Dec 15

Nearly one-third SMEs don’t emphasize on data secure backup

According to the survey conducted by the Internet and Mobile Security Organization AVGTechnologies, most companies hadn’t noted real value of their data. The result of the test showed that 37% of small business manager spent more time on tidying up desks and ordering new business cards rather than doing backup for data. This survey was give to 500 U.S. small businesses managers, and the result showed that although most (75%) businesses relied on automatic backup system, about a quarter (24%) of businesses didn’t require employees to back up data at least every week. However, 30% of respondents thought that more than half of their data were critical data.

 

Given that small business claimed that more than half of the data were sensitive data, the loss of employees’ mobile devices should attract more attention. In fact, about half of small businesses said they had experienced the loss of mobile devices. Interestingly, the survey showed that many small businesses management staff didn’t think employees’ mobile devices contained a lot of sensitive data. They cared more about the security of data transferred to cloud. When asked about cloud-based backup, 64% of small and middle enterprise said security was the issue they cared about most.

 

And the results of the survey can be concluded as below:

 

1. Compared with backup data in UK (22%) and US (21%), a substantial proportion of small and middle businesses often spend more time on tidying up desks and ordering new business cards, which is not even the most conventional computer-related work. 43% of UL companies and 53% of US companies said they spent more time changing passwords.

 

2. When it comes to cloud backup, security is still a most concerned issue. Other key issues include the cost, data recovery and lack of control.

 

3. Most small businesses have not experienced mobile device data loss, but they are approaching (51% in UK, 53% in US).

 

4. Most SMEs (62% in UK, 66% in United States) are confident that they can prevent data loss when employees leave the company.

 

5. Most small businesses (59% in UK, 54% in the US) still don’t require employees to back up daily. A considerable number of backup data (68% UK, 75% of the United States) is operated by IT automation systems.

 

6. When it comes to mobile device data, only 1-10% of employees of about one-third of SMEs (32% in UK, 34% in the US) go out of office at least once a week. On the other hand, mobile devices are increasingly used to work, and only a small number of companies said 80% -100% of their staff go out of office one day a week.

 

7. When the device is lost or stolen, 39% of UK businesses and 41% of US companies priority is to ensure that data cannot be viewed by an unauthorized third party. That’s why you need to protect files in drive with password and configure different users’ permission to content in the drive.

Jul 28

Use Heartbeat as Password – a New Encryption Method Appears

Since now many people don’t trust the traditional passwords, some technology companies began to explore other ways to ensure people’s online account safety. Some companies invented to use brain waves or fingerprints as passwords. Now there’s a new encryption method in the world.

A wristband called Nymi can detect user’s heart rate through ECG sensor, and allows user to use own heartbeat to decrypt device. This product can be used with iPad or even cars. This product manufacturer is Bionym from Toronto, the company’s developers said using human heartbeat to unlock the device is safer than using fingerprints, facial recognition and other external means to do that.

When first time getting the device, users simply need to use finger to press on the sensor of the wristband, the sensor will automatically monitor and store the user’s heart rate. The whole process takes about two minutes, after saving the user’s heartbeat, the device will only recognize the user’s heartbeat. Ordinarily, the sizes of people’s hearts are completely different, so produced electrocardiogram is unique.

Daily use of the device is also very simple, you need to press and hold the sensor with your finger, after a few seconds, the sensor will be able to identify the user’s heart rate, and use Bluetooth technology to connected with the device that need to be controlled to unlock the device. When wristband leaves outside of the scope of Bluetooth, the device automatically locks.

Nymi even works with the gesture control feature, for example, when a user is in the car, waving can open the drive side door or rotating the wrist to open the front passenger side door. In addition, the product also has a secure payment feature, at highway toll stations users can use it to scan the device charges, and the fees will be automatically deducted from the user’s account. The wristbands can also remind users of receiving a mail or social network message by vibration, while the device vibrates, the screen will also display.

This encryption method is limited used to protect devices. We now still use traditional password most. For example, we use traditional password to protect files/folders on computer or external hard drive.

Jun 30

Best Defense is Equal to Attack

Speaking of BYOD, the best defense is attack, namely, making strategies in advance to achieve your desired results and to avoid potential risks.

BYOD (Bring Your Own Device) has stirred all walks of business processes. Some companies are fully enjoying the convenience brought by BYOD, yet some companies shy away from them. On the bright side, BYOD can potentially help companies save operating costs, help employees maintain a happy mood and improve office efficiency. But on the other hand, BYOD may also bring a series of problems and pitfalls in the various aspects of security, compatibility and so on. But through some planning and education, most of these problems and pitfalls can be avoided. We can have a look at the troubles brought by BYOD and corresponding resolutions to these problems.

