Saturday, December 13, 2014

Don't let Internet sour your holidays

Christmas holidays are the perfect time, with all this cold and lot of leisure, to spend more hours than normal on the Internet or do more shopping online. Criminals know this and have everything prepared for Christmas season, including fraud, theft, extortion, intrusion on companies, etc. We do not intend to scare you nor embitter your vacations, but we think that to put a point of attention and awareness in our cyberlife would not hurt us in these days.

Warn about Christmas risks the results of a survey conducted by BalaBit on privileged users, as managers and executives: 70% of them will connect from home to their corporate network on these holidays, to check email, half of them several times a day. And the vast majority will use for these connections either their own, a friend's or a public device, as public wifi networks, extremely dangerous because criminals may be listening. To make matters worse, 38% of respondents have not been asked for extra levels of authentication when connecting to the company network from a device that has not been registered.

The survey continues discussing other issues where business class is conspicuous by its total unconsciousness in terms of security. But they're not the only ones: users underprivileged, in other words everybody, go behind them with behaviors as dangerous as to download and use pirated apps: today there are some advices against using pirated versions of Android's game "Assassin's Creed" because they're full of malware.

As we've repeated many times, the main tool to have safe online Christmas, also the rest of the year, is education. One of the hardest things to understand, yet vital to our information security, is cryptography. So we must thank doctors Jorge Ramió and Alfonso Muñoz from Madrid's Polytechnic University, for the launch of Thoth Project: a series of video training pills which explain in five minutes the basis of criptography.

Another important asset in computer security is to improve existing policies and tools. System authentication using passwords is increasingly proving to be outdated and vulnerable. Therefore initiatives such as FIDO, a standard supported by corporations like Google, Microsoft or VISA, intended to end our dependence on passwords, are appreciated. We do not tell you more because you'd better read the details on this webpage, for make your own conclusions.

So far our daily top stories' summary on computer security. Have a happy pre-Christmas Saturday!


Post a Comment