We conducted our second annual survey on attitudes about smartphone privacy and security on August 1st, 2018. The results show a slightly elevated level of concern, but not as much as one might think given the endless stream of news reports about smartphone hacks and exploits. Check out the infographic of the results here.
Privoro recently attended the GSF Modern Warfare conference at Fort Bragg, home of the 82nd Airborne (I highly recommend researching the history of this division if you’re unfamiliar). Although our trip to Fort Bragg was a first, what wasn’t new at all is the problem smartphones are causing government employees across the military, intel agencies and Capitol Hill.
Our world is filled with news and conversations about hacking. From well-publicized public hacks like Target, OPM and Equifax down to the private internal discussions of how to keep information safe, hacking is all around us.
Pentagon’s smartphone policy costs taxpayers an estimated $2 million per day
On May 22, Pentagon leadership banned smartphones from all secure spaces – effectively every office and meeting room in the largest single office building in the world. The ban even includes government-issued phones given to high-priority personnel and negatively impacts over 26,000 Department of Defense military, civilian and contractor employees.
Economic espionage – also known as industrial espionage, corporate espionage and corporate spying – justifiably resides as the top concern of security professionals and persists across companies of all sizes. Whether a company’s knowledge assets or data on its personnel, the odds have long been that someone seeks proprietary information.Today, however, the information is more accessible, exists in various locations and available to devices via the internet. What has also changed is the migration of access to data as it no longer occurs for everyone from a computer terminal in an office. Data now resides in the cloud and may possibly be distributed across a myriad of electronic devices. Moreover, the adoption of mobile computing combined with the explosion of electronic devices has forged a Bring Your Own Device (BYOB) work model that has essentially extended the enterprise’s security perimeter to each employee’s phone providing assailants a greater surface to attack with an easier entrée given the vulnerabilities with smartphones. These devices that have more computing power than what powered a business 40 years ago have but a fraction of the protections. The abilities to access corporate systems, intercept inter-company correspondence, eavesdrop on sensitive conversations, track employees and store precious data now reside on smartphones and reside in nearly every employee’s hand with the first and often only guard of protection to something an enterprise values.
As the internet uses #PasswordDay to celebrate and patronize the 1961 Massachusetts Institute of Technology creation of the password, we at Privoro are working on our goal of ending the use of passwords within our organization.
This is the third installment of a three-part series on cybersecurity advice. In part 1, I covered general awareness and protection of personal devices. In part 2, I covered ways to protect yourself in online interactions. In this third and final post, I will focus on ways to practice good digital hygiene such as backing up data, managing passwords, keeping data clean and managing your social media information.
This is the second portion of a three-part series on Cybersecurity advice. In Part 1, I covered general awareness and protection of personal devices. In this post, I will focus on online interactions and provide advice to help ensure you are safe, secure and private in the online world.
When I started my career over 20 years ago, I was issued a corporate laptop with a phone-line dial-up modem and a beeper. For years, the computer was the only device I connected to the corporate network. The computer was provisioned to me complete with corporate standard software and all of the necessary security controls built in. The software was kept up to date by my IT department and the only things I had to do were keep the device physically safe from thieves and avoid losing it. Fast forward to today and things look much different. With the emergence of BYOD (Bring Your Own Device), more personal machines are connecting to the private networks of organizations without the oversight of IT. The presence of these devices increase the risk of exploitation from the outside. Chief Information Security Officers (CISOs), who are responsible for securing enterprise networks, face challenges with this new paradigm. The days of relying on the IT department to handle everyone’s cybersecurity needs are gone. It has become imperative for all of us to take a more active role in maintaining the right cybersecurity measures for ourselves. By paying attention and doing work to set things up properly, you can keep yourself and your livelihood safe. After all, like a chain with several links, your corporate security is only as strong as its weakest link. Do you want to be the weak link?
Personally Identifiable Information, commonly referred to as PII, can be broadly defined as any data that could potentially identify a specific individual. Additionally, it may include any information that can de-anonymize a person from other persons or a set of anonymous data.