Devising a Data Security Strategy

/in /by

Whether you are an individual who games, a work-at-home employee, a family of four that shops online, a road warrior or even a small business, chances are you have data to protect—and so this all pertains to you.

5DFundamentals:

Antivirus isn’t enough: A free antivirus package is good, but it might not update automatically—and you need your antivirus to be today’s version. Spend a couple bucks and get your antiphishing, antispyware and firewall protection.

Updated browsers: An old, outdated browser is a nightmare that is often riddled with holes for criminals to slither a bug through. Install the latest update ASAP, automatically or both.

Updated operating systems: Set your OS to automatically update, as manual updates are often forgotten and missed.

Disk encryption: Your device may come equipped with the ability to encrypt individual files, folders or the entire disk. There are many free third-party encryption programs that are excellent.

Backing up: You should have at least two local backups of all your data in case a device fails. I use external drives and GoodSync to keep it all backed up every hour. Also, invest in cloud-based storage that has encryption as well—all for under $100 annually.

Password management: It’s not OK to have one password for 30 accounts. You need 30 different passwords, and this can only be accomplished with a password manager.

Wireless WiFi protection: Having open WiFi so your neighbor can piggyback on your connection is a bad idea. Use WPA2 encryptions that are built into the router. Whenever using public free WiFi, use a virtual private network software such as Hotspot Shield VPN to encrypt all your data.

Mobile device security: Mobiles are small computers that store our data or have access to our cloud-based accounts. Mobiles need to be password protected and have antivirus protection, just like PCs do. Keep in mind that WiFi on a mobile is no different than on a laptop, so use a VPN on your mobile too.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Digital wallets will save us!

/in /by

When you leave your home or apartment in the morning, you might pack up a small bag of whatever you need for the day, which might change daily. But what doesn’t change is the three things you always have, and that’s your keys, mobile device and wallet. They are three essentials we can’t function without.

Fortunately, at least two out of the three are going away. Many locks for homes, businesses and doors are keyless, using a touchpad or buttons. And wallets as we know them are going digital, too. This means all we’ll be left with is our smartphone!

Through near field communications (NFC), smartphones can act as a virtual credit card that makes payments right at the cash register. NFC is much more secure than the traditional plastic cards with the magnetic strip, so the security of NFC is a huge benefit to preventing credit card fraud.

Isis is a mobile payment network comprised of the major mobile networks as a joint venture among the three biggest telecom operators in the United States (AT&T Mobility, T-Mobile USA and Verizon Wireless) to provide consumers and merchants with an open and secure mobile commerce platform. Isis has chosen Gemalto to secure this platform though Gemalto’s Allynis trusted service manager (TSM).

Google is also in the digital wallet game too. No matter if you’re at home or on the go, you can send money to any friend in the U.S. with an email address. It’s easy, fast and free to send directly from your bank account or Google Wallet. Store your loyalty programs in Google Wallet and leave the plastic cards behind, or redeem great offers with Google Wallet from your favorite businesses to save when you shop. For select NFC-enabled devices, you can tap and pay anywhere contactless payments are accepted. Choose to spend your Wallet balance, or add a credit or debit card to fund purchases.

In due time, consumers will be able to rid themselves of their wallets and consolidate all their cards into the mobile devices! I, for one, want this yesterday!

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

NFC app on androids facilitates automation

/in , /by

Near field communications (NFC) is the exchange of information between two devices via wireless signal. For example, a wireless signal emitting from your cell phone can act as a credit card when making a purchase. In the case of a mobile wallet application, those devices would be a mobile phone and a point-of-sale device at a checkout counter.

And NFC does so much more on Androids. A program called Trigger, which is available in Google Play, allows you to create customized automation tasks for numerous everyday things we do.

Bored of putting your phone on silent every time you get into the office? Tired of turning off Bluetooth to conserve battery every time juice gets low? This app interacts with your surroundings to configure settings on your phone automatically. Combine triggers and actions to create tasks, then activate the tasks that you create with conditions that you set!

Here are examples of what you can do:

In your car: Use Bluetooth as a trigger to open GPS and launch your favorite music app.

On your nightstand: Program an NFC tag to set your ringer to vibrate, dim your display and set an alarm.

In your home: Configure mobile data to turn off when your phone detects your own WiFi signal.

