March Newsletter

March 2017

Hi everyone, welcome to the March 2017 newsletter.

This month I want to have a look at the physical security of your business's data, which includes all the information about clients you have gathered, the documents and spreadsheets created, and work both completed and in progress. As a business owner or manager, you can optimise every area of your business to prevent infection and exploitation from Malware with the latest anti-malware and Intrusion Prevention Systems, perform regular backups and educate your staff, but how secure is the data on your computers and the physical paper folders sitting on your shelf or in a filing cabinet? How secure are the backups you have created?

So here's a few tips on helping to make your business data more secure:

Lock up sensitive documents

Seems obvious, but one Sunday afternoon, while walking along a business street in a town, I happened to look into the window of a closed business. There was the usual front desk with computer and miscellaneous items, but on the shelf behind the desk were neatly positioned folders, each with big clear labels indicating that they contained financial and sales information. A quick pick of the locks and a thief would have an arm full of sensitive information.

So, at the end of the day, or if you close for lunch or go out to meet clients, think about what paper documents you have laying around the office. Do you lock them in a filing cabinet and leave the key in the lock? Do you just slip them into the desk draw so they're out of sight? Do you rely on the physical security of the building to protect your important and sensitive data?

Laptop & mobile devices

Do you use a mobile device (e.g. laptop, notepad, surface pro etc) within your business? If it's not with you then how secure is it? Does your business place mobile devices that are not in use, in a secure cabinet or drawer,which can be locked? Do you or your staff leave mobile devices sitting in plain sight in your vehicles? Maybe in the boot would be better, if they're not being used. What about business trips and over nights in motels? Don't rely on the room lock to protect your device, take it with you. 

Mobile Phone

If you are like most business people, the mobile phone has become essential in doing business. It contains contact information, photographs, diaries, spreadsheets, documents, and even links to cloud storage etc. as well as being a phone and video conferencing tool. We are generally fairly conscious of not leaving our phone laying around somewhere, but keeping it on us or with us at all times. But sometimes people forget or do stupid things, and the phone is stolen. Make it hard for the crook to break into the phone with a good pin number, a specific unlock swipe and ideally a biometric lock (finger print or eye scan etc.) Also make certain that you can remotely scrub your phone of all data if it is stolen, it's not hard to set up, and will give you peace of mind that the crook won't have access to sensitive information.

Backups

I won't go into the different ways of backing up your computers, that's for another time, but I would like to remind you of the importance of securing your backups. If you use the cloud for backing up then well and good, but you may want to also have a physical backup in case the big cloud company goes bankrupt or decides to close the doors on your stuff and you can't get to it. Backing up to an external hard drive in the office is good, but two things to remember: if a virus gets into your business network and the external drive is still connected to the computer, it will be also infected and even encrypted if it's ransomeware; secondly, if the building burns down then the backups are gone too. If you prefer not to use the Cloud, then at least weekly make a copy of the backup and have it stored off-site somewhere. Just a side note: check occasionally to make sure the backups are actually going where they're supposed to, and that the backup schedule wasn't turned off two years ago!

Well, that's all for this month on securing your business and home computer networks. If you have any questions, just send me an email.

Until next time, stay secure

Stephen Fugler

 

February Newsletter

February 2017

Hi everyone, welcome to the February 2017 newsletter.

In this newsletter I want to have a look at using Wifi securely and efficiently at work and home.

It wasn't that many years ago when our home and business computers had to be tethered to the internet by way of a cable plugged into the wall, and the very notion of being able to use one's phone to surf the internet seemed like science fiction.

We have come along way since then, but with all the buzz of this new found freedom of being able to use a laptop or tablet anywhere there is internet access, has often resulted in people and businesses neglecting to properly secure their network connections. One benefit of the NBN rollout across the nation, I have noticed, is that whereas once businesses and homes used any old router to connect to the ADSL or ADSL2+ Broadband internet, with the security features often being overlooked, the NBN compatible routers, however, all encrypt the network with the more secure WPA2.

Why you may ask, does that make a difference? Because with the older WEP Wifi encryption security, a decent hacker could break into that Wifi within minutes, and capture every bit of information you sent across the internet. Thankfully the old WEP is now obsolete, and today's routers provide the option of WPA or WPA2 encryption. This new form of encryption is, however, not totally secure. With the right knowledge and equipment it is stillpossible to break the encryption, but it takes along time, and is dependent upon the strength of the password used by the computer or mobile logged onto the Wifi network.

So, here's some simple tips to help make your business or home network more secure:

Have the best Wifi encryption on your router

Check your Wifi network connection with either your computer or your mobile. You will see the little symbol of the Wifi with its name next to it, and it should have a small padlock looking icon attached to it.

