Tuesday, August 31, 2010

WORKING SECURELY AT WIRELESS HOTSPOTS

Wireless hotspots are changing the way people work. These wireless local area networks (LANs) provide high speed Internet connection in public locations—as well as at home—and need nothing more than a mobile PC such as a laptop or notebook computer equipped with a wireless card.

In fact, hotspots are an everyday connection method for travelers and remote workers to browse the Internet, check their email, and even work on their corporate networks while away from the office.Hotspots range from paid services to public, free connections. Hot spots are everywhere, including:

Coffee shops
Restaurants
Libraries
Bookstores
Airports
Hotel lobbies

But they all have one thing in common—they are all open networks that are vulnerable to security breaches. And that means it's up to you to protect the data on your PC. Below we cover a few tips to make working in public locations more secure.

1.Try to choose more secure connections
It's not always possible to choose your connection type—but when you can, opt for
wireless networks that require a network security key or have some other form of
security, such as a certificate. The information sent over these networks is encrypted, which can help protect your computer from unauthorized access. The security features of different networks appear along with the network name as your PC discovers them.

2.Make sure your firewall is activated
A firewall helps protect your mobile PC by preventing unauthorized users from gaining access to your computer through the Internet or a network. It acts as a barrier that checks all incoming information, and then either blocks the information or allows it to come through. All Microsoft Windows operating systems come with a firewall, and you can make sure it's turned on.

3.Monitor your access points
Chances are that there are multiple wireless networks anywhere you're trying to
connect. These connections are all access points, because they link into the wired
system that gives you Internet access. So how do you make sure you're connecting to the right one? Simple—by configuring your PC to let you approve access points before you connect.

4.Disable file and printer sharing
File and printer sharing is a feature that enables other computers on a network to
access resources on your computer. When you are using your mobile PC in a hotspot, it's best to disable file and printer sharing—when it's enabled, it leaves your computer vulnerable to hackers. Remember, though, to turn this feature back on when you return to the office.

5.Make your folders private
When the folders on your mobile PC are private, it's more difficult for hackers to
access your files.

6.Encrypt your files
You can protect your files further by encrypting them, which requires a password to
open or modify them. Because you must perform this procedure on one file at a time,
consider password-protecting only the files that you plan to use while working in a
public place.

7.Consider completely removing sensitive data from your notebook PC
If you're working with extremely sensitive data, it might be worth taking it off your notebook PC altogether. Instead, save it on a corporate network share and access it only when necessary. This way, you have multiple safeguards in place.

INCREASE THE SECURITY OF YOUR LAPTOP WHILE ON THE ROAD

Using your laptop to get work done away from your office or on the road is becoming widely accepted. But this rapid growth in laptop computing has made portable systems the target for theft in Nigeria and around the world. If your laptop computer is stolen, company information can be exposed, as well as your personal and financial information.

Use these 9 tips to learn how you can keep your laptop more secure when you're on the road.

1. Avoid using computer bags
Computer bags can make it obvious that you're carrying a laptop. Instead, try toting your laptop in something more common like a padded briefcase or suitcase.

2. Never leave access numbers or passwords in your carrying case
Keeping your password with your laptop is like keeping the keys in the car. Without your password or important access numbers it will be more difficult for a thief to access your personal and corporate information.

3. Carry your laptop with you
Always take your laptop on the plane or train rather then checking it with your luggage. It's easy to lose luggage and it's just as easy to lose your laptop. If you're traveling by car, keep your laptop out of sight. For example, lock it in the trunk when you're not using it.

4. Encrypt your data
If someone should get your laptop and gain access to your files, encryption can give you another layer of protection. With Windows XP, Windows Vista, and Windows 7 you can choose to encrypt files and folders. Then, even if someone gains access to an important file, they can't decrypt it and see your information. Learn more about how to encrypt your data with Windows XP, encrypt your data with Windows Vista, or encrypt your data with Windows 7.

5. Keep your eye on your laptop
When you go through airport security don't lose sight of your bag. Hold your bag until the person in front of you has gone through the metal detector. Many bags look alike and yours can easily be lost in the shuffle.

6. Avoid setting your laptop on the floor
Putting your laptop on the floor is an easy way to forget or lose track of it. If you have to set it down, try to place it between your feet or against your leg (so you're always aware it's there).

7. Buy a laptop security device
If you need to leave your laptop in a room or at your desk, use a laptop security cable to securely attach it to a heavy chair, table, or desk. The cable makes it more difficult for someone to take your laptop. There are also programs that will report the location of a stolen laptop. They work when the laptop connects to the Internet, and can report the laptop's exact physical location. One such tracing program is ComputracePlus.