The current triggers are as follows:

  • NFC
  • Bluetooth
  • WiFi
  • Battery level
  • Location
  • Time triggers

And here are a few examples of the actions that you can perform:

  • Change WiFi, Bluetooth, mobile hotspot, airplane mode, auto-sync, GPS (root users) and mobile data settings.
  • Change your volume or notification tones.
  • Change your display brightness, timeout, auto-rotation or notification light settings.
  • Check in on social media like Foursquare or Google Places.
  • Send messages using Twitter, SMS, email or Glympse.
  • Start or stop applications (root required for stopping applications), dock modes, open URLs, speak text or navigate to an address.
  • Set alarms or create calendar events.

There’s even more, but suffice to say this app allows you to easily program your device to do the actions you manually do regularly.

So go ahead and create your own combinations to automate your life. The only limit is what you can come up with!

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Employees putting data at risk on WiFi

/in , /by

Employees expect to uses their mobile devices at work, and employers often don’t mind because of the cost savings. However, being able to use personal smartphones and other mobile devices at the office creates problems for IT managers. A small business with 100 employees might have an additional 300 “bring your own device” users to contend with, all using phones, tablets and laptops. There are a lot of potential leaks there.

While a company’s IT department may have a solid grasp on company-issued laptops, desktops and mobile phones, it is almost impossible to control the various types of personal devices on the company’s network. When you get that new, shiny device and install various apps, and then plug it into your work desktop to update or sync necessary settings, files and folders, you’re putting all the data in the company at risk. Further, the IT guy has to worry about whether that last app you downloaded might infect the entire network.

A recent survey showed just how much employees who use public WiFi while commuting back and forth to work shows they are putting their companies’ data at risk. A survey conducted by GFI Software doesn’t paint a pretty picture. “The research findings reveal a stark and concerning trend among commuters—one of using their personal devices to catch up on work during their commuting downtime, but doing so over highly insecure internet connections that can be easily intercepted by other users or the operator of the access point. Mobile internet access is now firmly entrenched as a day-to-day norm, but with that has come an increasingly relaxed user attitude to data security, compliance and data governance policy. Companies need to address mobile device management to ensure that use in insecure environments doesn’t create vulnerabilities that could be exploited by criminals—both cyber and conventional.”

In the least, these companies should have policies that explicitly spell out what employees can and can’t do on their devices and if they are allowed at all on the network. But in reality, policies are only as effective as the consequences of not following them. If employers want to prevent data leakage, then enterprise-level software must be installed on each device that allows IT to lock, locate and wipe data, along with to restrict the device’s access to certain activities.

Having each device equipped with a VPN (virtual private network) like Hotspot Shield VPN is an effective way to encrypt the devices’ WiFi communications when on unencrypted public WiFi.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Should You Post Pictures of Children Online?

/in /by

Most people give no thought whatsoever to posting pictures of their children online. They are proud of their kids, they love them…so why not show the world how wonderful they are so others can enjoy each milestone too? Plus, Grandma and Auntie live so far away, and they want to keep up with new pictures and videos. And as long as you set up all the privacy settings so only your close relatives and friends can see them, then what’s the big deal?

1D

Well, it is a big deal. Nothing online is as it seems, and the biggest problem with people is that they are too nice and don’t think like a bad guy thinks. A recent article in TIME magazine, written by Randi Zuckerberg—yes, the Facebook founder’s sister—argues the shift that is occurring is inevitable and we should all just deal with it. Well, Randi, I just don’t agree. Here’s why:

Digital is repeatable: This means every picture and video can be liked, shared, copied, pasted, emailed and screenshot—which means you really have no control over who does what with that media you just posted.

Predators: There are very disturbed people out there looking for kids, because children are vulnerable and certain predators target kids. Would you want some weirdo in a park staring at your kid? No. Would you want some weirdo staring at your kid online? No.

Privacy: Your children have a right to privacy. Just because they are five and you think it’s fun to post their photos online—and maybe they think it’s fun too—what makes you think in 10 years they will want their entire childhood posted on the web? Digital media lasts forever, and maybe they might not want their identity all over the web in the first place. You really have no right.

Tagging: Anyone can take a picture and tag it. I forbid anyone to take pics of my kids and post them online and tag them. They have no business exposing my kids to the world, and I don’t approve.

Facial recognition: Many apps incorporate facial recognition into their technologies. This is still an unproven technology, and we really don’t know what the full impact will be.

Photos of babies have shown up on Craigslist with that baby for sale. Kids’ pics are being collected by weirdos and criminals because that’s what they do. Social media is only 10 years old. This is all too new. An entire generation is being exposed without their permission. Think about it.

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Would You Use Facebook To Catch a Bad Guy?

