Posts

Three ways to beef up security when backing up to the cloud

Disasters happen every day. Crashing hard drives, failing storage devices and even burglaries could have a significant negative impact on your business, especially if that data is lost forever. You can avoid these problems by backing up your data.

Backing up means keeping copies of your important business data in several places and on multiple devices. For example, if you saved data on your home PC and it crashes, you’ll still be able to access the information because you made backups.

A great way to protect your files is by backing up to the cloud. Cloud backup services like Carbonite allow you to store data at a location off-site. You accomplish this by uploading the data online via proprietary software.

Cloud backup providers have a reputation for being safe and secure. But you can’t be too careful. Here are a few ways to beef up security even more when you use a cloud backup system:

  • Before backing up to the cloud, take stock of what data is currently in your local backup storage. Make sure that all of this data is searchable, categorized and filed correctly.
  • Consider taking the data you have and encrypting it locally, on your own hard drive before backing up to the cloud. Most cloud backup solutions – including Carbonite – provide high-quality data encryption when you back up your files. But encrypting the data locally can add an additional layer of security. Just remember to store your decryption key someplace other than on the computer you used to encrypt the files. This way, if something happens to the computer, you’ll still be able to access your files after you recover them from the cloud.
  • Create a password for the cloud account that will be difficult for any hacker to guess. However, make sure that it’s also easy for you to remember. The best passwords are a combination of numbers, letters and symbols.

Cloud backups are convenient and have a good record when it comes to keeping your data safe. It doesn’t require the purchase of additional equipment or the use of more energy. You can also restore data from anywhere, to any computer, as long as there is an Internet connection available.

Consultant Robert Siciliano is an expert in personal privacy, security and identity theft prevention. Learn more about Carbonite’s cloud and hybrid backup solutions for small and midsize businesses. Disclosures.

Can the cloud be trusted?

Most people have heard of storing information in “the cloud,” but do you know what this means, and if it is even safe?

4HA cloud is basically a network of servers that offer different functions. Some of these servers allow you to store data while others provide various services. The cloud is made of millions of servers across the globe and most are owned by private or public corporations. Many of those corporations are diligent about security, and you are likely using the cloud whether you know it or not.

Most customers using cloud services have faith that their information will remain safe. But there are some precautions you need to take. Here are some questions to ask any cloud service provider before relying on them to store your business data:

  • How often do you clean out dormant accounts?
  • What type of authentication is used?
  • Who can access and see my data?
  • Where is the data physically kept?
  • What level of encryption is in place?
  • How is the data backed up?
  • What’s in place for physical security?
  • Are private keys shared between others if data encryption is being used?

Keeping your company data safe

Over time, a company surely will accumulate data that seems irrelevant, but you shouldn’t be so quick to dispose of this data, especially if it is sensitive. This might include data such as customer or client information, employee information, product information or even old employee records.

The truth is, you just never know when you may or may not need this information, so it is best that you keep it. Digital data should be backed up in the cloud. If it’s paper, convert it to digital and store it offsite. Here are some things to remember when doing this:

  • All data, even if old or irrelevant, should be backed up.
  • Data retention policies should always include an “expiration date” for when this data is no longer useful to you.
  • Companies that want to delete old data should understand that deleting files and emptying the recycle bin, or reformatting a drive may not enough to get files off of your computer. Hackers may still be able to access this data.

If you actually want to remove all of the data on a disk, literally break or smash it. To truly delete a file, you must physically destroy the hard drive.

Consultant Robert Siciliano is an expert in personal privacy, security and identity theft prevention. Learn more about Carbonite’s cloud and hybrid backup solutions for small and midsize businesses. Disclosures.

What is the Cloud?

You’ve probably heard of people storing information in “the cloud,” but what does that really mean, and is it safe to put your data there?

http://www.dreamstime.com/stock-images-online-risks-sign-road-banner-image34668294The cloud is best described as a network of servers offering different functions. Some servers allow you to store and access data, while others provide an online service. You may be familiar with “cloud services” offered by companies such as Google and Adobe.

