Security in the Cloud

September 6th, 2014

With recent news stories about breaches in cloud-based storage, it is understandable to be concerned about your files and pictures stored “online”. CET clients from Mooresville to Cornelius, and throughout the Lake Norman area, have questioned Lance and myself about cloud security and, while you need to trust that your cloud service provider is up to the task of giving your data the protection that you need or want, it is essentially your responsibility to ensure the security of your data.

You should investigate the cloud provider that you’re considering using. Simply “googling” a provider on the internet is likely to offer you more information than you’d ever need, but take some time to see what the companies are writing about themselves and see what others are writing about them as well. Most cloud providers are willing to work with their customers to provide security measures and assurances that they will do their best to protect your files.

Another significant step that you can take is to encrypt your data. While most cloud services, even Dropbox, already encrypt your files, those same services have the decryption keys and can decrypt your files at any time, such as at the request of law enforcement agencies. You can also encrypt your data prior to loading it to the cloud service in the first place. This second level of security can be employed with programs like TrueCrypt or other purchased software.

Lastly, the most important measure that you can take to secure your files – whether on a cloud storage on on your own computer – is the use of a strong password. Strong passwords cannot be found in dictionaries; common words (or names) are easily hacked and provide little or no protection at all. Use passwords that contain lowercase and uppercase letters, numbers, and non-alphanumerical symbols like the dollar sign, the exclamation point, or the ampersand.

Security, whether on the cloud or at your own home or office, is essential in protecting your files, and ultimately your identity. Be smart when storing pictures and files and be cautious with them as well. Don’t make it easy for the bad guys! If you need help, contact us at CET and we’ll be glad to help you secure your data.

Beware of typosquatting sites

July 2nd, 2014

This past weekend, users of Steam, an online gaming platform, were attacked with a typosquatting phishing scam. As you know from our previous posts, a phishing scam is when cyber criminals pose as legitimate companies to steal an online users’ personal or financial information. This type of scam is often perpetrated through emails that appear to be coming from the bank or organization that the user normally interacts with or viruses that hijack your browser with redirects or even establishes a proxy connection within your computer’s settings. When the user attempts to open the email link or contact the legitimate company, they are infected immediately or sent to an illegitimate site where predators are waiting. Typosquatting is when these cyber criminals set up websites that are often registered outside of law-abiding nations where they will not be prosecuted and use a web address or url (uniform resource locator) to ensnare their victims who accidently mistype a legitimate web address. For example, the user may be trying to get to but accidently types www.cetfonc(dot)com or and mistypes it as www.computerepairlkn(dot)com. The “typo” may completely change the intended destination and direct the user to a trap set by these cyber criminals. In this past weekend’s case, the “typo”, sleamcummunity(dot)com instead of steamcommunity(dot)com, sent the unsuspecting users to a replicated steam site (images, links, and all) in Russia that attempted to gain the users’ financial information. Always take care when typing web addresses and recheck your location before providing personal or financial information on a website.

Safeguarding Your Emails

June 22nd, 2014

Safeguarding your data files, including your emails, is, in most instances, extremely important and, in general, very simple. Backups of data files to online sources, external drives, or network locations are among the multitude of options to ensure you do not lose your files or emails due to hard drive crashes. The United States Computer Emergency Readiness Team, a division of the United States Department of Homeland Security, helps establish guidelines in their published Security Tip (ST06-008).
Lost emails can be very detrimental to your business – even causing possible legal actions to be taken against you or your organization. If you are using an email program like Outlook, you should regularly backup your .pst or .ost database to ensure compliance with government authorities like the United States Internal Revenue Service. Hard copies of emails are also an effective option for ensuring that important documents are not lost or destroyed and are often dictated by your organization’s standard operating procedures.