8. Use a screen guard
These guards help prevent people from peeking over your shoulder as you work on sensitive information in a public place. This is especially helpful when you're traveling or need to work in a crowded area. This screen guard from Secure-It is just one example of a screen guard you could use.

9. Try not to leave your laptop in your hotel room or with the front desk
Too many things have been lost in hotel rooms and may not be completely secure. If you must leave your laptop in your room, put the "do not disturb" sign on the door.

Saturday, May 15, 2010

SURF SAFELY ON THE INTERNET!

Mr Ajala Akinkunmi,an internet-savvy systems engineer,who works for a multinational in Nigeria, got a call from Ajala Akinwunmi, he's uncle, that Mrs Folake Ajala, Wunmi's wife is about to undergo a surgery in the hospital, and that he needs financial assistance of about 80,000Naira to pay hospital bills for surgery. Mr Akinkunmi immediately wired that amount of money into an account number of Dr Endgame Albumi of the hospital.

After a week, he did not hear a word from his uncle, then he called Akinwunmi to ask him about the health of his wife. On the other side of the phone, Akinwunmi was amazed by the story Dickson was teling him, he denied ever going through such and that even, Folakemi has just gone out of Lagos.Mr Ajala Akinkunmi couldn't believe his hears - how could they have gotten those information!simply social engineering.

The Internet should be thought of as a necessary evil that must be controlled in order to get beneficial tasks accomplished. It is like electricity, which provides uncountable benefits to our lives, but if we lose control of it, the results can include electrocution and property damage through fire. The Internet is a powerful tool that can cause serious harm to your organization and your personal lives if not managed properly. So don’t use the Internet without proper protection and awareness.Here is a rundown of the guidelines to observe when using the internet:

1.Never share personal data with a website
2.Be careful what you reveal about yourself in chat rooms, via messaging, on discussion boards, to surveys, and so forth.
3.Be suspicious of whom you interact with over the Internet until you NN have absolute proof of their identity and trustworthiness.
4.Only make on-line purchases from trusted sites (such as sites with a reputation of protecting its users/visitors).
5.Keep an eye on the domain name in the URL you visit; if it turns into an IP address,a large decimal number, or a strange two-letter country code site, you may have been redirected.
6.Keep your operating system utilities updated and patched.
7.Don’t download data from unknown sites.
8.Remember that you are probably being watched by an unknown malicious entity while you surf the Internet.
9.Don’t leave Internet connections open and active when you are not actively using your computer.
10.Social engineering, spoofing, phishing, and hoaxes can all take place via computer communications such as e‑mail and chat and on the Web—watch out!

Monday, April 19, 2010

MANAGING YOUR PASSWORDS

Passwords are just long or short strings of characters typed onto a keyboard from memory.You use passwords in withdrawing cash from ATMs, in paying for goods and services in Nigeria and abroad; also to log in to your facebook account or any other social media sites such as twitter, linkedin etc;When you join an organisation that is IT driven, to log in to the companies environment, you must be authenticated with a password; You use them when checking mails especially on Yahoo, others include Hotmail, Gmail and a list of other email supporting sites; you also use it in managing your websites.

Consequently, it could be said that passwords are the key to the essence of locking the doors to the vast opportunities that are embedded in utilizing modern day technologies.Passwords are the most common form of authentication in Nigeria, at the same time, they are the weakest form of authentication.

Password attacks have become ubiquitous that in less than five seconds, your password can be compromised, and whatever happens after that is history. No matter how many passwords are used, multiple passwords are ultimately no stronger than any single password by itself. It will be pertinent to inform you that longer and more complex passwords will take more time and more processing power, but this does not change the fact that your password can't be surmised.

If 50% of Nigerians have access to ATM cards, suffice it to say that those percentage of Nigerians are vulnerable to losing their money at one point or the other due to password compromise or negligence; If 15% Nigerians are using facebook and 30% are using Yahoomail, it thus means that someday, these set of Nigerians might lose access to personal information in their mail box, perhaps they might become a victim of identity theft whereby a criminal takes up their identity.

To avoid this eminent danger that's looking at us, we must change the way we create and manage passwords.(Please read How to Create passwords on this Blog).
1. Do not use Dictionary words as your password.
2. Do not write passwords on paper or store them anywhere.
3. Memorize your passwords.
4. Do not use names as passwords.
5. Always include non-alphabetic characters such as £, $, & in your passwords.
6. Do not use the same password you use to log in to your Yahoomail for your facebook account.
7. Change passwords as often as possible.
8. Never give out your password or password hint on any website, other than the website its been used for.

