Security Tips with Captain Security


With Smart Phones and Tablets becoming more popular, you need to start thinking about security on these devices. Applications exist that have access to bank accounts and online stores. You should require a pin or password to get to these services. Why? If you lose your phone or leave it laying around, someone might be able to access information you don’t want them to.

Put a password on your mobile device.


A majority of Banks are offering applications on mobile devices, but you need to be careful. Some early applications were found not to have encryption enabled. You also need to be careful with what type of applications you are placing on your mobile device – you could be installing an application with malware. You also need to make sure you have a password on the device and possibly the application. Why? If your device is lost or stolen, you do not want someone to have easy access to your information.


Most traditional firewall’s can only look at ports and allow or deny traffic. In today’s world, most vendors are now writing applications that use port 80 or port 443 and the traditional firewall has a hard time keeping your network secure. An application firewall can look at port 80 traffic and stop things such as Facebook Chat, but still allow Facebook. They can also look into 443 traffic and do the same thing. It might be time to update your Firewall.


Do you have sensitive data? If you do, then it is time to encrypt your laptop. Encrypting your laptop is something that is easy to do these days. Software is even built in to Windows called BitLocker that makes it very easy to encrypt data. Other software such as TrueCrypt allow you to encrypt data on a USB drive. Make sure you are encrypting your sensitive data.


Most of the people I talk to are very concerned about hacking from the outside. The target that is much easier to hit is the remote office. The remote office typically are in locations with people who want to be helpful. How easy would it be for someone to dress up like the phone company and gain access to a remote server room? Talk to your remote offices about security and establish a security awareness program.


Most smartphones have GPS’s built into them. That GPS puts the location the picture was taken. So if you take a picture of your new car at your house, a thief might note the location needed to rob your car.

Or if you post pictures of your house and you announce you are on vacation, you again have given someone the map to your house.

Most phones have the ability to disable this feature. Make sure to disable this feature before posting to the Internet.


Why? It is very easy for someone to steal your passwords and information. How? With wireless it is very easy for someone to become a man in the middle. They are basically sitting between you and the internet and can use what is called a sniffer to grab your data. If you need to access secure sites, purchase a Verizon Air Card or hotspot and use your own WIFI. You will be better protected and your bank accounts will not be drained.


Most firewalls are put into place with rules added to them and rules are typically not removed. You should really audit your firewall yearly to ensure that you only have the rules in place you need and also to remove old rules. It is also a good time to compare your firewall rule set against your written policy. Remember to audit your firewalls at least yearly and if you need help, feel free to contact TBJ.


If you do not need to do business with China, it might be time to block them. Most of the UTM and Next Generation firewalls have the ability to block countries such as China and Russia at the firewall. If you do not need to communicate with either of these countries, it is time to block access to them. It will help keep your data safe and also provide an overall better security environment.


One of the easiest ways for someone to gain access to your information is social engineering. Social engineering is someone posing as something they are not. Think about a remote office, how easy would it be for someone to say they are from the phone company or the electric company? They could then gain easy access to your network or your remote office. Always remember to verify who you’re talking to.