Sunday, July 8, 2012

Six Ways To Secure Your Email

We all use emails for our day to day work, studying, banking and many more errands. Emails are easily hacked if we do not secure them properly.

Here are six ways that will help Securing your email

I. Passwords
Never ever use an easily guessed password, like "iloveyou" or "12345678" and so on. Always use complex passwords that are easy for you to remember but hard for others to guess. Click on passwords to know more about strengthening your password. Remember: Do not reveal your password to any relatives or friends since the closest people to you are a major threat, not intentionally, but their PC/laptop might be infected and that might compromise your email account. No company employee will ever ask you for your password, not even the email service provider himself. In the case of someone asking you for your password by sending you an email or any other way, rest assured that this person is a hacker and wants to gain access to your account.

II. Rescue Email
Always add a rescue, or commonly known as an alternate email to your primary email in order to recover your email in case it was hacked. Make sure both emails have different passwords!

III. Don't change your password regularly
Although many email service providers as well as websites recommend that you change your password regularly, I strongly disagree with them for the following reasons:
Changing your password regularly has a major downside, it makes passwords harder to remember. People who are forced to change passwords regularly tend to choose easy to remember and easy to guess passwords. It's actually better to stick to one strong password that is hard to be guessed and can be easily remember by the user. 

If you feel something suspicious about your account, use a trusted clean PC/laptop to change your password immediately

IV. Junk Mail
One of the best ways to filter unknown, suspicious and malicious emails is by activating the Junk Mail option. Most, if not all, email service providers have junk mail option that will prevent suspicious and malicious emails from reaching you. Especially emails that tend to look real, for example the fake Paypal email.

V. Anonymous Attachments
Never open attachments from emails you do not recognize or which come from an unknown email senders. Most hackers use attachments to infect your computers or your address book in order to send replicated copies of the infected email to other computers.

VI. Protect your computer
Try not to access your email from public computers that are utilized by multiple users. Doing so will put your email at risk and there's a big chance that you might lose your email.

Unless this public PC/laptop has an updated antivirus, refrain from using it to enter your email credentials.

Friday, July 6, 2012

Securing Mobile Devices

Mobile devices are without doubt people's greatest friends. Whether it is a Ipod, an Ipad , a Blackberry, an Android phone, or even a symbian phone these devices accompany us wherever we go.
People usually underestimate the security flaws of their mobile phones, although current mobile phones have the same computing power of a normal PC, people fail to treat them with equal importance.

Here are seven Tips to Secure Data stored on your Mobile Device 

I. Use the PassCode
Nowadays, nearly all mobile devices are manufactured with the ability to set access control passcodes that prevent unauthorized access to the confidential data stored on these devices.

Choose a strong passcode that is easy for you to remember but hard for others to guess, and for God sake don’t use your birthday or your girlfriend birthday (even though u should always remember that date). Use a mixed combination of letters and numbers.

Security tip: Don’t use consecutive numbers and letters because they are very easy to be guessed and surprisingly commonly used.
Grid pattern locks work fine, and fun to use, but beware that they leave finger smudge marks on the mobile touch screen especially when using a protective layer shield. This smudge makes it easier to guess your pattern.

Recent mobile devices offer device encryption for their files and data, whether for their own internal memory or their multimedia memory card. Using device encryption is the best method to protect your data from being stolen through plugging your phone to a PC to transfer data. 

II. Careful Use of Wireless Networks
Mobile phones can be set up to connect to available public WIFI networks automatically; this improper setup allows the mobile phones to shake hands with an insecure environment that might compromise your data.

So when you are not connected to a trusted wireless network, turn off the WIFI ability on your phone.

Moreover, Bluetooth communication could be exploited to spread mobile malware and eventually leak confidential data from your mobile. It is imperative to turn of the Bluetooth service when not using it.
Security Tip: Recent phones have the option to automatically turn off Bluetooth when it is gets idle for 5 minutes, use it.

III. Applications Access and permissions
Apps installed on mobile phones have the ability to access sensitive data stored on the phone itself. In general when you initially setup an application on your mobile device it requests special access, like accessing your contacts and storing them in the cloud, tracking your location, and sending you push notifications.

Usually people have the tendency to accept these modifications without thoroughly reading their content and assessing their risks. You should setup the permission level of each application depending on the level of sensitivity of your stored data.

Note that:
- You can disable push notifications by changing the settings in your device options.
- You can deactivate location based services by turning them off from your device menu. This option will stop your phone from broadcasting your GPS location regardless of the app using it. 

IV. Backup your Data
Backing up your data is the most effective way to prevent data loss, Data loss could be the result of lost or stolen phone, damaged memory card, bad application setup leaking data or even human error by messing with phone options.

Copy your data from your mobile phone to your PC or Laptop, schedule routinely backup notification in order to keep your backup copy updated.

Security tip: remember to encrypt your backup copy. Recent mobile management application enables you to utilize encryption as part of the synchronization process.

V. Firmware updates
Similar to your PC operating system, Your Smartphone should be updated in order to overcome any newly known exploits that could compromise security.

Firmware upgrades is not only limited to security issues but also to performance enhancement of you mobile experience.

Security Tip: Commit to using firmware that is certified by the vendor of your mobile Device. Tampered (Custom made) firmware might contain malicious codes that compromise your information security

VI. Remote Device Access
Many of the recent mobile phones and smart devices give u the ability to wipe its data remotely. You should exercise that option if your phone gets lost or stolen.

Moreover, you can setup your phone to automatically wipe itself clean of any personal data should the PIN guarding your phone is entered incorrectly for a certain number of attempts.

Security Tip: Don’t forget to remove your media card before sending your phone to any repair station.

VII. Sensitive Financial Data
Storing Financial Data on the phone is a big mistake; mobile phones are easily stolen or lost. I know people that used to store credit card numbers on mobile phones; others store ATM pin codes. People should really understand that it is much easier to lose data from smart mobile devices than losing their own wallets. For a start you will directly notice a missing wallet, but you will only find out a theft of sensitive info such as credit card number only when it is used or billed.

Remember: You should be always aware of shoulder surfers that scan around in order to catch you enter your PIN or passcode.

Finally, good judgment and cautious behavior are key factors to prevent data leak or loss caused by mobile devices.