cybersecurity

Technology as a tool to help protect your online privacy

by

It’s no secret that technology has made us more connected but also more vulnerable. To regain our online privacy, there are different complimentary methods. One way is to limit our online exposure by avoiding to post personal info. However, since we can’t practically live in a cocoon, we might as well embrace the power of technology by using it to better protect our digital lives.

As the founder and CEO of a cybersecurity company, I spend a considerable amount of my time focused on ways to protect both the online privacy of my customers, my team, and my own. It’s a bit like the surgeon who has seen so many car accident injuries: I am on guards for whatever new way hackers are inventing to steal people’s personal and professional information, and in awe of the damage they can inflict to someone’s reputation, financials, business and family. While we look for new ways to protect from new attacks, it’s also astounding how well-known “old” attacks are still in use, because so many people still are either not much aware of the online dangers, or forget to use basic protection means.

Of course each day it’s becoming less likely not to have at least some kind of awareness (think of the headlines about cyberattacks) and yet many individuals and even some companies think it won’t happen to them…until it does. In fact, most companies don’t find out until 6 months after the facts, that they have been hacked.

The two dimensions of data protection and online privacy:

There are two main dimensions to data protection and online privacy: one is to protect the perimeter, i.e. not to let the bad guys into your house, by locking the windows, the doors, and having good walls (that would be the real life equivalent of firewalls and intrusion detection systems). This is hard and in fact the bad guys tend to be one step ahead. The other dimension would be making sure that each of your precious jewelry is protected by a separate vault, and that only you have the key to each vault. Simplifying a bit, this is the real life equivalent to data protection via encryption.

The good news is that so far it’s the good guys who are winning the encryption battle. Of course there is a caveat: it depends what type of encryption you use (algorithm, key length, etc.) and how you implement it. Continuing the analogy: you should have a vault that is thick not thin, that has a sophisticated lock not a basic one.

Encryption: a strong tool for your online privacy. Now it’s even easy to use!

It used to be that using encryption was a hard thing to do, and thus only reserved to geeks. This was the traditional conundrum between security and convenience, where security traditionally came at the cost of usability. And we all know that if something that provides security is hard to use, people end up not using it and reverting to easier, less safe behaviors. Not any more. Several cybersecurity companies are working at making the life of their users both more secure and still very easy. It’s our case too.

At Syneidis we have created HushApp, which allows any user, without needing any technical skill, to easily and safely store any file (whether photos, PDFs or financial excels) in a very safe digital box, where each one is protected separately. It also allows sharing files in an easy way via the web, but with the important extra layer of protection, transparent to the user, which ensures that only the intended recipient, and no one else, will be able to watch the private information. This is of course one example only. Besides protecting your file, one should consider using a VPN, a firewall, etc.: security is a global matter and no one solution could cover all the angles.

People are the weakest link in online privacy protection. Are you?

In fact, while we ought to embrace technology tools that allow us to protect our online privacy, we need to be aware that unfortunately the weakest security link still tends to be…people themselves. So please be among the prudent ones: do you really need to post that photo on Facebook, which will tell burglars that you are not at home? Should you really send this excel with financial data by email or via some free cloud service? Should you really sync my phone camera’s gallery to Apple or Google clouds? I’m sure you know very well the answer to these three questions…But there are many more…How well would you fare on a cybersecurity awareness test? You can find out here with this short test whether you are an expert or a dummy in online privacy.

Kind regards,

Frederic Thenault

Read more related articles here.

IoT Cybersecurity: 10 tips to protect the security of your home

by Leave a Comment

Talking about IoT Cybersecurity should not be surprising these days. The popularity of the Internet of Things (IoT) has increased dramatically and is taking over our homes, but as the Smart Home trend grows, the possibility of a cyber attack through one of these devices increases.

According to a study by Gartnet, there are more than 5 million devices connected today and the trend is growing. On the other hand, it is estimated that by 2020 the IoT technology will be the target of more than a quarter of all cyber attacks.

To start protecting your devices and prevent a possible cyber attack, just follow these simple IoT cybersecurity tips that we show you below:

10 tips on IoT Cybersecurity

1. Use different passwords for each device. Just like any other service, remember that each password works like a key, you do not use the same key for more than one door. Make sure they are complex enough so that they can not be discovered so easily.

