Embed Size (px)
Citation preview
Small BusinessSecurity GuidesA common sense guide to working on the move
At work
A number of key enabling factors have coalesced to produce an
international infrastructure of datanetworks, new mobile device formfactors and connectivity protocolsall of which have enabled us to beonline when previously we mighthave considered ourselves to be“out of office”, as the saying usedto go.
These hardware, software and data-centric developments have (largely) been met with a positive commensurate shift in corporate attitudes towards work practices. Working from home has little stigma for shirking attached to it and many companies now positively promote it as an efficiency. Equally,
working on the move is seen as perfectly natural now that our smartphones, tablet PCs and laptops come with more processing power than many of us might typically need on a day-to-day basis.
Of course none of these freedoms come without an associated risk in terms of data security. So as many of our mobility technologies come into their second or third (or even more advanced) generation, we should take this chance to offer a tipping point analysis of the security dangers that we face in the mobile work arena.
The mobility revolutionSomewhere over the last decade or so we reached something of a ‘perfect storm’ for mobile working.
Working from home has littlestigma for shirking attached to itand many companies now positivelypromote it as an efficiency.
At work
“
”
Anti-virus protection should be a prerequisite for every user, whether they predominantly use their machine for business or personal use. But technology without common sense is like a car without petrol -- and there is plenty you can do to protect yourself just by being aware of the risks of “computing in public” so to speak.
Computing in publicSo many people cause themselves unnecessary amounts of stress while working on the go, but there are simple ways to make your life easier and safer. AVG’s ten top tips for effective mobile working should be learned by heart, or bookmarked at the very least!
1.Count the items you take out of your bag out and
count them back in if you are working while on public transport -- don’t forget your power cable or any other important item!
2.Think about where you are sitting and whether
anyone can look over at your screen -- this might sound like an obvious thing to point out, but thieves steal credit card PIN numbers by looking over peoples’ shoulders all the time, so what details do you have on your screen?
3.As use of personal mobile Wi-Fi hotspots
grows, users should not be tempted to connect with an apparently free wireless connection in a public place unless it is advertised by the web café owner etc. If you don’t know where your connection comes from, then you don’t know what you are connecting to.
4.Shut down your Bluetooth connection
(unless you need it) when working in a public place. So-called ‘Bluejacking’ and ‘Bluesnarfing’ attacks are not the biggest information security risk around, but they are a consideration to be aware of.
Staying secure – and of course we mean keeping your ‘data’ secure – is not just about protecting your files and folders
from malicious hackers; staying secure is also about securing your computer, tablet PC and smartphone’s defences against identity theft, phishing scams and the many methods that purveyors of malware will typically use to take up residency on an unsuspecting user’s computer.
It’s a plain and simple fact, working on the go can involve a lot of technology. Every application (or “app”) these days seems to have migrated to a mobile version of software that used to be confined to the desktop PC arena as recently as a decade ago.
Today we are never much more than a short skip away from a keyboard or touchscreen of one form or another, so the question of how we stay secure while working on the move has become a popular talking point.
At work
The common sense guide to working on the go
5.If you have to use a “public” (or kiosk)
computer then make sure that you never access your online banking details, make electronic purchases or enter ANY personally identifiable information (including your address) on the machine. Be equally careful on your own laptop if using public Wi-Fi.
6.If your smartphone has Internet access, have
you enabled filters and other on board protection barriers? Similarly, turning off GPS capabilities can also limit location-trackers attempting to connect with your phone.
7.Don’t ask a stranger to “look after” your laptop
while you use the restroom or go to the bar in a web café. Similarly, keep your laptop bag close to you throughout an evening event if you have to keep all your equipment with you.
8.Password protection should be enabled on
your laptop and smartphone -- and 12345678 or password or admin are not sensible passwords. Opt for an alphanumeric mix with special characters in upper and lower cases such as “puppyLove567$”.
9.Make a note of your smartphone
manufacturer’s emergency phone line so you can call them to have your phone immobilised in the event of a loss.
10.Most important of all, make sure that
you have a fully updated anti-virus suite installed and fully operational on your PC at all times. Protection should cover not only Internet security for web browsing, but also firewall technology, email defences and shields to guard against threats carried via Instant Messenger services.
At work
The common sense guide to working on the go
All of this advice should take you no more than a fewminutes to think about and no more than a couple of clicksto bring into action. We’ve called it our common sense guide because these actions should become as natural as closing the lid on your laptop once you have finished working. Why not share them with a colleague and keep a friend safe too?
The Connected Commando and other (user) stories
There is a natural almost anthropological diversity
among user types; we have evolved into different sub-species of electronic user behaviour by virtue of a number of factors. Our preferred type of mobile computing device affects our behaviour to a large extent i.e. does an individual favour a laptop, tablet PC, smartphone or simply like to plug in and ‘hot desk’ when they can?
