It’s hard to believe that summer is coming to an end and that back-to-school time is around the corner. For some kids, that means cyberbullies are traded in for school bullies and social engagement will turn into in-person interactions. But for others — dubbed Extreme Internet Users — the screen stays. When it comes time to go back to the classroom, the six hours or more a day these kids spent online during summer may be curtailed in favor of educational screen time instead.
Every year around this time, I reflect on how much has changed for children, especially when it comes to mobile devices in the classroom. This trend has become increasingly popular and, on the rise, as technology has improved, education adapts to rapid changes, and our world becomes more interconnected. Either these devices are given to kids or their classrooms by their school, or parents are encouraged to purchase one for their child to help support internet research and to digitize note-taking and homework.
Regardless of whether you’re a technophile or technophobe when it comes to leveraging screens in education, one thing is for sure – their presence in learning environments is here to stay. And with this shift, security is of the utmost importance.
Since January 2016, there have been 353 cybersecurity incidents in the United States related to K-12 public schools and districts. These attacks range include phishing, ransomware, DoS attacks and breaches that have exposed personal data. However, the question – what motivates cybercriminals to target schools? – still persists. The answer is complex, because what cybercriminals could exploit depends on what they want to accomplish. Extorting school faculty, hacking private student data, disrupting school operations, or disabling, compromising, or re-directing school technology assets are all regular tools of the trade when it comes to hacking schools.
You may not be able to control how your child’s school thinks about cybersecurity, but you can take matters into your own hands. There are steps you can take to make sure your child is ready to face the school year head-on, including protecting their devices and their data.
- Start a cybersecurity conversation. Talk with school faculty about what is being done in terms of a comprehensive cybersecurity plan for your child’s school. It’s worth starting the conversation to understand where the gaps are and what is being done to patch them.
- Install security software on all devices. Don’t stop at the laptop, all devices need to be protected with comprehensive security software, including mobile devices and tablets.
- Make sure all device software is up-to-date. This is one of the easiest and best ways to secure your devices against threats.
- Teach your child how to connect securely on public Wi-Fi networks. Public Wi-Fi networks are notoriously used as backdoors by hackers trying to gain access to personal information. If Wi-Fi is absolutely necessary, ensure the network is password protected. However, if you want a secure encrypted connection, consider using a virtual private network (VPN).
- Designate a specific date and time for regular data back-ups. If ransomware hits, you won’t have to pay to get your child’s information back. You can back up that personal data to a physical external hard drive or use an online backup service, such as Dropbox or Google Drive. That way you can access your files even if your device gets compromised.
- Understand your child’s school bring your own device (BYOD) policy. Each school is different when it comes to BYOD and understanding your child’s school policy will save you a headache down the road. Some schools buy devices for students to rent, with parents having to pay for any incidentals, and some ask parents to buy the devices outright. Take the time to understand your child’s school policy before accidents happen.
It seems some malicious app developers have taken the phrase “fake it ‘til you make it” to heart, as fake apps have become a rampant problem for Android and iPhone users alike. Even legitimate sources, such as Google Play and Apple’s App Store, have been infiltrated with illegitimate applications, despite their own due diligence in combating this phenomenon.
After downloading a fake app, cybercriminals leverage ransomware or malware through ads to run in the background of your device to do damage, making it difficult to notice something’s off. But while you’re minding your own business, your personal data –such as usernames, photos, passwords, and credit card information– can be compromised.
Malicious apps have become more challenging to detect, and even more difficult to delete from a device without causing further damage. The trend of fake apps shows no sign of slowing down either, as bad actors have become more brazen with the apps they work to imitate. From Nordstrom to Fortnite to WhatsApp, it seems no business or industry is off limits.
Luckily, cybercriminals have yet to figure out a sure-fire way to get their fake apps onto our devices. By paying extra attention to detail, you can learn to identify a fake app before downloading it. Here’s how:
- Check for typos and poor grammar. Double check the app developer name, product title, and description for typos and grammatical errors. Malicious developers often spoof real developer IDs, even just by a single letter, to seem legitimate. If there are promises of discounts, or the description just feels off, those signals should be taken as red flags.
- Look at the download statistics. If you’re attempting to download a popular app like WhatsApp, but it has an inexplicably low number of downloads, that’s a fairly good indicator that an app is most likely fraudulent.
