Secure Video Conference Tips
COVID-19 measures are causing organizations to turn to video conferencing applications for remote working. Good cyber security hygiene can help keep out unwanted attendees, protect your employees and secure your data. Here are 9 security tips to help you manage access to remote conferencing platforms.
- Require passwords for all meetings
Meeting IDs can be guessed, allowing unauthorized attendees to join even if they have not received an invite. Never share meeting IDs on public fora (including social media) unless you intend the meeting to be open to all. Set a meeting password, which can be communicated by other channels to limit access. - The chairperson joins first
The chairperson or host of the conference should control admittance. Use the “waiting room” feature to manage those requesting to join and challenge unknown attendees before starting the conference. - Lock calls after everyone joins
Once invited attendees have joined, lock the meeting to keep out unknown attendees. - Be wary of unknown phone numbers
Beware of attendees dialing in from unknown phone numbers. Ask them to confirm their identity and expel them from the call if they refuse to do so. Check whether your conferencing application enforces passwords when dialing in. - Set up alerts when meetings are forwarded
Establish alerts so you know when meeting invites are forwarded over email to others; check any secondary invitees are legitimate and challenge the forwarding of the invite if not. If necessary, schedule a new meeting with new dial-in details. - Limit file sharing in the chat
Restrict file sharing in the message column of a conference call, so that any unknown attendees aren’t able to receive and open private documents, or send malware disguised as an attachment to other attendees of the call. - Prevent the recording of meetings
Block any attendees except for the chairperson or host from recording the meeting, or set up alerts to identify which attendee has started recording. - Use a business or enterprise license
Your employees need access to effective collaboration tools. Consider buying an enterprise license that allows you greater control over employee use and helps ensure that default settings are secure and meet privacy needs. - Be a great listener
Make sure that every attendee speaks at the start of the call, maybe even on video. It helps deal with isolation and identifies unknown attendees.
Source: Here
Cyber Threats
It seems that as soon as cyber security professionals nail down a solution for one threat, new ones emerge. If that isn’t bad enough, industry experts project cybercriminals won’t be hitting the brakes any time soon.
In fact, with society so reliant upon a digital existence, they anticipate these crooks to amp up their exploits. Here are some top cyber security threats to continue to watch out for.
Cloud threats
As the cloud continues to dominate as a game-changing technology, it’s no surprise cybercriminals are actively looking for ways to exploit it. Unfortunately, while we have all come to rely heavily upon the cloud, for many of us, our security practices haven’t quite caught up. Here are a few things exploiters do to gain access to cloud systems:
- Steal passwords.
- Launch phishing attacks.
- Reconfigure settings to allow access or otherwise impair security measures that are in place.
- Search for unencrypted cloud systems for valuable data.
While there are still kinks to work out where security and the cloud are concerned, one thing is clear: as storage and productivity apps continue to migrate from legacy systems, cyber attackers will want to gain access to all the data stored in the cloud.
Artificial intelligence
AI is steadily working its way into various industries and has evolved beyond the novelty stage to everyday use. As a result, industries are amassing tremendous amounts of data, and this is leading researchers to be concerned about cybercriminals finding ways to exploit this technology. As broad acceptance of AI continues, bad actors are expected to start employing the technology to do their dirty work.
- Cybercriminals will look at AI systems as attack targets.
- Exploiters will seek to enlist AI tech to launch their own attacks.
- AI will take advantage of increasingly-sophisticated social engineering attacks and phishing.
- AI could be used to mimic authoritative sources and fool unsuspecting victims.
Ironically, AI is also expected to help boost cyber security efforts, but experts worry it could be a double-edged sword.
Cross-site scripting
Attackers employing this method of attack exploit business websites to execute malicious code into the browsers of unsuspecting victims. According to some reports, over 21 percent of vulnerabilities found by bug bounty programs are cross-site scripting.