Other determining factors shaping our user profile might include the mobile connectivity service plan we select from our operator or Internet Service Provider (ISP). How often we can connect and how much data we can download (or upload for that matter), has a large influence on what sort of mobile user we are.
Whether we are working when travelling or simply ‘being a user’ when travelling, many of us will stay connected and use a good proportion of Internet-related tools and services when we are on the road. What type of mobile user we are has direct implications for the level of Internet Security protection we should opt for. So let’s examine these user groups in more detail…
The Connected Commando This person has all the kit and they are ready to connect and compute anywhere. Whether on a bus, aeroplane or simply walking down the street, the Connected Commando has gadgets, headphones, power cables, back-up power units and probably has a travel-size mouse too. Along with several USB sticks (mostly worn as
There is more than one type of mobile user. Some people claim that they can’t last more than five-minutes without some form of electronic or Internet-related connection, while others happily turn their back on technology as soon as they leave their desks.
necklace-style appendages), this user also has a ‘dongle’ to connect his or her PC to the web – plus a tablet PC and smartphone with full 3G connectivity of course.
The Frustrated Technophobe This poor soul would like to dearly love to be ‘always on’, but in reality they only just about manage to connect at a bare minimum. Web cafes, hotels and bars list their ‘simple to connect wirelessly’ instructions, but somehow this user always finds it a challenge. Without the backup of technical support from his or her normal place of work, this user will often be just one seemingly unachievable click away from getting online.
The WiFi LeapfroggerThe WiFi Leapfrogger never actually has his or her own connection to use while travelling. Jumping from home to airport to
hotel and then office, the Leapfrogger only connects when it is convenient to sit down and use a standard PC or laptop connection to a wireless network. Existing mainly on a diet of shared network security protection, this user knows (hopefully) not to engage in online banking, electronic business transactions or any data exchange that could affect privacy and/or identity theft.
The Don’t Care, Won’t Care This lackadaisical user doesn’t place that much importance upon mobile telephony or Internet connectivity from the start. Possibly quite a senior executive, this person may either have a secretary to handle emails for them, or they may feel like they missed the need to be ‘constantly connected’ as a result of their age group. However, as we know, a little connectivity can
be a dangerous thing.
All of these user types need Internet security protection as a given fact. When and where they need their protection to come into effect may differ according to circumstance, location and the actions they are attempting to carry out. AVG logically differentiates its product set for these reasons and more.
Because every user will naturally make differing demands of the Internet – as we have tried to explain here – and the fact that there is a myriad of online resources to choose from, the need for multi-layered finely tuned web protection is acute and urgent for every user. AVG’s security offerings stem from a community driven protection network designed to block hackers and stop identity thieves from day zero.
At work
Airport anxietiesFrom WiFi hotspot security concerns, to finding a power socket in a crowded departure hall and getting enough space for your laptop on the plane -- there are ways and means to use an airport effectively if you have to work before, during and after your flight. AVG outlines some obvious and some not so obvious advice points to be aware of.
Finding a power socket canbe the simplest and yet themost troubling of challenges,especially if you are delayedand need to recharge badly
At work
I’ve got the power!Passing through an airport can be an exciting experience, but if it forms part of your working day then it’s likely that you’ll want to fire up your laptop and smartphone at the very least during your trip. Finding a power socket can be the simplest and yet the most troubling of challenges, especially if you are delayed and need to recharge badly.
If you’re not lucky enough to be in the business lounge, then look around the pub-lic phone booths for power sockets, as they can often be hidden here. Put your virtual floor polisher into gear and think about where the clean-ers are likely to need to plug in their equipment; they might have long leads, but they will still need to get electricity somewhere.
Ensure you travel with a good international travel adapter. One of the new 3-in-one types is a good bet. But remember that India and Australia are
special considerations with their own unique take on plug shape formation, so these countries will need a separate adapter to that which will fit in Europe, the UK or the USA.
Netbook aptitudeWorking on a plane can be troublesome. If you’re on an aircraft for a short Euro city hopper type flight and/or you are using a budget airline then you won’t get much tray table space. If the person in front of you reclines then using a standard 15-inch laptop can be an exercise in physical contortion as your keyboard slowly gets pushed up into your face. Think about a smaller “netbook” travel unit with a 9-inch screen if you have the budget, or use your tablet PC if you have one instead -- tablet battery life will far outstrip any size of PC anyway.
Also on the “I wish I’d thought of that before I left” list is the sensible option to pack a miniature size laptop mouse
with an elastic retractable ca-ble. Unless you are completely comfortable with working on your laptop’s trackpad, this can be a huge time saver if you are editing lots of docu-ment copy. Take a mouse pad too; some of those airport surfaces can be glassy and shiny.
