Keep Hackers Guessing: Protecting Corporate Information While On The Go
|
|
- Ariel Knight
- 8 years ago
- Views:
Transcription
1 Keep Hackers Guessing: Protecting Corporate Information While On The Go Proactive tips for wireless information security for traveling professionals. In today s world where WiFi hotspots are available in every hotel and airport, corporate business travelers can easily fall prey to hackers just by checking or surfing the Web. Hackers are constantly seeking out innovative methods to exploit ignorance of this rapidly evolving technology. Proprietary and competitive intelligence information can be leaking from employee mobile devices through public WiFi if potential adversaries are nearby. Although hackers typically phish for interesting information as opposed to directly targeting an individual or organization, if the information is visible it could end up in the wrong hands. What s more, if a wireless device becomes infected with malware from a bogus link or network, then it could go on to infect company drives when the device reconnects to the corporate network. Protecting sensitive information and mobile devices while connected to public, unsecured networks requires taking a proactive approach. Learning some basic security maneuvers can help to avoid a number of these pitfalls. This white paper outlines useful information security tips to help keep users free of common wireless device breaches and attacks. This is not an exhaustive list but rather meant to discuss trending information. Connect With Caution Staying connected to the office is a must for busy professionals, making public WiFi use almost unavoidable. It seems convenient, especially if WiFi is free or made available in-flight on a long international trip. And it is almost certainly convenient for the nearest hacker to eavesdrop on personal or corporate information. In an interview with USAToday.com, the CEO of Errata Security, Graham Whether noted, If you re using WiFi in a public place and you re not getting hacked, it s only because there s nobody around bothering to do it. Hackers have a number of reasons for sniffing wireless traffic from phishing for interesting information to targeting a particular person or organization. Either way, there are a number of common mistakes users make that can create opportunities for would-be adversaries. Connecting to home and company WiFi networks feels safe and many people do not consider that public WiFi and even hardwire connections must be treated differently. Public WiFi
2 hotspots are a hotbed for hackers to sniff Web traffic. Hackers can easily create a rogue access point (rogue AP) to scan others Web activity by mimicking or creating public WiFi networks anywhere from hotels to airports. Therefore, users must be proactive and put up defenses when connecting on-the-go. Common convenience features of many popular Websites are also to blame for security breaches. For example, the option to keep me logged in saves a cookie on the device and can invite hackers to capture username and password data in public settings using malware, according to the IT security publication, CSOonline.com. They can then impersonate the user online with the information captured. In addition, the security of information sent over mobile devices is a growing concern as the use of smart phones and tablets eclipse PCs for busy travelers and corporations attempting to keep field sales representatives connected to the office. And since wireless companies no longer offer unlimited data plans, users are encouraged to seek WiFi access to cut down on data usage costs. Fishnet Security reported that 35% of companies using mobile devices name them as the biggest threat to the organization s data. Many users do not consider the potential risks associated with accessing company on mobile devices. And the growth in this sector means hackers are constantly looking for new ways to breach these devices as well. A few simple tweaks will help keep corporate and personal data protected from hackers, such as turning off certain device features when not in use, managing Web browser options, cookies and passwords, and ensuring sensitive data is encrypted. Stop Signaling Disable WiFi and Bluetooth Capabilities Each computer and mobile device has a unique identifier known as a MAC address. WiFi and Bluetooth technology use MAC addresses to connect with compatible devices. When a device s Bluetooth and WiFi connection capabilities are turned on, the MAC address is detectable by nearby hackers. Hackers can use the MAC address to identify or remember devices without the victim s knowledge each time they are within range of a network again, allowing them to track the user and their activities, wirelessly. Recommendation: Disable WiFi and Bluetooth capabilities when the service is not in use. If a hacker finds interesting information the first time, it s likely they will try again the next time the user is within range. Delete Old Networks from the WiFi List Wireless devices remember networks they have been previously connected to. Laptops and mobile devices constantly seek to reconnect to these networks, even if they are no longer within range, basically beaconing work and home network names to anyone who is listening. A rogue AP can trick a device into connecting to a "known" network or one in its list that is actually a hacker, opening the user to an attack. Once the hacker has access to the user s device, a number of breaches are possible, from capturing sensitive information to disseminating 2