- Read what others are saying. When it comes to fake apps, user reviews are your ally. Breezing through a few can provide vital information as to whether an app is authentic or not, so don’t be afraid to crowdsource those insights when you can.
If you do find yourself having accidentally downloaded a fake app, there are steps you can take to rid your phone of it. Here’s what to do:
- Delete the app immediately or as soon as you notice anything suspicious. If you can’t find it, but you’re still having issues, the app could still be on your device. That’s because, in the interest of self-preservation, fake apps can try and protect themselves from disposal by making their icon and title disappear. If that happens, go to your installed apps page(s) and look for blank spaces, as it may be hiding there.
- Check the permissions. After installation, check the app’s permissions. Fake apps usually give long lists of frivolous requests in an effort to get access to more data.
- Clear the app’s cache and data. If you do find the app you want to delete, this is the first step you must take in order to get the app completely off your phone.
- Take it into your provider. If you’re still having issues after you’ve deleted an app, consider taking your device into your provider to run a diagnostic test.
- Factory reset. As a last resort, if you can’t find the app because it has “disappeared,” or traces of the app and malware linger, the best way to ensure it is completely gone is to wipe the data, factory reset your device, and start over. This is why it is vital to have backups of your devices.
Even as this ever-growing trend of malicious developers spoofing legitimate applications to gain access to victims’ personal information continues, we can deter their advances simply by paying closer attention to detail. Remember to be vigilant about being aware of the signs to avoid fake apps at all costs.
What happens when your livelihood is at stake, thanks to someone stealing your identity or draining your account? The real-life possibilities are nerve-wracking, to say the least. The constant barrage of cyberthreats we face as consumers today is exhausting. Just this month, two major situations were revealed. A Florida marketing firm, Exactis, had their database on a publicly accessible server. The information exposed ranged from phone numbers, home, and email addresses to the number, age, and gender of a customer’s children. As of now, social security numbers and credit card data have not been leaked. However, what makes this breach particularly anxiety-inducing is that now cybercriminals have the ability to improve the success rate of socially engineered attacks. For example, phishing attacks could become rampant through social media and email.
To add insult to injury, last week, researchers found a way to discover everything you type and read on your phone simply by studying the differing power levels of a smart battery. By implanting a micro-controller into a phone’s battery, they could record the power flowing in and out of the device. Then, with the use of AI, power flows were matched with specific keystrokes. Using this technique, the researchers proved that cybercriminals could record passwords, monitor website activity, access call records, and know the last time the camera was used. Smart batteries are attractive targets because they are not as secure as your phone. In fact, they expose all personal data. While the possibilities are stressful, the good news is that this attack remains theoretical.
The seemingly endless string of security events and the stress they cause can take a serious toll on our well-being. While we can’t prevent breaches from occurring, it’s important to remember that we can be prepared to take the right steps to minimize any damage when one hits. Whether we’re dealing with the repercussions of a data breach, or adapting to new vulnerabilities, developing positive security habits can help improve and maintain your digital health. Taking care of your mobile devices to ensure they remain secure – and therefore optimally functional – is like taking care of your own well-being; to maintain cybersecurity health, you have to perform basic upkeep.
To help you prepare in advance for the next data breach and ensure your device remains in good cybersecurity health, here are some habits you should consider picking up, stat:
- Be aware of your surroundings. Mindfulness is a habit that can be developed, provides almost instant results, can support longevity, general awareness and well-being. We can learn a lot from mindfulness when it comes to cybersecurity. By taking a little bit of time to be aware of our surroundings, we can prevent vulnerabilities and potential threats simply by paying attention.
- Set up alerts. Just like going to a doctor regularly for check-ups, you should “check-up” on your accounts. Not all data breaches expose financial data, but personal data that is leaked can still be used to access your financial accounts. Talk with your bank or financial planner about setting up a fraud alert on your cards to maintain control of your accounts.
- Stay away from untrustworthy emails or messages. The mantra “no bad vibes” is surprisingly full of wisdom. Ridding your life of energy suckers and toxic people supports health – and the same goes for malicious messages. If you see a suspect item from an unknown source in your inbox or via a direct message or comment on social media, do not click on the message. If you do open it, be sure not to click on any links. To be safe, delete the email or message altogether.
- Avoid public Wi-Fi when possible. Just as sleep is a panacea of sorts that helps to fight off bugs, giving your phone a break from public Wi-Fi is one of the best things you can do to ensure your cybersafety. The use of public Wi-Fi can offer cybercriminals a backdoor into your phone. By spoofing a legitimate website, they can gain access to your sensitive information. Give your device a much-needed break until you can use Wi-Fi you trust, you’ll save yourself a serious headache.
