It’s our pleasure to introduce Emma, an F-Secure Marketing Specialist who works in Global Marketing. She specializes in corporate protection that keeps businesses thriving. With the launch of our new Software Updater solution for business, we’re going to be focusing more on corporate security in the future so we thought we’d start by introducing Emma and giving you her thoughts on the challenges our corporate customers face.
We started off by asking Emma what it is she likes most about her job.
“It’s quite difficult to pinpoint one single thing that I most enjoy at work,” she told us, “since one of my favorite things about my job is the variety of tasks. However, one of the best parts of my job is definitely creating content. Telling stories is fun, and I hope that we also succeed in communicating in ways and about topics that are relevant and of interest to our target audience.”
That audience is made up of F-Secure partners —some of the best and brightest business minds around the globe.
Like many of us at F-Secure, Emma enjoys the unique opportunity to work with and around some of the world’s foremost experts in digital threats.
“During my time at F-Secure, I have had the chance to learn not only a whole lot of new things about marketing, but also about the industry and the threat landscape,” she said.
Her job also puts her in touch with the current challenges that exist in securing the workplace.
“There’s no single threat that most affects businesses,” she told us. “Rather, organizations of all sizes are affected by cyber crime in all it’s different forms and variations, but one clear purpose: to steal money and confidential data. Even small businesses are increasingly becoming the target of these attacks, as many of them lack the resources and expertise to protect their irreplaceable assets.”
The threat landscape is always evolving but one aspect that is increasingly scary to businesses is software vulnerabilities.
“Recently, we’ve seen an increasing amount of attempts to gain access to a computer through vulnerability exploitation – the art of finding a security hole in any software and using that as a way to infect the machine. Vulnerabilities in Java and Internet Explorer have been all over the news, and criminals haven’t left these opportunities unused.”
That’s where F-Secure comes in, of course.
Emma explains: “Our portfolio covers a whole range of customer needs, from organizations willing to manage their solution on their own to a fully outsourced solution where IT security is managed by a trusted partner. We protect all layers of the organization from desktop PCs, laptops and mobile phones to file servers and email servers. In addition, our advanced management tools make it possible to monitor and manage a network.”
F-Secure was the first security company in the world to offer security as a service. Many businesses find that by relying on us for the best protection in the world doesn’t just save them time and money. It frees them up to concentrate on what matters most.
“Security as a Service has proven to be a success and it is increasingly popular among businesses. Outsourcing security to a partner means worry-free and reliable protection that is always backed up by F-Secure’s world class technology,” Emma told us. “When professionals take care of security, you can focus on your core business. Security as a Service is a great solution especially for those businesses, large and small, that don’t have the necessary expertise.”
How can F-Secure affect your workplace?
“Ensuring high-quality protection ensures uninterrupted work and keeps an organization running. Actually, the challenge with security is that it is only noticed when something negative happens,” she said.
But for Emma, security that works best is security that you don’t notice.
“Security is paramount for business but it should not come at the cost of usability. Our objective is to offer our customers the best protection without unnecessary impact on performance or distraction.”
When this happens everyone performs better.
“At best, IT security can improve productivity,” she said. “Think about email, for example. Email is a vital business tool for companies, but spam email traffic can reduce employee productivity and burden the IT infrastructure. Effective and accurate virus and spam filtering saves internal network bandwidth and increases productivity.”
Most businesses have had email security in mind for years but forward-thinking businesses are thinking ahead. Optimal software performance prevents online crime and keeps businesses functioning optimally when it matters most.
“Another example could be updating software. Keeping software up-to-date fixes holes in security,” Emma told us, “but can also keep software and applications running smoothly and reliably during critical times.”
For business, those critical times are the last moments when you want to think about security. And that’s why Emma and F-Secure are here, so you don’t have to.
