to persuade innocent victims to give away information that they may use to gain access to bank accounts, credit card accounts or other financial accounts.
It usually starts with an email
'The xyz bank has recently upgraded its security systems to make your account more secure and to protect your account from unauthorised access. To ensure that these new security measures are applied to your account you must change your password.
Click on the link www.any1bank.co.uk.'
If you click on the link you are taken to a web-site which looks remarkably like the web-site for your bank, cheekily, it may even have a warning on it that you should take care to make sure any information you provide is secure. You are invited to enter your security details. By doing this you have provided the phisher with information to permit theft of your money.
No bank or other financial institution would ever ask you to enter these details on an email.
If in any doubt carry out the following:
- Never put passwords into an email (email is not secure)
- If asked to click on a link, hover your mouse over then link and see if the link is the same as the hover information
- If possible type in the web information you hold already for your bank
- On a bank website look for the closed padlock symbol which shows that the site is secure
- If it looks at all suspicious don't do anything with it
- Forward the email to your bank for them to deal with it
- Telephone your bank and ask if the email is genuine
- If you have been fooled and do enter information into a phishing web-site contact your bank immediately and them what you have done. This may mean that your account is frozen while action is taken. You will have to change passwords of course.
Phishing is the number one method at the moment for fund generation by criminals.
Don't fall for it
Labels: computer security, phishing
Posted: Thursday, 30 August 2007
0 Comments:
Post a Comment