- Switch up your passwords. It’s been said that variety is the spice of life, the secret to a happy relationship, and a way to stay engaged and aware in old age. The same is true when it comes to your passwords. When you mix it up, you keep cybercriminals guessing. Passwords are your data’s first defense against cybercriminals. Be sure to change them every so often and never use “1234” or “password.” If remembering a difficult password or remembering a multitude of them is hard, consider using a password manager.
- Consider investing in identity theft protection. Vitamins are excellent supplements to a healthy diet, adding in additional nutrition when and where you need it — but not meant to be taken as the sole way to maintain health. Identity theft protection can be a supplement of sorts to your already positive security habits. With McAfee Identity Theft Protection, users can take proactive steps toward protecting their identities with personal and financial monitoring and recovery tools.
The power of habit actually dictates 40% of our day. As with your body and mind, the more you create healthy, positive habits, the easier it is to maintain health. The same is true for your security “health.” The more you express safe habits, the easier it will become and the safer you will be – both in the short and long term.
The post Time to Take a Good, Hard Look at Your Cybersecurity Health appeared first on McAfee Blogs.
When you think of the most valuable thing you could lose while traveling, what comes to mind? Your suitcase, wallet, passport? What comes to my mind is my mobile device. Especially while traveling abroad, my mobile device is my lifeline and is essentially the remote control to my digital life.
What many international travelers do not realize is that their devices are often more vulnerable when taking a long-distance trip. Because they store and transmit our personal information – from website logins to banking information – these devices are much more valuable than the contents of your wallet or suitcase. Especially while you’re abroad and not used to your surroundings, pickpockets and cybercriminals can prey on your vulnerability to steal or infect your devices. Luckily, there are cybersecurity precautions you can take before, during and after international travel to ensure your information stays safe.
First and foremost, you have to get your device security in order before you hit the skies or hit the road. Now is the time to be proactive, not reactive, when it comes to protecting your information. The best thing to do would be to leave your devices at home where you know they will be safe. However, that’s unrealistic for most people, since we’re tethered to our mobile gadgets. So at the very least, before you head on your trip, make sure to:
- Clean up your device. Clear your browser history and delete cookies.
- Consider deleting apps that you don’t use altogether to avoid unnecessary vulnerability.
- Encrypt any personal data to ensure that information stays protected. Back up any files to an external hard drive or desktop if your encryption fails.
Whether you’re home or abroad, it’s important to always be vigilant and aware of your surroundings, both online and in-person. While device theft is uncontrollable, you can control how and where you use your devices. When you’re traveling internationally, public, free Wi-Fi is sometimes the only option for service. Unfortunately, it can be exploited by cybercriminals as a gateway to your devices. By spoofing legitimate Wi-Fi networks, these nefarious folks could gain access to sensitive data and private accounts and potentially request money for the return of your information, making public Wi-Fi the biggest threat to your cybersecurity. To avoid being compromised, be sure to:
- Mitigate risk and avoid making online purchases or accessing bank accounts while using public Wi-Fi.
- Use your smartphone to create a personal hotspot, if you are in dire need of an internet connection.
- Use a Virtual Private Network (VPN) to encrypt any data you may receive while on your trip.
Arriving home after travel is an already exhaustive experience – don’t exhaust your device by bringing any malware back with you. Remember that if you connected to local networks abroad, your mobile devices may have been susceptible to malware. So, in order to help your device be ready for its return back home, follow these tips:
- Update your software. By updating your apps when prompted, you’ll ensure you have the latest patch and avoid any vulnerabilities that may have surfaced while you were away.
- Delete travel apps you needed for your trip but no longer use. These can store personal information that can be accessed if they are not regularly used or updated.
- Reset your passwords, pins and other credentials you may have used while abroad, regardless if you think you were compromised or not. Changing them will render the stolen credentials useless.
The internet is infinitely expansive, but that’s often easy to forget as we now have immediate access to it in the palm of our hands. We feel safe scouring the digital world from the comfort of our homes, offices, or local coffee shops, but there is real danger lurking behind those virtual walls. Cybercriminals using the internet to infiltrate the Internet of Things (IoT) and our mobile devices is no longer the stuff of science fiction movies. Hacks, phishing scams, malicious sites, and malware, just to name a few — this world of hyper-connectivity has left us exposed to far greater threats than we could have ever imagined. To combat these looming threats and highlight the importance of staying safe online, June was dubbed Internet Safety Month. Seeing as the internet gives us the opportunity to learn, explore, create, and socialize, we should be doing so safely and securely.
