With the hustle and bustle of day-to-day life a personal assistant surely would come in handy, right? While this may not be fiscally responsible, maybe a voice assistant would be. In our last article, The Ping: Voice Assistants, we discussed how a voice assistant can manage a lot of your needs. Things such as the weather for the day, the traffic to work and your grocery list. However, sometimes just managing your house is what you need the most help with. Are you aware that they can do that too and what they are really managing?
*Special Alert* – Apple FaceTime Bug
Occasionally news crosses our desk that immediately make us want to forward it to friends and family as a warning. This is one of those…
What is the problem?
“A significant bug has been discovered in FaceTime and is currently spreading virally over social media. The bug lets you call anyone with FaceTime, and immediately hear the audio coming from their phone — before the person on the other end has accepted or rejected the incoming call. Apple says the issue will be addressed in a software update “later this week”.”
As the year draws to a close, we want to remind you of how important it is to stay diligent with your cybersecurity awareness training and security updates. This year, like years past, cybersecurity breaches have topped headline news and may have affected you personally. Let’s review some of the larger breaches and malware risks this year. These are security breaches that allowed someone or some group to access personal information, and they could even access some examples of how that information was used.
Criminal Justice Information Services (CJIS)
Criminal Justice Information Services, or CJIS, is a division of the FBI that provides criminal justice information needed to perform law enforcement duties. It “serve[s] as the focal point and central repository for criminal justice information services in the FBI.” – FBI. In Texas this information is disseminated via the DPS and includes details such as vehicle registration, criminal history, driver’s license, license plate, firearm, etc. Because this information is highly sensitive and needs to be protected, CJIS provides security compliance requirements and performs audits to ensure these requirements are being met. Below are just a few example requirements of the Security Policy…
- Security Awareness Training
- Perimeter Intrusion Detection
- Advanced Authentication
- Maintain Log History
- Change Management
- Device Encryption
Failing a single audit flags an agency as non-compliant. If compliance is not achieved, the agency can lose access to the information and tools needed to perform their duties.
Cybersecurity starts first, and foremost, with people. Even with a secure perimeter, the people using the network can introduce risks to the environment. Teaching your employees what to look out for and where their responsibilities lie are the first steps to closing the security gaps and lessen the chances of your business falling victim to a vicious attack.
Recently we’ve had a few questions from customers regarding upgrades and updates. Let’s dive into the purpose of these updates and upgrades to break down the reason why they are so important.
Working remotely may seem rather quick and easy. You head on over to your local coffee shop, order your triple-shot, half-caff, no foam, extra hot latte and sit at your favorite table in the corner. You double check to make sure no one is looking over your shoulder, pop open your laptop and get to work. Right? Well, it’s actually a little more complicated than that. Staying secure in a non-secure work place comes with some much needed extra steps to keep your company data away from prying eyes.
Most of us look at that update notification from our devices and think, “I’ll do that later.” When we finally get around to it, there are multiple updates that have been sitting there for weeks. We continue with this behavior because nothing has happened to me yet. In order to change those behaviors, let’s begin to think of updates like you would your car insurance. If you waited to cover yourself, that fender-bender might have cost you a LOT more in the long run.
Building an Effective Human Firewall
Cyber attacks aren’t just getting more frequent, they are also becoming significantly more vicious and sophisticated. One reason for this is because Cybercrime is easy to do…anyone can find the tools on the dark web and easily start their own cybercrime business. Now, more than ever, is time to take stock of your countermeasures with a focus on your staff as the likeliest entry point for cybercrime attacks.
Cyber criminals count on the fact that busy people perform hundreds, if not thousands, of daily actions on a computer or device connected to the internet and they know that most of those actions are performed automatically and without much thought. As a result, the majority of today’s data breaches result from human error, making cybersecurity a “people problem” as well as a technology issue.
The solution to this people problem goes beyond IT and involves cultivating an entirely new employee mindset around cybersecurity. Our recommendation is to create an expectation of 100% participation…it only takes one person to click on one link to bring the system down.
When fully engaged, these three steps creates a formidable human firewall capable of spotting and preventing even the most sophisticated cybercrime attempts and offers a significant step towards mitigating the human error that is behind 95% of the cyber breaches occurring today.
Almost every day we hear of a new way hackers are stealing personal information from the public. They are creating so many new ways to exploit us that it’s almost impossible for the security vendors to keep up. This underlines the fact that the best way to try and remain malware free is, and probably always will be, to practice safe computing habits.