Okay, so you were taught to share your toys in the sandbox, but little did your parents know that years later, sharing your files could result in disaster.
People share personal and business files all the time on their computers without realizing the security risks. Not all data breaches occur due to malicious events. An annual Ponemon study reveals that 35 percent of leaked data results from unintentional carelessness of the user and 29 percent from network malfunctions.
Workers and consumers alike, quite frankly, are clueless about safe practices and are using practices that are not approved by their company’s IT department. Let’s look at the specifics.
Tunnel vision. Often, users don’t see the grander scheme of things when sharing files. They have tunnel vision and go for the most convenient, cheapest route without considering security. This is how sensitive material gets put at risk. Such users may also end up getting their personal information cluttered up with other family members data or even co-workers data when bringing your own devices to work.
Public sharing settings. Before you share its important you know what you are doing. Years ago I had uploaded a file to a cloud based storage portal and the default settings at the time were “public”, which I didn’t recognize. Shortly after I connected a social site to this service and definitely didn’t realize that document which had personal information was being shared publicly on the social site. When I realized this I felt stupid, and sick.
P2P file sharing. Sharing files over peer networks, such as pirated music etc. creates a hacking risk. The P2P software is a welcome mat to cyber criminals who want to steal information like credit card numbers and information on secret documents. It’s not surprising that P2P software is often in a system that’s been hacked.
The solution is to avoid having P2P software installed at all, including on any BYOD devices. You don’t want to be “that” employee. Along the same lines, make sure that devices are set so that installation of new software cannot occur without the decision maker’s knowledge.
Using just any cloud services. The typical cloud storage is designed for consumers, not businesses, and unless you look at all the settings they can be a risky way of sharing files. Always insist on a higher-grade type of security and storage rather than settling for the run-of-the-mill file sharing service. Look at what security and encryption they have in place, whether you can manually and easily delete files or if they have an expiration date.
Using e-mail to share files. If you send an important document via e-mail, a troublemaker could “see” it while it’s in transmission unless it’s encrypted. By default the email should read HttpS in the address bar when logged in. And of course if you are on free WiFi encrypt that data with Hotspot Shield to prevent WiFi data sniffers.
Flash drives. Think of these little tools as a syringe injecting a virus into your blood. You stick one of these into your computer, and if the drive has been seasoned with malware, your computer will get infected. Anti-virus software, however, can scan a flash drive and its files and knock out any malware.
Robert Siciliano is an Identity Theft Expert to Hotspot Shield. He is the author of 99 Things You Wish You Knew Before Your Identity Was Stolen See him discussing internet and wireless security on Good Morning America. Disclosures.