3 malicious software onto the device. What s more, malicious software can infect corporate networks once the user returns to the office with the compromised device. Recommendation: Unless currently connected to a particular wireless network, the network should be cleared from the device s memory. Use the device's feature to "forget this network," if available, so it doesn't constantly seek reconnection. Surfing Safety Use VPN to Protect Data The risk of hackers sniffing sensitive corporate data, and personal financial information over public WiFi is ever present. Even the odd hardwired option, unless owned personally or by the corporation poses risks. For this reason, many companies require that employees use VPN or Virtual Private Networks when connecting to company networks from another location. VPNs tunnel through to company networks, encrypting data transmitted over the Internet. Hackers will reach for low hanging fruit in public settings and if VPN is in use, then adversaries will likely move on. According to the publication eweek, company IT staff may prefer that you use the VPN for non-business traffic [as well], rather than bring a virus into the office. Recommendation: Use company VPN whenever possible, even on mobile devices that are used to access corporate . There are also a number of options such as OpenVPN to setup personal VPN services. Use SSL on Websites When Possible Regardless of the Website, it s a good rule of thumb never to pass login credentials over the Web without using SSL (Secure Socket Layer). If a username and/or password are sniffed from one Website, they can be used to hack into other sites such as online banking sites. SSL encrypts data transmitted over the Web so hackers can t monitor activity. Recommendation: Many sites now offer SSL as a default login method. The URL bar should display https before the name of the Website. In addition, a Chrome extension called HTTPS Everywhere is available to fix any gaps in information security. According to the maker it encrypts communications with many major Websites, making browsing more secure. If using login credentials on unsecure Websites which is not recommended ensure your password is strong and complex, and change it regularly. Use Secure Mail When Possible No one should have access to besides the sender and recipient(s). s travel a long distance, across many different servers to reach their final destination. And all is susceptible to interception, and in some cases, eavesdropping along the way. PCWorld.com remarks that encryption software such as PGP (Pretty Good Privacy) and S/MIME is like a virtual envelope for your messages, ensuring they make it to the intended recipient without being snooped. They encrypt messages and provide a key that will translate the 3
4 message into plain text for the intended recipient(s). Most notably, governments and hackers themselves use methods such as these to secure their own . Recommendation: Never, under any circumstances, log into without a secure connection like SSL when using Web based programs such as Gmail or Yahoo. Users should take the time to research which encryption method such as PGP or S/MIME will work best for their purposes or the organization. Personal S/MIME certificates are free. PGP key creation is more complex and therefore, less vulnerable to attacks. However, this may take some effort on the part of IT to setup. Passwords Management Virtually every Website requires a password nowadays, and it can be overwhelming to remember them all. This leads to using the same password for multiple sites and using simpler, easier to remember passwords. And as noted above, users are also likely to choose the keep me logged in option on several Websites, which opens them up to vulnerability in pubic WiFi settings. Recommendation: Invest in a password management service like LastPass or 1Password. Essentially, users enter login credentials for any password protected Websites into the password management service and the service does all the remembering. Users then log into the password management service to safely access password protected sites going forward. Passwords can be as complex and varied as they should be and users will only have to remember the login for the password management service. Some services now have mobile device capabilities as well to keep users protected on all devices. LastPass has a free option and 1Password has a reasonable onetime fee. Browser Management Clear Caches and Browsing History Online activities can easily be traced by examining browser history. For those traveling abroad, foreign intelligence services may find valuable information in browser history, for example. Caches speed up browsing experience by keeping local copies of Websites visited on the device. If a site is malicious in any way, a copy will remain stored on the device unless the cache is cleared. Recommendation: Clear caches and browsing history automatically after every browser session. Clear and Change Downloads Folder The downloads folder is a catch-all location for all downloads to any device. It also is a treasure trove of online activities and interests for anyone snooping around. Recommendation: Keep potential adversaries guessing by clearing out downloads folders. Change the default downloads folder to something more appropriate or configure the browser to prompt the user for a folder location before each download. 4
