Cyber Security For College Students

11 Authomate Blog 11 - ImageCyber security might not feel like a real and present danger when you’re up to your  eyes in study deadlines. But taking a few moments to take your online security seriously could save you a lot of time and money later on.

Here’s our tips to keep your college life secure:

  1. Lock your devices. Use the auto lock features on your phone and computer to avoid unauthorised access. Use pin codes and passwords to unlock them.
  2. Don’t over-share. Be aware that the information you share on social media could be used against you – do you really need to tell the whole internet that there’s nobody in your house?
  3. Email secure. Make sure you don’t share your email password with anyone, including close friends or relatives. You use that email account for so much that could be compromised, so don’t make it easy.
  4. Protect your passwords. Using a password management app like Strong Pass is a good extra way to keep your account passwords secure. And it’s easy too – instead of remembering a dozen complex passwords, access all your accounts with a swipe of your smartphone.
  5. Do the updates! It may seem like a hassle, but quite often software updates contain new information about how your devices can block viruses and spyware.
  6. Shared computers and open networks. Do not share any personal information on a shared computer or shared wireless network – it is likely to be at risk.
  7. Be prepared. Take steps in case the worst should happen. Backup your data regularly, enable remote wiping of your devices and GPS tracking.

Are We Being Watched? Protect Your Online Privacy

06 Authomate Blog 6 - ImageMany internet users have become increasingly concerned about protecting their privacy online,  but it isn’t just thieves and hackers we need to be concerned with – what about your government accessing everything you do online?

Security expert Bruce Schneier, who worked on the Edward Snowden stories, told British paper, The Guardian recently that, “If the NSA wants in to your computer, it’s in. Period”.

“The NSA has turned the internet into a vast surveillance platform, but they’re limited by the same economic realities as the rest of us, and our best defence is to make surveillance of us as expensive as possible.”

For practical solutions, here’s what some of the top security experts suggest to deter both state spies and ordinary fraudsters:

• Passwords: Don’t use the same one all the time. Make it complex with upper- and lower-case letters, numbers and characters such as $%&!.

• Security or password reset questions:  If you are asked to provide answers to “security questions”, consider whether the answers are really secure. If you are obliged to answer standard questions, remember the answer doesn’t have to be true, it only has to be memorable to you.

• Social media: Use security features on Facebook and Twitter such as two-factor authentication and notification of log-in attempts from unknown devices. Don’t share anything that could give clues about answers to security questions.

• Email: Free email and webmail services are vulnerable, so at the very least, install two-step verification or use a management app like Strong Pass for an extra level of security.

• Cloud services: All cloud providers based in the US and the UK (including Dropbox, iCloud and Evernote) are open to surveillance, so encrypt information you don’t want to share before uploading sensitive documents to the cloud.

• Connections: All your devices are connected all of the time, so remember that if one is breached others become unsafe. Keep track of which services you give permission to access others, and revoke this if one is compromised or you stop using it.

Use Google Chrome To Give Unrestricted Access To Your Passwords

12 Authomate Blog 12 - ImageThere have now been dozens of reports about a serious flaw in the security of Google’s Chrome browser, so we felt it was important to make you aware of this issue.  

Google Chrome allows anyone with access to a user’s computer see all their passwords stored for email, social media and other sites directly from the settings panel. And even more worrying, no password is needed to view them!

To see the passwords, all you have to do is click on the settings icon, choose ‘show advanced settings’ and then ‘manage saved passwords’ in the ‘passwords and forms’ section. A list of hidden passwords is then revealed, but clicking beside them reveals the actual text of the password free to copy or send via screenshot, compromising all of your accounts in one easy step.

Unfortunately, Google are aware of the weakness and have no plans to change this – a problem other browsers, like Firefox, once had, and fixed. So what can you do to avoid this major flaw in your internet security?

For one, maybe it’s time to change to a new browser.

Make sure you delete any saved passwords from your browser (you can access this through your browser settings in Chrome), don’t allow this saving function and regularly revisit to make sure you’re not compromised.

And protect yourself in future by using a secure password manager, like Strong Pass. If you would like to have the peace of mind that Strong Pass offers, download the app now and take your security into your own hands.

Our Predictions For Online Security in 2014

04 Authomate Blog 4 - ImageWith 2014 only around the corner and 2013 drawing to a close, we think now is the time to take your own security seriously. Here’s some of our predictions for online security in 2014:

1. Increase in two-factor authentication. More and more individuals are having their email, social media and other accounts compromised because of weak passwords and inadequate online security. In 2014, more businesses will be making two-factor authentication mandatory for your safety.

