Threats facing businesses cannot be narrowed down to any specific type of attacks. Instead, what most businesses are fighting against is a complex engine of cybercrime with many different forms and variations. Criminals are constantly devising new forms of attacks to stay ahead of the game.
Keeping up with these changing tactics is a job for the F-Secure Labs—not you. But there are some basic precautions you can and must take so that way the expert virus hunters know can be used to protect your company’s irreplaceable assets.
1. Never reuse your work passwords for personal accounts.
You need to make sure your work passwords are strong, reasonable for you to remember and unique! The last thing you want is a Facebook or webmail hack to lead to a compromise of your work network. Also avoid using your work email for personal accounts.
2. Use a separate browser for work and web browsing.
This is good for both focus and security reasons. If you do any banking for work or use any secure credentials do it all in one browser such as Chrome or Firefox. Then use another browser for research or personal communications to minimize the chances of compromising your company data.
3. Always lock your PC when you’re not in front of it.
This piece of advice almost goes without saying but we have to remind you that an unlocked PC should be thought of like an open wallet. You probably wouldn’t ever walk away with that in plain sight, would you?
4. Make sure you’re running the latest versions of all your software.
Yes, that’s all your software, like operating systems, plugins such as Flash and Java, Microsoft Office and any browsers in use – not just security software. However, keeping up with software updates can be a time-consuming, costly process. Our new Software Updater feature makes this easy.
5. Be sure your organization has solid security product coverage on all layers of your IT environment, from laptops and desktops to servers and mobiles.
In case you’re unsure of how to stay protected or lack the resources for it, find an expert who can guide you through security issues and knows the dangers out there.
We believe that keeping your organization secure doesn’t have to be time consuming or difficult. With the right solution and the right partner, you can devote your time and resources to your commercial priorities – without compromising on security.
“The cloud” is a big thing nowadays. It’s not exactly a new concept, but tech companies are relying on it more and more. Many online services that people enjoy use the cloud to one extent or another, and this includes security software. Cloud computing offers unique security benefits, and F-Secure recently updated F-Secure SAFE to take better advantage of F-Secure’s Security Cloud. It combines cloud-based scanning with F-Secure’s award-winning device-based security technology, giving you a more comprehensive form of protection. Using the cloud to supplement device-based scanning provides immediate, up-to-date information about threats. Device-based scanning, which is the traditional way of identifying malware, examines files against a database saved on the device to determine whether or not a file is malicious. This is a backbone of online protection, so it’s a vital part of F-Secure SAFE. Cloud-based scanning enhances this functionality by checking files against malware information in both the local database found on devices, and a centralized database saved in the cloud. When a new threat is detected by anyone connected to the cloud, it is immediately identified and becomes "known" within the cloud. This ensures that new threats are identified quickly and everyone has immediate access to the information, eliminating the need to update the database on devices when a new threat is discovered. Plus, cloud-based scanning makes actual apps easier to run. This is particularly important on mobile devices, as heavy anti-virus solutions can drain the battery life and other resources of devices. F-Secure SAFE’s Android app has now been updated with an “Ultralight” anti-virus engine. It uses the cloud to take the workload from the devices, and is optimized to scan apps and files with a greater degree of efficiency. Relying on the cloud gives you more battery life, and keeps you safer. The latest F-Secure SAFE update also brings Network Checker to Windows PC users. Network Checker is a device-based version of F-Secure’s popular Router Checker tool. It checks the Internet configuration your computer uses to connect to the Internet. Checking your configuration, as opposed to just your device, helps protect you from attacks that target home network appliances like routers – a threat not detected by traditional anti-virus products. So the cloud is offering people much more than just extra storage space. You can click here to try F-Secure SAFE for a free 30-day trial if you’re interested in learning how F-Secure is using the cloud to help keep people safe. [Image by Perspecsys Photos | Flickr]