5 Disable Java in the Browser Java is one of the most reliable exploit vectors on the Web. It allows hackers and malicious Websites to infect browsers and write files to a victim s hard drive. This is another situation in which the compromised device can infect company drives if connected. Java is such a security issue that Apple doesn't even include it in Safari. Recommendation: Turn Java off when in public WiFi settings or remove it completely. Install Chrome Extensions for Tracking Privacy Online activities are constantly tracked by Websites and governments, especially social media sites, even after the user is no longer on the site. The information at the very least is used to solicit to users based on surfing habits. There are a few extensions for Chrome (and other browsers) that will help limit your digital footprint. However, Chrome is regarded as a browser with less vulnerability when proper precautions are taken. Recommendation: Chrome offers a number of excellent privacy and non-tracking tools you can install, such as Disconnect, Do Not Track Me and Ghostery. Some have more robust features than others, so it will be a matter of preference. Best Practices for Cookies Cookies track online activity. They offer up specific ads based on users surfing habits. They also allow Website logins to be saved and shopping carts to remain populated when the user navigates away from and subsequently returns to certain sites, like Amazon. They also arguably help legitimate Websites improve user experience, so there is some debate about turning off cookies or using extensions that block them. However, cookies can allow login credentials to be hijacked or sidejacked by which a hacker uses software such as Firesheep to gain access to a user s account and can therefore, go on to get other information and logins. Recommendation: Select browser settings and either turn off cookies entirely or limit their storage to when the browser is closed. Ultimately, it will be a matter of preference once again, but be aware of this vulnerability. Note: Some recommendations may require the assistance of the organization s IT department if company policy does not allow employees to have administrative privileges on laptops or other wireless devices. The Big Picture Anyone who really wants the information likely knows a way to get it. More advanced network and device security measures such as full disk encryption and protocols for transferring sensitive corporate files may also be worth considering for organizations that deal with highly sensitive data or a high volume of international travel. 5
6 These proactive measures are a good start to basic information security on-the-go. Remember that many of these recommendations apply to mobile devices as well as laptops, so check smart phone and tablet settings to ensure that all devices are ready for travel. For more information on how to improve corporate information security contact Cipher Systems, LLC at As a full service competitive and market intelligence consultancy, Cipher offers custom strategic research, management consulting and award-winning, customized intelligence software systems. Our team of experienced and talented staff helps business professionals produce actionable corporate intelligence and make better decisions across industries Riva Road, Building th Floor Annapolis, MD Tel: / Fax: info@cipher-sys.com 6
The Hidden Dangers of Public WiFi
WHITEPAPER: OCTOBER 2014 The Hidden Dangers of Public WiFi 2 EXECUTIVE SUMMARY 4 MARKET DYNAMICS 4 The Promise of Public WiFi 5 The Problem with Public WiFi 6 MARKET BEHAVIOR 6 Most People Do Not Protect
More informationPRIVATE WiFi TM Reviewer s Guide
PRIVATE WiFi TM Reviewer s Guide Published Jan 2013 Table of Contents 1. Introduction to PRIVATE WiFi TM 3 1.1 About Private Communications Corporation... 3 1.2 About the CEO... 4 2. Market Need 5 2.1
More informationSecure Your Information and Communication Technology Devices
You should pay attention to the following items bef the Internet: Secure Your Information and Communication Technology Devices Install proper anti-virus software P.3 Log on as a user and not as an administrator
More informationSecurity Awareness. ITS Security Training. Fall 2015
Security Awareness ITS Security Training Fall 2015 Why am I here? Isn t security an IT problem? Technology can address only a fraction of security risks. You are a primary target, or rather, your data
More information10 Quick Tips to Mobile Security
10 Quick Tips to Mobile Security 10 Quick Tips to Mobile Security contents 03 Introduction 05 Mobile Threats and Consequences 06 Important Mobile Statistics 07 Top 10 Mobile Safety Tips 19 Resources 22
More informationHigh Speed Internet - User Guide. Welcome to. your world.
High Speed Internet - User Guide Welcome to your world. 1 Welcome to your world :) Thank you for choosing Cogeco High Speed Internet. Welcome to your new High Speed Internet service. When it comes to a
More informationPRIVATE WiFi TM Reviewer s Guide
PRIVATE WiFi TM Reviewer s Guide Published Dec 2013 Table of Contents Table of Contents 2 1. Introduction to PRIVATE WiFi TM 3 1.1 About Private Communications Corporation... 3 1.2 About the CEO... 4 2.
More informationWEB BROWSING PL Y IT SMART DON T BE PLAYED!