2. The move towards creating the ‘internet of things,’ requires the ‘security of everything’. Unfortunately, this means that the things in your life that have traditionally out of reach to criminals are now in reach. In 2014 you will need to be more resilient online and ask yourself: Could you tell if your information or accounts were compromised? We also need to think beyond our computing devices when asking this question and also think about our cars, gadgets, even our appliances.

3. People will be more active about protecting their private information. There have been countless privacy issues in the media in 2013 and there is a growing concern whether site provided privacy options actually provide any real security. People will look for new ways to protect themselves in 2014, sidestepping the standard provisions for something more robust.

Follow the money to eliminate cybercrime?

07 Authomate Blog 7 - ImageWhen a new attack comes out, you need to come out with a new defence. Attackers, on the other hand, can attack proactively at will. The cost of cybercrime is huge, but what does is cost the criminals, and how therefore do we come up with adequate defense against it? 

Five dollars for control over 1,000 compromised email accounts. Eight dollars for a distributed denial-of-service attack that takes down a website for an hour. And just one dollar to solve 1,000 captchas.

Those are the going rates of cybercrime, the amounts criminals pay other criminals for the technical services necessary to launch attacks. It’s the kind of IT outsourcing no legitimate company would ever conduct, but it’s a profitable business if done effectively.

Data shows that 35% of IT pros think their organisations are not investing in the right security technologies. 65% believe their networks are at risk of being breached within 3 years.

How do we solve this? If it’s impossible to keep intruders out of your network (which is appears to be), the logical approach is to build security around the assumption that they are already on the inside.

This means making it as hard as possible for them to achieve an acceptable ROI after they have breached the perimeter. When you do this, you focus on what matters – securing your data. It becomes clear that you need to move your security controls as close as possible to the data so attackers can’t use it, even if they have breached the perimeter. In effect, you need to create a “Secure Breach” environment.

Understand your adversaries, make it hard for them to profit from you and make sure your data is secure by putting an added layer of protection in your hands.

5 ways you could become a victim of identity theft

08 Authomate Blog 8 - ImageThere have been countless media stories about the horrors of identity theft. But how do people become victims?

Here are 5 ways you could become a victim – so you can avoid them.

  1. Unsafe surfing. The easiest way to become a victim is to completely let your guard down. Use firewalls, protective software, be aware of the things that might put you at risk and the information you share. Also where you share it – for example, don’t do your online banking on a public or shared computer.
  2. Inadequate antivirus and anti-spyware protection. Having nothing in place to alert you to risks puts you in danger of not knowing you’ve been hacked until it’s too late. System updates and good antivirus protection might feel time-consuming and expensive, but when you compare that with the cost of someone potentially hacking your accounts?
  3. Unknown attachments. Opening attachments from strangers may feel like a minor issue, but doing this can open a door to a Trojan horse or virus. If you’re not expecting anything and you don’t know the sender – don’t open it.
  4. You’ve got mail. Some people have become victims from documents through their mail box – bank statements, cheques, credit card statements all give thieves a window into your identity. Remember to shred unwanted personal documents and paying and banking online, with the right security, could be safer than dropping your personal information into a mailbox.
  5. Too good to be true? Surprisingly, some people fill out their bank details when asked in those emails we all get from relatives of unfortunate people stuck in war zones looking to transfer large amounts of money into the West, in return for a small percentage. Please avoid doing this. You will without a doubt become a victim of identity theft.

Help! My phone has been stolen! Am I still secure?

Mobile phone bills

If you take preventative steps to always protect yourself, then if the worse case scenario happens and your phone is stolen, you are still secure.

So many of us live by our smartphones these days and the thought of losing it or having it stolen causes more trauma for us than just data security. But it’s important to remember how much of your personal data can be accessed from your phone, and how many of your important account details. It may not be your biggest worry straight away, but acting quickly could save you countless hours of worry later on.

Here’s what to do:

1. Disable your account. Contact your service provider immediately to let them know your phone has been stolen and have them disable it immediately. If you don’t, your thief could be making hundreds of unauthorised calls that you could be financially responsible for.

2. Track it. Many phone providers have apps that allow you to track your phone’s location via GPS so it can be recovered. Some websites will even alert you if your phone is found.

3. Secure wipe. Enable remote locate, lock and wipe services through your phone provider, then if it’s lost or stolen you can wipe it clean with a remote command.

4. Prevention. Always have a password / screen lock. It takes 10 attempts to access a phone in the first place, so a thief has 10 chances, making it highly unlikely – but when it comes to security, you can never be too careful. Back up your data regularly. Use two step security. An extra step here could be the use of a security management app, like Authomate Strong Pass. This will give you an added level of security to protect your accounts and your information.