Headphone happinessWe could get into the real nitty-gritty here and advise you to download your manufacturer’s “cooling fan” health check software (these tools really exist!) before you go -- but that might be overkill. Instead, let’s finish by reminding you to dust off your keyboard, pack a pair of headphones for privacy and make sure you have the latest version of a robust and powerful anti-virus suite installed before you travel.
“
”
At work
If it can happen to MI6 & the CIA, could it happen to your business? Britain’s usually ultra-proficient (but very occasionally hapless) MI6 agents have been known to mislay documents, laptops and dossiers in manner that has sent shivers down the spine of self-respecting professionals everywhere.
I’ve got the power!The American CIA service hasn’t gone uncompromised either over the years, so should we be looking to these high-profile gaffs and drawing a few comparisons for the business sector?
While items of national security rarely feature in the average small- to medium-sized company’s operational literature, essential product information and market strategies can be of huge value to competitors if lost or stolen.
Industrial espionage in motionIn an age when most of us are now well-used to shredding our personal financial paperwork at home, an understanding of the potential for identity theft to be carried out in the real world should not be hard to grasp. Take this to the commercial sector and industrial espionage could manifest itself by actions as simple as one company accessing another’s intranet if it is not properly secured from external network connections.
Employees traveling and accessing the company network (however small) can easily find themselves acting as unwitting catalysts to a security compromise; unsecured use of the Internet from communal Wi-Fi hot spots to careless use of passwords when overlooked in public places can leave the door ajar for hackers, data crackers and even just mischievous rouge surfers out to mess around.
Once “on the inside”, an industrial spy can target a company’s future product or services roadmap, crucial
pricing data, training materials and core information relating to the Intellectual Property (IP) which the business may hinge its trading position upon.
How do leaks happen?Access to the kind of IP-related information we are talking about here can come from an external hacker via an Internet connection. Equally, just like our friends at MI6, a data-rich laptop can be left on a train, in a taxi or even in an after work bar. Or, as AVG has highlighted many times in the past such as in the InfoGraphic shown left, insider threats might be right under your nose, so a properly managed IT network with locked down security barriers and strict access policy controls is essential for safe business operations.
So some of these risks may result from workers who are traveling -- and, equally, some of the risks here may result from traveling workers i.e. temporary staff given access to your IT system for even just a short period of time.
AVG recommends building a robust data protection layer around your whole business. But more than this, the “perimeter” of this protection should extend to the physical computers you use and to the way various staff are allowed to use them, especially when they are on the road.
This may not be the start of the second Cold War, but it is the full force of the data protection war and a modern business in this electronically connected world economy must face these facts. Failure to do so could be disastrous, so please protect your business now.
At work
AVG Technologies CZ, s.r.o.Lidická 31, 602 00 BrnoCzech Republicwww.avg.cz
AVG Technologies USA, Inc.1 Executive Drive, 3rd FloorChelmsford, MA 01824USAwww.avg.com/us-en/homepage
AVG Technologies UK, Ltd.Glenholm Park, Brunel DriveNewark, Nottinghamshire,NG24 2EGUnited Kingdomwww.avg.co.uk
AVG Technologies GER GmbHBernhard-Wicki-Str. 780636 MünchenDeutschlandwww.avg.de
AVG Technologies CY Ltd.Arch. Makariou III.2-4 Capital Centre1505, Nicosia, CyprusFax: +357 224 100 33www.avg.com
AVG SMB group at:� bit.ly/AVGSMB
Read our blogs at:� blogs.avg.com
Become an AVG affiliate at:� avg.com/gb-en/affiliate
Become an AVG Fan at:� facebook.com/avgfree
Follow us at:� twitter.com/officialAVGnews
Watch our Channel at:� youtube.com/user/officialAVG
IDENTITY STANDARDS
14
MASTER LOGO
For a company that constantly innovates its product lineup to provide the best security possible, we felt it necessary to revise our identity to reflect that: quicker, brighter,and full of personality. Both symbol and logotype have been redesigned. AVG’s new logotype has been specially drawn and must never be recreated or typeset in an alternative font. The symbol has been simplifiedfrom previous designs for crisper edges, and to refine the identity of a company that is dedicated to protecting the identity of others. The colors are more vibrant and mirror the alert, energetic and bold new direction that AVG is headed. The shape of the symbol itself has been softened and updated to resemble interlocking hands, as a nod to the community that defines us and our loyal customers.
© 2011 AVG Technologies CZ, s.r.o. All Rights Reserved. AVG is a registered trademark of AVG Technologies CZ, s.r.o. All other trademarks are the property of their respective owners.
