If you don’t where it is, you can’t protect it.
Do you know where ALL your organisation’s data is – not physically, but on which web and cloud services?
Here’s the problem. If you don’t where it is, then you can’t protect it. The secondary problem is finding out, because not everyone in your organisation will be onboard. It is common for people to sign up to web services because they offer something useful that helps them do their job.
They sign up using their email address and creating a password. There is the first headache – how does anyone track what has been signed up to across your organisation, let alone who has access to it? If that person leaves, no one will change the account credentials if they don’t know about it, but your ex-colleague still has access.
Secondly, what data do they upload? Is that data that you have a legal or moral responsibility for?
There’s nothing noble about Nobelium.
This isn’t theory – it’s real. USAID is a pretty important US organisation – promoting democracy and human rights around the world. Turns out, someone there was using a well-known email database tool called Constant Contact. But their account wasn’t well protected. Worse still, their account had a huge mailing set up, and of course, it had all the official USAID templates.
So, these Nobelium people, allegedly a Russian state-sponsored hacker group, compromised the Constant Contact account and sent a bulletin out. The bulletin contained malware that allowed the hackers to take command and control over victims computers. Ironically the fake email alleged interference in the US federal elections.
So, what can you do?
The first step is knowing what SaaS tools your people are using. We call this SHADOW IT and it is inevitable. Rather than stopping it, the job IT has is to identify it and manage it. The second step is to secure those platforms. That’s why our KARE for Security S2 plan contains a useful tool to help you identify what services your people are using.
Refer : What We Know About The Apparent Russian Hack Exploiting USAID : NPR
Easter Eggs aren’t always chocolate
Computer folk love to hide secret 'features' in their code. Normally we reckon these are bugs. But sometimes they are just fun. They are just hidden gems that add a bit of fun, and they're called Easter Eggs. There is a fine tradition of these in popular games,...
A new look for Kinetics
[header2 text="We've listened!" align="center" color="#3ec940" margintop=""] Our client's have told us they love what we do, but our brand is tired. So we're changing it. We've refreshed our logo, and our website - and over the next few weeks we'll work through all...
Introducing Skype for Business
Lync's becoming Skype for Business. It combines the friendliness and familiarity of Skype with the functionality of Lync. It''ll mean that Skype, and Skype for Business will work seamlessly together (although obviously the business version has more capabilities,...
RIP Microsoft Server 2003
Back in 2003 it was unheard of to have email on your mobile phone, in fact it would be another 4 years till the iPhone made its appearance. Aptly named for its time, Server 2003 made it appearance. Since then it has had a great run and if we counted computer years...
Keep your email password safe!
One of the most common irritants in modern computing is being asked to change your password. But it is important, especially your email password. Let me explain… Learning your email address is easy. If I can work out your password, then I can log into pretty much...
Power Outage Lesson
The recent power outage has again reminded us how much we depend on infrastructure over which we have little control. Our Penrose office was in the black out area for most of Sunday. Back in olden times, communication equipment was housed in a telephone exchange. ...
Cryptolocker – Ransoming your data!
Many of us have heard of spyware or malware, programs that try to sell you unnecessary software or pry your credit card details from you. In the last few months we have seen an alarming increase in what is being called ransomware. How are users affected? CryptoLocker...
Create Keyboard Shortcuts for the iPad and iPhone (iOS 7)
It’s getting easier to enter text on mobile devices but there are times when you quickly need to enter a few words or phrase you use often. For example, how many times have you needed to tell someone “On my way”? Once you’ve tried keyboard shortcuts in iPad you’ll...