The term “cloud” comes from cloud computing, which is essentially using a group of computer resources to maximize their effectiveness.

The cloud is now comprised of millions of servers worldwide, and chances are you access it on a regular basis. For instance, you may have uploaded a picture from your smartphone to Instagram, which stores images in the cloud, or you could be using cloud storage service.

Because the cloud allows you to upload and access data and services from any Internet-connected device, it’s certainly convenient, but that doesn’t mean that it’s always safe.

Many worry about hackers getting into clouds, especially ones in which the services do not offer two-factor authentication. (This is when you need two different components to gain access to an account, such a something you know, like a password, and something you have, like a unique fingerprint.) Another potential vulnerability is that hackers might intercept data as it’s being sent to the cloud, especially if that data isn’t encrypted, or scrambled, to keep it from being read by unauthorized third parties.

Cloud customers must have faith that the service provider is doing all it can protect their prized data.

Not all cloud providers operate the same way, with the same security, but there are minimum standards, which they must meet. It’s important to know about the different levels of security, so you can make the right choices about your service providers.

A few cloud service providers:

  • Windows Live
  • iCloud
  • Google
  • Amazon Cloud Drive
  • Dropbox

Lots of storage can be obtained for free. Rates vary and getting cheaper by the day.

Cloud providers have everything to lose and nothing to gain be being insecure. It is well known that poor security can damage a brand. However, cloud security generally begins with the user and not the cloud itself. If your devices are old, outdated, poorly utilized, or don’t have the proper security, you could be the weak link.

So, make sure that your devices and security software are up-to-date and look for cloud providers that offer advanced security options such as encryption and two-factor authentication. And, if you really want your sensitive information to stay secure (such as tax returns and other financial and personal information), you might consider saving those files on a backup hard drive rather than putting it in the cloud.

Robert Siciliano is an Online Safety Expert to Intel Security. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! Disclosures.

5 Online Security Tips You need to know

It’s up to the potential victim—the user—YOU—to make your computer or smartphone very difficult for Joe Hackster to infiltrate.

7WPasswords

  • Being that cyber crime has been a fixture of modern living for over a decade, you’d think that everyone and his brother would know to use strong, long passwords, and a different password for each account. But people—including those who’ve been around for a long time—continue using the same password and ridiculously weak passwords, like password1 and princess.
  • A very strong password will go a long way in preventing hacking incidents. It should be at least 12 characters and a mixed salad at that: different cases, numbers and symbols, and no words.
  • Every single account should have a different password.
  • Learn which accounts offer two-factor authentication, then activate it. This way, if someone gets your password they still can’t get into your account unless they have your smartphone.

The cloud is cool but not 100 percent secure

  • Sounds funky: “cloud storage.” But the vulnerabilities aren’t necessarily in the cloud service, but in your device security. If your device is vulnerable, if you don’t have security software or update your operating system, you become the criminals path to the cloud service.
  • Because the cloud is such a huge vault for holding all kinds of data, more things just simply can go wrong. The user must decide who’s better at protecting his data: a system with more resources (the cloud), or the user himself?

New doesn’t mean safe.

  • A brand-new computer or mobile device may come with preinstalled “back doors” for hackers. This is legal so that law enforcement can more easily track the bad guys in life. These back doors are vulnerabilities that can let in hackers. Do your research when making an investment in technology and install antivirus immediately.

No software is perfect.

  • Think of antivirus and antimalware as the “exterminator” who comes to your house to get rid of bugs. There’s a reason that pest control companies no longer refer to themselves as exterminators. This term implies they can kill every last bug and its eggs. They can’t. There will always be a bug somewhere, but the pest control technician can at least prevent infestations and swarms. Likewise, protective software is not 100 percent infallible, but it goes a long way in preventing computer infections.
  • So even though it’s not perfect, you absolutely must use protective software.

Mind the software update messages.