WEB BROWSING PL Y IT SMART DON T BE PLAYED! 1. 2. The Great Leap of Web Browsers These days, web browsers are no longer mere messengers between client and server. They are full-fledged programs capable
More informationAVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS. ftrsecure.com
AVOIDING ONLINE THREATS CYBER SECURITY MYTHS, FACTS, TIPS ftrsecure.com Can You Separate Myths From Facts? Many Internet myths still persist that could leave you vulnerable to internet crimes. Check out
More informationEmail Security. 01-15-09 Fort Mac
Email Security 01-15-09 Fort Mac Most Common Mistakes in Email Security Email Security 1. Using just one email account. 2. Holding onto spammed-out accounts too long. 3. Not closing the browser after logging
More informationHomeNet. Gateway User Guide
HomeNet Gateway User Guide Gateway User Guide Table of Contents HomeNet Gateway User Guide Gateway User Guide Table of Contents... 2 Introduction... 3 What is the HomeNet Gateway (Gateway)?... 3 How do
More informationSpring Hill State Bank Mobile Banking FAQs
Spring Hill State Bank Mobile Banking FAQs What is Mobile Banking? Mobile Banking enables you to access your account information using the Bank online banking website. You must first be enrolled as an
More informationTable of Contents SECURING THE WIRELESS NETWORK GUIDE 2
SECURING THE WIRELESS NETWORK GUIDE 2 Table of Contents Table of Contents...2 Why wireless over wired networks?...3 What exactly needs extra security?...4 Administrative access and remote log-ins... 4
More informationWelcome to the Protecting Your Identity. Training Module
Welcome to the Training Module 1 Introduction Does loss of control over your online identities bother you? 2 Objective By the end of this module, you will be able to: Identify the challenges in protecting
More informationBrazosport College VPN Connection Installation and Setup Instructions. Draft 2 March 24, 2005
Brazosport College VPN Connection Installation and Setup Instructions Draft 2 March 24, 2005 Introduction This is an initial draft of these instructions. These instructions have been tested by the IT department
More informationThe Benefits of SSL Content Inspection ABSTRACT
The Benefits of SSL Content Inspection ABSTRACT SSL encryption is the de-facto encryption technology for delivering secure Web browsing and the benefits it provides is driving the levels of SSL traffic
More informationTips for Banking Online Safely
If proper attention is given to safety and security, banking and monetary activities can be completed online in a convenient and effective fashion. This guide helps to establish procedures for remaining
More informationIs your data safe out there? -A white Paper on Online Security
Is your data safe out there? -A white Paper on Online Security Introduction: People should be concerned of sending critical data over the internet, because the internet is a whole new world that connects
More informationITSC Training Courses Student IT Competence Programme SIIS1 Information Security
ITSC Training Courses Student IT Competence Programme SI1 2012 2013 Prof. Chan Yuen Yan, Rosanna Department of Engineering The Chinese University of Hong Kong SI1-1 Course Outline What you should know
More informationRemote Access Securing Your Employees Out of the Office
Remote Access Securing Your Employees Out of the Office HSTE-NB0011-RV 1.0 Hypersecu Information Systems, Inc. #200-6191 Westminster Hwy Richmond BC V7C 4V4 Canada 1 (855) 497-3700 www.hypersecu.com Introduction
More informationUser guide Business Internet e-mail features
User guide Business Internet e-mail features Page 1 de 1 Table of content Page Introduction 3 1. How do I access my web based e-mail? 3 2. How do I access/alter these enhancements? 3 A. Basic Features
More informationThis session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit.
The hidden risks of mobile applications This session was presented by Jim Stickley of TraceSecurity on Wednesday, October 23 rd at the Cyber Security Summit. To learn more about TraceSecurity visit www.tracesecurity.com
More informationAn Insight into Cookie Security
An Insight into Cookie Security Today most websites and web based applications use cookies. Cookies are primarily used by the web server to track an authenticated user or other user specific details. This
More informationVIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY. AUTHOR: Raúl Siles. Founder and Security Analyst at Taddong
VIDEO Intypedia012en LESSON 12: WI FI NETWORKS SECURITY AUTHOR: Raúl Siles Founder and Security Analyst at Taddong Hello and welcome to Intypedia. Today we will talk about the exciting world of security
More informationSecurity Awareness. Wireless Network Security
Security Awareness Wireless Network Security Attacks on Wireless Networks Three-step process Discovering the wireless network Connecting to the network Launching assaults Security Awareness, 3 rd Edition
More informationFive Tips to Reduce Risk From Modern Web Threats
Five Tips to Reduce Risk From Modern Web Threats By Chris McCormack, Senior Product Marketing Manager and Chester Wisniewski, Senior Security Advisor Modern web threats can infect your network, subvert
More informationPractical guide for secure Christmas shopping. Navid
Practical guide for secure Christmas shopping Navid 1 CONTENTS 1. Introduction 3 2. Internet risks: Threats to secure transactions 3 3. What criteria should a secure e-commerce page meet?...4 4. What security
More informationWireless Network Best Practices for General User
Wireless Network Best Practices for General User I n Hong Kong, the number of Wi-Fi access points (hotspots) has reached 31,000 in 2015 1. Unfortunately, not all of them are well-protected. In fact, wireless
More informationRemote ESL Email On A Mac With OS-X Using SSH Tunneling & Port Forwarding
Remote ESL Email On A Mac With OS-X Using SSH Tunneling & Port Forwarding Excerpted from: http://adrianhoe.com/2006/10/22/secure-wireless-email-on-mac-os-x Wireless hotspots have blossomed in recent years
More informationCyber Opsec. Protecting Yourself Online. Think. Protect. OPSEC. www.ioss.gov
Cyber Opsec Protecting Yourself Online Think. Protect. OPSEC. www.ioss.gov CYBER OPSEC: section 1 Internet Communication in General Our carelessness makes the job easy for the adversary. The Internet was
More informationSHORT MESSAGE SERVICE SECURITY
SHORT MESSAGE SERVICE SECURITY February 2008 The Government of the Hong Kong Special Administrative Region The contents of this document remain the property of, and may not be reproduced in whole or in
More informationBusiness Internet Email service from Bell User Guide
Business Internet Email service from Bell User Guide Table Of Contents (click a page number to access that page) Getting Started 3 Access your email remotely using Webmail 3 Basic Features 4 Out Of Office
More informationMalware & Botnets. Botnets
- 2 - Malware & Botnets The Internet is a powerful and useful tool, but in the same way that you shouldn t drive without buckling your seat belt or ride a bike without a helmet, you shouldn t venture online
More informationNational Cyber Security Month 2015: Daily Security Awareness Tips
National Cyber Security Month 2015: Daily Security Awareness Tips October 1 New Threats Are Constantly Being Developed. Protect Your Home Computer and Personal Devices by Automatically Installing OS Updates.
