| With the ever increasing dependency on the internet, data connectivity and security become important factors not only in business, but also in the personal life.
Online or internet security is a very broad topic. Just a few simple and common sense
points I would like to mention here. A kind of do and don't guides.
Lets look at some common mistakes that I have seen over the years. Someone buys a new router for the interent and does not set the
The device is installed with the default manufacturer password.
It would be easy to look up the password at the manufacturer and to get
into your network. It happens and i have seen it happening.
The same applies for any internet device that you connect in your office or
home. From Baby monitors to your smart TV , security camera and so on.
Always make sure you have your own passowrd in these devices.
Keep the device software up2date.
A broad topic, but lets keep things short here. Never open any attachment that
is not a picture or a text document. Keep your virus scanner up2date.
Most companies that get hacked, get hacked from the inside, due to the fact
that an employee unknowingly inserts some malicous code into the network.
Brute force attacks on login and passwords are relatively rare.
Never enter any unknown USB device into your computer. I am not talking from
USB stick memory, but also from any USB device such as a coffee cup warmer or
All can be spiced with malicious code.
If I would want to hack into a company, a good way would be to drop a few
USB memory sticks i.e in the washroom or close to the main entrance of that
Surely someone will pick them up and of couse insert the USB device
into some computer. With that the door would be probably opened.
Little gifts of the USB kind to the CEO or upper management of a company would
certainly open some doors (digital) too.
As you see, it is of utmost importance to have a good IT policy in place for
your company and for yourself too.
Never place an employee name on the website. For example :
Sales Steve Miller firstname.lastname@example.org
That invites trouble. Knowing the name of the person, the locaion of the company
would make it easy to find out more via the social media. Facebook for example.
We can learn there that Steve's friend name is Mike and his hobby is cooking.
So, lets formulate some email about an invitation for some excotic dinner prepared
from Mike. THe email header we will modify and it will appear that the email was send
by Mike. Steve will open the email and the attachment and wow there we are in.
A virus scanner is only as good as its updates. Blind trust into a virus scanner
is dangerous. New viruses or malicious code is not igh away integrated into the
scanner database. It first takes that the virus does some damage before the
scanner manufacturers take a look at the code and analyze it. That may take
days or even weeks and by that time a lot of infections may already have taken place.
A file server should be scanned daily if possible.
Training of employees and making them aware of the risk in the digital ae are
important. Data loss today could kill a company in no time. Not only the loss of date
as in a whipe out, but also theft of customer data is a major concern.
Be aware what you install. Do not trust the app store or google play.
Downloading an app requires you to ok the permissions of the app.
READ what permissions you give to the application. An application could have
a key logger in it and send all your passwords to some server. Bank passwords
and so on.
There is no reason why an app that has nothing to do with sms should have any sms
permissions. If it appear suspicious, don't install it.