Dec 29

Report Said Most Enterprises Don’t Correctly Protect Sensitive Data

Trustwave found surprising data security trend in its 2014 risk status reports, which included the fact that most companies don’t have mature approach to control and track sensitive data.

 

For data security issues, enterprises have high degree of awareness of legal responsibility but they don’t figure out how to control risks by tracking sensitive data. The report interviewed 476 IT professionals in more than 50 countries, most of which were in the United States and the United Kingdom. According to the report, 63% of enterprises don’t have mature approach to control and track sensitive data.

 

“This means that many enterprises don’t know what their sensitive data is and where it is, who can access it and its mobile location,” senior vice president of Trustwave, Phil Smith, said, “This type of information is the first step of building security strategy.”

 

If enterprises don’t know what their sensitive data is and where the data is, then how do enterprises protect the data? Smith said the first part of risk assessment is to identify the location of enterprise’s sensitive data. Enterprises should know what sensitive data is, where it is and its movement and who has right to access it.

 

The report also found that while 58% of enterprises use third party program to manage sensitive data, but 48% of enterprises actually don’t deploy third party management program.

 

“Many companies (especially retail) outsource payment process to third party vendors, letting them access sensitive payment information,” Smith said, “however, they don’t know how these providers protect their data.”

 

Secure payment processing issue is particularly important, especially in 2014 so many retail data leak issues occurred. Smith recommends enterprises to communicate with their third party providers, so that each party knows what their responsibilities are in data protection. In addition, he recommends that enterprise should build secure requirements in the contract with third party provider.

 

Although enterprises may not protect all data, but Trustwave’s survey found that enterprises had high degree of awareness of the legal responsibilities. 60% of enterprises said they knew their legal responsibility of protecting sensitive data. The survey found that only 21% of enterprises didn’t have any training in secure awareness, which means that most enterprises actually had some forms of security training programs.

 

In addition, most respondents indicated that the deployment of control over BYOD was already in place. Only 38% of respondents indicated that their companies didn’t have any control on BYOD.

 

Smith said: “There are still a lot of companies do not have security policies and procedures foucus on BYOD.”

 

Patch management is an important part of corporate security, but the study found that 58% of enterprises didn’t have mature patch management process. Smith pointed out that in many cases, enterprises focus on deploying more strict access control, intrusion prevention/detection equipment and other perimeter security, but put patch repair and existing system maintenance on lower priority.

 

Another important finding of the survey is that the board of directors highly involves in enterprise security. 45% of enterprises have the board of directors or executive-level management involving in security affairs. Security is a top-down problem.

 

“All sectors of enterprises should consider security as an important issue, from IT professionals to non-technical staff and management,” Smith said, “C-level executives should not only ask their IT team whether our data is safe? It should also be asked how our data is protected? What control measures is deployed? “

Nov 24

Tips for Enterprise Data Protection

Classify Data Security

Over time, enterprise data will gradually increase, administrators tend to get a headache on amount of data’s backup. In fact, we need to classify data and then choose different backup methods to back up data.

Enhance administrator’s data protection awareness

Employees lack awareness of enterprise data protection, which results in enterprise data leak. Companies should train staff awareness of data protection, rationally assign permissions to administrators, strengthen enterprise personnel management system, which often yield twice the result with half the effort.

Prevent security problems caused by data overflow

Since the data grow rapidly, administrators lack awareness of that, lots of enterprise data result in insufficient disk storage space. Administrators must pay attention to status of hard drive storage space, and add hard drives when it needs them.

Pay attention to backup frequency

Some companies do unreasonable frequency on data backup. The frequency of backup also affects enterprise data security. Administrators should set proper backup frequency based on their enterprise business situation.

Disk temperature should not be ignored

The temperature of the disk is often ignored, while at most time disk temperature can well reflect the storage system stability, storage situation. A good administrator can predict disk operating status based on disk temperature.

Genuine software is essential

Some enterprises tend to utilize pirated software to build enterprise database in order to save costs. The platform based on pirate software is vulnerable to hackers, which will result in data loss. Companies should buy genuine software, and provide absolute protection on the first layer for enterprise.