More informationCybercrime and Identity Theft: Awareness and Protection 2015 HLC Conference
Cybercrime and Identity Theft: Awareness and Protection 2015 HLC Conference Christopher T. Van Marter Senior Deputy Prosecuting Attorney Chief White Collar Crime Unit Department of the Prosecuting Attorney
More informationBasic Security Considerations for Email and Web Browsing
Basic Security Considerations for Email and Web Browsing There has been a significant increase in spear phishing and other such social engineering attacks via email in the last quarter of 2015, with notable
More informationE-BUSINESS THREATS AND SOLUTIONS
E-BUSINESS THREATS AND SOLUTIONS E-BUSINESS THREATS AND SOLUTIONS E-business has forever revolutionized the way business is done. Retail has now a long way from the days of physical transactions that were
More informationInternet Quick Start Guide. Get the most out of your Midco internet service with these handy instructions.
Internet Quick Start Guide Get the most out of your Midco internet service with these handy instructions. 1 Contents Internet Security................................................................ 4
More informationWhat should I do if I have problems with my account statement?
Internet: Availability & Ordering Will I have to change my email address? If you currently have an e-mail address from an internet provider that you will be disconnecting after your NeuBeam service is
More informationCertified Secure Computer User
Certified Secure Computer User Exam Info Exam Name CSCU (112-12) Exam Credit Towards Certification Certified Secure Computer User (CSCU). Students need to pass the online EC-Council exam to receive the
More informationMac OS X. Staff members using NEIU issued laptops and computers on Active Directory can access NEIU resources that are available on the wired network.
Mac OS X The University Technology Services is privileged to offer a secure wifi network to the university community. Connecting to this network will provide you with benefits in security and improved
More information[TITLE: WINDOWS OS HOST-BASED RECOMMENDATIONS] UNCLASSIFIED//FOR OFFICIAL USE ONLY 2 UNCLASSIFIED//FOR OFFICIAL USE ONLY
Best Practices for Keeping Your Home Network Narrator: The Internet is a great tool that many households use daily in today's society. It gives us the capability to instantly send emails to friends and
More informationInternet threats: steps to security for your small business
Internet threats: 7 steps to security for your small business Proactive solutions for small businesses A restaurant offers free WiFi to its patrons. The controller of an accounting firm receives a confidential
More informationCYBER ATTACKS EXPLAINED: THE MAN IN THE MIDDLE
CYBER ATTACKS EXPLAINED: THE MAN IN THE MIDDLE Due to the encouraging feedback this series of articles has received, we decided to explore yet another type of cyber intrusionthe Man In The Middle (MITM)
More informationInfocomm Sec rity is incomplete without U Be aware,
Infocomm Sec rity is incomplete without U Be aware, responsible secure! HACKER Smack that What you can do with these five online security measures... ANTI-VIRUS SCAMS UPDATE FIREWALL PASSWORD [ 2 ] FASTEN
More informationMangesh Sawant. Information Security Risks for Business Professionals Traveling to China
Mangesh Sawant Information Security Risks for Business Professionals Traveling to China Introduction The growth of a globe trotting mobile workforce equipped with laptops and other devices is bringing
More informationBest Practices for Keeping Your Home Network Secure
Best Practices for Keeping Your Home Network Secure As a user with access to sensitive corporate or government information at work, you are at risk at home. In order to gain access to information typically
More informationBasic Computer Security Part 2
Basic Computer Security Part 2 Presenter David Schaefer, MBA OCC Manager of Desktop Support Adjunct Security Instructor: Walsh College, Oakland Community College, Lawrence Technology University Welcome
More informationHow To Use Quantum Rbs Inc. Small Business Backup
Small Business Backup & Recovery (File Servers, Peer-to-Peer, Laptops, Desktops) Smart Features: Continuous Backup Anywhere Access to Backed Up Data Simple Rate Plan Secure Bank Grade Encryption Open Files
More informationOCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875
OCT Training & Technology Solutions Training@qc.cuny.edu (718) 997-4875 Understanding Information Security Information Security Information security refers to safeguarding information from misuse and theft,
More informationProtect Yourself. Who is asking? What information are they asking for? Why do they need it?