2. If it is possible to use more than one router. Considering that most people generally connect everything to the same network, it means that this one connection has more doors opened through which it might suffer an attack. It also means that once in, the attacker has access to the whole network.

3. Protect your phone, since from there you will access the rest of the devices in the home. Use passwords and any other protection systems that you consider necessary.

4. It is not necessary to connect all the services of the device to the internet if you are not using them. For example in the case of a Smart TV, disconnect the camera or microphone when you
do not need it.

5. Make sure none connect automatically to open Wi-Fi networks. Manually configure them to connect only to the network of your choice, and make sure they are programmed to do it only when you want.

6. It’s much better if there is some way that your IoT devices can send and receive your data in an encrypted way.

7. Do not buy products that are not compatible with one another, or that can no longer be protected.

8. Buy only brands of known manufacturers and have a good reputation in the market. Cheap is expensive and even dangerous.

9. Avoid buying used devices, they can come with some malware installed.

10. Update the software of the devices regularly. In case the devices don’t update automatically, do verify it manually. Do not use equipment that can not be updated.

Cybercriminals have everyday more tools to attack and access our personal information, so we must not make it easy for them. IoT cybersecurity should be as fundamental as in any other device, software or service that you use in your day-to-day life.

10 Cybersecurity tips for gaming consoles and online video games

by 2 Comments

Cybersecurity is no game when it comes to the video game world. Like other electronic devices, they run the same risk of suffering from a cyber attack due to their internet connectivity. The following article will offer a few cybersecurity tips so that you can exercise security and caution while playing your favorite video games.

The dangers are the same as those that face any device. Through your video game console an experienced hacker can access personal data, credit card information or even violate your privacy through webcams. The problem is that most users of these devices are unaware of this risk, and do not take the appropriate measures.

Hackers and online video games

Video games allow interaction with other players, a tool that improves the gaming experience through competitiveness, however, this space exposes the user to possible attacks leading to private data and information loss.

Stealing virtual money, stealing player accounts (pishing), theft of personal data/credit cards, or even losing control of one´s device through malwares are the main objectives of a hacker in the world of video games.

Children are the most vulnerable to attract a hacker, they do not maintain the same level of caution and are unaware of where they are clicking. This can lead to downloaded viruses, or worse, data theft.

Cybersecurity tips for  gaming consoles and online video games

Therefore, it is advisable to follow some basic cybersecurity measures for video games and online games. These will allow you to continue enjoying the game with peace of mind. Here are some tips:

  1. Do not reuse passwords used in other games or devices, because if it is compromised, they will have access to other services.
  2. Eliminate the protection measures predetermined by the manufacturer, change them and adjust them to your specifications.
  3. Do not trust any notification that asks you to change your username and password.
  4. Download the games from the official websites.
  5. In the case of computers and mobile phones, always keep an updated antivirus.
  6. Avoid entering your credit card information, unless it is strictly necessary.
  7. As for children, establish strict parental controls to prevent them from entering unknown pages or links.
  8. Inform children of basic notions of cybersecurity that are appropriate to their age.
  9. Monitor and control what the children in your charge access on the internet.
  10. Protect important files that you save on the mobile devices you use to play. You can use HushApp and ensure that your information will be safe.

There is no doubt that these games provide entertainment for the whole family, however, we should not lack awareness when it comes to cybersecurity in video games. We can all be victims of cyber attacks.

Welcome to HushApp: your privacy app

by Leave a Comment

Are you worried about the idea of ​​someone unwanted accessing your images, videos or private documents?. We want to show you a new solution. We introduce to you the HushApp, an application that will simplify the way you protect your files.

Every day our digital files grow in vulnerability; no one is safe from becoming the next cybercrime victim. This is why cybersecurity is growing in relevance both personally and professionally.

What is HushApp?

HushApp is an application that helps you send and store any file in an easy and secure way. How we do it? using an end-to-end

encryption system that secures your files locally, remotely, and in transit. To increase your security, we add a military grade encryption type, giving more strength to the service.

HushApp uses zero knowledge technology, with guarantees that we don’t have access to your files, only you know what you are sharing. We also don’t store your passwords making it impossible to restore, which is why we recommend you don’t forget it.

