Password managers help users remember all their passwords – but can be a much more powerful tool for dramatically limiting the damage in the event of a single account being compromised.
Criminals increasingly use credential-stuffing attacks where automated tools use previously-breached account details to gain access to the user’s other accounts.
A good password manager ensures you can use a strong, randomly generated and distinct password across each of your accounts to prevent any single breach putting other data at risk.
Keeper can also notify users when breached passwords are identified online, integrate with single sign on tools such as Active Directory, and enforce multi-factor authentication – all important considerations for organisations needing to maintain cybersecurity standards across large teams.
For added convenience, Keeper is available via the web, Windows/MacOS desktop clients, browser extension and Android/iOS mobile app.
For Cybersecurity advice and expertise, please contact our team today.
USB drives are a security nightmare. From losing files, to sharing them inadvertently, or accidentally installing something malicious, these tiny handheld digital storage grenades are a data-protection disaster waiting to happen.
Many people can’t help themselves. Sometimes it’s just so useful to be able to move a file to a separate computer, or carry a copy of that file on a handy keyring.
It’s true that too many operating systems auto-run memory sticks. As users we could perhaps be more careful though – find a USB and it’s tempting to plug it in… a 2016 University study suggested roughly half of those who find a memory stick on the ground will plug it in without thinking.
In particularly data-sensitive environments options are available to either disable PC USB ports, or remove them from a PC entirely. At the very least, businesses preparing for this summer’s new GDPR regulations need to take some sensible USB security precautions:
1. Be strict.
Ask yourself whether it’s entirely necessary to put this file on a memory stick, and be harsh about what files you copy. Memory sticks now hold terabytes of data, and are too easy to drop, or leave on the train.
GDPR is naturally concerned with sensitive personal data, and not your supermarket shopping list. Nobody ever intends to lose a file full of personal data, so you should think twice before putting the former on a USB drive, while the latter is probably OK.
The best antivirus softwares (for example Lineal’s recommended ESET antivirus) automatically offer to scan a newly connected memory stick for malicious software, before the user accesses the files. This only takes a few seconds, but it’s strongly advised to let your antivirus act as gatekeeper for a USB stick, as you would your emails or web browsing.
3. Sharing is not caring
Sharing files via memory sticks is not sensible, not least because you’re forced to share the whole contents, including the ability to duplicate files.
You can’t be certain what any given person will do with the USB drive or its data, or what the person giving you a memory stick might have done with it previously, so it’s safer to confine USB drives to a specific individual.
4. Get something better
The world of IT is full of better solutions, including Apple’s useful ‘Airdrop’ function which allows direct, localised file sharing over WiFi. For company-wide systems, numerous excellent cloud-based file storage and sharing platforms are available. Microsoft’s excellent OneDrive platform is easy to use from any device, and allows businesses to share files online via the cloud, with customisable permissions to control who has access to the data at any time.
A USB drive should not be necessary to complete routine IT tasks. Thank goodness.
The virus then begins encrypting files, demanding a ransom be paid to unlock the user’s data.
According to the BBC the unconnected company cited in the email, cotton fabric manufacturer British Millerain Co Ltd, have received more than 150 phone calls from individuals concerned that they owe money.
Phishing emails and websites, which typically mimic official bank or company communications to trick vulnerable users into making payments to criminals, are becoming increasingly sophisticated.
The use of an individual’s personal address, and higher quality written English, suggests the original creator of the email has gone to greater lengths to make the email look convincing and to avoid detection.
It is also likely that the matching address originates from stolen, legitimate customer data, accounting for users’ recognition of the way they write their own home contact details.
New threats are constantly developing, and Lineal recommend installing an antivirus software with a strong record of catching emerging online threats – such as ESET.
Always follow some simple rules:
Never click a link or open an attachment from any suspicious email whose origins you do not recognise.
Banks and similar will NEVER request your private passwords, pin numbers or other confidential information. Do not disclose these to anyone.
If hit by cryptolocker style ransomware, every second counts – seek professional technical support immediately.
Always keep a regular, separate backup of your files.
Almost certainly – but don’t panic. Details of anonymous data gathered from Windows 10 users were released this week, with Microsoft publishing more usage information surrounding Windows 10 tracking.
In a blog post, Microsoft explained that the data is gathered for “Standard diagnostic, anonymous analytics that enables us to deliver the best Windows 10 experience possible.”
Via Windows 10 tracking, Microsoft have now measured more than 200 million active devices running the new operating system, 2.4 billion search questions asked of Virtual Assistant Cortana, and more than 44.5 billion minutes spent using the new Microsoft ‘Edge’ browser.
Routine data collection is unlikely to concern most users – and has clearly been announced to show Windows 10’s success. Microsoft also casually notes that the new operating system, released in the summer of 2015, has been “Outpacing… Windows 8 by nearly 400%.”
The accelerating adoption of Windows 10, including among 22 million Enterprise and Education customers, offers Microsoft renewed hope for growing the user base of associated products, such as Azure cloud computing, Windows Phone and the impressive Office365.
If concerned, users can ‘turn off’ all feedback (aside from error reports) by setting the feedback option to ‘Basic’ in their settings.
Taking a more nuanced view, this admission illustrates an industry ever more capable (and willing) to be flexible with privacy concerns of customers in the quest for the perfect user experience.
Need Windows IT support and advice? Contact Lineal today: www.lineal.co.uk or 01271 375999
With ‘Windows 10.1’ now barely a month old, and the Microsoft operating system already running on over 12 million business PCs, how fares Microsoft’s free updates strategy?
Windows 10.1 update was released with relatively little fanfare (be honest, you didn’t notice) adds features that, understandably with hindsight, might have been a distraction at the main Windows 10 release back in July.
Packaged within were mainly performance and security upgrades – Windows 10.1 will now boot almost 30% faster than an old Windows 7 system on the same device, the Cortana virtual assistant has some new handwriting recognition skills and there are new enterprise tools for mobile devices. Microsoft Edge runs smoother too, offering previews of tabs before viewing and syncing favourites across devices.
Most importantly, after recent corporate data breaches in the news, Microsoft have added a range of new security safeguards. These including ‘Windows Hello’, supporting enterprise grade biometrics including fingerprint and facial recognition – sadly currently only available for US users.
Aside from controversy surrounding user privacy then (if you didn’t notice your Windows 10.1 update, that’s maybe because Microsoft installed it automatically on your device without asking you) the first free update went ahead with relevant additions and limited fuss.
Starting free updates officially moves Microsoft into line with Apple’s OS X business model that has become the industry standard. Yet limited promotion of Windows 10’s ongoing development risks downplaying Microsoft’s progress.
Which would be unfair, because Microsoft is plainly taking extra care to develop the business security of their product range, including the excellent Office365, Microsoft Azure and now Windows 10.1. Microsoft is clearly listening to business’ fears, and businesses should welcome it.