  • Don’t get annoyed by these; allow them to take place. Don’t hit “remind me later,” because chances are this will become a habit. You don’t want to delay the updates. They mean a security hole was detected, and now it can be patched. Don’t wait till later! Better yet, set all security software to automatically update.

Robert Siciliano is an identity theft expert to TheBestCompanys.com discussing  identity theft prevention. Disclosures.

How sharing Files puts You at risk

Okay, so you were taught to share your toys in the sandbox, but little did your parents know that years later, sharing your files could result in disaster.

11DPeople share personal and business files all the time on their computers without realizing the security risks. Not all data breaches occur due to malicious events. An annual Ponemon study reveals that 35 percent of leaked data results from unintentional carelessness of the user and 29 percent from network malfunctions.

Workers and consumers alike, quite frankly, are clueless about safe practices and are using practices that are not approved by their company’s IT department. Let’s look at the specifics.

Tunnel vision. Often, users don’t see the grander scheme of things when sharing files. They have tunnel vision and go for the most convenient, cheapest route without considering security. This is how sensitive material gets put at risk. Such users may also end up getting their personal information cluttered up with other family members data or even co-workers data when bringing your own devices to work.

Public sharing settings. Before you share its important you know what you are doing. Years ago I had uploaded a file to a cloud based storage portal and the default settings at the time were “public”, which I didn’t recognize. Shortly after I connected a social site to this service and definitely didn’t realize that document which had personal information was being shared publicly on the social site. When I realized this I felt stupid, and sick.

P2P file sharing. Sharing files over peer networks, such as pirated music etc. creates a hacking risk. The P2P software is a welcome mat to cyber criminals who want to steal information like credit card numbers and information on secret documents. It’s not surprising that P2P software is often in a system that’s been hacked.

The solution is to avoid having P2P software installed at all, including on any BYOD devices. You don’t want to be “that” employee. Along the same lines, make sure that devices are set so that installation of new software cannot occur without the decision maker’s knowledge.

Using just any cloud services. The typical cloud storage is designed for consumers, not businesses, and unless you look at all the settings they can be a risky way of sharing files. Always insist on a higher-grade type of security and storage rather than settling for the run-of-the-mill file sharing service. Look at what security and encryption they have in place, whether you can manually and easily delete files or if they have an expiration date.

Using e-mail to share files. If you send an important document via e-mail, a troublemaker could “see” it while it’s in transmission unless it’s encrypted. By default the email should read HttpS in the address bar when logged in. And of course if you are on free WiFi encrypt that data with Hotspot Shield to prevent WiFi data sniffers.

Flash drives. Think of these little tools as a syringe injecting a virus into your blood. You stick one of these into your computer, and if the drive has been seasoned with malware, your computer will get infected. Anti-virus software, however, can scan a flash drive and its files and knock out any malware.

Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.

What Does it Mean to Have a Connected Home?

The internet-connected TV, PC, mobile and tablet are all connected to the home in ways like never before. All of these appliances are talking to one another in various ways. For example, many of us share media, display photos on various devices, or use different devices remotely for home security, HVAC control, access control, and on/off administration of various devices.

My own home is connected in various ways. Using my iPhone or any computer, I can access a cloud-based server that allows me to watch live footage from each of the 16 cameras I have installed in and around my property. The cameras also begin recording automatically whenever motion is detected, and that footage is stored in the cloud and available to me anywhere, anytime. It’s amazing how often I access these cameras when I’m on the road.

With home automation, I can use the cloud to remotely switch lights on and off and adjust the temperature control system. I also get alerts in the event of an intrusion or even a broken water pipe!

Another great example is the “Nest” thermostat and corresponding app. Control your home’s temperature from your iPhone, iPad, or iPod touch with the Nest Mobile app. Last-minute trip? Change the temperature from the ski slopes. Coming home early to a cold house? Turn up the heat on your way. The Nest Mobile app allows you to adjust your Nest Learning Thermostat from anywhere. Having a cloud-based, internet-connected home certainly provides an excellent layer of comfort, not to mention peace of mind.

