ITB BLOG

3 awesome security tips for 2012

by Claudiu Popa

Everything I’m reading these days indicates that hacking and malware infections are going to increase in 2012. I don’t need to provide references here because everything you’re reading does too. Yet all the software you need to secure computers, both corporate and personal, is available for free. There’s everything from scanning and blocking to diagnosing and disinfecting the computing devices you depend on.

Claudiu Popa

 

So how come we’re poised for continued growth in data theft and general cyber-mischief?

 

In short, you’re the weakest link. If it weren’t for you, your computer would have a much higher chance of leading an infection-free existence, gracefully growing old and slowly descending into obsolescence. Instead, you may hear yourself thinking out loud: “it was fast at the beginning, but now it’s so slow I’m thinking of getting a new one”. This platform-independent mantra is no doubt very depressing for laptops and smartphones to overhear and even the shiny new tablets, smug in their reliance on a firmware-based operating system, aren’t too far behind.

 

What are your options? Panic? Trade in your new tablet for a stone tablet? Pester the one social recluse in your family with open-ended questions?

 

The latter is always a good idea (although you can’t go wrong with the first two either). Make sure you corner him (it’s always a ‘he’) at the family party this holiday season and don’t let him take another sip of the eggnog until he makes an effort to put his answers into plain English. Pull up a chair, make him feel special, for once!

Stone Tablet

 

In the failing case, here are three (because no one can really retain more than that anyway) tips for you to better understand computing security in general, and in particular over the next few months, as the reliance on technical attacks on all platforms (not just on mobile devices, PCs, or ‘in the cloud’) gives way to plain old abuses of trust). At the very least, you’ll sound smarter about this stuff, so here’s some sage advice:

 

1. Sometimes things that increase convenience may increase your security risk

 

Just one example: URL shorteners. These handy little tools (aside from the fact that they build clickthrough statistics) may send you to malicious destinations and may contribute to the security problems that plague social networking sites. So click wisely.

 

2. Sometimes it’s better to focus on the things that go out of your computer

 

We’re on the Internet for a reason: to explore and access information. Each click is a request, an a consensual invitation, an implied permission and an open door to receiving information. So when that response happens to be malicious, it’s difficult to see exactly what it’s doing inside your computer, but it’s relatively easy to block unauthorized software from ‘calling home’ and initiating outbound connections of its own. So look for personal firewalls with egress filtering and be cautious about approving connection requests.

 

3. Sometimes things that protect your privacy may decrease your security

 

You know that little ‘lock’ icon everyone tells you to look for when completing online purchases? And the ‘secure tunnel’ your IT guy tells you about when installing your remote access VPN into the office (so you can be ‘productive‘ from home, naturally)? Those are great things. They protect the confidentiality of the data that you exchange with the big bad Internet, and also serve to protect your privacy.  But they also make it next to impossible for security tools to inspect data traffic, see malicious code and the details of hacking attacks as they come and go. So use with caution, and appreciate that once encrypted, both good and bad data is protected from prying eyes (and be sure to have a memory resident scanner to detect the latter just before or immediately after scrambling).

 

Enjoy 2012 and if you know someone who could use the information, don’t hesitate to suggest this blog.

Claudiu Popa
Claudiu Popahttp://www.SecurityandPrivacy.ca
Claudiu Popa is a security and privacy advisor to Canadian enterprises, associations and agencies. He is an author, speaker and lecturer. Connect with him on Twitter @datarisk, Facebook, G+ or LinkedIn.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Latest Blogs

ITB in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.