Protect Yourself Your home computer serves many purposes: email, shopping, social networking and more. As you surf the Internet, you should be aware of the various ways to protect yourself. Of primary
More informationSound Business Practices for Businesses to Mitigate Corporate Account Takeover
Sound Business Practices for Businesses to Mitigate Corporate Account Takeover This white paper provides sound business practices for companies to implement to safeguard against Corporate Account Takeover.
More informationCasey Gowrie COMP116 Final Project. Session Hijacking and the Cloud Mentor: Ming Chow
Casey Gowrie COMP116 Final Project Session Hijacking and the Cloud Mentor: Ming Chow Table of Contents Abstract... 3 1. Introduction... 4 1.1 What Is The Cloud?... 4 1.2 The Cloud Multiplier Effect...
More informationSIZE DOESN T MATTER IN CYBERSECURITY
SIZE DOESN T MATTER IN CYBERSECURITY WE SECURE THE FUTURE SIZE DOESN T MATTER IN CYBERSECURITY WE SECURE THE FUTURE TABLE OF CONTENTS SIZE DOESN T MATTER IN CYBERSPACE 03 SUMMARY 05 TOP REASONS WHY SMBS
More informationSimple security is better security Or: How complexity became the biggest security threat
Simple security is better security Or: How complexity became the biggest security threat Christoph Litzbach, Pre-Sales Engineer NSG 1 What do they have in common? DATA BREACH 2 Security is HARD! Components
More informationData Protection Act 1998. Bring your own device (BYOD)
Data Protection Act 1998 Bring your own device (BYOD) Contents Introduction... 3 Overview... 3 What the DPA says... 3 What is BYOD?... 4 What are the risks?... 4 What are the benefits?... 5 What to consider?...
More informationWIRELESS SECURITY. Information Security in Systems & Networks Public Development Program. Sanjay Goel University at Albany, SUNY Fall 2006
WIRELESS SECURITY Information Security in Systems & Networks Public Development Program Sanjay Goel University at Albany, SUNY Fall 2006 1 Wireless LAN Security Learning Objectives Students should be able
More informationOwn your LAN with Arp Poison Routing
Own your LAN with Arp Poison Routing By: Rorik Koster April 17, 2006 Security is a popular buzzword heard every day throughout our American culture and possibly even more so in our global economy. From
More informationCookies themselves do not require personal information to be used and, in most cases, not personally identify Internet users.
About Cookies Website latelier-restaurant.ro uses cookies. The following information is intended to inform the user more information about placing, use and administration "cookies" used by the website
More informationUser guide. Business Email
User guide Business Email June 2013 Contents Introduction 3 Logging on to the UC Management Centre User Interface 3 Exchange User Summary 4 Downloading Outlook 5 Outlook Configuration 6 Configuring Outlook
More informationSecure Email Client Guide
PRESIDIO BANK 33 Secure Email Client Guide THE BUSINESS BANK THAT WORKS 8/2013 Table of Contents Introduction.....3 Our Responsibility to Protect Confidential Information....4 Registering and Accessing
More informationCompulink Advantage Online TM
Compulink Advantage Online TM COMPULINK ADVANTAGE ONLINE TM INSTALLATION, CONFIGURATION AND PERFORMANCE GUIDE FOR WINDOWS (Revised 07/08/2011) 2011 Compulink Business Systems, Inc. All rights reserved
More informationSection 12 MUST BE COMPLETED BY: 4/22
Test Out Online Lesson 12 Schedule Section 12 MUST BE COMPLETED BY: 4/22 Section 12.1: Best Practices This section discusses the following security best practices: Implement the Principle of Least Privilege
More informationClientless SSL VPN Users
Manage Passwords, page 1 Username and Password Requirements, page 3 Communicate Security Tips, page 3 Configure Remote Systems to Use Clientless SSL VPN Features, page 3 Manage Passwords Optionally, you
More informationFrequently Asked Questions (FAQ)
Your personal information and account security is important to us. This product employs a Secure Sign On process that includes layers of protection at time of product log in to mitigate risk, and thwart
More informationTopics in Network Security
Topics in Network Security Jem Berkes MASc. ECE, University of Waterloo B.Sc. ECE, University of Manitoba www.berkes.ca February, 2009 Ver. 2 In this presentation Wi-Fi security (802.11) Protecting insecure
More informationWICKSoft Mobile Documents for the BlackBerry Security white paper mobile document access for the Enterprise
WICKSoft Mobile Documents for the BlackBerry Security white paper mobile document access for the Enterprise WICKSoft Corporation http://www.wicksoft.com Copyright WICKSoft 2007. WICKSoft Mobile Documents
More informationMonitoring mobile communication network, how does it work? How to prevent such thing about that?