According to a recent Pew Research Center survey, 77% of American adults own a smartphone, up from 35% just six years ago. Whether we’re traveling, working, or just having fun, our mobile devices — tablet, smartphone, or laptop — are within reach at all times. Our gadgets make it easier to connect with the world, but they also store tons of sensitive information about our lives. Yes, we may use our devices to talk and text, but we also use applications on those devices to access banking information, share our location, and check emails. This wealth of personal information on an easily hackable device should galvanize us to ensure that data stays out of the hands of cybercriminals. From ransomware to phishing scams, the numerous threats that can infect our IoT and mobile devices through the internet are ever-evolving menaces.
With the rise of IoT, the probability of a debilitating attack increases. Just like everything else online, IoT devices are one part of a massively distributed network. The billions of extra entry points that IoT devices create make them a greater target for cybercriminals. In 2016, this fact was proven and executed by the Mirai botnet, a malware strain that remotely enslaved IoT objects for use in large-scale attacks designed to knock websites and entire networks offline. The authors of Mirai discovered previously unknown vulnerabilities in IoT devices that could be used to strengthen their botnet, which at its height infected 300,000 devices. While this is an extreme example, it is very much a reality that could happen again — only this time worse. These ever-present threats make it crucial to maintain proper cyber hygiene while using the internet.
Internet Safety Month emphasizes the importance of staying safe while surfing the web, not just in June but all 365 days of the year. With new threats appearing every day, the time to be proactive about your online safety is now. Don’t find yourself on the wrong side of the most recent internet threat, follow these tips to stay protected:
- Secure your devices. Strong passwords or touch ID features are your first line of defense against cybercriminals stealing your sensitive information. With security measures in place, your data is protected in the case of your device being lost or stolen. And reset those default passwords — many of today’s exploits come from leveraging devices where the default settings were never changed.
- Only use apps you trust. Information about you is collected through the apps you use. Think about who is getting that data and if you’re comfortable with how it could be used.
- Be picky about what Wi-Fi you’re using. Hotspots and public Wi-Fi networks are often unsecured, meaning anyone can see what you’re doing on your device. Limit your activity and avoid logging into accounts that hold sensitive information. Consider using a virtual private network (VPN) or a personal/mobile hotspot.
- Disable Wi-Fi and Bluetooth when not in use. Stores and other locations use this information to track your movements when you are in range. Both Bluetooth and Wi-Fi can also act as digital entrances into your phone. When it’s not absolutely necessary, consider turning it off.
- Keep your devices and apps up-to-date. Having the most up-to-date software and applications is the best defense against threats. If an app is no longer in use, just delete it to ensure your devices clutter-free and no longer housing unsupported or outdated apps.
Since before they knew how to walk, Gen Z – or the mobile-born generation – has had a wealth of information, quite literally, at their fingertips. Their lives are exponentially hyper-connected with social media, music, ride sharing, shopping, and more, all through their mobile devices. But Gen Z’s haste to be on the cutting edge of technology and trends can often leave them arrogant to the security implications. They prioritize personalization over privacy and willingly share personal data so they can have a more predictive and personalized experience, without the same sense of security awareness as that of previous generations. Through increased data sharing, and the modern-day usage of social media, the mobile-born could be naively exposing themselves, and loved ones, to security issues they don’t fully realize or understand.
Apps such as Snapchat and Facebook constantly know where consumers are located through default settings, geotagging photos, and videos, “checking in” to reap promotional rewards or to just show off their latest experiences. This may not seem pressing, but in actuality, it tells people where you are at any given moment and, depending on your privacy settings, this information could get out to audiences that it wasn’t intended for. If you posted a picture while at home, you are likely taking a GPS location snapshot and potentially letting your home address get into the wrong hands. The metadata within your photo can now be used by cybercriminals to track where you live, opening up your home and devices to a slew of cybersecurity concerns. Geotagging can be fun and beneficial, but issues arise when user data is distributed unknowingly.