Only you have the control, you can: send files to any person regardless of if they use the app or not, choose transfer expiration dates, attach messages to your recipients, and so much more…

Do you want to know more how HushApp works? Watch this simple tutorial

HushApp for business

Thinking in terms of the business world, we have the small business plan. Here you have the option to invite other users and give them certain permits. In addition, you can control their activity and know what and when data is moving in your organization.

How can we help your company?

Recently, the European Regulation of Data Protection (GDPR) was approved. Companies must now reconsider the security with which they handle data currently. The HushApp adapts its functionalities for environments where handling confidential information is routine. That is why we support you in everything related to:

  • Transfer confidential files
  • Exchange files in multidisciplinary teams
  • Increase credibility in your business
  • Protect intellectual property
  • Control access and management permits
  • Comply with GDPR requirements
  • Manage users and teams
  • History activity and transfers

Hushapp can be used many different business sectors including but not limited to: marketing and sales teams, research and development, creative sector, legal sector, health, education, and administration among others. These are just a few entities that will benefit from our service.

Summarizing: HushApp gives you access to features that will make your life online easier and safer. We offer:

  • Secure storage of any type of document: photos, documents, presentations, videos, among others.
  • Share files securely with other contacts, whether they are HushApp users or not.
  • You can use it on mobile, tablet or computer.
  • Track your sent and received files
  • Connect with your colleagues, friends and family.
  • Enjoy send and share files safely 🙂

We invite you to try HushApp

The CISO new figure and its role in corporate cybersecurity

by Leave a Comment

Cyberattacks are increasing in business sectors; the more connected to the internet companies are, the more vulnerable they are to attack. With this imminent threat, entrepreneurs are aware of the fact that it is if, but when they will be attacked. It is for this reason that many companies are beginning to hire a new staff figure: the Chief Information Security Officer (CISO).

Although companies recognize the potential damage that a cyberattack can bring, statistics indicate that corporate leaders are not taking the necessary measures to protect themselves.  

One of the reasons why necessary measures are not taken is the lack of knowledge regarding the directive itself. The National Association of Corporate Directors (NACD) published a survey to more than 600 directors and professionals of corporations, they found that only 19% believe that their boards have a high level understanding of cybersecurity risks.

However, they are aware of the biggest risks that a cyberattack could bring. A study was conducted by BAE Systems among 300 managers of companies in the United States. It found that 85% of those surveyed mentioned reputation lost as the most serious consequence of a leak, while 74% considered the legal repercussions as their second largest concern.

Taking the appropriate security measures not only involve resources, qualified staff and technology, it’s also about having the ability to manage them with astuteness. That’s why it is important to determine the role of the Chief Information Security Officer (CISO) as they attempt to keep the interests of the company safe.

What are CISOs facing?

Restrictions on the implementation of security processes in response to app vulnerabilities, mobile device use without security policies, insufficient staff for IT security, and adequate software for confidential files protection are some of the reasons for deficiency in the cybersecurity field.

We should add the need of a CISO to convince the directors board of possible consequences of a cyberattack in an environment where administrative sector is generally given priority.  

Considering the legal responsibility for a security crack that affects customers and how it will correspond with the company’s management. It is necessary to know in depth what is done in this department and how to integrate it with the business strategies of the company.

Establish a cybernetic culture throughout the company

This solution goes beyond understanding security protocols, it is also ensuring that the board of directors establishes a strong professional relationship with the CISO. This will help the board understand the cyber threats, implement appropriate security controls and at the same time promote cybersecurity culture.

A Harvard Business Review research found that 9 out of 10 CISOs are directly linked to the highest management team, half of which belongs to the management team.

Another interesting suggestion is encouraging the involvement of the CISO in the business initiatives. This allows their risk assessments to be taken into account before and during the analysis of results.

On the other hand, to promote  an effective safety culture, it is necessary to have appropriate technology that allows the team to keep up with cybersecurity. Currently there are tools designed for managers that allow them to control the flow of sensitive information inside the company.

Cybersecurity challenges are increasingly difficult, therefore it is task of all staff to carry out appropriate safety measures. It is no longer the responsibility of the IT department, it is necessary to involve and create cybersecurity culture throughout the team, and managers should be example to follow.