/in /by

In Oklahoma, the OK state, an elderly couple was home invaded and held at knifepoint, and the woman was knocked to the ground. During the ensuing abuse, their home was robbed and the predator got away. Not OK.

1D

The police were notified and a description of the home invader was provided to the police. Shortly after, the victims’ granddaughter decided the best course of action would be to post the description on Facebook with the intent of spreading the word to catch him.

Due to the heinous actions of the thief and the fact he was on the loose, the Facebook post went viral, with over 9,000 shares in a short time. The perpetrator’s brother in-law (of all people) saw the Facebook posting and recognized the description, then quickly contacted the granddaughter, then called the police to report his relative. (I’d love to attend their Thanksgiving dinner. Must be a hootin,’ hollerin’ good time!)

Anyway, while justice was served, the local police frowned upon this type of viral APB. Seems the police have a good point, and the force’s public information officer stated, “Friends and family members of the suspect could see that and alert the individual we are out there looking for [him]. … The suspect then could try to hide, run away or even destroy evidence. We always want the public to contact the police first.”

Point well taken. To support the officer’s statement, one only need to look as far as the Boston Marathon bombing and the witch hunt that ensued when Reddit “investigators” accused the wrong guys of planting the bombs. One of them ended up dead a short while later for reasons that are still not clear to me.

What do you think? I think a burglar alarm may have prevented the whole drama from happening in the first place. But would you rely on the internet to help find the bad guy? I’m partial to a yes vote.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

You’re Not a Cop or Firefighter…but You Still May Be in a High-risk Profession

/in /by

One of my audiences is real estate agents. I present programs on personal security and how they can avoid and remove themselves from dangerous situations. You see, as crazy as it seems, real estate agents are targeted by criminals every day. Rape, robbery and murder are some of the issues they face.

1SLeighvalleylive reports that a man approached a model home asking if he could see it. The agent, a woman, quickly felt odd in this man’s company and told him to go inside by himself. The man returned 45 minutes later and said the home had a water leak and insisted the agent come with him to look at it, but she chose not to. When the agent’s male coworker entered the room where they were talking, the man abruptly left. When the saleswoman went into the home, she could not find a leak—but she did notice the bedroom’s curtains had been shut and the lights turned off.

The police were called. They researched the man’s truck registration, found the truck and, they report, uncovered a knapsack containing matches, duct tape, two handguns, ammunition, rope, a ski mask, metal chains and padlocks, among other items.

Scary.

It’s not just real estate agents: cab drivers, late-night store clerks and other professionals are considered at risk, too. When dealing with the public, it can lead to troublesome behaviors by select weirdoes.

If you are in a high-risk profession, you need to think about security both on and off the job.

On the job, always be suspect of everyone you encounter. Trust your gut, ask inquisitive questions and seek out their motivations. If something seems wrong, it is wrong. Due to the nature of your job, there will be situations unique to you. Investigate what the proper safety/security procedures are, and exercise them daily. Always stay on your toes and never let your guard down.

Off the job, your home is your haven and should be treated as such. Invest in a home security system and sleep peacefully after a crazy day dealing with the public.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Kids and Smartphones: How Old?

/in /by

How old is old enough for a kid to have a smartphone? Right out of the gate, I’m saying 16, and I know there’ll be some backlash from that. Some will say it all depends on the kid; others will argue there’s no right answer. Here’s why children under the age of 16 should not have a mobile phone:

5W

Driving age: Somewhere along the line, someone said 16 is a good age to allow kids to drive. I think a car in anyone’s hands can be used as a weapon, and 16 is the earliest age that weapon should be handed over. A mobile is no different. In the wrong hands, a mobile can be deadly.

Bullying: We have seen way too many kids suffer from awful bullying as a result of other kids using mobile phones. The fact is, there is no emotion felt when bullying someone virtually—meaning the perpetrator can say anything and not see the harm he is bringing to the victim. At least at 16, kids have developed a better sense of empathy and a little more self-confidence.

Pornography: Anything and everything one can imagine in photo and video is available online—more than anyone under the age of 20 can handle and definitely more than a 15-year-old can process. There just way too much information for their young minds to consume.

Fraud: Kids say and post way too much information about their lives that can put themselves and families at risk. They give out emails, phone numbers, home addresses, financial information…you name it.

Personal security: Kids are being targeted by adults online. I recently did a segment on Fox in which a 25-year-old man posing as an 18-year old connected with 13- and 14-year old-girls. Let’s just say it didn’t end well. Oh, and that reminds me: the minimum age for social media should be 16, too.