Critical data adopts encryption solution

Data security risks are ubiquitous. Some classified database, business data should prevent illegal access to illegal access, modify and copy, etc. Data encryption is the most widely used, and most cost-effective and relatively most reliable method. Data encryption is an effective means to protect data from being stolen or modified in the storage and delivery process.

Oct 13

Shortcomings of weak password highlight, encryption software makes data in lost device secure

For documents, enterprise data, design drawing and other important information store in computer, we usually set the boot password to avoid unrelated persons’ view or steal, enterprise will also launch related training to enhance employees’ awareness of data protection. However, under many irresistible impacts, this part of risks of information security needs more attention. Since the crisis of weak password has been gradually occurred, when facing more mature hacker techniques and increasing leak phenomenon, to use file encryption software to add a secure lock to enterprise equipment can make classified data secure in any cases.

Security experts said that for the majority of ordinary laptop users, the most common-used information security defense method may be setting boot password, and they will set longer and more complex password if they need stronger safety, while in this situation, the thieves can dissemble the hard drive and read its original data in another computer. This is virtually easy.

For users having some computer knowledge, he may adopt some advanced security measures, for example, setting a password to lock computer hard drive so that you will be required for correct password every time you start the computer; and even some one dissemble the hard drive, and it’s difficult to read the original data. But with the continuous development of hacker attacks, only depending on password can’t prevent experienced thieves erasing system configuration information to break into the system to obtain classified information.

There a very important point which is often overlooked by enterprises, that is, setting password can’t completely avoid initiative leak. As both setting boot password and hard drive locking password are defense means, no matter how strong or complex the passwords are, they are useless to initiative leakers. To effectively prevent various leak events including employees leak, data leak caused by laptop loss or stolen devices, one of the best methods is to encrypt the valuable files. Classifying the users’ permission and copying protect files on LAN can avoid employees copy the company files away; besides, employees should be forced to add protection to working files store in laptop and other devices to avoid data loss caused by device loss.

Aug 25

Top 10 Security Issues Revealed in 2014 Blackhat Conference (2)

6. Insecure family router

In-Q-Tel’s CISO (Chief Information Security Officer) Dan Geer said in hacker conference that the home router was most likely to be invaded. These routers could be easily found through a network scan, which usually contained the default login information, and most people never thought of upgrading their router firmware to the latest version. Perhaps in 2014 family network security will be a hotspot for hacker attack.

7. NAS with numerous loopholes

Storage devices connected to the network even have more loopholes. A security analyst at an Independent Security Evaluators agency Jacob Holcomn said the topic at this year’s hacker conference theme is NAS network storage.

He said there’s no one device that he cannot get, at least half of the device he could intrude without authentication. Through invading NAV devices, attackers could hijack other devices’ traffic on the same network, using the sniffing technology similar to ARP. “Jacob Holcomb said in a hacker conference.

More alarming is that, loopholes Jacob Holcomb showed in hacker conference had been submitted to the NAS manufacturers, but these loopholes had not been fixed yet. And the NAS patches usually take a few months to reach users.

8. Network management procedure

Do you remember Carrier IQ that develops smart phone hidden tracking program and the chaos caused by it? In fact the original intention of this phone app was just monitoring the phone flow, and it’s just a network performance diagnose tool. However, phones that install this diagnostic tool are vulnerable to attacks. Just like Mathew Solnik and Marc Blanchou from said in hacker conference, this vulnerability could be used to execute remote code, and bypass the local protection mechanism of operating system.

The researchers said that about 70% to 90% of mobile phones sold worldwide were equipped with device management program. Some other devices, such as notebook computers, wireless devices and networking equipment hotspots, etc., were facing risks from the “Open Mobile Alliance Device Management Protocol” (OMA-DM) contained loopholes.

9. Cheap picklock

Qualsy company’s researchers Silvio Cesare demonstrated how to use cheap and easy to get components to patchwork a tool, and then use it to get a car with smart system.

