Encryption

Better internet security: Easy as 1, 2, 3

The internet is not such a bad place to be in — for as long as website owners do their share in keeping it safe for their visitors. Here are three tips to do exactly just that.

Tip #1: Use HTTPS

Short for Hypertext Transfer Protocol Secure, HTTPS indicates that a website has an extra layer of security for its users. This layer encrypts data exchanged between a user’s browser and the web server that delivers the data that the user requests. To use a simpler comparison, imagine someone tapping your landline, but instead of getting to listen in on your conversations, they’ll hear people speaking in tongues instead.

In August 2014, Google Chrome, the world’s most popular browser, announced that having HTTPS makes your website rank higher in its search algorithm. And since October 2017, the browser began flagging non-HTTPS websites as not secure whenever users try to fill out something as simple as a contact form on it. In July 2018, Chrome started showing a “not secure” warning on any website that does not implement HTTPS, whether or not users are filling out a form there.

Because of Google’s measures, the security protocol has been widely adopted. Even if your website does not contain or ask for sensitive information, implementing HTTPS on it engenders trust and a sense of security among internet users, while staying left behind security-wise will make web visitors abandon or avoid you sooner or later.

Tip #2: Embrace multifactor authentication (MFA)

Since account credentials can be easily stolen via phishing attacks, username and password combos are no longer enough to keep bad actors at bay. To ensure that the one accessing an account is truly that account’s owner, additional identity authentication steps must be implemented.

These steps can involve the use of the account holder’s device — the one logging in must first verify their phone number, receive a one-time password on their smartphone, then enter that code in the access portal before the validity of the code lapses. Alternatively, MFA may ask for a face, retina, voice, or fingerprint scan for authentication. MFA can be a bit of a hassle for your internal and external users, but a little inconvenience is a small price to pay for immensely effective cybersecurity.

Tip #3: Update browsers and devices

Did you know that dated versions of browsers, operating systems (OSs), and even other software packages can create an easy entry point for hackers? Often, new updates are created specifically to fix security holes. And hackers are ever aware that people can be lazy, saving that update for another day that never seems to come. They’ll often try to take advantage of this, searching for outdated devices to infiltrate while their victims watch YouTube on last year’s version of Firefox.

Yes, installing an update might take 15 minutes of your time. But it can pay dividends in preventing a security breach that could cost you or your business thousands.

Looking for more tips to boost your internet security? Get in touch to find out how we can help.

5 Tips for protecting corporate data

A data breach can happen to anyone, even to the most secure businesses or financial institutions — and cybercriminals could even attack your company’s network. How can you be sure your network is completely hacker-safe? As a business owner, you can’t afford a data breach, as it could cost you your clients and reputation. Employing strict security measures can make any cybercriminal think twice about trying to break into your network. Here are some tips to protect your corporate data.

Use Two-Factor Authentication

Using a complicated password to secure your system is no longer an effective way to solve the issue of cybersecurity. We tend to use that same complex password in our email accounts or bank accounts, and if one of your logins is compromised, this can result in grave consequences.

Two-factor authentication (2FA) adds an extra layer of security for your systems and accounts. It can be biometric verification for devices that you own, or a time-sensitive auto-generated code that is sent to your mobile phone. This security feature works in the same way websites would require you to confirm your email address. They want to make sure that you’re not a bot or anything else.

Encrypt all data

Encryption is a great obstruction to hackers, since it scrambles and descrambles data every time someone tries to read it. Encryption also causes compatibility issues if the data is not being accessed via the company’s own network systems. While applying encryption can be costly, it is certainly well worth the money if it can protect your business data from falling into the wrong hands.

Keep systems up to date

Technology is moving at a fast pace. Hackers are always upgrading their tools to take advantage of outdated security systems, so companies should do likewise to protect their valuable resources. Yet many companies don’t install software updates immediately. If the update closes existing security loopholes, delaying an update exposes you to external attacks. So install software updates as soon as they are released.

