Taking Wireless Security into Your Own Hands
Written by Anonymous on 12:08 AMSome companies are restricting the use of USB ports. In one scam, someone leaves a flash drive on a restroom shelf at a bank. An employee finds it and inserts it into the USB port on his computer to see what's on it. Instantly, the drive installs a malicious code that copies customer data and sends it via the bank's e-mail system to a computer overseas.
Conducting business online via laptop Relevant Products/Services, cell phone or handheld device is productive -- but it can also be risky if the proper wireless security isn't in place.
"The productivity is tremendous, especially with handheld devices that you can use from anywhere," said Jack Vonder Heide, president of Technology Briefing Centers, Inc. "But the potential for catastrophe is great when we look at security breach possibilities. We really need to focus on them and make sure that we plug the holes."
In 2006, a hacker gained access to a financial institution employee's corporate user name and password when the employee accessed the Internet via a Wi-Fi signal in Midtown Manhattan's Bryant Park.
What he didn't know was that the seemingly legitimate wireless signal came from a nearby hacker, who could then track the employee's computer use, according to news reports.
Hotels, libraries, coffee shops and other public places now offer tens of thousands of Wi-Fi "hot spots" around the nation. But use caution when using Wi-Fi access to do any business-related work, Vonder Heide advises.
"I would not recommend anyone accessing anything of a confidential nature from a laptop computer via a non-secured wireless channel. It's just too risky," he said, A better option, he said, is to plug the computer into a phone line.
Better yet, he recommends that any data Relevant Products/Services that leaves the workplace on a laptop computer be encrypted -- in other words, scrambled and locked with a mathematical "key."
Many companies require employees to use a virtual private network (VPN) to access the company system remotely, said Kim Passalugo, a computer support agent with Geek Squad, "it's like a secret tunnel, if you will, through the Internet that nobody else can see," she said.
At the very least, individuals who use wireless Internet at home should make sure their router has been personalized, so it can't be accessed via the default user name and password, Passalugo recommended. Make sure all firewall, antivirus and anti-spyware software is configured to update automatically.
Many companies now have access control logging mechanisms that record when, for how long, and what files are viewed when an employee logs onto the system.
Another way that companies are protecting customer data is to restrict the use of USB ports on workplace computers, Vonder Heide explained. Here's why: In one scam, someone leaves a small flash drive on a restroom shelf at a bank. An employee finds it and inserts it into the USB port on his or her computer to see what's on it. Instantly, the drive installs a malicious code that copies customer data and sends it via the bank's e-mail system to a computer overseas.
Given that many business professionals are now buying their own tech devices, individuals must take time to make sure there are adequate passwords in place -- even on cell phones and handheld devices. (See www.microsoft.com/protect/yourself/password/checker. mspx for password advice.)
Finally, to be absolutely safe and compliant with company requirements, financial professionals should turn to in-house IT staff for assistance and regular updates.
"It's like a game of leapfrog, because when we discover a hole and fix it, it's a very short time before identity thieves and electronic criminals take advantage of another vulnerability," Vonder Heide said.
From Newsfactor
| Posted in »
0 comments: Responses to “ Taking Wireless Security into Your Own Hands ”