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures

Cloud Computing Security: Small Business Data in the Cloud

Over the last decade many computing tasks that were developed to be performed locally on and office PC have now moved to the cloud such as contact managers, office documents, media editing programs, you name it: if there is a software version, there is probably a cloud-based version, and often for free. Just search for the name of the software you use plus “free online.”

“The cloud,” as it relates to technology, refers to millions of internet connected servers, which may be owned and operated by either corporations or private individuals, sitting in homes and offices.

These servers may be used to back-up your small business data, host email, documents, files, and offer up software as a service.

Cloud-based data, just like local PC-based data, is vulnerable to physical theft if the building isn’t properly protected, power outages if there aren’t redundant power backups, natural disasters if Mother Nature decides to have a bad day, and criminal hacking through system weaknesses, phishing, and social engineering.

Most cloud service providers won’t explicitly outline what they do to protect your data because it could offer potential hackers information on how to compromise their networks. But one provider for example promises “strict data security policies, military-grade encryption, and world-class data centers for optimal data protection of your business’ computers and servers.”

The cloud computing security guide from Intel provides practical steps to help IT managers plan cloud computing security, with recommendations for strengthening cloud platform and data center infrastructure implementations.

Robert Siciliano personal and small business security specialist toADT Small Business Security discussingADT Pulse on Fox News. Disclosures

Top Six Free Cloud Storage Centers

“Free” is one of my favorite words  so when I have the option to get something for free, I will allocate a reasonable amount of time figuring out how I can apply that to my life before I determine if I should adopt it, or if it’s worth the extra few bucks for the paid version, or if it isn’t worth my time at all.

Backing up data is as important as securing your data, so I back up in multiple places, some of which are free and some that charge a fee.

Here are the freebies:

Google: For Windows, Mac, iOS. Up to 10 GB free space. Designed to store documents in Google Docs, photos in Picasa. Google storage is scattered. It’s only effective for documents and photos.

iCloud: For Mac, iOS, limited functions for Windows. 5 GB free space. Designed to automatically back up all your Apple devices wirelessly.

Amazon Cloud Drive: For Windows, all Adobe Flash enabled devices, not for iOS. 5 GB free space, then $1 per extra GB. Designed for manual upload and backing up media.

Windows Live: For Windows, Mac. 25 GB free space. Designed to store anything you want.

Dropbox: For Windows, Mac, iOS. 2 GB free space, then $2 per extra GB. Designed to store anything you want. It’s the only cloud storage that seamlessly and automatically syncs all your devices in one place.

YouSendIt: For Windows, Mac, iOS. 2 GB free space. Designed to store anything you want. Allows for sending links via email for downloading.

Each of the above cloud storage spaces fits a certain need based on the systems and devices you have. If all you need is a data dump, then Windows Live is it. If you need synchronicity across platforms, go for Dropbox. If you are all Apple, then iCloud is your service. YouSendit is the only one that allows for emailable links to download files, which I use a lot.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures

How to Use the Cloud to Reduce Expenses

Many people are looking to cut expenses. Personally, I’ve shaved at least a couple thousand dollars a month from my expenses by downsizing to one car, cutting out lots of monthly recurring fees, and looking closely at which services I can now shift to the cloud.

Software: Contact managers, office documents, media editing programs, you name it: if there is a software version, there is probably a cloud-based version, and often for free. Just search for the name of the software you use plus “free online.”

Data storage: Backing up your data is absolutely fundamental. And while you can buy a two terabyte hard drive for under $100 (and you should), you can also get free online backup all day long. But you won’t find anything free that includes more than 100 gigabytes, and most free services provide between two and 25 gigabytes. Search for “free online backup.” I need terabytes, so I pay.

Media: Are you still getting a newspaper delivered? Cutting out a newspaper can save $15 – $30 or more every month. Most newspapers offer an online equivalent for free or for a small fee. If your paper is now charging, like The Boston Globe and The New York Times, look to other dailies in your region that don’t.