Furthermore, past generations have learned the hard way that once something is on the internet, it’s nearly impossible to get it back. We’ve gotten into the habit of oversharing our experiences online – whether mere photos of friends, our pets, birthday celebrations or the address of your favorite spot to hang out on the weekends, you may be giving the keys to all of your data. How does this seemingly harmless series of posts affect personal security? A combination of the information being shared on these social media sites can also be utilized to crack common passwords.
Another common theme among Gen Z is poor password hygiene. There is more importance placed on ease and convenience rather than data security. Passwords are often the weakest entry point for hackers and, according to a recent McAfee survey, nearly a quarter of people currently use passwords that are 10 or more years old. While Post-Millennials may not have passwords that old, they still display poor password hygiene by reusing the same credentials among multiple online sites and granting login access to third-party applications through networking platforms like Facebook.
If a cybercriminal cracks one password, they now have the skeleton key to the rest of your digital life. Passwords are our data’s first defense when it comes to cybercriminals, so by differentiating passwords across several accounts or using a password manager, Gen Z-ers can make sure the proper precautions are in place and better defend against unwanted access.
The mobile-born generation has a totally new outlook on digital experiences and their connection to the online world. They expect to have free, authentic, and secure Internet provided to them at all times, without having to take the necessary security precautions themselves. The internet isn’t just a tool for these digital natives, but rather a way of life and with that expectation, they will connect to public Wi-Fi networks without a second thought toward who’s hosting it and if it’s secure.
If they head to the library or a coffee shop to do homework or stream a video while out to lunch, they’re likely connecting to an unsecured public Wi-Fi network. Connecting to public Wi-Fi can be an easy data/money-saving trick for those on a family shared data plan, but it may be one that puts your data at risk. Much like all individuals have a social security number, all devices have a unique Internet Protocol (IP) address being tracked by Internet Service Providers (ISPs). This allows a device to communicate with the network, but if it’s doing so insecurely, it can act as a watering hole for cybercriminals to eavesdrop, steal personal information, and potentially infect devices with malware.
Educating the Next Generation
Whether it’s ignorant use of social media, poor password protection or careless connection to the internet, the iGeneration does not show the same level of security knowledge or experience as previous generations. Maybe they just don’t know about the various threats out there, or they don’t have the proper education to be using their devices and the internet safely, but it’s our duty to educate our kids about the implications of cybercriminals, privacy breaches, and data exploits to ensure proper cyber hygiene for years to come.
Consider these tips when setting ground rules for keeping you and your family safe:
- Parental Controls. While these may be a nuisance sometimes, they are also a necessity in keeping you and your children safe from malicious sites. Consider using McAfee Secure Home Platform to ensure your family’s security while in the home.
- Turn off geolocation. In ‘Settings’ on your device, you can select which apps are allowed to use your location. Make sure only the ones you know you can trust are selected.
- Restrict access to your information. If you go into your browser, you can adjust your privacy settings to delete information from your browsing history (i.e. cookies, history, saved passwords, or banking information).
- Install a Virtual Private Network (VPN). A personal VPN extends a private network across a public Wi-Fi network to help secure and encrypt your data and keep your connections safe. Software like McAfee Safe Connect can help protect your data at home and on the go.
- Talk with your children. Understanding that their personal information is invaluable is the first step towards creating and maintaining safe online habits.
The post What the Mobile-Born Mean for IoT and Cybersecurity appeared first on McAfee Blogs.
It’s 2018. Digital assistants have started taking over our homes, with adoption growing tenfold. These smart speakers know everything about us, from our shopping habits to our music tastes — they likely know more about our daily lives than we do. This ever-growing, ever-changing relationship between humans and devices highlights the importance of protecting data – verbal or otherwise – in the home. With connected devices using our personal data to be the most comprehensive in-home assistants possible, we need to prioritize Internet of Things (IoT) security, awareness and the implications of using such devices.
It’s estimated that by 2022, over half of U.S. households will have at least one smart speaker in their home — that’s over 70 million households, topping 175 million installed devices. These devices are aimed at making our lives easier and more convenient than ever before, but to do so they require that we willingly share access to our personal and private information. Whether it’s banking and home address stored directly on the device, or learnings it’s picked up from our conversations, the amount of private data that these devices carry opens up a new array of threats. New research from McAfee reveals that 60% of Americans have considered their digital assistants could be recording or listening to them. If so, what are the security implications of using a digital assistant?