Monitoring mobile communication network, how does it work? How to prevent such thing about that? 潘 維 亞 周 明 哲 劉 子 揚 (P78017058) (P48027049) (N96011156) 1 Contents How mobile communications work Why monitoring?
More informationWireless Security: Secure and Public Networks Kory Kirk
Wireless Security: Secure and Public Networks Kory Kirk Villanova University Computer Science kory.kirk@villanova.edu www.korykirk.com/ Abstract Due to the increasing amount of wireless access points that
More informationCertified Secure Computer User
Certified Secure Computer User Course Outline Module 01: Foundations of Security Essential Terminologies Computer Security Why Security? Potential Losses Due to Security Attacks Elements of Security The
More informationVPN Web Portal Usage Guide
VPN Web Portal Usage Guide Table of Contents WHAT IS VPN WEB CLIENT 4 SUPPORTED WEB BROWSERS 4 LOGGING INTO VPN WEB CLIENT 5 ESTABLISHING A VPN CONNECTION 6 KNOWN ISSUES WITH MAC COMPUTERS 6 ACCESS INTRANET
More informationBest Practices for Secure Remote Access. Aventail Technical White Paper
Aventail Technical White Paper Table of contents Overview 3 1. Strong, secure access policy for the corporate network 3 2. Personal firewall, anti-virus, and intrusion-prevention for all desktops 4 3.
More informationCyber Security. Securing Your Mobile and Online Banking Transactions
Cyber Security Securing Your Mobile and Online Banking Transactions For additional copies or to download this document, please visit: http://msisac.cisecurity.org/resources/guides 2014 Center for Internet
More informationRemote Access Security
Glen Doss Towson University Center for Applied Information Technology Remote Access Security I. Introduction Providing remote access to a network over the Internet has added an entirely new dimension to
More informationThe following information was provided by SANS and discusses IT Security Awareness. It was last updated in 2015.
The following information was provided by SANS and discusses IT Security Awareness. It was last updated in 2015. By completing this module and the quiz, you will receive credit for CW 170, which is required
More informationA Guide to Mobile Security For Citizen Journalists
A Guide to Mobile Security For Citizen Journalists Your Citizen journalism, and with it the rise of alternative media voices, is one of the most exciting possibilities for mobile phones in activism. Mobile
More informationProtecting Your Network Against Risky SSL Traffic ABSTRACT
Protecting Your Network Against Risky SSL Traffic ABSTRACT Every day more and more Web traffic traverses the Internet in a form that is illegible to eavesdroppers. This traffic is encrypted with Secure
More informationBest Practices Guide to Electronic Banking
Best Practices Guide to Electronic Banking City Bank & Trust Company offers a variety of services to our customers. As these services have evolved over time, a much higher percentage of customers have
More informationHow To Use Secureanything On A Mac Or Ipad (For A Mac)
User Guide for Mac OS X Copyright Webroot SecureAnywhere User Guide for Mac OS X March, 2013 2012-2013 Webroot Software, Inc. All rights reserved. Webroot is a registered trademark and SecureAnywhere is
More informationUsing Wireless Technology Securely
Using Wireless Technology Securely US-CERT In recent years, wireless networking has become more available, affordable, and easy to use. Home users are adopting wireless technology in great numbers. On-the-go
More informationThis guide will go through the common ways that a user can make their computer more secure.
A beginners guide in how to make a Laptop/PC more secure. This guide will go through the common ways that a user can make their computer more secure. Here are the key points covered: 1) Device Password
More informationHow Do People Use Security in the Home
How Do People Use Security in the Home Kaarlo Lahtela Helsinki University of Technology Kaarlo.Lahtela@hut.fi Abstract This paper investigates home security. How much people know about security and how
More informationModusMail Software Instructions.
ModusMail Software Instructions. Table of Contents Basic Quarantine Report Information. 2 Starting A WebMail Session. 3 WebMail Interface. 4 WebMail Setting overview (See Settings Interface).. 5 Account
More informationWorkday Mobile Security FAQ
Workday Mobile Security FAQ Workday Mobile Security FAQ Contents The Workday Approach 2 Authentication 3 Session 3 Mobile Device Management (MDM) 3 Workday Applications 4 Web 4 Transport Security 5 Privacy
More informationWhy is a strong password important?