Cesare said this tool can be used to open the car door, and opened the trunk. But it takes implementers 2 hours to stay in the vicinity of the car, so now the car thieves still not abandon the rowbar and turn to computers.

10. Invade Hotel

The loophole mentioned by Security consultant Jesus Molina in hacker conference is more practical. Molina had lived in five-star hotels St. Regis Shenzhen, China Shenzhen, at that time Molina cracked iPad app “ digital butler” the hotel offered for customers through reverse engineering and used protocol vulnerabilities in KNX / IP router successfully control the hall way lights. In addition to lighting, television, temperature, music in room, and even the window-blinds in more than 200 rooms in the hotel were all in control. More exaggerated, the hacker who controlled all of this even had no need stay in China.

If you need more information about individual data protection and enterprise file management, you can visit Kakasoft.

Aug 11

Top 10 Security Issues Revealed in 2014 Blackhat Conference(1)

Hackers always present their amazing skills to the public, from invading aircraft code to monitoring surveillance cameras, and then to using any USB device as attacking tool.

Even though some of the security issues are sensational in theory, but they are pioneers that uncover security risks in Internet world.

1. Quietly deadly BadUSB

A researcher in Berlin “Security Research Laboratory” claimed that they had developed conceptual tools to attack USB device firmware. When the infected USB device is plugged into the computer, it will disguise as keyboard to download malicious software.

Since most USB device manufacturers haven’t taken any measures to protect the firmware, and anti-malicious software won’t scan firmware malicious behaviors. So theoretically this vulnerability can spread malicious software owing to hard to find and difficult to prevent, and imagine how many USB devices are interacting with computers over the world, we know how terrible this vulnerability is. Fortunately, in reality we have not found attacks based on this vulnerability.

2. Invade aircraft

The consequence of another conceptual attack is more terrible. A researcher in the field of human-computer interaction, Ruben Santamarta claimed that hackers can invade aircraft satellite communication system via Wi-Fi and entertainment systems, thereby allowing the attacker to affect aircraft navigation and safety systems.

The satellite communication system manufacturer said in an interview with Reuters, the possibility of such attack and harm caused by the attack are very small, but they also said they had begun to fix loopholes.

3. Being monitored surveillance cameras

Are your surveillance cameras monitored by other people?

Two security researchers opened a $ 200 Dropcam camera, wanting to see how it works internally. It turned out that there are many vulnerabilities that hackers can make use of them to not only browse the video camera in the store but also upload to third-party video and forge to be taken by other machine. In short, hackers can hijack and take over the camera’s video stream.

Fortunately, there’s a significant adverse condition to implement this terrible security vulnerability: an attacker need physically access to your Dropcam camera. In other words, if an attacker can strut into your room and access to your camera, the security issue on your company or your room is more serious than that of surveillance camera.

4. Tor crisis

Tor provides anonymous access between the source node to the destination node for the user. However, a researcher Alexander Volynkin at Carnegie Mellon University said that with minimal cost to break the anonymity of Tor network is very possible. However, the specific implementation details hadn’t been announced yet.

However, urged on by Carnegie Mellon University, Volynkin abruptly canceled his speech at the hackers conference. Meanwhile, recently Tor’s operators also discovered a set of unidentified malicious relay node, Tor tries to decrypt the user’s identity. (Reference: peeled onion skin, deep Inside the Tor network)

5. Symantec Endpoint Protection loophole

Renowned security expert Mati Aharoni discovered three vulnerabilities in Symantec Endpoint Protection tool. These vulnerabilities could allow an attacker to launch high-level access to the victim’s computer. In other words, hackers can invade your computer through security software. Would not it be a very ironic thing?

Of course, Symantec has started repairing the vulnerabilities!

The last five vulnerabilities will be revealed in next blog post, please stay tuned!

If you want to know information about personal or enterprise file protection solutions, please visit: http://www.kakasoft.com.

Jun 03

TrueCrypt’s “Sudden Death” Results in Chaos

Recently, open source encryption software TrueCrypt warn users in the official page of the SourceForge that there’s a security risk on this tool, meanwhile, it also announced the termination of TrueCrypt development.