From answering a quick question to ordering items online, controlling the lights, or changing thermostat temperature, digital assistants have become a pseudo-family member in many households, connecting to more IoT things than ever before. But if one of these devices is breached, it can open up an entire home Wi-Fi network and our valuable information could get into the wrong hands. Beyond this, many Americans have developed a very personal relationship with their devices, with 50% admitting to being embarrassed if friends or family knew what questions they asked their digital assistants. Now imagine if any of that information fell into the hands of cybercriminals — it could open the door to your personal data and threaten your family’s security.
In addition to the sensitive data that our smart speakers have stored, and the conversations they may or may not be recording, there are other security risks associated with this technology in the home. In 2016, it was determined that music or TV dialogue could take control of our digital assistants with commands undetectable to human ears. Known as the “Dolphin Attack,” this occurrence essentially hides commands in high-frequency sounds that our assistant-enabled gadgets can detect, but we are unable to hear. Instances of TV commercials activating digital assistants have already been reported, so we can see how this technique could be quite easy for cybercriminals to imitate if they wanted to access our smart homes’ network.
The growing trend of connecting these always-listening assistants to our home appliances and smart home gadgets is only exacerbating these concerns. Aside from digital assistants, other IoT devices such as game consoles, home security systems, thermostats, and smartphones may be at risk and must be secured to avoid becoming targets for cybercriminals. We must proceed with caution and be aware of who, or what could be listening in order to protect ourselves accordingly. Whenever bringing any kind of new, connected device into the home, prioritize safety and privacy.
Here are some top tips to securely manage the connected devices in your home:
- Vary your passwords. Create passwords that are difficult to crack to ensure accounts are secure and update your passwords on a regular basis. Use multi-factor authentication whenever possible. Simplify password management by using a password manager.
- Consider setting up a PIN code. Particularly for voice command purchases. Help keep cybercriminals away from your data by setting up an extra layer of security.
- Invest in a router that delivers security for all your connected devices. It’s important to secure your entire connected home network. And the launch of McAfee Secure Home Platform skill for Alexa is set to make this easier and more convenient than ever before.
Technology is changing our everyday lives but being aware of the security concerns is the key to becoming an empowered consumer.
The post America’s Dirty Little Secrets: Opening the Door to Protected Data appeared first on McAfee Blogs.
BYOD, or bring your own device, has become the new normal in the corporate workplace. But with this convenience comes impending security concerns. Although BYOD costs companies less, mobile devices are often used without proper security measures in place. This makes it difficult for employers to determine how much access employees should receive to company networks. The more access an employee has to company networks, the more opportunities for not only their personal information becoming vulnerable, but company data as well. With BYOD becoming more prevalent in the workplace, it is vital companies and employees understand the perks and security concerns that are associated with BYOD and take necessary steps to ensure personal devices and company information is protected.
BYOD can offer some really great perks: 1) employers spend less on technology and providing devices to employees thus saving the company money and 2) you get to use your own device(s) with which you are already accustomed to. Your company may already allow BYOD in your office, but do you know the associated security risks? They are complicated. Three looming concerns of BYOD that companies and employees should be addressing are accessibility to company data, lost or stolen devices, and overall maintenance. Let’s delve into why these concerns are the most pressing.
- Accessibility. The overarching question of BYOD is who gets access to company data on their personal devices, when and where? For example, if you are at a meeting, outside of the office and you are on a limited-access BYOD policy with your employer, you would only be able to access work email and contact but nothing stored on the company servers. If your client asks to see a specific document hosted on your company server during the meeting, you won’t be able to access it because it is sensitive and lives on the private severs. This is where BYOD backfires for the employee.
- Lost or stolen devices. A personal device that contains confidential company information poses a huge security threat if it is lost or stolen, and begs the question: who is responsible for retrieving the device and/or data? What is the proper response to this sort of breach? It is your personal device, with both personal and company data, so should it be locked, tracked and retrieved, or completely wiped immediately? There is no clear or correct answer, which is why companies need a clear BYOD policy and culture of security that fits both parties’ needs.
- Maintenance and malware. Frequency of device maintenance, software updates and uniformed app downloads can open the door to a slew of security vulnerabilities. Organizations have a hard-enough time implementing their own software across the corporate network, let alone ensuring all employees are adhering to the required software updates from device operating systems and applications. With the breadth of different phones and tablets being used around the globe, it can be nearly impossible to keep track of employees’ security posture on their personal devices.
