Security Tips with Captain Security

31Dec

Cybercriminals are always attempting to get you to open something to install malware on your system. The following are the top 5 filenames that are used:

  • details.zip
  • UPS_Documents.zip
  • DCIM.ZIP
  • Report.zip
  • scan.zip

Make sure you educate your users on what to open and what not to open. And deploy a good email gateway virus scanner to prevent them from even getting to your email system.

17Dec

According to a Symantec Survey, cyberattacks rose 300% in 2012. The reason? Most small businesses are attractive because they have weaker security systems in place. Small businesses are also flocking to cloud systems that do not incorporate strong encryption technology. This allows hackers to get easy access to sensitive data behind a door with nothing but a simple lock.

How can you prevent from being attacked? Make sure you patch your largest vulnerability – your people. Have them use strong passwords and teach them to look for sketchy emails. You should also invest in the best cloud security application you can afford.

02Dec

Weak passwords are one of five easy ways for a hacker to gain access to an account. Did you know that 80% of all cyberattacks involve weak passwords and 55% of people utilize one password for all logins?

A hacker with a $300 dollar graphics card can run 420,000,000,000 simple lowercase password combinations in just over one minute.

Your best defense is to have a unique password for each account. If someone compromises your Facebook account, they then can’t use the same password to access your Amazon or brokerage account.

Also make sure you have special characters in your password. It should not be a dictionary word; make it gibberish.

05Nov

You should have some sort of Anti-Virus on your mobile device. Mobile devices are being targeted by scammers and hackers for exploit. With waves of people using smart phones and the lack of understanding about security, the mobile device platform makes it an easy target.

There are numerous anti-virus platforms that exist. I would suggest picking one you can trust.

22Oct

From time to time you need help and you rely on user forums. I want to caution you on what you put on those forums. Helpful people are on those forums along with dangerous people. The dangerous people can use what you post for an attack against you. Operating system, switch types, backup types and details about your operation are a “no no“. If you do need to post these types of details, use an email address that is not related to your company or create an email for solely for use forums.

08Oct

Be careful with who you trust. One of the easiest ways to be compromised is to give away your password. Scammers are excellent at what they call “social engineering”. One of the big tips I have is: if someone is asking for information over the phone, ask to call them back to verify the number. If they have problem doing that, then they are more than likely not legit. This is especially true for credit card and social security numbers. Bottom line: Be careful what you give out.

26Sep

File sharing sites such as Dropbox make it very easy to share files. They also make it very easy to be hacked.

My first suggestion is: if you have data that is sensitive, be careful before putting it on a file sharing site such as this. If you do put it on a site like this, make sure you have a strong password that you change every 90 days.

Some file sharing services are starting to offer 2 factor authentications. If you have data that needs to be secure, you should enable 2 factor authentication.

10Sep

Security consultant Steve Stasiukonis was hired to test security awareness at a credit union. He loaded malicious software on some old thumb drives and left then on the ground at the parking lot at the credit union. Each time an employee used the thumb drive, it loaded software and reported who used the USB key. While this was harmless, a real criminal or hacker could have used it to compromise your security. Make sure you are making your employees aware of this trick. More information can be found here http://www.darkreading.com/document.asp?doc_id=95556&WT.svl=column1_1

03Sep

You can get a copy of your credit report from the three major credit bureaus every year. (Federal law gives you the right to one free credit report from the three credit bureaus: Equifax, Experian, and TransUnion — http://www.ftc.gov/bcp/conline/pubs/credit/freereports.htm.)

You should consider checking those reports to make sure everything on your credit report is accurate. You can also stagger the request so you can get a report once every four months. It is a good way to watch for identity theft or for inaccurate information on your credit.

27Aug

This seems like a no brainer, but I have seen numerous clients over the years not lock their computer when they walk away. I have also seen some bad things happen because of it. I have seen people send an email as a joke to everyone and the joke went to clients. I have seen people obtain sensitive information from not following this simple technique. Lock your computer when you are away from it.