As the most popular free and open source cross-platform encryption software over the past decade, TrueCrypt’s “sudden death” makes information security industry that has been tortured by NSA and OpenSSL fall into chaos again. On Twitter and Facebook and other social media, “conspiracy theory” begins circulating among the security professionals. Many people believe that TrueCrypt’s “sudden death” is similar to Lavabit, which is likely to be forced to close by government departments. Some people also think that the reason is the conflict among core staffs of TrueCrypt.

Since TrueCrypt is widely used, there is a lot of individuals and businesses around the world adopt this software to encrypt sensitive data, so the “sudden death” caused by security problems also led to the close attention of the user. TrueCrypt’s supporters raised $ 70,000 for the TrueCrypt security audits.

TrueCrypt has announced to stop product development, and its official website to jump to the SourceForge page and persuade the users to select other encryption software.

To choose what kind of products to replace TrueCrypt has become a sharp topic among security experts. In addition to BitLocker recommended by TrueCrypt, the master of cryptography – Burce Schneier recently revealed on blog that he personally has switched to use Symantec’s PGPDisk encryption software.

Schneier points out, there are two reasons why he chose full-disk encryption tool PGPDisk: one of which is easy to use, the other is that he trusts Symantec Developer (Schneier himself is a member of the Technical Advisory Committee PGP Corporation). Schneier believes the advantages of full disk encryption are that you don’t need to worry about various hibernation files, swap files, temporary files, browser Cookies and deleted files in disk. If you lose the hard drive or laptop, you just need to tell the boss: “Don’t worry, the entire disk has been locked.”

Now you have many choices about file encryption, now you have very few choices about file encryption. Since nowadays the data theft and data leak accidents frequently happen, individuals and groups including commercial companies all focus on data security. If you want to protect important and sensitive files, you’d better adopt encryption technology to encrypt these files with password. It’s important for you to choose an effective and easy-to-use file encryption program, for which is directly related to your file security.

Apr 01

How to avoid failure of network security equipments deployment? (1)

The enterprise network is rapidly developing! Some of the groups began to clean up phone and tablet and refuse the internet connections from coffee shops and train connections (as a WAN link).

The concept of the extended enterprise brings about more and more severe problems to IT security portfolio, because their sensitive data and valuable data frequently flow out of the traditional network boundaries. In order to protect enterprise from the persistent threats of diverse and low-end low-speed adaptability, IT enterprises are deploying various new network security devices: the next generation of firewalls, IDS and IPS devices, security information event management (SIEM) systems and advanced threat detection system. Ideally, these systems will focus on management, following a centralized security policy, as a part of a universal protection strategy.

However, when deploying these devices, some common mistakes in enterprise will seriously affect their ability of universal protection. This article will introduce some problems which should be noted in the planning and deployment of new network security equipment, and how to avoid related problems that may lead to the failure of defense in depth.

A maximum error is assuming that the security device itself is secure. It’s apparently easy to understand, but we must insist on this footing. How secure is the so-called “enhanced” operating system? What’s its latest status? And how secure is hyper stable “Web server”?

Before starting any job, you must create a testing plan to verify all network security devices are really secure. The first is to start from some basic tests: do you timely upgrade, install patches and fix bugs on each device and their supporting network, server and storage infrastructure? In accordance with the currently known vulnerability information clearing-house you must be sure to regularly upgrade and install equipment patch.

Then, turn to aspects that are more difficult to handle: periodically assess potential weaknesses on multiple device configurations. The inappropriate dement sequence of encryption system and application delivery optimization (ADO) will also cause data leakage, even if various devices can operate properly. This process can be carried out in conjunction with penetration test.

For any safety equipment, management/control channel is most prone to have vulnerabilities. Therefore, the most important thing to note is how you need to configure and modify secure devices and who are allowed to carry out these configurations. If you are ready to access the secure system via a Web browser, the security device will run a Web server and allows Web traffic in and out. Are these flows encrypted? Whether it needs to use a standard port? Whether all the devices need to use the same port (so the intruder can easily guess)? Is it accessed by a common network or a separate management network connection? If it belongs to compile the connection, then any host that send traffics through this port may attack this device. If it’s on a managed network, you only need to worry about other devices on the network.