Data leakage: Companies sensitive data leakage is always one of most concerned problems for companies. Employees bringing their own devices to company makes enterprise more worried. Employees may lose their smart phone or tablet; for these devices can easily be eyeing by thief. When the devices containing companies’ sensitive data get lost, the data may fall into wrong hands. One way to avoid this situation is to use file password protection program to lock sensitive data with password, and the other way is to use a remote deletion policy, namely when the employee’s mobile device is stolen, company can remotely delete the sensitive data on the remote device.

Password Leak: just like we usually carry several keys, employees’ mobile devices will store various passwords that are used to log in company’s network and applications. These passwords may exist in mobile applications, or may also be stored directly in the mobile device’s memory. Enterprises must establish a strategy to ensure that companies’ passwords won’t be stored in cache or any application in mobile device. An alternative strategy is that if employees want to save the password on the mobile device business (even login information), they need to use information/password saving application to properly encrypt them.

Productivity decline: When employees start BYOD, they will spend a lot of time on social network, chatting with friends or do other things unrelated to work. How to solve this problem? Since many devices are connected to operator’s mobile communication network, in which case the employees feel that their equipment is not bound by corporate policy. In order to avoid this situation, you should require employees’ mobile devices switch into WiFi network provided by the enterprise when entering company. 

Insufficient bandwidth: Many companies have been concerned about this problem. Most companies believe that the enterprise network bandwidth demands will be dropped after the use of BYOD, which is a big mistake. One of the advantages of BYOD is that employees also can use the mobile operator’s network networking to work when going out, but when they returned to the office, they are likely to connect desktop and their mobile devices to the corporate network, thereby increasing the burden on the enterprise network access bandwidth. Therefore, companies need to ensure that their network access bandwidth has sufficient load-bearing capacity.

Device Management: Many companies are asking how to manage a large number of mobile devices. Because of the many types of equipment, as well as different operators, companies is difficult to centrally manage all mobile devices. But what companies can do is to establish a set of network access control mechanism (NAC), and to control these devices via MAC address for each mobile device.

Over Autonomy: Once a company implemented a BYOD strategy, which’s equivalent to tell employees and users that businesses gives them a very high autonomy. Of course, this autonomy is likely to be abused by employees or network users. Therefore, even if the enterprises implement BYOD, they should let employees know that it doesn’t mean that they can use their own equipment in any activity. If necessary, you can also require employees to sign BYOD agreement confirming that they understand their mobile devices use behaviors in the enterprise are limited.

Dec 17

Dangers in Mobile Information Age

The development of the Internet and information technology makes people step into the information age, but with the change of the information processing terminal, people also enter the mobile information era. In this mobile era, people can use their mobile information devices to connect the network anytime and anywhere, beginning their informationalized living, office and entertainment. It’s sure that the mobile situation will continue for a long period of time, because it fit people’s hope of free.

But it is this portable mobile device that brings about information and data security issues to people. How to deal with mobile device security issues has become one of most concerned things of individuals, companies and even countries. Also due to the diversity of mobile devices and information technology, the protection solutions must keep up with them, namely is able to adapt to various possible environment and safety requirements.

Mobile Device Management (hereinafter referred to as MDM), namely management of smart phones, tablet PCs and other mobile network client. Now, MDM is an indispensable measure for enterprises, because the mobile network clients are similar to traditional computer, poor management is likely to cause a bad impact on operating safety.

Smart phones and tablet computers are developed from the PDA (Personal Digital Assistant, Pocket PC), their history is not long. They can be used as a mobile network clients, the earliest portable microcomputer appeared in the late 1990s.

Mobile + Portable= Increasing chance of stolen

Owing to the small size and portability, the stolen risk of microcomputer is significantly higher than desktop computer. Most desktop computers are larger in the volume and fixed on positions in the office, they are seldom stolen if you close the door. But because of the small size of laptops and smart phones, the stolen difficulty is sharply decreased.

Many researches show that mobile phone is now more important than our wallets for people. The reason why phones are becoming so important is that in addition to its intrinsic value, the important data stored in the phone, such as scheduling, address book, and so such private information are important.

Business people tend to store data involving many business secrets in office tablet PCs and smart phones, especially in the email. E-mail specific contents are different based on each company ‘s information infrastructure, which may include unimportant chat, and may also include customer information, corporate plans, and even the contract documents. Email possibly contains passwords of common office applications.