Without the right security measures in place, there is the possibility of malware being downloaded through sketchy apps or unpatched versions of software, which could be transferred onto corporate servers depending on the employee’s access level. McAfee Labs detected over 16 million mobile malware infestations in the third quarter of 2017 alone, nearly doubling the number one year previously. This uptick in cyberattacks on mobile devices illustrates the importance of comprehensive cybersecurity policies across the board.
So how do you protect yourself when it comes to using your smartphone or tablet for both business and pleasure? Here are a few tips:
- Practice discretion when alternating between personal and business tasks on your mobile device. Separate the two by using different, verified apps for company and personal uses to maintain safety.
- Avoid downloading apps from third-party vendors that could make your device prone to malware, and always check permissions of any apps before downloading, particularly those that ask for to access to your device’s data.
- Regularly update your device to ensure they are equipped with vital patches that protect against flaws and bugs that cybercriminals can exploit.
- Avoid accessing data-sensitive apps on your device over public Wi-Fi. Cybercriminals could use this as an opportunity to take a look at your mobile data.
- Keep your personal and work information secure with comprehensive mobile security, such as McAfee® Mobile Security, that will not only scan your device for viruses and threats but also help you identify apps that are accessing too much of your valuable personal information.
McAfee is the device-to-cloud cybersecurity company helping to secure data at all levels, on all devices. We’re helping you stop threats and protect your data wherever it resides, from your fingertips to the skies, enabling you to protect what matters on your digital journey.
April 25 – otherwise known as National Telephone Day – rolls around once a year to remind us of the sheer technologic prowess and influence of the phone. What first started as an industrial revolution invention from Alexander Graham Bell, the phone has undergone quite a remarkable evolution over its nearly 150 years of existence. When people say the word ‘phone’ today, the device they’re talking about is widely different. The phone of the past has become the gateway into our digital identities and now holds the keys to all the connected things in our homes. As dependency on our mobile devices continues to grow, potential cyberthreats and need for mobile security does as well.
Consumers have been quick to adopt mobile phones, more so than at any point in the telephone’s storied history. It’s estimated that 95% of Americans own a cell phone today. This goes to show that the phone has not only become an instrumental device in today’s society, but it also speaks to how it has evolved beyond its initial capabilities to serve as a device that contains our digital persona. A phone is no longer a convenient piece of equipment but a fundamental element of many people’s lifestyles, so much so that many can’t even unplug while on vacation—only 27% say they’re unwilling to leave their smartphones at home when on vacation. As today’s world becomes more digital and interconnected, our mobile phones are at the heart of this transformation.
Of course, with any device that contains this much power and influence, the mobile phone has also become the target of cybercriminals and hackers, making mobile security a cause for much concern. McAfee Labs detected over 16 million mobile malware infestations in the third quarter of 2017, and new threats continue to emerge around the world, most of which target a consumer’s money. However, according to a recent CES Survey, 52% of respondents are either unsure of or have no idea how to check to see if their mobile devices and apps are secure against these kinds of threats—which is worrisome considering these latest mobile trends:
- More targeted attacks – Following the money, a global spike in banking Trojans has occurred, targeting large multinationals and small regional banks.
- Virtual bank robberies – With the growing interest in cryptocurrencies, cybercriminals are attempting virtual bank robberies by distributing fake mobile wallets and targeting the cryptocurrency industry.
- States using malware – North Korean dissidents and journalists using the popular South Korean chat app KakaoTalk were recently targeted in a State-instigated malware attack, with the aim of implanting spyware on the victim’s device.
- Persistent threats – The increasing proliferation of Internet of Things (IoT) devices are significantly heightening the threat landscape, increasing the number of possible points of attack.
In order to feel safe and secure when you shout “Call me, maybe!”, take some time out of whatever festivities you may have planned for National Telephone Day to consider these tips on how to keep your mobile phones and devices secure:
- Update regularly – Regularly updating your devices helps ensure they are armed with critical patches that protect against bugs or flaws in their operating systems that cybercriminals can leverage. Though it’s very tempting to skip out on these updates, taking a few minutes to download them means you aren’t recklessly leaving your devices open for hackers. This also applies to apps on your phone as well.
- Use a complex password – A complex password is a secure password, so there’s no excuse to skate by with your own birthdate or a “1234” code for your mobile devices anymore. It’s good practice to have distinct passwords for every device, even though it’s a bit more burdensome on you. Still, choosing a safe and secure password is always the priority. Be sure to throw in a mix of numbers and symbols to avoid making it easy for potential hackers.