Best scenario is that if you can’t directly access the device, you need to ensure that all configuration changes must use encryption and multi-factor authentication. Moreover, it’s necessary to closely track and control identity information of equipment management to ensure that only authorized users can gain administrative privileges.

For more information about network and computer security information, please visit: www.kakasoft.com

Mar 24

How do individuals avoid NSA global network monitoring?

The massive surveillance data center built by NSA in Utah desert can screen and analyze most global network traffic from location, audio and video files, emails, social network and other digital documents. Of course, the organization that’s able to track our digital trail is not only NSA, at this privacy streaking era, all kinds of government agencies and commercial companies can master our words, conducts all the time. As a ordinary netizen, is there a reliable self-protective method?

Earlier this week, “Washington Post” has given five pieces of personal information security advice for escaping from NSA surveillance, including using Tor to surf the Internet, using Silent Circle to call. In fact, the Internet personal privacy problems are not limited to the NSA surveillance, in the past several years, the Chinese Internet companies user accounts massive disclosure and the threats to personal privacy and finance from Android phones’ malicious apps make customer privacy self-protective measures imperative.

At the age of anti-virus software is all free and invalid, everyone should understand the skills about personal privacy protection.

1. Use Firefox encryption plugin Tor to anonymously browse

To use Tor for anonymous browsing can prevent website browsing data from intercepted, so all kinds of insatiable Internet companies do not know what kind of ads should be pushed to you, NSA will also don’t know whom you are communication with. The whistleblower Snowden of NSA was photographed using Tor on the Internet.

Tor is a free Firefox anonymous browsing plugin, which’s able to encrypt network traffic data and can be used with Firefox browser on PC, Mac and Linux platforms. And encryption is at the expense of some of the browser’s speed.

It is noteworthy that Tor is not foolproof, for example in 2011 the hackers attacked Dutch certification authority NigiNotar, and created a lot of Facebook, Google, Skype and Tor fake digital certificates, the purpose was to monitor the Iranian Internet users. Similarly, according to Arstechnica reports, papers of USENIX Conference, the researchers also found that there are loopholes in Tor, which can be used to identify Bittorrent user’s identity.

2.  Use OTR app to encrypt chat

Snowden used a type of unknown OTR chat app when accepting the interview with the Guardian, this application can encrypt chat data, many free client support OTR, including Cryptocat and Adium of Mac OSX and IM+ for Android smart phone and iPhone.

3.  Use Silent Circle to encrypt voice and email, etc.

Silent Circle is a US native brand new personal communication encryption service, Silen Circle company announced that its four services would cut price while the NSA monitoring action burst, and these services include mobile phone voice encryption, text messaging encryption, VoIP voice and video call encryption and email encryption. This company claimed through an independent audit it ensured the services provided have no back door.

It is noteworthy that both the communicating parties must be users of Silent Circle if using Silent Circle encryption service. For those high-end business users who worry about information leakage, Silent Circle’s encryption service is very attractive.

4. Android mobile phone users use Redphone to encrypt calls and SMS

Android users are lucky, WhisperSystems company’s open-source software Redphone and TextSecure can provide security call and SMS encryption function. Similarly, both communicating parties must install Redphone clients. Thereinto TextSecure is used to encrypt text messages.

Redphone and TextSecure currently both have passed third-party audit to ensure that there is no back door.

5. Use PGP to encrypt data

PGP and the open source GPG that’s similar to PGP can be used to encrypt data and e-mail, these two software programs need a little bit knowledge to use, Snowden even had to make a teaching video for the Guardian reporter Greenwald.

6. Turn off phone, remove the battery

This approach sounds a bit radical, but this behavior when you don’t use mobile phone can prevent phone leaking your location information to mobile base station nearby. ACLU chief scientist Christopher Soghoian told the “Washington Post”: “laws of physics tell us that you cannot hide your location information to mobile operators.”

