Paul Wallbank – Brilliant Communications

Category: advice

  • Password protection

    Password protection

    The suspension of eighty students from a suburban Sydney high school once again illustrates how careless we often are with passwords and the access to our computers. In an era of Internet banking, online shopping and social media sites holding our personal details, we have to take web security seriously.

    In many ways the teacher who let their password slip to their students was lucky. In the United States, authorities haven’t always been so forgiving these sort of mistakes, and in this case the kids and the system administrators were a lot more adult and responsible than their Connecticut counterparts.

    What the incident does show is how the weakest points of our technology networks are ourselves – the most secure systems, toughest passwords and best anti-virus protection won’t help us if we don’t take care.

    We looked at protecting organisations in an earlier post, Protecting your data, and here’s some steps on how to take care with your personal details.

    Shut down computers

    When you’re finished working, make sure you log out of email programs, secure sites, social media services and shut your computer down.

    In an office context, this is very important if you’re going away for a meeting or a break as people have been known to use co-workers computers to access prohibited sites or sensitive information.

    Should you be using Internet cafes, hotel business centres or airport lounges you should be doubly careful to make sure you’ve logged off completely before walking away from the shared computer.

    Hide your passwords

    As the teacher at Prairiewood High found, your password is gold. Do not divulge it under any circumstances.

    Often doing so is almost certainly a breach of your organisation’s Acceptable Use Policy and sometimes this can mean disciplinary action or dismissal from a job. With your online banking, disclosing your password or PIN can mean you won’t be compensated if money is stolen from your account.

    Even a seemingly trivial social media site can cause trouble for you if crooks can get onto it.

    Having a complex password is good and we look at a neat little trick for memorable but tough passwords in our Protecting Your Data post, it’s worthwhile making sure your logins are both easy to remember while being secure.

    Understand your AUP

    An AUP, or Acceptable Usage Policy, is part of the conditions of you using a computer or online service. Many government and corporate networks have a box pop up forcing you to agree every time you login. Take time to occasionally read this.

    Should you accidentally give away your password, say to a site that’s fooled you that it’s your bank or a social media site, the AUP will usually have a clause or a sentence on what to do in that situation. Understanding this will give you piece of mind if something does happen.

    We’re now in an age where our personal information is more valuable than ever before and we need to guard what who has access to it. Passwords are going to be part of protecting our data for some time to come so understanding how to use them properly is essential.

    Similar posts:

    • No Related Posts
  • Protecting your data

    Protecting your data

    As we continue to be amazed at the scope of the News of the World hacking scandals, it’s worthwhile considering how valuable our personal and business information has become.

    This is no news to companies like Google and Facebook, who have built businesses worth hundreds of billions of dollars on our willingness to give away personal information.

    Even if it’s unlikely that we, or our customers, are going to be the target of the London tabloids or the paparazzi, our information is still worth protecting and here’s just a few ideas on making your business a bit more secure.

    Phone message banks

    At the core of the News Of The World out is the newspaper’s abuse of other peoples’ messagebank services where reporters, or private investigators hired by News International, have accessed messages left on mobile phone services.

    Calling this behaviour “hacking” is giving it more credit than it deserves, accessing mobile phone message banks is usually easy because the victim doesn’t change the default PIN code the mobile carrier uses for mobile accounts.

    So the first thing to do when setting up a mobile service is to ask your carrier how to change the PIN codes for your mobile account. While you’re talking to them ask if they offer an SMS service to notify you whenever your phone service is accessed remotely.

    With any electronic device you buy it’s sensible to change any default passwords or PIN codes or passwords when you set them up as a matter of habit.

    Passwords

    One of the biggest weak links in our online business and private lives is the use of passwords.

    We tend to be quite careless with how complex we make it and who we give it out to so it’s worthwhile being careful with the sites we use for our critical passwords.

    As well as making them complex, say a long phrase with a character acting the space like Mary&had&a&little&lamb, you should change them on a regular basis as we’ve seen many passwords been leaked by businesses this year.

    Secret questions

    Another thing to consider are the secret answers to questions many providers ask you to set up.

    Questions such as your mother’s maiden name could be easily figured out by a professional or determined investigator and social media sites like Facebook can make this even easier.

    US Vice Presidential candidate Sarah Palin was caught out by exactly this in 2008 where hackers figured out her secret passwords from public records.

    Using hotel and public networks

    We should also keep in mind that phone hacking is only one part of corporate security, earlier this year there were allegations Federal government emails had been compromised by Chinese organizations.

    This almost certainly happened through plain text passwords being sent through hotel or public networks. It’s wise to make sure that Secure Socket Layer (SSL) access is required on all your remote access.

    Tighten your own organisation’s practices

    We shouldn’t forget however much of the data in the News Of The World scandal has been accessed through paying off staff, allegedly including the royal palace bodyguards.

    It’s difficult to see how you can protect yourself against corrupt workers however you can reduce the risk of your organisation  giving out details by restricting confidential data to a “need to know” basis with access logging enabled.

    “Blagging” – or to use the horrible American term “pretexting” – is pretending to be someone else to get important data. Again, slack procedures by various government agencies and private organizations have been responsible for much of the data being given away.

    There’s no doubt too many organizations are cavalier with their customers’ information and hopefully the recent hacking events along with the News Of The World scandal will force businesses to start taking user privacy seriously.

    For smaller businesses, we have to show respect to our customers and have the procedures and trained staff in place to make it difficult for the blaggers to compromise our systems.