A more thorough way to check, is to log into your router using the browser (Firefox, Chrome, Edge, etc.) on your computer. You may have to find the old manual that came with it and the passwords to access it. Usually you can type into the URL section of the browser 192.168.0.1 or 192.168.1.1 and the router webpage will open up. If you didn't change the default user name and password you can look it up onlineby doing a search for default passwords for your particular model and make of router, (often admin / password).

Once into the router, move to the Wireless tab and then the security section. There you will see what the security mode is set to: make sure it's set to WPA2.

Change the router's login details

If you can log into the router using something like admin / password, then move to the area of the router where you can change the login details. Often it will be in the Advanced section > Administration > Set password. Leaving the username as "admin" is acceptable, but make certain the password is sufficiently complex not to be guessed.

Change the Wifi pre-shared key

If you know that you connect to the Wifi by using a simple password (pre-shared key) like 12345 or your family name etc, then while in that Wifi security section of the router, change the pre-shared key to something stronger with both numbers, letters and symbols in it. This will make it more difficult for a hacker to guess.

Your SSID

What is your SSID? It's the Service Set Identifier for the Wifi being broadcast around the house or office so that people can recognise it as belonging to that location. By default the SSID will show up on the possible networks to connect to, as the name of the router being used e.g. D-Link or Netgear. Most of the time this is fine, but if you have left the username and password for the router as the factory defaults, than anyone can look them up online for that particular make and model of router.

Even though I have a more secure administration password than the default, I stillprefer to change it to something generic. If it's your a business, then use your business name (Target, BigW etc). If it's at home I suggest not using your family name (Smith's Wifi) because then you've provided more information to the criminal element. Try SSID names like "myplace" or "home" or even just "###"

Again, to change this, do so while in the router and looking at the Wireless section.

Well, that's all for this month on securing your business and home computer networks. If you have any questions, just send me an email.

Until next time, stay secure

Stephen Fugler

 

 

 


 

January 2017 Newsletter

SRF Strategies Newsletter

Hello, welcome to the January 2017 newsletter.

Cyber criminals around the world are continually looking for ways to infiltrate our personal lives, as well as our businesses, using everything from various forms of viruses and Trojans, to the latest ever increasingRamsomWare.

One way a business can help protect itself is by implementing "best practices" with regards to emails that they receive. 

Stay On Guard

Don't become blasé in maintaining email security. If the email looks like spam or a bit dodgy then don't open it. Always stay alert, especially if asked for sensitive information.
 

Don't Click

Many emails come with "just click on this link to..." and it will open into your browser. This is a great way for Malware to be uploaded onto your computer.
Check the link by: 1. hovering your mouse cursor over the link and look at the bottom of your email browser and inspect the URL address, does it match where the email is supposed to be going to? or 2. right click the link and copy, then open your internet browser and paste it into the URL section and check it's destination.
 

Log Out

A good habit to get into, is when you leave your desk always lock your screen, this will stop anyone from accessing not just your emails, but all of your business information. On Windows 10 use window + L . If you're going to be out of the office for a while then log out completely. Also make sure you have a password only you know.
 

Protect Sensitive Information

If possible send sensitive information some other way then by email. Better alternatives may be by: doing it in person; phone them; use encryption or via a secure website.
 

Use Email Filters

Learn how to use your email browser's email filters, especially the junk and spam filters. Some email browsers allow a user to "blacklist" unwanted emails, so that the email never gets onto your system.
 

Several Emails

A good practice is to have at least three email addresses. One is your main business email address, linked to your website domain. The second is a personal email address,  and then a third email address which you use to sign up for any old newsletter or information access - for this one use a generic one like gmail.com or mail.com. By doing this, you keep things separate and more secure. If the generic one gets too much rubbish coming into it, then it can be easily deleted.
 

AV Software

Finally, make sure that your Anti Virus Software is set to automatically scan any attachments and emails.

If I can be of any help, please contact me

Until next time, stay secure.

Stephen Fugler


 

 

Protecting Your Family Online

These ten tips will help improve the internet safety for your children, and I suggest putting them into action as soon as possible.

Today’s internet world has become a vast ocean of information and entertainment for adults and for children. But with high speed connectivity and a wealth of information at their finger-tips, comes a higher risk of danger to their safety, because of the volatility of the online world and cunningness of the “bad guys” that is becoming harder to control.

1.     Talk to your children

From an early age talk to them about not talking to strangers online, just like in the real world. Explain to them that while their computer and mobile phone are a lot of fun, there are a lot of bad people in the world who want to hurt and steal.

