Security Tips with Captain Security

20May

Verizon has released its 2013 data breach investigations report. In that report it stated that 40% of all breaches were related to malware. Of those breached, the malware was distributed via email.

One of the most important security items for any network is a good email threat detection system. This should include spam detection, virus scanning and the ability to stop phishing emails.

Once this malware is installed on your computer system, the goal is to stay long term to monitor, or become an attack point for someone.

A good UTM or next generation firewall will also help detect and stop malware.

06May

The recent Heartbleed vulnerability has brought this to light again. You should use a different password for each financial website you access. By doing this, if a password is compromised on one website, it will not be used to gain access to another website. This article from Wired magazine is a good example of why you should use different passwords: http://www.wired.com/2012/08/apple-amazon-mat-honan-hacking/all/

22Apr

If you have not done so already, you need to change your passwords. The Heartbleed vulnerability affected 60% of websites. Because of this breach, you should really be changing the passwords on all of your websites. This is a list of the websites affected: http://mashable.com/2014/04/09/heartbleed-bug-websites-affected/

08Apr

A majority of the security breaches over the past 2-3 years have been a targeted attack that started with an email. Before you open an email with links, or even a document, make sure that you verify the source. Email is a way you can be tricked to download spyware and malware which can compromise your machine. Also, never click on a link from your bank in an email. It is much better to go directly to the website and enter the appropriate information.

25Mar

One of the mistakes I commonly see misconfigured on firewalls is allowing anything to go outbound. One of the reasons that you purchased a firewall is to protect you from the internet. Filtering outbound is one of those protections. If you have a firewall, make sure you are filtering outbound along with inbound.

11Mar

You should really block the advertising category with your URL filter. Why? Because hackers are flocking to the AD networks to infect machines. They are exploiting a weakness where major online sites such as newspapers are not scanning ads. These malicious Ads go into the websites rotation and can be there for weeks without being discovered. Recently Yahoo had an ad that was displayed for over a week that was infecting European users. It might make web pages look a bit funny to have Ads blocked, but you will save yourself from having to fight malware protection. If you need a recommendation on a good firewall that will stop malicious Ads, contact me at 262-373-9070 or james@tbjconsulting.com

25Feb

Most businesses these days are using wireless networks. But for most small to medium business they are not secure. Here’s a few tips to secure your network:

  1. Get rid of WEP; use WPA2 encryption only. It is the most secure and least likely to be hacked. Along with that, you should have a strong password for WPA2.
  2. Avoid an SSID with ‘TBJNetwork’, or in your case, your own name. It identifies who you are and can make you a target.
  3. Disable WPS. WPS is an easy way to add new devices, but it is very insecure and an easy way for you to get hacked.
  4. Finally, if you want to allow guests to connect, setup a guest network. This will allow for a secure way for guests to connect to your wireless network.

11Feb

Snapchat recently disclosed it had a security breach. 4.6 Million accounts where compromised, possibly exposing a username and password. The worst part was they knew about it and for months did nothing to fix it. You need to be careful of the applications you use. Just because it sounds cool, does not mean it is cool. Also, educate your children on such matters; they will download any application without thought. Since Snapchat was dishonest with its security state, I would recommend not using it.

28Jan

This has been my advice for quite some time. A debit card takes money directly from your checking account and your money can disappear quickly. The Federal Laws are not as strong as with credit cards. You typically fight your bank or credit Union to get your money back. A credit card is what you should use. The money never comes out of your account directly and you’re protected in how much you are liable for.  Visit Clark Howard’s website for more information.

14Jan

That is a staggering number and could put most businesses out of business. The first and foremost thing you should do is make sure you have insurance in place to cover losses from a cyberattack.

Also, if you have a computer that you do the financials on, make sure you only use that computer for financials. Why? A cybercriminal’s dream is to get access to a computer that is doing online banking transactions. They get you to install malware and then they can get the credentials they need to move the money out of your account. And the bank does not have to cover the money loss if they can prove they had the correct technology in place and you did not.

Also make sure you have the proper firewall, spam filter and virus scanner in place to help prevent these attacks.