Cybercriminals no longer focus their sole attention on large corporations, but are actively targeting small businesses and individuals as well. While smaller targets may not bring the huge payoffs that come from a successful attack on a major corporation, they are typically easier to exploit because these entities don’t have the tools or resources of in-house IT departments to protect themselves.
The good news is everyone can kick up their security a notch by using a private VPN and tightening security on personal data with strong, unique passwords for each account. Here’s a password manager guide to help you decide which password manager app is best for you. Yes, Sticky Password is on the list.
Mobile malware
Mobile malware is expected to continue to be a thorny issue in the cyber security realm, especially as users continue to gravitate towards using their phones as primary computing devices. Human actions play a large role in how hackers craft their mobile attacks.
- Many users habitually connect to unsecured Wi-Fi connections; hackers like to spoof fake networks or target open ones.
- Users often don’t utilize mobile security tools and exploiters will seek to pursue easy targets.
- Exploiters take advantage of smaller screens by hiding phishing attacks, launching them before users can spot clues.
The openness and ease of access to connect have created layers of complacency in our always-connected society. Add BYOD to the mix where employees are using personal phones for work purposes and the potential payoff becomes even more appealing for hackers. To combat this risk, it’ll take behavioral changes and more education about cyber security threats.
Ransomware
Despite the first ransomware event occurring way back in 1989, this threat continues to persist, reaching record levels in 2017. This type of nefarious attack intensified during 2018 and experts predict it will continue to raise its ugly head throughout 2019, especially as people become even more dependent on their files.
Considering how ransomware persists, it’s not surprising crypto-jacking has also emerged as a serious threat. It’s a modern form of bank robbery and the thieves are employing many of the same methods they use for ransomware. Research conducted in 2018 found 33,000 websites were running crypto mining scripts. Notably, a cybercriminal doesn’t even need to be particularly skilled or tech-savvy because crypto-jacking kits can be bought on the dark web for a mere $30.
Conclusion
Unfortunately, online threats have evolved to become a part of everyday life. However, armed with knowledge and tools, both businesses and individuals can better protect themselves in 2019 and beyond. It’s a smart strategy for users to have awareness of current threats and data breaches so that they can employ basic tools to protect themselves and those around them.
Source: Here
Identity Protection
You’re taking all the right steps to keep your passwords from falling into the wrong hands. Great! But are you putting the same effort into protecting your identity?
Your risk of identity theft can vary, depending on variables that may not even occur to you like which state you reside in to where you park your car at the airport. While you may think that it’s unlikely that your identity will be stolen, news stories about data breaches and hacking have us all looking for a way to help protect ourselves from identity theft. Luckily, there are identity theft protection service providers that can help you take proactive steps in your theft prevention.
But what can identity theft protection offer you?
A wide variety of security features
While your banks can monitor your specific account for indications of fraud or theft, they are often limited to examining only the cards and accounts under their bank. If someone has access to your name or other personal information they could apply to open a credit card or a loan in your name without your consent.
Identity theft protection entails a wide array of services that expand beyond the bank monitoring. Including public record and address monitoring services can help you become alert to certain activity that may indicate fraud in connection with and beyond your credit files. Other services like access to credit reports, lost wallet protection and mail list removal can help you take preventative steps towards your identity protection.
Help if your identity is stolen
Unfortunately there is no foolproof method for preventing ID theft, but identity protection services can help you take positive steps towards protecting your identity. Offering recovery assistance is a key feature that will come in handy should you become victimized by one of these thieves.
Identity theft protection can be complicated‚ so it’s inevitable that you’ll have questions throughout your relationship with this service. If there isn’t a dedicated team available to talk to you when you need clarification or help‚ you simply aren’t getting the best identity safeguards possible.
Getting a leading protection service.
If you really want to protect your identity‚ it is helpful to have an extra set of eyes on your side. By monitoring certain data points, companies like Identity Guard can alert you when they detect certain activity that may indicate fraud, giving you a head start as you freeze fraudsters out of your accounts.
Don’t settle for less than the best when it comes to protecting your personal information.