Yet another high-profile vulnerability in the headlines, Shellshock. This one could be a big issue. The crap could really hit the fan big time if someone creates a worm that infects servers, and that is possible. But the situation seems to be brighter for us ordinary users. The affected component is the Unix/Linux command shell Bash, which is only used by nerdy admins. It is present in Macs as well, but they seem to be unaffected. Linux-based Android does not use Bash and Windows is a totally different world. So we ordinary users can relax and forget about this one. We are not affected. Right? WRONG! Where is your cloud content stored? What kind of software is used to protect your login and password, credit card number, your mail correspondence, your social media updates and all other personal info you store in web-based systems? Exactly. A significant part of that may be on systems that are vulnerable to Shellshock, and that makes you vulnerable. The best protection against vulnerabilities on your own devices is to make sure the automatic update services are enabled and working. That is like outsourcing the worries to professionals, they will create and distribute fixes when vulnerabilities are found. But what about the servers? You have no way to affect how they are managed, and you don’t even know if the services you use are affected. Is there anything you can do? Yes, but only indirectly. This issue is an excellent reminder of some very basic security principles. We have repeated them over and over, but they deserve to be repeated once again now. You can’t control how your web service providers manage their servers, but you can choose which providers you trust. Prefer services that are managed professionally. Remember that you always can, and should, demand more from services you pay for. Never reuse your password on different services. This will not prevent intrusions, but it will limit the damage when someone breaks into the system. You may still be hurt by a Shellshock-based intrusion even if you do this, but the risk should be small and the damage limited. Anyway, you know you have done your part, and its bad luck if an incident hurts you despite that. Safe surfing, Micke PS. The best way to evaluate a service provider’s security practices is to see how they deal with security incidents. It tells a lot about their attitude, which is crucial in all security work. An incident is bad, but a swift, accurate and open response is very good. Addition on September 30th. Contrary to what's stated above, Mac computers seem to be affected and Apple has released a patch. It's of course important to keep your device patched, but this does not really affect the main point of this article. Your cloud content is valuable and part of that may be on vulnerable servers.
On Tuesday Apple announced its latest iPhone models and a new piece of wearable technology some have been anxiously waiting for -- Apple Watch. TechRadar describes the latest innovation from Cupertino as "An iOS 8-friendly watch that plays nice with your iPhone." And if it works like your iPhone, you can expect that it will free of all mobile malware threats, unless you decide to "jailbreak" it. The latest F-Secure Labs Threat Report clears up one big misconception about iOS malware: It does exist, barely. In the first half of 2014, 295 new families and variants or mobile malware were discovered – 294 on Android and one on iOS. iPhone users can face phishing scams and Wi-Fi hijacking, which is why we created our Freedome VPN, but the threat of getting a bad app on your iOS device is almost non-existent. "Unlike Android, malware on iOS have so far only been effective against jailbroken devices, making the jailbreak tools created by various hacker outfits (and which usually work by exploiting undocumented bugs in the platform) of interest to security researchers," the report explains. The iOS threat that was found earlier this year, Unflod Baby Panda, was designed to listen to outgoing SSL connections in order to steal the device’s Apple ID and password details. Apple ID and passwords have been in the news recently as they may have played a role in a series of hacks of celebrity iCloud accounts that led to the posting of dozens of private photos. Our Mikko Hypponen explained in our latest Threat Report Webinar that many users have been using these accounts for years, mostly to purchase items in the iTunes store, without realizing how much data they were actually protecting. But Unflod Baby Panda is very unlikely to have played any role in the celebrity hacks, as "jailbreaking" a device is still very rare. Few users know about the hack that gives up the protection of the "closed garden" approach of the iOS app store, which has been incredibly successful in keeping malware off the platform, especially compared to the more open Android landscape. The official Play store has seen some infiltration by bad apps, adware and spamware -- as has the iOS app store to a far lesser degree -- but the majority of Android threats come from third-party marketplaces, which is why F-Secure Labs recommends you avoid them. The vast majority of iPhone owners have never had to worry about malware -- and if the Apple Watch employs the some tight restrictions on apps, the device will likely be free of security concerns. However, having a watch with the power of a smartphone attached to your body nearly twenty-four hours a day promises to introduce privacy questions few have ever considered.
Our Freedome VPN service hit a new milestone this summer. We added our newest location in Paris, France and now have 11 nodes in 10 different countries: Canada (Toronto) Finland (Espo) France (Paris) Germany (Sachsen) Hong Kong Italy (Milan) Netherlands (Amsterdam) Singapore Spain (Madrid) Sweden (Stockholm) United Kingdom (London) United States (East Coast) United States (West Coast) That means regardless where you are in world, you can pick any of these locations to mask your whereabouts and use any of the services you love. Freedome also acts a VPN to encrypt your data so a free Wi-Fi network is safe for private transactions along, and it includes anti-virus, anti-tracking, and anti-phishing. It's been localized into 10 different locations and will soon be available for iOS devices. If you travel -- our just want your phone to think you're traveling -- this is the kind of protection you need. Get it now from the Google Play or iTunes store. Cheers, Sandra, UPDATED: Hong Kong and Singapore were added on September 15, 2014. [Image by jvieras via Flickr]