7. Stop using Windows and Mac OS operating systems

I believe that changing operating systems is a difficult decision, but considering that Microsoft has officially acknowledged having submitted global users data to NSA, the backdoor of operating system has become a real and serious problem. If you want to escape from “Matrix” and acquire free network user identity, you need to consider various versions of Linux including Ubuntu.

For ordinary computer users, information security including communication information and information placed in computer should be both considered. You need to try methods above to improve your information of communication security level, and for the information in computer, you can use third party tool file encryption program to set password to your folders.

Feb 24

How Does NSA Almost Kill the Internet? (1)

《WIRED》 published a long article that tells the story that after the exposure of NSA massive surveillance activities, the Internet giants Google, Facebook, Microsoft and other technology giants have to confront with the government for their survive.

This is just a start of the chain reaction that will threaten the Internet industry basis. This topic has occupied headlines for months, and has become a hot topic of technology circles discussion. Over the years, technology companies’ privacy policies adopt subtle balance between maintaining the users’ privacy and providing personal data to government agencies. This field is new and is in controversy, sometimes it will erode the existing laws, while in the past, and these companies have made a difficult balance in the progress of promoting the policies. Technology companies suddenly find themselves caught into a fight which’s bigger than a battle involved in over share on Facebook or ads issues on Gmail. Over the past few months, they find that they have to fight with their governments for the future of the Internet.

Joe Sullivan, the Facebook’s security chief said, “We spent ninety minutes to respond.” Nobody’s heard of Prism project. And the worst is that Facebook and other technology companies are claiming to authorize the NSA to directly access to their server to get a huge amount of information, which seems completely wrong. CEO Mark Zuckerberg was shocked by the claim, and asked his executives whether this issue is true. They answered: NO.

Similar panic dialogue also occurs in Apple, Google and Microsoft. Google’s legal counsel Kent Walker said: “We are asked by the people around us: Is there any secret way to get information?” We said: NO.

Nevertheless, the Washington Post launched and described the Prism project. Technology Company quickly issued a statement to deny that they authorized the U.S. government directly into their user database. Because sometimes the secret court will order technology companies to participate in government projects, these projects require them to share data, but they are often reluctant to participate in, and the fact makes the technology’s statement complicated. Google and their partners did not talk about all the details of this issue, this is partly because the laws prevent them from full disclosure, and on the other hand, they don’t understand the government’s actual operational details of this project.

Before President Obama stepped in the issue, they have little time to plan out how to respond to Gellman’s allegations. President implied the Prism project when he responded to the leak problem, he said: “In terms of the Internet and e-mail, the matter did not involve U.S. citizens, nor people live in the United States.” The answer might alleviate some of the public outrage, but it did not play a helpful role for the IT industry. Most users of Apple, Facebook, Microsoft and Yahoo are non-US citizens. Now these users as well as regulatory agencies are directed to believe that using the services based on the United States means that their data will be directly sent to the NSA.

Technology giants spent years to establish trust which is now at the risk of bursting; however, they seem powerless to do anything for this. Legal restrictions makes them are not at liberty to provide complete documentation of their cooperation with the government, so they can only deny. However, even the most resolute denial – from Google CEO Larry Page and chief legal counsel David Drummond – cannot suppress the query for them. In the Q & A Drummond anticipates in on the Guardian website later this month, his questioner become more hostile:

“Whether this quiz is just a superficial after you are found the collusion with NSA?”

“If Google lies to us, then how can we say?”

“Google, you lost the trust we have given you for ten years.”

“I will stop using Google mail.”

Other companies are also facing such a siege. A company executive said:”Every time we talk about it, it seems that the things will be worse. We are more than not being trusted.”

Facebook’s global communications director Michael Buckley said:”The fact is that the government failed to turn the monsters back into the bottle, we can come up with any statement or statistics, like the government’s weekly routine disclosure, but the problem is that who will believe us? ”

In September last year, Facebook’s Zuckerberg expressed his disgust when attending a technology conference. He said “the government screwed up.” But the government’s actions, and after the world knew the wider information leakage, Zuckerberg, Page, Tim Cook, Marissa Mayer, Steve Ballmer and the other supervisors that have stored user information on their server are in trouble.

