Secure Email: Simplified

Despite the clear benefits of secure email, organisations and individuals continue to send unencrypted emails around the world, risking their digital security and email privacy.

Relying on unencrypted email is the digital equivalent of sending a postcard in the mail. Before landing in your recipient’s inbox, regular email travels through servers all over the world. Anyone who intercepts this communication can read the content.

Law firms, healthcare professionals, and social services need to ensure email privacy to preserve their clients’ confidentiality. Organisations and businesses of all sizes need to protect their data and intellectual property, as well as that of their clients and employees. Individuals should also never send any information via regular email that they would not be willing to share publicly.

How Can You Increase Your Wi-Fi Security? Here are a few simple ways…

Failure to implement basic Wi-Fi security practices is leaving organisations vulnerable to digital security threats, yet there are simple steps you can take to increase your protection.

Separating guest Wi-Fi access

Free guest Wi-Fi is no longer a perk, but an expectation. Whether customers are visiting the bank or barber, their local coffee shop, museum, or department store, they expect to be able to find an internet connection. The same is true for business meetings. If clients or business partners visit, it is very likely they will want to be able to access their emails, calendars, and cloud-based files from your offices.

Allowing anyone from outside your organisation to access your company’s private Wi-Fi is risky. Not only could viruses and malware reach your network from guests’ infected devices, it could also provide a hacker with a route in to your company’s vital information and systems. As Wi-Fi becomes more powerful, it broadcasts further. Someone who has accessed your Wi-Fi previously could automatically connect to your network weeks or months later, without even being in your building.

Rethinking Cloud Storage Platforms for Business

In the rush to take advantage of the many benefits of cloud storage, organisations are failing to consider the legality and security of these solutions. Dropbox, OneDrive, BT Cloud, and Google Drive are used every day by millions of individuals and organisations around the world. However, entrusting the same third-party cloud storage provider with your holiday photos and your company’s intellectual property is often unwise. If you haven’t already, it is essential to stop and think about which platform is right for your data.

Location

Organisations must know exactly where their data will be physically stored.

One reason for this is because some data, such as personally identifiable information (originating from inside the EU), is subject to EU laws governing its storage and processing.

With the imminent arrival of the EU’s General Data Protection Regulations (GDPR) it has never been more important for your organisation to remain compliant when storing and transferring data. The regulations specify that personal data can only be transferred outside of the EU in compliance with the conditions for transfer. Fines for companies in breach of GDPR will be up to €20m or 4% of the organisations global annual turnover (whichever is greater). Getting this wrong could have serious and irrevocable consequences.

Bluetooth: How Vulnerable Are You?

Serious Bluetooth vulnerabilities, affecting Android, Linux, Windows, and iOS users, were announced this September. Discovered earlier in the year, the public announcement was postponed to provide vendors time to introduce security patches for their software.

The 8 identified vulnerabilities have been collectively named BlueBorne due to the nature of these attacks happening ‘over the air’ as opposed to over the internet. Blueborne allows attackers to take control of devices that have Bluetooth enabled and run malicious code without the knowledge of the device’s owner. Worryingly, a hacker only needs to exploit one device to penetrate further into a network or spread to other devices.

European Move to Increase Liability of Online Platforms

Proposed new European regulations seek to place an unprecedented onus on online platforms to detect copyright infringements.

The move comes as part of wider consultations on the EU’s Digital Single Market strategy.

What is being proposed?

Article 13 of the proposed directive on copyright in the Digital Single Market addresses the use of protected content by online services. Should the regulations go ahead, online service providers, which host and make large amounts of user-uploaded work available, will have greater responsibility for monitoring and filtering this content. This would affect ISPs, social media sites, and other hosting and sharing platforms.

Tackling the Man in the Middle Attack

The Payment Systems Regulator (PSR) has announced an industry-wide action plan to tackle push payment scams.

Push payment scams are the second biggest cause of payment fraud in the UK, claiming £100m from 19,000 people between January and June this year alone. The consequences can be devastating for individuals and businesses alike. So far, financial organisations, including banks, PayPal, and WorldPay, have returned just £25m to victims of these scams.

Are passwords the weakest link to your data security?

Removing the Barriers to Two-Factor Authentication

It shouldn’t come as a surprise that passwords are the weakest security for authentication. Organisations cannot afford to rely on passwords alone as their primary method for verifying user access to their crucial systems and data.

In the quest for greater protection from ever-increasing threats, digital security hasn’t always been centred around the needs and convenience of the individual user. It is often a hindrance for users to remember complex passwords that conform to specific conditions, or to change their password every three months.

Why is patching a problem for so many organisations?

The root cause of most digital security breaches is unpatched software with known vulnerabilities.

A vulnerability is like a back door in which hackers and cyber-criminals can access your systems. Once inside, your data is in their hands.

The WannaCry ransomware attack, is a recent example of a known vulnerability being exploited to great effect. This attack locked affected users out of their information, demanding payment to return access to their files. As with most ransomware attacks, paying the ransom is not a guarantee the files will be unlocked.

Encryption: What Does It Mean to BYOE?

The cloud has opened up incredible opportunities and efficiencies for businesses. However, with these opportunities there is also an increase in security risks. How can you be sure your data is safe in the cloud?

Traditional ways of protecting data, such as passwords, firewalls, and other defensive strategies are no longer enough. For greater protection, encryption protects your data from being accessed by anyone without the corresponding key. Data that is encrypted with a key, can only be deciphered by the same key.

What are the benefits of Managed Security Services for your organisation?

Managed cloud services remove the need for organisations to perform many specialist functions in-house, providing access to essential digital services in a way that is cost-effective and convenient.

The downside is these services can leave a company’s data vulnerable to theft, tampering, or even seizure by government authorities and law enforcement agencies. As a data owner, you could then be subject to large fines, negative publicity and possible business collapse.

Encryption is the only way to protect your data. Data that has been encrypted is unreadable to those who are not authorised to access it. It also allows monitoring and reporting on who, or what, is accessing the data and when.