Wi-Fi Icon

How Can You Increase Your Wi-Fi Security? Here are a few simple ways…

Wi-fi Security Made Simple

Failure to implement basic Wi-Fi security practices is leaving organisations vulnerable to digital security threats, yet there are simple steps you can take to increase your protection.

Separating guest Wi-Fi access

Free guest Wi-Fi is no longer a perk, but an expectation. Whether customers are visiting the bank or barber, their local coffee shop, museum, or department store, they expect to be able to find an internet connection. The same is true for business meetings. If clients or business partners visit, it is very likely they will want to be able to access their emails, calendars, and cloud-based files from your offices.

Guest Wi-fi Access is risky!

Allowing anyone from outside your organisation to access your company’s private Wi-Fi is risky. Not only could viruses and malware reach your network from guests’ infected devices, but it could also provide a hacker with a route into your company’s vital information and systems. As Wi-Fi becomes more powerful, it broadcasts further. Someone who has accessed your Wi-Fi previously could automatically connect to your network weeks or months later, without even being in your building affecting your wi-fi security. Read more

cloud storage

Rethinking Cloud Storage Platforms for Business

Cloud Storage

In the rush to take advantage of the many benefits of cloud storage, organisations are failing to consider the legality and security of these solutions. Dropbox, OneDrive, BT Cloud, and Google Drive are used every day by millions of individuals and organisations around the world. However, entrusting the same third-party cloud storage provider with your holiday photos and your company’s intellectual property is often unwise. If you haven’t already, it is essential to stop and think about which platform is right for your data.

Location

Organisations must know exactly where their data will be physically stored.

One reason for this is because some data, such as personally identifiable information (originating from inside the EU), is subject to EU laws governing its storage and processing.

With the imminent arrival of the EU’s General Data Protection Regulations (GDPR) it has never been more important for your organisation to remain compliant when storing and transferring data. The regulations specify that personal data can only be transferred outside of the EU in compliance with the conditions for transfer. Fines for companies in breach of GDPR will be up to €20m or 4% of the organisations global annual turnover (whichever is greater). Getting this wrong could have serious and irrevocable consequences. Read more

Bluetooth Icon

Bluetooth: How Vulnerable Are You?

Serious Bluetooth vulnerabilities announced!

Serious Bluetooth vulnerabilities, affecting Android, Linux, Windows, and iOS users, were announced this September. Discovered earlier in the year, the public announcement was postponed to provide vendors time to introduce security patches for their software.

The 8 identified vulnerabilities have been collectively named BlueBorne due to the nature of these attacks happening ‘over the air’ as opposed to over the internet. Blueborne allows attackers to take control of devices that have Bluetooth enabled and run malicious code without the knowledge of the device’s owner. Worryingly, a hacker only needs to exploit one device to penetrate further into a network or spread to other devices. Read more

Flag of Europe

European Move to Increase Liability of Online Platforms

Proposed new European regulations seek to place an unprecedented onus on online platforms to detect copyright infringements.

The move comes as part of wider consultations on the EU’s Digital Single Market strategy.

What is being proposed?

Article 13 of the proposed directive on copyright in the Digital Single Market addresses the use of protected content by online services. Should the regulations go ahead, online service providers, which host and make large amounts of user-uploaded work available, will have greater responsibility for monitoring and filtering this content. This would affect ISPs, social media sites, and other hosting and sharing platforms. Read more

Man in hoody

Tackling the Man in the Middle Attack

How can we tackle the man-in-the-middle-attack?

The Payment Systems Regulator (PSR) has announced an industry-wide action plan to tackle push payment scams from the man-in-the-middle-attacks.

Push payment scams are the second biggest cause of payment fraud in the UK, claiming £100m from 19,000 people between January and June this year alone. The consequences can be devastating for individuals and businesses alike. So far, financial organisations, including banks, PayPal, and WorldPay, have returned just £25m to victims of these scams. Read more

weakest link image

Are passwords the weakest link to your data security?

Removing the Barriers to Two-Factor Authentication

It shouldn’t come as a surprise that passwords are the weakest link for security authentication. Organisations cannot afford to rely on passwords alone as their primary method for verifying user access to their crucial systems and data.

In the quest for greater protection from ever-increasing threats, digital security hasn’t always been centred around the needs and convenience of the individual user. It is often a hindrance for users to remember complex passwords that conform to specific conditions, or to change their password every three months. Read more

digital security image

Why is patching a problem for so many organisations?

Unpatched Software

The root cause of most digital security breaches is unpatched software with known vulnerabilities.

A vulnerability is like a back door in which hackers and cyber-criminals can access your systems. Once inside, your data is in their hands.

The WannaCry ransomware attack is a recent example of a known vulnerability being exploited to great effect. This attack locked affected users out of their information, demanding payment to return access to their files. As with most ransomware attacks, paying the ransom is not a guarantee the files will be unlocked. Read more

Cloud security

Encryption: What Does It Mean to BYOE?

The cloud has opened up incredible opportunities and efficiencies for businesses. However, with these opportunities, there is also an increase in security risks.

How can you be sure your data is safe in the cloud?

Traditional ways of protecting data, such as passwords, firewalls, and other defensive strategies are no longer enough. For greater protection, encryption protects your data from being accessed by anyone without the corresponding key. Data that is encrypted with a key, can only be deciphered by the same key. Read more

nCrypt logo

What are the benefits of Managed Security Services for your organisation?

Managed cloud services remove the need for organisations to perform many specialist functions in-house, providing access to essential digital services in a way that is cost-effective and convenient.

The downside is these services can leave a company’s data vulnerable to theft, tampering, or even seizure by government authorities and law enforcement agencies. As a data owner, you could then be subject to large fines, negative publicity and possible business collapse.

Encryption is the only way to protect your data. Data that has been encrypted is unreadable to those who are not authorised to access it. It also allows monitoring and reporting on who, or what is accessing the data and when. Read more

outsourcing image

Third-Parties. What are the risks to your Data?

Over 600GB of unsecured customer data was discovered on an Amazon cloud database last month. The records belonged to approximately 4 million US Time Warner Cable (TWC) customers. The data, which had been set to allow public access, rather than limit access to administrators or authorised users, was discovered accidentally by a digital security company while investigating an unrelated breach.

According to a report published after the discovery, Broadsoft Inc, a third-party communications company engaged by TWC, are to blame for the breach. Read more