    Measures can include refusing to give out passwords and identifying data which the customer should know as well as insisting on sending details to a known SMS number or email address.

    As reprehensible as the behaviour of the journalists, their editors and the News International management is, we should have no doubt that the tactics employed by their private investigators are widespread in everything ranging from domestic disputes to industrial espionage cases.

    Given the value of our, and our customer’s, private and commercial data we need to take security seriously.

    For years we’ve been warned that cyber warfare would break out one day, the various corporate data breaches and The News Of The World scandal show the battles have been closer than we thought.

    Similar posts:

    • No Related Posts
  • Planning for change

    Planning for change

    Last weekend’s ABC Radio spot looked at setting up a blog. There’s a whole range of reasons why you’d one to build one; to start a business, to publicise a charity or to show off your hobby.

    We were lucky to get food bloggers Thang Ngo from Noodlies and Rebecca Varidel from Inside Cuisine calling in to tell their experiences of setting up successful websites.

    One common factor for both was they had started off using the free Google Blogger service and then moved up to the more robust and scalable WordPress platform as their sites took off.

    Rebecca and Thang’s journeys, which is common for many businesses and entrepreneurs, illustrates how our plans have to be flexible and the tools we choose must be able to adapt to changed circumstances.

    The nineteenth century German general, Helmuth von Moltke, said “no battle plan survives first contact with the enemy”. The same is true of business plans; none survive first contact with the realities of the marketplace.

    As our businesses adapt to the ever changing economy and the needs of our customers, we can’t afford to get locked into static tools and responses. Our choices have to reflect that we will make mistakes, assumptions will be proved wrong or our customers, suppliers and staff will change.

    Being flexible and open to new ideas is essential to survival in the 21st Century economy. The days of doing things because they have always been done this way are over.

    Similar posts:

    • No Related Posts
  • Business Web Essentials

    Business Web Essentials

    In conjunction with Microbusiness Week, a New South Wales government initiative to help smaller and startup businesses, we’re happy to release our Business Web Essentials e-book.

    This e-book is free to all subscribers of our newsletters lists the online tools that can help your website be more effective online. While it’s aimed at business users, if you’re a blogger or community group running a website you’ll find most of the information in the book will help you as well.

    Business Web Essentials lists the important web hosting, search listing, social media and cloud computing services that will help you promote and track the progress of your online presence.

    Subscribe now to our weekly newsletter and receive the e-book free of charge. If you’re an existing subscriber, you’ll get the link in our regular newsletter.

    Similar posts:

    • No Related Posts
  • Why manners matter online

    Why manners matter online

    Yahoo!7’s attempt to reduce bullying and offensive behaviour in their forums and comments illustrates a problem we have in the online community — that many people forget their manners when they connect to the Internet.

    Manners matter online because there is no divide between your behaviour on the Internet and in the physical world. What you say and do online can affect your personal and professional life.

    In previous posts I’ve looked at how this affects business people and politicians, but poor online behaviour such as bullying, offensive language and just downright poor manners can affect all members of the community, even if you aren’t online yourself.

    Much of the problem lies in that people forget the Internet is a global medium, what you post from a computer in Parramatta can be seen by someone in Paris. Many also think they are anonymous online when it’s actually difficult to cover your tracks.

    So here’s a few ideas on how to be a good cybercitizen;

    You are what you tweet

    Keep in mind everything you do online can affect your job, your family and your personal assets. All the rules and laws of the physical world apply online as well.

    If you wouldn’t do or say something on the street, then you probably shouldn’t do it online either.

    You are not anonymous

    Okay, you signed up to a forum with a false name and setup a dummy hotmail or gmail account to confirm your identity. You are still not anonymous.

    Upset enough people or seriously break the law and you will be found. Being truly anonymous on the net actually takes a lot of effort .

    Show respect

    We all have ideas and opinions which the Internet is a great medium for spreading, be it using social media tools life Facebook and Twitter or in forums and comments sections on websites.

    Regardless of how good your idea is or how passionate and well founded your opinion is, there will be those who choose to disagree with you. Respect those views and don’t get offended when dissenters, however shallow or ill-informed appear.

    Be helpful

    If someone is asking a silly question or is clearly new to an online forum, be polite. Don’t put them down or call them names, just help them or direct them to where they can get assistance.

    Take a deep breath

    If someone has got under your skin and you’ve written a savage reply, think before pressing the “submit” button. Often, that witty riposte doesn’t look so clever when you’ve calmed down or looked at it in the cold light of morning.

    Avoid foul language

    Swearing online makes you look low rent, just as it does in the real world. Save the invective for when you’re with your mates in a private forum. The Internet is generally not a private forum.

    Walk away

    Sadly the Internet attracts trolls who enjoy upsetting people and provoking strong reactions. Don’t join them.

    If you find someone is upsetting you or sucking you into a vortex of pointless arguments, just walk away from the discussion. Block them, unfollow them, defriend them.

    In the worst case, if you’re finding one online venue such as a web forum or social media site attracts people who upset you, stop using it. Your life is too short to be sucked into negative, carping discussions with people who thrive on criticism of other’s hard work and ideas.

    The Internet is becoming the repository for our culture while our society has a lot of negativity we’ve also done great things. So rather than be part of the negative aspect, be part of the solution — be bright, welcoming and honest but most of all show respect to your fellow online citizens.

    A strong and vibrant society is built on respect and manners so let’s make our online communities how we’d like the world around us to be.

    Similar posts:

    • No Related Posts