The most frightening thing is data. Important data may be lost due to security vulnerabilities in equipment: hackers can gain access to the device, and access the data in the device. Another way is through the phishing application. As long as you download some phishing applications, they will be able to access to the data stored in your device. Apparently, users who download these applications are insufficient of vigilance. As long as the application is free, users are willing to download; they are seldom concerned about the possibility that the data in their own equipment may therefore be compromised.

The traditional Trojan viruses can also spread on a mobile platform. Even though Apple, Google, Microsoft and other companies have considered this problem in the design of operating procedures and ensure that the factory equipment is not toxic, but it’s impossible that the program has no flaws.

As the security issues come with the development of mobile technology and IT are more and more, in order to decrease the loss caused by mobile device stolen we’d better password protect the data stored in it. If the threatening objects aim at the value of data, you can use encryption solution to protect the data.

People look for freedom, while the yearning for freedom also affects their attitudes of handling things. In the face of security issues in the information age, individuals, companies and countries need encryption technology to protect files and lock portable storage devices.

Nov 19

Master Data Leak Proof Initiative with Encryption Software

Security has always been a relative concept, data security is the same. Even though it is a relative concept, it doesn’t mean that it is not important. Data security is absolutely safe, but the secure level user can select is relative.

“Users should be free to choose secure level they need. Some users may need more Internet information exchanges, their required safety level might be a little lower, a number of special populations such as children, and they need higher secure level.

But some people who are used to use network security, data security programs for free make themselves be tied up with many software ads packages when they enjoy the free service. Such kind of security program is free, while it will grasp user’s mind and decide users secure level when they choose this free program. This is equal to give the autonomy of data secure to others, or it’s just the reason why data leakage happens so frequently.  

Currently, people are paying more and more attention to information security and personal privacy. People are gradually willing to grasp the autonomy of data leak proof, but don’t want to be controlled by others.

How can we get back our autonomy of data leak proof? Where shall we begin? The answer is the data itself, as long as you control the data itself, which is as the main body of information security, once the data has been controlled, and then the information security initiative naturally will be returned to your hands.

So what if you control data itself or ensure the security of the data itself? That is file encryption software. Choose trustworthy encryption software, use its technology to automatically choose data protection method, once you do so, you get the data defense initiative for your own data, even though you want to use other programs to further enhance the security, as long as you control the data, the data leak proof initiative is still in your hands.

Multi-mode encryption is a kind of transparent data encryption technology that can offer a variety of usage scenarios and adopt a variety of encryption strategies. In multi-mode encryption mode, the user creating secret files ways include both active and passive methods, which contains at least the following modes: specific format encryption mode, specific directory encryption mode, specific format unencryption mode, specific user unencryption mode(able to modify and check other’s secret files), particular user unencrypted mode (able to view but can’t modify other’s files), USB flash drives and other external hard drive encryption mode , Network Neighborhood network encryption mode, manual encryption, full disk encryption, etc.; these encryption modes can be assigned to different users or user groups .

This flexible encryption technology that can be selected according to the user’s own requirements just meets people’s desire for the right of choice, so that people can master data security and information security initiative.

Oct 21

Establish Email Communication Network to Enhance Information Security

For the countries, the impacts caused by the issue of prism finally gradually emerged, and as a former world power, Germany finally plans to take actions on the information security aspect.

“Close the door on the U.S. National Security Agency!” German “Focus” magazine said on the 14th, the Germany’s largest telecommunications operator Deutsche Telekom Group appealed to set up a domestic email communication network to prevent foreign spies and hackers monitoring Germany local e-mail.

There’s report that since the United States the “prism” scandal disclosed, transnational Internet information and communication security has been questioned by various sectors. So far, the contents of emails transferred between Germany local users have to be sent to the destination by passing the server set in the United States or the UK. Therefore, Deutsche Telekom expressed the hope that in conjunction with other network operators to establish domestic mail communications network.

The director of Deutsche Telekom data confidentiality affairs-Mel Klein said that by this, e-mail communications between users in Germany has no need to pass the international focal point, but to restrict the data in the territory, which ensures that Germany data will not be monitored by the third party.

Deutsche Telekom has taken a step for the establishment of domestic e-mail communications network. The group has come to an agreement about providing a more secure email services framework with the German mail carrier Wed.de and GMX.de. Three companies employ more secure e-mail technology “Email – Made in Germany” to ensure that e-mail message sent by the user will be transferred with encryption technology. Moreover, all data of three carriers will only be stored on a server in Germany.