Back up frequently

Although you’ve implemented several layers to your security, sometimes hackers can still find their way in. This is why you need to back up data frequently, whether it’s on-site, off-site, or by way of cloud backups. In the worst-case scenario where your systems do get infiltrated, you can restore lost data from those backups.

Monitor connectivity

Many businesses have no idea how many computers they have, so it’s very hard to keep track of which computers are online. Sometimes a company’s computers and servers are online when they don’t need to be, making them tempting targets for attackers. It’s advisable to configure business servers properly, ensuring that only necessary machines are online and that they’re well-protected.

It’s much more expensive to recover from a data breach than to prevent one. If you’re looking to protect your business IT systems for potential threats, contact us today so we can help.

Published with permission from TechAdvisory.org. Source.

Benefits of using a VPN

While using a virtual private network or VPN isn’t a silver bullet to online privacy threats, it still offers crucial security benefits, especially if any part of your day involves using unsecured channels such as public Wi-Fi. Given its importance, how do you pick the right one and what factors do you need to consider?

What is a VPN?

The best way to describe a VPN is as a secure tunnel between your device and destinations you visit on the internet. Once you’ve established your PC’s connection to a VPN server, your computer acts as if it’s on the same local connection as the VPN making it seem you moved to a different location. As far as websites are concerned, you’re browsing from that server’s geographical location, not your computer’s actual location.

When you surf the web through a VPN, all the data transmitted and received is also encrypted, preventing anyone — from hackers to government agencies — from monitoring your online activities.

Why should you have one?

Of course, security and privacy are major reasons why you would want a VPN. For example, if you’re connected to a public Wi-Fi network — like the ones you typically encounter at local cafes and airports — using a VPN encrypts the information you’re sending or accessing online. This means your credit card details, login credentials, private conversations, or other sensitive documents can’t be intercepted by a third party.

VPNs are also useful for accessing geo-restricted websites. If you’re traveling abroad and certain US websites are blocked in that region, you can connect to a VPN located in the US to access the sites you need.

Which VPN should you choose?

Given the increasing demand for secure online privacy, VPNs are surging in popularity. The following considerations can help you find the right one.

1. Cost
While free VPNs are available, we strongly suggest you avoid them as they could keep logs of your internet activity, and in some cases sell them to data brokers or worse, cybercriminals.

Maintaining a VPN service is also expensive, which means the free ones will likely plaster ads on your browser to make a quick buck.

Paid VPNs like SurfEasy and StrongVPN often come with more robust features and configurations that keep you secure. Prices differ depending on a VPN’s features and subscription length, and remember that how you pay is also important. Some VPNs offer anonymous payment systems like bitcoin while others allow you to use gift cards to avoid giving out your personal information.

2. Location
The physical location of VPN servers is important if you want to access region-blocked websites. So if you’re planning on accessing a UK-based service, your VPN provider must at least have servers installed in London.

3. Capacity
Read through a VPN provider’s terms of service to determine how much data you’re allowed to use. If possible, find out how many servers a VPN provider has. If they have plenty of servers online, you can rest assured that they have the capacity to support your internet browsing.

4. Device compatibility
Another important factor to consider is whether the VPN can be used across multiple devices. Nowadays, employees work on laptops, tablets, and smartphones, so you’ll want a VPN that’s compatible with all these.

5. IP leaking
Beyond the fundamental nuts and bolts of the VPN protocol, there are other challenges like dealing with leaky tunnels, which means your IP address could be tracked. A great way to evaluate a VPN service is to sign up for their free trial service and visit https://ipleak.net. This will allow you to check whether your real IP address is actually being leaked. If it tracks your physical location, you should opt for a more reliable VPN service.

VPNs are now a vital component of cybersecurity, and if you need help selecting the right one for your business, consult with our security experts today. We also offer comprehensive cybersecurity services so no hacker or third party can get their hands on your data.