- Turn off geolocation – When it comes to geolocation or sharing your location with apps and other services on your phone, approach with caution. It’s a good rule of thumb to only activate geolocation permissions when it’s crucial for an app’s ability to work (i.e. Uber, Google Maps, etc.). Otherwise, hackers can start to uncover your exact whereabouts and understand your movement patterns.
- Use security software – Finally, I can’t stress enough how important it is to use comprehensive security software to protect your mobile phones and devices from the inside out.
The post Security Calling: Celebrate National Telephone Day by Securing Your Mobile Devices appeared first on McAfee Blogs.
As spring blossoms into full-force, millions of people will start to shed the heavy baggage and gear that kept them warm during winter by partaking in a tried and true practice: spring cleaning. While whipping yourself into a cleaning frenzy around your home, take a moment to extend your spring cleaning efforts into your digital environments as well. And there’s no better time to kick off a digital spring cleaning than during World Backup Day.
What exactly is World Backup Day? I’m glad you asked.
In today’s day and age, data is basically digital gold. It’s imperative to ensure your information is organized and backed up—not just for peace-of-mind, but to protect yourself against potential malware and ransomware threats. Still, a large number of people have never backed up their files, leaving themselves vulnerable to losing everything. In fact, this has become such a systemic problem that a whole day has been devoted to reversing this trend: World Backup Day. One of the main goals of the World Backup Day initiative is to reach people who have never backed their data up or people who aren’t even aware that data backups are a thing, let alone a crucial security measure.
For those who may not know, a backup is a second copy of all your important files and information, everything from photos and documents to emails and passwords. Storing all of that data in one place, like a personal computer or smartphone, is a woefully unsafe practice. Creating another copy of that data through a backup will ensure that it’s stored and kept safe somewhere else should catastrophe befall your personal mobile devices, or if they’re lost or stolen.
Data loss isn’t something that only happens to huge conglomerates or to unsuspecting victims in spy movies. Every individual is susceptible to data loss or theft, and backing up that data is an easy, relatively painless step to protect all of your personal information and prevent pesky hackers from truly swiping your stuff.
Think about it—if you’re targeted by a nasty piece of ransomware but have successfully performed a data backup, there’s absolutely no need for you to pay the ransom because you have a second, secure copy of all that data. It’s a simple preventative measure that can pay off big time should worse come to worst. Even the STOP. THINK. CONNECT. campaign, dedicated to increase awareness around cybersecurity and provide information to help digital citizens protect against malware, lists regular data backups as an important security action to safeguard yourself against cybercrime.
There are two main approaches to backing up your data: either in the cloud or on an external hard drive. A cloud-based backup solution is great for people who don’t want to actively back up their devices and data or worry about the space constraints that come with most external hard drives. Simply subscribing to one of these cloud solutions will do the trick—your device’s files and data will automatically be backed up and protected without you having to lift more than a finger. Cloud-based services typically come with a monthly fee, and you’ll need a good internet connection to access them. If your connection is wonky or the site is undergoing maintenance, it can be difficult to access your backed-up data.
With an external hard drive, you can manually back up all your data and files yourself onto a physical device that you have access to anytime, anywhere. These drives are extremely reliable and a great way to achieve data redundancy. An external hard drive doesn’t hinge on internet access like cloud-based services and is an easy fix when transferring data to a new device. However, using external hard drives requires a more hands-on approach when it comes to actually backing up your data. The responsibility falls upon you to regularly perform these backups yourself. Storage space can also pose a problem. Look for an external drive with at least a terabyte of space to accommodate all of your data, which tends to accumulate quickly.
Here are some other digital spring cleaning tips to consider this World Backup Day:
- Play it extra safe and go both routes for a thorough backup by using an external drive and subscribing to a cloud-based solution. After all, it’s better safe than sorry when it comes to your personal data.
- Back up data from your mobile devices onto a central laptop or personal computer for an added layer of security and protection. Then work on backing up these devices with one (or both) of the methods laid out above.
- Have at least one backup of your initial backup as a fail-safe measure.
- Test your ability to restore data from backups regularly to ensure your backups have been performed correctly and that they haven’t been compromised.
- Back up your data with a process and system that’s simple and works best for you—there’s no need to over complicate it!
The post Kick Off Your Digital Spring Cleaning Efforts During World Backup Day appeared first on McAfee Blogs.