Internet Security Why is a strong password important? Identity theft motives: To gain access to resources For the challenge/fun Personal reasons Theft methods Brute forcing and other script hacking methods
More informationThe Impact of Wireless LAN Technology on Compliance to the PCI Data Security Standard
The Impact of Wireless LAN Technology on to the PCI Data Security Standard 339 N. Bernardo Avenue, Suite 200 Mountain View, CA 94043 www.airtightnetworks.net Wireless LANs and PCI Retailers today use computers
More informationBasic Using HSBC Mobile Banking Technical Information
Basic What is Mobile Banking? How is Mobile Banking different to Internet Banking? How do I access Mobile Banking? Does Mobile Banking work with a post-paid or pre-paid mobile line? How much does Mobile
More informationPCI PA - DSS. Point XSA Implementation Guide. Atos Worldline Banksys XENTA SA. Version 1.00
PCI PA - DSS Point XSA Implementation Guide Atos Worldline Banksys XENTA SA Version 1.00 POINT TRANSACTION SYSTEMS AB Box 92031, 120 06 Stockholm, Tel. +46 8 566 287 00 www.point.se Page number 2 (16)
More informationStatistical Analysis of Internet Security Threats. Daniel G. James
Statistical Analysis of Internet Security Threats Daniel G. James ABSTRACT The purpose of this paper is to analyze the statistics surrounding the most common security threats faced by Internet users. There
More informationNorton Mobile Privacy Notice
Effective: April 12, 2016 Symantec and the Norton brand have been entrusted by consumers around the world to protect their computing devices and most important digital assets. This Norton Mobile Privacy
More informationUsing Foundstone CookieDigger to Analyze Web Session Management
Using Foundstone CookieDigger to Analyze Web Session Management Foundstone Professional Services May 2005 Web Session Management Managing web sessions has become a critical component of secure coding techniques.
More informationTMCEC CYBER SECURITY TRAINING
1 TMCEC CYBER SECURITY TRAINING Agenda What is cyber-security? Why is cyber-security important? The essential role you play. Overview cyber security threats. Best practices in dealing with those threats.
More informationHow to make a VPN connection to our servers from Windows 8
How to make a VPN connection to our servers from Windows 8 Windows 8 is able to make a newer type of VPN connection called a Secure Socket Tunnelling Protocol (SSTP) connection. This works just like a
More informationInformation Security. Be Aware, Secure, and Vigilant. https://www.gosafeonline.sg/ Be vigilant about information security and enjoy using the internet
Be Aware, Secure, and Vigilant Information Security Use the Internet with Confidence Be vigilant about information security and enjoy using the internet https://www.gosafeonline.sg/ The Smartphone Security
More information10 best practice suggestions for common smartphone threats
10 best practice suggestions for common smartphone threats Jeff R Fawcett Dell SecureWorks Security Practice Executive M Brandon Swain Dell SecureWorks Security Practice Executive When using your Bluetooth
More information1. For each of the 25 questions, multiply each question response risk value (1-5) by the number of times it was chosen by the survey takers.
Employee Security Awareness Survey Trenton Bond trent.bond@gmail.com Admin - Version 1.3 Security Awareness One of the most significant security risks that organizations and corporations face today is
More informationMobile Data Loss. Threats & Countermeasures. Michael T.Raggo, CISSP, NSA-IAM, ACE, CSI. mraggo@mobileiron.com @MikeRaggo(twitter)
Mobile Data Loss Threats & Countermeasures Michael T.Raggo, CISSP, NSA-IAM, ACE, CSI mraggo@mobileiron.com @MikeRaggo(twitter) Mobile DataLoss Threat Vectors Users have become the low hanging fruit Copyright
More informationReliance Bank Fraud Prevention Best Practices
Reliance Bank Fraud Prevention Best Practices May 2013 User ID and Password Guidelines Create a strong password with at least 8 characters that includes a combination of mixed case letters and numbers.
More informationAIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE
AIRDEFENSE SOLUTIONS PROTECT YOUR WIRELESS NETWORK AND YOUR CRITICAL DATA SECURITY AND COMPLIANCE THE CHALLENGE: SECURE THE OPEN AIR Wirelesss communication lets you take your business wherever your customers,
More informationWhy VPN Alone Will not Secure your Wireless Network
Why VPN Alone Will not Secure your Wireless Network Christian H. Mosveen Department of Computer Science University of Auckland E-mail: cmos024@ec.auckland.ac.nz Abstract Any wireless device will, because
More information