HOW TO PROTECT YOUR AUTOMATED TELLER MACHINE (ATM) CARDS

ATM cards has become the most vulnerable IT gadget we take about in Nigeria.7 out of 10 people in Nigeria uses their year of birth as their Personal Identification Number (PIN)!Please, if you have done that, change your PIN right away; Do not use numbers associated with you as your PIN (please refer to how to create passwords);Do not tell anybody your PIN-They might use it later, or tell someone else unconsciously; Do not write your PIN on a paper, please try and know the four characters by heart.

As the Banking industry as resorted to downsizing as one of their strategies in recuperating from the economy downturn in the country, it will be expedient for Nigerians that patronizes these banks, especially, the affected ones, to keep watch on their ATM transactions, they can resort to changing their PIN every 20 days; check on their bank transaction statement whenever they visit the banks.

Obviously, the internet has become a safe haven for fraudsters all around the world, Phishing sites now populate our emails with ATM update mails. Please Do not respond to those mails, delete those mails immediately!No bank or organization in Nigeria or in other part of the world will ask you to "upgrade or update your ATM Card Information".

Online Shopping has become one of the holy grails Nigerians can not afford to meet up with, and if they do, they should be aware that even in developed countries, credit card scams that emanate from online shopping constitute to about 60% of cybercrimes that has been witnessed over time; You should be conscious of the websites your transact business with or on, check if they are been verified by an authorized SSL (secure socket layer)certificate vendor which includes companies like Verisign, Thwate, and Digicert.

The ATM as become part of our life, and it makes transactions easier, for us to maximize its usage, we must protect our PIN from fraudsters, it is only then, we can be rest assured of enjoying the value that comes with Information Technology

HOW TO CREATE PASSWORDS

Passwords should be as long and as complicated as possible. Most security experts believe a password of 10 characters is the minimum that should be used if security is a real concern. If you use only the lowercase letters of the alphabet, you have 26 characters with which to work. If you add the numeric values 0 through 9, you’ll get another 10 characters.If you go one step further and add the uppercase letters, you’ll then have an additional 26 characters, giving you a total of 62 characters with which to construct a password.

Most vendors recommend that you use non alphabetic characters such as #,$,and % in your password, and some go so far as to require it.If you used a 4-character password, this would be 62 × 62 × 62 × 62, or approximately 14 million password possibilities. If you used 5 characters in your password, this would give you 62 to the fifth power, or approximately 920 million password possibilities. If you used a 10-character password, this would give you 62 to the tenth power, or 8.4 × 1017 (a very big number) possibilities.

As you can see, these numbers increase exponentially with each position added to the password. The 4-digit password could probably be broken in a fraction of a day, while the 10-digit password would take considerably longer and much more processing power.If your password used only the 26 lowercase letters from the alphabet, the 4-digit password would have 26 to the fourth power, or 456,000 password combination. A 5-character password would have 26 to the fifth power, or over 11 million, and a 10-character password would have 26 to the tenth power, or 1.4 × 1014. This is still a big number, but it would take considerably less time to break it.Mathematical methods of encryption are primarily used in conjunction with
other encryption methods as part of authenticity verification.

The message and the hashed value of the message can be encrypted using other processes. In this way, you know that the message is secure and hasn’t been altered.Nigerians, as we continue to explore the world of IT, please let passwords management be at the back of our minds-it is from the day you start using a cellphone, opening a Yahoomail, joining people on facebook, you become vulnerable, perhaps, you don't know- you are in an IT cloud, and it might soon start to rain!

IT SECURITY AND NIGERIA

Over the course of several centuries, the Industrial Revolution saw the development of new manufacturing processes that changed much of the world’s economy and ways of doing business. Whereas it took centuries to develop new business manufacturing processes of the Industrial Revolution, a new revolution, what I call the Information Technology Revolution, has occurred over the past 35 years, and it has literally changed the face of the world, Nigeria inclusive. This great change in business and economic focus took years to develop and is still being perfected till this very day.

This revolution has brought us such great things as the personal computer, software for the personal computer, computer networking, Automated Teller Machine (ATM) Cards, Mobile Phones, computerized medical equipment and, of course, the Internet.It is quite interesting to know that about 30% of Nigerians do use this technology.The technology revolution has brought us huge intangibles as well, such as productivity,quality, larger profit margins, vast new markets to increase sales, and efficiency. These intangibles have been the driving force to make the technology revolution the most important revolution during the existence of man.

If Nigerians are to truly reap the benefits of the latest technologies-The use of mobile phones, the internet, ATM cards, Social Media such as facebook, twitter, flickr and a whole lot,they have to be educated and trained as to the appropriate ways of dealing with the dark side of information technology terror. In simple terms,all users have to learn the safe practices for their gadgets, their business networks, and the Internet. The security basics of “what to do” and “what not to do” become the front-line defense for most businesses. Much reason why Cloneshouse Nigeria has taught it well in using this medium to get across to Nigerians, intimating them on dos and donts of their IT gadgets.