What about keeping in touch? Get them a feature phone and no texting. Sorry. I’m a dad. You can feel bad for my kids. I didn’t have a smartphone at 15; they’ll be fine.

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.

Is Methamphetamine a Problem in Your Community?

/in /by

You may already know that meth addicts and local crime go hand in hand. Meth is one of those drugs that allows its users to maintain relatively high-functioning abilities that often lead to criminal acts to get more meth.

1BMeth addicts like to steal identities and break into homes and businesses. It’s not uncommon for meth addicts to break into mailboxes and see if they can get personally identifiable information to open new accounts, take over existing accounts or cash checks they find in the mail. If they are successful in a particular neighborhood when breaking into mailboxes, they soon realize no one’s paying attention in that neighborhood and begin to break into houses. Meth addicts have little to no fear, as their addiction overpowers all sense of reason and blurs out any emotion, including empathy or sympathy. They can be prone to violence, especially if they are strung out and in need of a fix.

Minnesota’s Post-Bulletin reports, “An investigation into several area burglaries led investigators to a home where a search warrant revealed multiple firearms and a suspected meth lab. During the search, investigators recovered stolen property related to the area burglaries, as well as small amounts of suspected methamphetamine and several firearms, the report says. Components of a meth lab also were discovered on the property. Officers arrested a 52-year-old man for possession of a controlled substance; he also may face charges related to manufacturing meth.”

As crazy as it sounds, the first line of defense to protect one’s home, especially from meth addicts, is to install a locking mailbox. This way, they see from the street you are secure minded. From there, blanket your front yard with signage saying, “This house is alarmed” and “Guard dog on duty.”

Any layer of security you can provide to the already feeble senses of a meth addict will deter him or her in a way in which the would-be crook may target a neighbor (unfortunately) and not you.

As always invest in home security systems and use timers to give your home that lived-in look.

Robert Siciliano personal and home security specialist to BestHomeSecurityCompanys.com discussing burglar proofing your home on Fox Boston. Disclosures.

Prepare now for device and data theft

/in /by

Digital device theft is a big problem. I’ve seen numerous stories about iPhones being stolen right from a person’s hand while the user was talking on it. Others have reported sitting in a coffee shop while having a conversation and having someone walk in, see the person’s iPad, swipe it, and before anyone can get out of their chair, be halfway down the block.

1D

You’d definitely be distraught if someone walked into your office and stole your laptop, which unfortunately very is common too. You’d be out several hundred dollars due to the loss of the hardware. But the reality is, that stolen digital device will cost much more in lost data if a breach occurs—and then, of course, lost time from having to recover from the data loss.

Protect the data and the device:

Dummy terminal: This means your device doesn’t have any data on it. All your data is cloud based or on a central server. If it’s lost or stolen, then the loss is only a hardware one.

  • Make sure any device or dummy terminal is password protected.

Situational awareness: No matter where you are, or as safe as you might think you are, there is a possibility your device will be targeted.

  • Never fight for material items. If thieves want it, they can have it.
  • Reduce the risks by keeping your devices close when riding the subway or on a bus.
  • Never put down your devices and walk away, such as in an airport or coffee shop.
  • Lock all doors in rooms where your devices reside, including in a home, apartment, dorm or office.

Lock/locate/wipe: There are numerous tools available to lock your device if it isn’t password protected (which it had better be!), locate via a GPS or internet/WiFi connection, and wipe the data remotely.

  • Determine if your device has lock/locate/wipe built in, or seek out a third-party application.

Backup data: This is essential and easy to do. Most of your data should already be in the cloud if you are using cloud-based services such as Google Docs.

  • Use Mozy, Crashplan, Carbonite or iCloud—or all of these—to seamlessly back up your data.
  • Use local external drives that copy data to one another.

Backup devices: Is your mobile your life? Then get another one. You need a backup. Is laptop theft a matter of life or death? If you’d have even one day of downtime because of hardware theft, then you need a second laptop.

  • Have all the data synched in the cloud.
  • Consider keeping the device plugged into the network and all your data in sync 24/7/265.

WiFi snooping: It isn’t just hardware theft you need to be concerned about. WiFi snoopers are as common as your everyday smash-and-grab thieves.

  • Protect your WiFi-connected devices with Hotspot Shield VPN. This is a free tool that will encrypt all your data as it travels over a WiFi network.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield VPN. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures. For Roberts FREE ebook text- SECURE Your@emailaddress -to 411247.