Pro Tip: Encryption How To’s

encryption

You have probably heard people talk about using encryption to protect themselves and their information. In this article, we will explain what encryption is, how it protects you and how to implement it properly.

Why Use Encryption?

You might have sensitive information on your devices, such as documents, pictures and emails. If one of your devices were to be stolen, all of your sensitive information would be in someone else’s hands. Encryption protects you in these situations by helping ensure unauthorized people cannot access or modify your information.

How It Works

Encryption converts information into a non-readable format called ciphertext. Today’s encryption works by using complex math operations and a unique secret key, converting information into ciphertext. The key locks or unlocks the encrypted information. Your key could be a file stored on your computer, a password or a combination of the two.

What Can You Encrypt?

There are two types of data to encrypt:

  • Data at rest – such as the data stored on your mobile device
  • Data in motion – such as receiving email or messaging

Encrypting data at rest is vital to protect information in case your computer or mobile device is lost or stolen. Full disk encryption (FDE) is a widely used encryption technique that encrypts the entire drive in your system. This means that everything on the system is automatically encrypted for you. Today, most computers come with FDE but you might have to manually turn it on or enable it. FileVault is used on Mac computers while Windows computers can use Bitlocker or device encryption. Mobile phone encryption for the iPhone and iPads automatically enable FDE once a passcode has been set. Starting with Android 6.0 (Marshmallow), Google is requiring FDE be enabled by default provided the hardware meets certain minimum standards. Please check with your device manufacturer to determine if it supports FDE.

Information in motion is also vulnerable. If data is not encrypted it can be monitored, modified, and captured online. This is why you want to make sure that all sensitive online transactions and communications are encrypted. A common type of encryption for data in motion is HTTPS. This means that traffic between your browser and a website is encrypted. Look for https:// in the URL, a lock icon on your browser or your URL bar turning green.

Key Things to Remember

  • Your encryption is only as strong as your key.
  • If using a passcode or password for your key, make sure it is a strong, unique password.
  • The longer your password the harder it is for an attacker to guess or brute force it.
  • If you can’t remember all of your passwords we recommend a password manager to securely store your passwords.
  • If your device has been compromised or is infected by malware, cyber attackers can bypass your encryption or leverage your secret key to decrypt the data if your key is not stored securely. It is important you take other steps to secure your devices including using anti-virus, strong passwords, and keeping them updated.

What Do You Know About Malware?

Beware malware

Malware, also known as malicious code and malicious software, refers to a program that is inserted into a system, usually covertly, with the intent of compromising the confidentiality, integrity, or availability of the victim’s data, applications, or operating system or otherwise annoying or disrupting the victim. Malware has become the most significant external threat to most systems, causing widespread damage and disruption, and necessitating extensive recovery efforts within most organizations.

There are five types of malware:

  • Ransomware – Ransomware is a subcategory of malware which typically will block access to computers or data until a payment is made.
  • Trojan – A Trojan is a self-contained, non-replicating program that, while appearing harmless, actually has a hidden malicious purpose. Trojans either replace existing files with malicious versions or add new malicious files to hosts.
  • Spyware – Spyware is a type of malware used to covertly observe a user’s activity and gather information about a user without their knowledge or consent.
  • Virus – A virus self-replicates by inserting copies of itself into host programs, data files or propagating through network file sharing. Viruses are often triggered through user interaction, such as opening a file or running a program.
  • Worm – A worm is a self-replicating, self-contained program that usually executes itself without user intervention.

Signs to Look Out For:

  • Slow performance
  • Unexpected computer crashes
  • Pop-up ads (even when no browser is open)
  • Excessive hard drive activity
  • New browser homepage or toolbars
  • Unexpected Antivirus disabling
  • Lost functionality

Ways To Avoid An Attack: 

  • Do not open suspicious emails oremail attachments, click on hyperlinks, etc. from unknown or known senders, or visit websites that are likely to contain malicious content
  • Do not click on suspicious web browser popup windows
  • Do not open files with file extensions that are likely to be associated with malware (e.g., .bat, .com, .exe, .pif, .vbs)
  • Do not disable malware security control mechanisms (e.g., antivirus software, content filtering software, reputation software, personal firewall) and ensure that they are continuously updated
  • Do not use administrator-level accounts for regular host operation
  • Do not download or execute applications from untrusted sources

Backups: When and How to Use Them

Back-up Data

At some point, you will most likely have some computer malfunction that causes loss of some or all of your personal files, documents or photos. Maybe you accidentally deleted the wrong file, experienced a hardware failure, or lost your laptop. Even worse, malware may have infected your computer. In times like these, backups are often the only way you can rebuild your digital life or recover critical data.

What to Back Up and When

There are two approaches on deciding what to back up:

  1. Specific data that is important to you
  2. Everything including your operating system

If you are not sure what to back up then the best approach may be backing up everything. You should also consider how often you want to back up. Apple’s Time Machine or Microsoft Backup and Restore allow you to create an automatic “set it and forget it” backup schedule. Other solutions can allow continuous protection in which new or altered files are immediately backed up as soon as there closed.

How to Back Up

You can store your files in two ways:

Physical Media:

Backing up to physical media keeps your files on a physical storage device, such as DVD’s, USB devices or an external hard drive. Whichever media you choose, never back up your files to the device that holds your original files. It’s also smart to label your physical media with info about the backup and the date it was created.

Some disadvantages to storing on physical media is the possibility of disaster or theft. Physical media can be lost, stolen or damaged just as easily as the original files.

Cloud-based solutions:

Cloud-based storage works by installing a program (client) that automatically backs up your files for you. You can pay for cloud storage providers to store your backups. The price is normally determined by the size of the backup.

The advantage of this solution is in the event of a disaster or theft, your files will be virtually stored off-site. Additionally, you can access these files from anywhere. The disadvantages of cloud-based backups are that recovery can be slower especially if you have a large amount of data and you will also need to ensure that the cloud service provider can store this data securely to prevent unauthorized access.

Recovery

After backing up your data, it’s always a good to be certain that you can recover it. Check every month that your backups are working by recovering a file and validating the contents. Additionally, be sure to make a full system backup before a major upgrade such as moving to a new computer or mobile device or before a major repair.

Key Points Summary

  • Automate your backups
  • When rebuilding an entire system from backup be sure to reapply the latest security patches and update before using again
  • Outdated backups may become a liability so it is recommended to delete these backups to prevent unauthorized access and in the case that cloud storage is used, manage your storage capacity and related costs
  • Be sure to verify that cloud backup and storage providers have security measures in place to protect the data by checking the policies and reputation of your cloud provider:
    • Ask if they encrypt your data when it is stored
    • Determine who has access to your backups
    • Verify they support strong authentication, such as two-step verification

Securing Your Tablet

mktweb-502-security-page_7-securing-your-tablet

While hackers pose a serious problem, there’s also the risk of losing, forgetting or having your devices stolen. Keep your tablets safe by following these tips:

  • Lock your tablet with a secure pass code
  • Run automatic updates for the latest and safest operating system
  • Enable remote tracking to locate your tablet if lost or stolen
  • Disable all applications’ location tracking in privacy settings, except for those that need it
  • Know where and how your data is secured within the cloud
  • Only enable cloud sharing when sharing something specific
  • Be aware of what apps synchronize with your other devices