Are you actually watching all that much cable television? If you break down your cable bill it’s at least $2 per day, and some people pay as much $7 – 9 per day! Cloud-based services like Hulu and Netflix cost less than a dollar a day and offer lots more customized entertainment.

Are you paying for satellite radio? Sirius? Are you serious? That’s over a $150 a year! Internet radio options such as Pandora offer free versions that keep you tuned in and entertained. They are also available on smartphones.

Telephone: Still paying for a landline? If you have a mobile, you may not  need a landline. But what’s even cheaper is cloud-based Skype. You can use your smartphone or PC to call any Skype user for free, or any number in the U.S. from anywhere in the world for $3 per month! Google Voice has a great product too, but Skype is still a little friendlier.

And are you even using a fax machine anymore? I do, so I have to have something in place to send or receive faxes. Scanning documents is easy with an all-in-one scanner, printer, and fax, so many documents can be emailed. But services like UReach.com cost less than $10 per month and allow you to receive faxes through the cloud in your email.

Paper Statements: Look closely at all your bills. In the past five years, many companies have given consumers the option of going paperless, receiving statements via email, and viewing them in the cloud. They have also provided options for electronic funds transfers. Some are even charging extra to send paper statements and to process paper checks. By going all cloud-based, you could probably save a few bucks every month.

Shopping: I still drive to buy food, home hardware like nuts and bolts, and some clothes. Otherwise, electronics, appliances, shoes, and pretty much everything else can be bought online. Amazon, Zappos and many eBay sellers often provide unbeatable prices because they have much less overhead and free shipping to boot!

Saving money is fun when it’s done in the cloud. It’s smart and when it’s done right it’s more secure, too!

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures

Cloud-Based Contacts Managers: To Use or Not to Use?

The old adage, “It’s not what you know, it’s who you know,” still rings true today. Without a network of “trust agents,” influencers, or simply good contacts, it’s hard to get anything accomplished. Getting a new job, making sales, or simply finding a good accountant requires a network of people you know, like, and trust to make a recommendation so you won’t get fleeced.

So how do you manage your contacts? How do you stay in touch and up-to-date with relevant names, addresses, and phone numbers? Many people still use a notepad, others use a subscription service or software such as ACT!, and even more use Outlook. More and more people are using cloud-based contact managers today than ever before. Some are free, while others cost as little as $5 or up to hundreds per month.

I’ve tried them all and can tell you there are a variety of options. The goals of any contact management system are ease of use, portability, accessibility, customization, and backup. If the contact manager you choose is in the cloud, then security is also an important consideration.

Social media: Many people are now using cloud solutions such as Facebook and LinkedIn to manage contacts, which can also be made available on your smartphone, but lack customization, calendars, or note functions. Check out LinkedIn’s Profile Organizer and Gist.

Cloud-based email: Yahoo and Gmail both offer contact managers. Gmail’s is the most comprehensive and includes a section for notes. Gmail contacts can also sync with an iPhone and Android in real time portability. If Gmail could link your calendar with your contacts, it would be a perfect contact manager.

Customer relationship managers (CRMs): These are full-blown contact managers that make contacts, calendars, and notes accessible from smartphones and computers. CRMs are generally used by businesspeople that need to manage clients.

A true CRM keeps track of emails and calls, along with calendar notifications. Some will make a phone call via Skype or a landline with the click of a button.

There are many to choose from and most cost upwards of $300 per year or much more.  Check out Zoho CRM, Free CRM, SugarCRM, Microsoft Dynamics CRM, Highrise, and the most popular, Salesforce.com, which I still find cumbersome and clunky.

What do I use? I use ACT! locally, and I use Gmail’s contacts and calendar in the cloud. The hybrid works for me and is either cheap or free, with no annual fee.

Robert Siciliano, personal security expert contributor to Just Ask Gemalto. Disclosures