With the rise of bring-your-own-device (BYOD), social media and cloud computing in the workplace, 2013 will bring even greater IT challenges of enforcing appropriate security controls.
Below are some key threats to keep in mind as the new year unfolds.
Phishing emails give the appearance of being sent from legitimate companies. The purpose of these messages is to attempt to trick individuals into revealing sensitive information such as login credentials (username/password), full name, credit card details etc.. The content of the phishing email is intended to alarm you and trigger a quick reaction from you. Typically the intent is to get you to disclose sensitive information such as bank account and pin numbers. Be suspicious about such emails, pick up the phone and speak to the company that sent this email to verify it’s validity. Very few companies would request personal information through an email.
Social networking tools have changed the way we interact both at the professional and personal level. With their increasing popularity, they also bring tremendous opportunities for network threats and scammers. Be prudent of sharing personal information. The more information you share, the more likely someone could impersonate you to entice your circle of friends/associates to share personal information, download malware or get access to restricted sites.
The increasing popularity of moving data to the cloud provides many conveniences but it also comes with substantial risks. The risk of exposure is substantial, especially when using mainstream public tools such as Dropbox, Google apps etc.. Practice caution when uploading data that is confidential. Many end users naively choose convenience over security. Educate employees about the importance of keeping corporate data within the confines of corporate resources.
Many of use tend to use simple passwords such as a spouse’s names, birthdays etc, which compromises our security. Applying more complex passwords makes it difficult for hackers to use automated tools for cracking passwords. Avoid writing passwords, best to commit them to memory.