This is the second in a series of posts about Cyber Defense that happened to real people in real life, costing very real money. Peter came into work thinking, “Today is gonna be boring as hell. I can’t wait till my shift ends”. He couldn’t have been more wrong. One terrible password “Policy 2014” would soon turn his insurance agency upside down. Peter had been working in a 24/7 security centre for a couple of years. He was an IT security specialist and he thought that he’d seen it all. This illusion was shattered when he picked up the phone. “We have a problem. We are losing clients!” he heard through the receiver. He kept listening, though he had no idea how this applied to him. “I think someone might have broken into our sales system! He calls our clients whose contracts are soon to expire. Just before we have a chance to do so ourselves”, the caller complained. The situation was beginning to look serious, and confusing. The system had recently been updated to boost security. At first, the staff who drafted offers for sales reps were accused of leaking the information. It had to be them. They had full access to the system. However, after close monitoring of the system, these suspicions proved to be unfounded. A lead was discovered by sheer coincidence: someone tried to log into the internal sales system using the account of an employee who was currently on holidays. The situation required immediate action. Peter had to identify the exact time and place the system was hacked into through sales reps’ accounts. For this purpose he used a Network Monitoring System of his own design. Unfortunately, it didn’t shed much light on the matter. The login location shifted each time he scanned the system. What is more, these locations were often miles away from each other! Then he started to think like a detective – he decided to lay some bait for the hacker. He created a fake profile for a client whose contract was about to expire. A sales rep was to call him in exactly five days. However, Peter entered his own phone number in the client’s profile details. It only took three days for the hacker to bite. After a two-minute phone call, everything became clear enough. It turned out that the mysterious hackers were in fact employees of a distributor with whom Peter’s company had entered into a contract for the sale of its insurance policies. These suspicions were only made more certain when it was discovered that the company had recently recorded an increase in its sales of insurance products through the distributor. The investigation revealed that an employee from the IT department had facilitated the hacking. He confessed, and revealed that temporary passwords to the sales system were always the same (“Policy 2014”) and that hardly anyone ever changed them – this was enough to obtain customer account data. Finally, the situation was brought under control. The sales system was secured and sales specialists were properly trained in data and password protection techniques. However, the company’s image suffered. Although much effort was made to keep the case confidential, many clients grew concerned about the safety of their personal data. Nevertheless, it was the sales personnel who suffered the most as their commissions dwindled. For the latest on business security, be sure to visit F-Secure's Business Insider.
F-Secure announced today that it has acquired nSense - a Danish cybersecurity firm that specializes in providing security consultations, vulnerability assessment, and related services to large enterprises. So you might be asking yourself why this matters. Well, the answer is that it matters because “large enterprises” provide products and services to people, and so the kind of security measures these services use to defend against cyberattacks is what protects the personal information you give to these enterprises from would-be attackers. The 2011 attack on Sony’s Playstation network provides a textbook example of how important corporate cybersecurity is for regular people. The Playstation Network was hacked in April 2011, and while it was initially reported as a disruption in service, Sony’s investigation eventually uncovered evidence that the attackers were able to steal the personal data of people subscribing to the gaming service. The compromised data included names, email addresses, physical addresses, and even login details of around 70 million subscribers. Sony also admitted that the attackers may have stolen credit card numbers, although they could not confirm this. And this isn’t an isolated incident. Target experienced a massive data breach in 2013, as did Home Depot in 2014. Both instances exposed the credit card information of shoppers to risks - risks that people don’t necessarily want to take when they go shopping at brick-and-mortar stores. So the cybersecurity of large enterprises is an issue that concerns us all, which is why F-Secure’s acquisition of nSense is big news. F-Secure’s award-winning products already protect tens of millions of people and thousands of businesses. nSense is one of Northern Europe’s leading cybersecurity firms, and specializes in providing protection services for large enterprises in the entertainment, finance and service provider sectors. You should care about whether or not the businesses and organizations you entrust with your data are taking care of it, and providing it with the best protection. Now F-Secure is in an even stronger position to provide its vaunted Best Protection to large enterprises, and to their customers. And that's why it matters. [ Image by carlosalbertoteixeira | Pixabay ]