Allegedly, Deutsche Telekom has set an ambitious goal. In addition to the immediate objectives of establishment of the e-mail communications network in Germany outside, Deutsche Telekom is also proposed to extend the network to the European Schengen countries. Of course, this does not include the United Kingdom, one reason is that the UK is not a Schengen country, and the other reason is that there’s a complex relationship between the United Kingdom and the United States. Mel Klein said now all aspects have been matured, what we need is the consent of the German government and support of the network operator. But Deutsche Telekom’s competitor broadband network operators QSC said it’s impossible to determine that data is transferred through domestic or international routes.

Since there had been a history of monitoring people during the period of East Germany and Hitler’s Nazi, acts of government surveillance is a very sensitive topic in Germany. If establish a domestic e-mail communications network, the German intelligence agency may still monitor domestic data and telephone communication ​​under existing laws. Currently, the German government is authenticating on this proposal, many people expressed support.

Since the expansion of the prism’s impacts, countries are bound to introduce their own information security measures to deal with the problem, and as us, using file encryption software for data security protection is a must.

Nov 30

A Digest of Google Project Glass

People first get to know the Project Glass introduced by Google in February of this year in The New York Times. As a new type of product that catches people’s eye this Glass is more like a device you wear on your face other than a real pair of glass for it do not have the real lens on it. Then in May, at Google’s I/O conference this Project Glass is displayed with a live video feed on Youtube which showed a sky diver jump from a plane and parachute onto the roof of the conference building.

The rapid development of Facebook gives Google+ a lot of pressure so that Google is trying its best to get the attention from the public. This Google Glass invented by Google X Lab has a revolutionary meaning with the emerge of the features of video call, GPS, Internet surfing, data processing and e-mail sending, which allows you experience the fun of voice control. This is like a smart phone but not really a smart phone with so much new features of a new product.

Now, Google emphasized that Google Glass is still at a very, very early stage which I thinke so too. Many of the expected factors still haven’t been realized, including what filed that the Glass will be applied to, how the operation interface will look like, and so on. Of course, Google doesn’t want to get the public excited about some features that may not be shown in the eventual version of it. (From the conference, we got that Google is planning to offer the prototypes next year for the price of $1,500 or so, planning to sell Google Glass to the public in, some, the year 2014.)

As a revolutionary digital product with smart features, Google Glass is definitely equipped with memory card which is said to be 8G. When referring to issues concern with storage card, data security problems weighs a lot. Choosing a data security program to lock usb disk or memory card with good security strength will do a great help in protecting your sensitive data.

With different evaluation on Google Glass as far as we can seen on the news paper or on the Internet we can conclude that it’s much too soon to assert Google Glass’s success or failure in the future. Nevertheless, we can get the point that it has great potential to take place someday, and that Google is directing its development in exactly the right way in the future we may witness the scene from a fiction movie- high-tech devices make our life more convenient and full of fun.

Nov 20

Encryption is Not Omnipotent but Still Necessary

For people with valuable data and confidential documents leaving them unprotected and open is unwise and will cause irrevocable loss. So files need protection no matter when you access to them or just leave them alone. What is the best ways to safeguard data from being beamed across the Internet? Absolutely, encrypt folder or file. People incline to regard encryption method for all the issue concern with data security. This sounds quiet reasonable to some extent while there never exist a thing that is flawless.

Encryption is a good expression way of the using of cryptography. Some experts by the analysis of the theory of encryption found that encryption is not that much invulnerable technically. It works strictly according to some certain arithmetic so that it can be worked out with the right rules of arithmetic. That is to say if you lock files by encrypting them will not offer you 100% insurance of security someday in the future, it is just a matter of time.   

Encryption, at its core, it’s nothing more than replacing information with other data that makes it appear to be gibberish unless you have the key that helps you reverse the process (decrypt) so you can recover the original information.

Annoyed it may seemed, this is the real situation faced by people who are already adopted or plan to adopt the encryption method, however, without encryption the consequence is even worse. Keeping valuable data and confidential files open and unprotected will be a disaster for all the users, because those intangible cyber criminals are snooping you in somewhere you do not have any idea.

You should definitely employ encryption to protect your data whether it’s in transit across the Internet or resting safely on your laptop’s hard drive, but you should be aware that it’s just another element of computer and data security and understand that it’s not impenetrable.

In fact the encryption algorithm you use to lock folder and your data may be very strong today, but if you think deeper, after a long period of time any bored teen can crack with a few hours with their hands. Backup data may easily be forgotten and ignored, and years from now the file that was encrypted when the data was backed up may no longer be adequately protected.

Encryption has never been an easy matter for anyone, so that you can take precaution measures to safeguard your data from illegal breach or leaking in every detail. Apart from the technical difficulty in secure data permanently there are lots of thing you can do to stop unwanted reach of cyber criminals.