Internet Safety by Top IT Security Experts

Featured article by Kelly Yee, VP of Marketing and Sales for Penango

The recent string of media reports about phishing or email password hacking security breeches,like the iCloud celebrity nude picture leak, have caused a media frenzy. This particular case received worldwide attention because the leak involved celebrities.  However the reality is that email hacking happens all the time in personal and professional email accounts. Corporate email hackings occurs on a daily basis, but it only becomes newsworthy if important data such as account numbers, trade secrets, patents or financial information is stolen.

These types of attacks will only continue as long as increasingly valuable information is stored in the cloud. Moving to the cloud is inevitable, and while many of us store data that we do not consider valuable to others, like account numbers, engineering schematics or even, naked pictures, consider that the data may be valuable enough to others to create a news worthy attack.

This means that as users we need to be more vigilant in keeping our data from preying eyes. While we cannot safeguard our data 100%, we can follow basic guidelines to keep data safe:

1.  Delete files from shared locations (like the cloud services iCloud, Dropbox, and Box) when you are finished with them. It is true that some services still have a backup of your deleted files, however, most hackers are not sophisticated enough to get beyond the front end of server which holds the non-deleted files, which is low hanging fruit.  Eventually, the files that are deleted from your account are deleted from their services altogether.*

2.  Create more complex passwords.  Kitty123 is not a complex password.

3.  Don’t use the same passwords across multiple accounts.  If a hacker uncovers the password, he/she can easily get into other accounts.  This rule is especially true if your username is your email address like Gmail and Facebook.

4.  Use a two-factor authentication – which confirms a correct sign-in by texting a code to your cell phone or confirms your identity by some other form of confirmation.

5.  Make sure that your cloud services use true end-to-end encryption. This means data is safeguarded in transit and at rest, which most encryption services do not provide. For example Dropbox encrypts data in transit but not at rest.  A true end-to-end encrypted cloud file sharing service is Tresorit.   Penango also offers a true end-to-end encrypted e-mail that attaches seamlessly to your existing webmail, like Gmail, Google Apps, and Zimbra.

Understanding that your data can be compromised anywhere, from at rest — on your or your recipient’s computer (or phone) or in transit — is the first step in appreciating how vulnerable your data can be.

*Ask what the data retention policy is when using cloud based storage services.

By Kelly Yee, VP of Marketing and Sales for Penango, a true end-to-end secure webmail solution.