More than the revenue is at stake. The concept of maintaining the technology world is also at stake.  The Internet once came from a U.S. Department of Defense project, now it turned into World Wide Web that inspires a new era of civilization. Snowden’s leak questioned the Internet position that is characterized by free expression and authorization. If the network is regarded as an extension of the monitoring means, then the paranoid behavior brought about by it will affect the way people use the Internet. The countries that are angry for the U.S. intelligence agencies gathering information behavior have more reasons to use Snowden’s disclosed information to require U.S. government to stop collecting information, while the U.S. intelligence agencies will not easily give up collecting the information of these countries. Enterprises in the implementation of business activities will make the network Balkanization, destroy its open nature, and thus significantly improve operating costs.

For more information of data security and information protection, you can visit: www.kakasoft.com

Feb 17

Anti-Monitoring Battle is A Protracted War

The outbreak of the American “Prism” makes us know that we are living in a “monitored” era, and this monitoring action is s desecration of free network and absolute violation of the public information security. Monitoring of the information age is different from the traditional monitoring; the traditional monitoring refers to the fact that for some purpose, someone monitors somebody else through video surveillance or other camera recording methods, while the monitoring activity of the information age is equal to data theft, data monitoring or even data control.

Traditional monitoring is mainly caused by the distrust of individuals, businesses, and even government to some certain persons or groups. For the interests of certain groups, this behavior is understandable. But today’s network is a free world, there’s no individual, enterprise or even country that’s allowed to imprison its freedom. Anti-monitoring is the first step to confrontation.

The anti-monitoring battle at information age is actually a protracted war on information security, which needs people to know more about information defend technology, or even take measures to deal with the deteriorating International information security situation.

On the network, a serious network security error people most likely to commit is: Connect the public Wi-Fi and log on to your e –mail, bank account and other sensitive account information. If this situation is unavoidable – after all, you are in most of time in cafes, hotels, airports. You can consider buying a virtual private network; hence you can significantly improve the privacy protection when accessing the public network.

VPN, as an encrypted tunnel, can prevent bad guys from stealing your login information and other sensitive information.

Don’t put personal information in the cloud, and it should be encrypted even you must. The online file synchronization service like Dropbox, Google Drive and SkyDrive can be described as the best innovation of the Internet. However, when you conveniently view the latest photos stored on Dropbox, or easily find relevant text files on iCloud, you need to know that the data you stored on the server’s data is not encrypted.

This means that the relevant government law enforcement officials can readily obtain these data you stored. The hackers can also find security vulnerabilities on server suppliers.

For some sensitive data and information you need to synchronize across devices, the better choice is to use an encrypted cloud storage services. Of course, there is a more simple way- to find a file synchronization service with built-in storage encryption.

To ensure your online service security, you need to set a unique, random, tem or more-character password for every account. Don’t forget store them in a good password manager. For better security, please use the double-factor authentication provided by Google, Facebook and all the other services.

Double-factor authentication requests you in addition to enter the password, also need to enter a short numeric code. This code is usually from a physical FOB or smart phone app.

Dropbox, Evernote, Google, LastPass and Microsoft accounts adopt validators automatic work. And Facebook provides it owm code generator on its social network app, meanwhile, you can add Facebook code validator through Facebook account settings. In Facebook news feed page, click on the gear-shaped setting button on the top-right, and select account settings.

For the files stored in own computer or external storage devices, you mustn’t ignorance their security. They may be stolen or leaked to others even though you set boot password for your computer. To prevent the data stored in local computer and flash drives, you’d better lock files with password so unauthorized users can’t access without permissions.

At Information age, the value of the data will still be rising. As long as the mainstream of this era is still information and the Internet, the scramble for information resource won’t stop, the monitoring and the anti-monitoring won’t stop. In order not to damage their data security, it’s necessary to adopt targeted encryption software to guard the security bottom line.