Train them how to behave online, how to be polite and respect other people. As they get older show them how to maintain their devices, with software updates, security patches, and proper maintenance to prolong its life and speed.

Have a “rule” where there are no consequences (like yelling and being grounded), for when they report something. Maybe they saw something they shouldn’t have, or clicked on a link and now the computer has weird pop-ups happening, or it just doesn’t work anymore; either way your children should be comfortable coming to you to share what happened and maybe fix the problem together.

2.     Use an Internet Security Suite.

With multiple thousands of new Malware being created and put onto the internet each day, it is important that every computerised device in your family has a good suite of internet security: laptops, desktops, tablets and phones.

There are many reputable products on the market, and I’d suggest paying for the best, rather than going for the free version. There’s Norton and McAfee, but take a look at Emsisoft Internet Security or Kaspersky Internet Security.

Many of the software security companies, like Kaspersky, also have protection for your mobile phone.

3.     Teach them to avoid clicking on links

Clicking on links in emails and on websites is what keeps computer technicians in business: it is something that both adults and children are all fond of doing because it’s easy and quick. Unfortunately these days, the “bad guys” know it’s what everyone does, and so they will hijack the link and either direct you to a completely bogus site for advertising or scamming purposes, or instantly download onto your computer some form of Malware.

Show your children that it’s better safety to type in the website address, than just click through. Also when you receive a scam email with a link within it, show them how to hover the mouse over the link, then look at the URL address at the bottom of the screen (in Windows 10), and see if it’s actually going to the bank or post office etc.

4.     Keep your home WiFi secure

With the move from the old insecure WEP to WPA and WPA2 encryption on home WiFi, it has become harder for bad guys to hack into the home’s computer network – harder, not impossible.

Do these three things to make your home network more secure:

(a) Change the default user and password that comes with the router, so that it’s harder to gain access to it

(b) Choose a WiFi sign in password that is secure, and

(c) Within the router change the SSID (service set identifier) from the name of the router you use, to a generalised name that you and your children will recognise, e.g. “The Swamp” or “Our Place”. Also don’t use your family name.   

5.     Use good passwords

 Did you know that the most common passwords used around the world are “123456” or “password”? Using simple passwords like that make it easy for bad guys to hack into your children’s computer devices.

Show them how to set up good passwords that they can remember: no words from the dictionary; use upper case and lower case letters; use numbers and symbols.

Think of a phrase, maybe a song, and change some of the characters within it e.g. June School Holidays becomes 7un3Sch0)1H0!iday$

6.     Family Safety Filters

If you are concerned that your children may deliberately or just accidentally go to unsavoury websites, it is possible to implement some of the family safety filters that are available.

(a)  Use the Family Safety Settings on Windows

(b)  Use the Parental Controls on Mac OS

(c)  Use Open DNS (www.opendns.org) which gives you strong filters on which websites children can access

(d)  Other free and commercially available family safety software

7.     Safety first in public hotspots

Free WiFi in public places like McDonalds or your local coffee shop make it easy for children and teens to connect their devices to the internet and so save on data usage and have faster downloads.

Unfortunately it is very easy for bad guys to also sit in the coffee shop and capture your children’s data going through the unencrypted WiFi, and to also set up a rogue access point for them to connect to, and so gain access to their device and any information on it.

For your children’s security in public hotspots install a Virtual Private Network (VPN) onto their device and train them to use it when away from home.

A good VPN provider is NordVPN which is fast, easy to set up, does not log anything and has over 15 servers just in Australia.

8.     Log out

Teach your children from an early age about the importance of logging out of the computer they have finished using, even if it’s at home. If they’re just off to the kitchen for a snack then “lock” the computer so that no one else can get access to it.

9.     Phishing

Teach your children about how bad guys will attempt to “phish” them. Phishing is typically done through email, ads, or by websites that look similar to sites you already use, in an attempt to obtain a person’s personal information, passwords, account numbers etc.

For example, your child may supposedly receive a notification from Facebook requesting them to click a link and confirm their personal information. The bad guys use the trust children have in Facebook and other social media, to lure them to a “look a-like” Facebook page in order to harvest their personal information.

10.Personal Information

Teach your children about the dangers of sharing too much personal information online. Yes, setting up important accounts such as internet banking requires 100% disclosure of who you are, but there is a danger with social media and other websites like YouTube or Google, of a greater risk of identity theft.

Teach your children on sites like Facebook, not to reveal their exact home address and not to put in their exact birthday date.  It’s easy for bad guys to harvest information off social media sites – where a child lives, friends’ names, parents car registration number, birthdays, school etc.

Also in setting up the Facebook account, go through the privacy settings to make sure that only your child’s FB friends can see the content of what they post.