cyber security Archives - Foster Institute

Protect Sensitive Data on USB Drives and Memory Sticks if they are Lost or Stolen

Mike Foster — Fri, 18 Feb 2022 00:00:38 +0000

People sometimes lose or misplace USB memory sticks, SD Cards, External USB hard drives, and other external storage media. Help protect your data from prying eyes and cyber thieves by encrypting the drive.

On Macs and Windows, encrypting an external drive can be as simple as right-clicking on the external drive’s icon and selecting the encryption option.

Two golden rules:

1) Be sure your files are backed up elsewhere before encrypting a drive.

2) Be sure to save the recovery key in case you forget the password.

Encrypting individual files is helpful to protect your data, but attackers can still read the filenames and deduce information. One advantage to encrypting an entire external drive is bad actors cannot see the filenames when you encrypt an entire external drive or memory stick.

I intend to make you aware of the importance of encrypting external drives and not go into technical details. So, you’re welcome to skip the following information. If you encounter errors encrypting drives in the simple method above, there are many details. For example:

Windows: One way to encrypt drives is using BitLocker. If you have Windows Home edition instead of Pro, you cannot encrypt drives, but you can unlock and use encrypted drives. All editions of Windows support the “device encryption” feature.

Macs: You can use an encryption utility called Filevault2. Alternatively, you can encrypt drives when you format them. If you have a Mac with an Apple CPU, some users experience losing access to the data on the drive after encryption. Apple will fix that soon if they haven’t already.

Hopefully, you won’t encounter any issues when you encrypt your external drives and help protect the data from anyone who steals or discovers a misplaced drive.

The post Protect Sensitive Data on USB Drives and Memory Sticks if they are Lost or Stolen appeared first on Foster Institute.

Zoom Security Settings – The Concise Details

Mike Foster — Wed, 08 Apr 2020 16:50:02 +0000

Zoom has many security settings. This is a detailed but concise guide to the settings and how they work.

Update: The information in this video is applicable and useful now. As of April 27, Zoom v5.0 is making security improvements and moving settings. Once Zoom’s settings are stable, we’ll update this video. The video applies to the paid version of Zoom. Login to the Zoom website to set your security settings.

Fasten your seatbelt. There are lots of security settings in Zoom. You must change default settings to help close the doors to hackers.

To access the account settings, sign into the Zoom website, click on your account on the far right of the top bar. You can also select a link to Account Management, under which you can reach the Account Settings.

The free version of Zoom lacks some essential security controls. In the paid version, the best place to start is, in the left-hand column, under ADMIN, select Account Management > Account Settings. By default, you’re already on the meeting tab.

One of the first things you’ll notice is that some settings have a lock symbol next to them. Zoom allows you to configure settings at an account level, group level, and user level. Here, at the account level, if you click the lock icon, that setting will override the group and user settings.

HOST VIDEO: Disable this setting so the host will start meetings with their video off. The host will be able to show their video when they choose.

JOIN BEFORE HOST: Disable and lock the setting that would allow others to join the meeting before the host arrives. Never let anyone start communicating until you join to moderate the conversation.

USE PERSONAL MEETING ID (PMI) WHEN SCHEDULING A MEETING: You may not know it yet, but Zoom sets up a private meeting room for you that runs all the time. Your Personal Meeting ID, abbreviated PMI, is the Zoom address to your room. You want your PMI address to be confidential. Disable this setting.

USE PERSONAL MEETING ID (PMI) WHEN STARTING AN INSTANT MEETING: Disable this too for the same reason.

ONLY AUTHENTICATED USERS CAN JOIN MEETINGS: Enable this to add more protection if you meet with coworkers and other people you know who have Zoom accounts. However, you might choose to disable the setting if you will meet with clients, prospects, or anyone else who might not have Zoom accounts.

REQUIRE A PASSWORD WHEN SCHEDULING MEETINGS. Enable this option for all meeting types. Jot down your PMI password.

Here’s a tip. In case you are ever in a meeting and need to know the password quickly, click on the icon to invite someone, then Zoom displays the meeting ID at the top and the meeting’s password on the lower right corner of your window.

EMBED PASSWORDS IN MEETING LINK FOR ONE-CLICK JOIN: Leaving the setting enabled means the invitation’s link to the meeting includes a built-in password. Invitees are not prompted for and do not need to know the password. That means you can require passwords, and your clientele doesn’t even need to know.

However, embedding the passphrase inside the invitation exposes you to risk. If an unauthorized person obtains the email message, then they, too, can authenticate to your meeting without needing to know the password. If you disable this setting, tell everyone in the meeting the password through some method other than email.

REQUIRE PASSWORD FOR PARTICIPANTS JOINING BY PHONE: Enable this if you want to protect against unauthorized callers.

MUTE PARTICIPANTS ON ENTRY: Enable this, not only for security but to protect the meeting from background noise near a participant.

CHAT: Disable this setting here. If an unauthorized person joins the meeting, you don’t want them to send disturbing chat messages for all to see. If some sessions require chat, do not click the lock.

PRIVATE CHAT: Disable private chat. Protect your participants from unwelcome interruptions from others, perhaps uninvited participants.

PLAY SOUND WHEN PARTICIPANTS JOIN OR LEAVE: Enable this setting to avoid being surprised to find out someone joined, and you didn’t notice. Check the box if you want to require telephone participants to record their names for an announcement when they join.

FILE TRANSFER: Disable and lock this setting. Blocking file transfers helps stop the spread of malware and potentially offensive content.

FEEDBACK TO ZOOM: Disable this feature.

ALLOW HOST TO PUT ATTENDEE ON HOLD: Enable and lock this setting for when you need to have a conversation without everyone listening.

ALWAYS SHOW MEETING CONTROL TOOLBAR: Enable this setting to make your life easier.

SHOW ZOOM WINDOWS DURING SCREEN SHARE: Disable this setting. Unless you are training people to host Zoom, no one needs to see what the host sees.

SCREEN SHARING: Unless you need people to show what’s on their screens to everyone during the meeting, set sharing to host only. If participants can share, there is a risk that someone, perhaps an uninvited participant, could show unwelcome content.

DISABLE DESKTOP/SCREENSHARE FOR USERS: Zoom allows the sharing of an entire monitor or sharing just one program’s window. Enable this setting if you want Zoom only to show the program window. This setting helps protect your participants, and the host, from accidentally sharing sensitive information somewhere on their desktop.

If, however, someone plans to use PowerPoint in presenter mode, disable this feature so that the host can share the whole monitor for displaying the slides.

ANNOTATION: Unless annotation is essential for your meeting, disable it. Turning off annotation prevents an uninvited participant from interrupting the flow of the meeting by placing images all over the screen.

WHITEBOARD: Unless you need the Whiteboard, disable it for the same reason you disable annotation.

REMOTE CONTROL: Unless you need participants to let others remotely control the shared content, disable this feature.

ALLOW REMOVED PARTICIPANTS TO REJOIN: Unless you think you might accidentally remove someone from a meeting, disable this feature to tell Zoom to keep them out.

FAR END CAMERA CONTROL: Disable this setting unless you want someone else to take control of your camera during your meeting.

VIRTUAL BACKGROUND: For security and privacy, tell workers to hide what is in their home office. Your workers can use a green screen backdrop, some attach to the back of chairs, but Zoom can usually differentiate between them and their background either way.

ENABLE IDENTIFYING GUEST PARTICIPANTS: This setting makes it easier for people who belong to your account to identify a potential intruder.

ALLOW USERS TO SELECT ORIGINAL SOUND IN THEIR CLIENT SETTINGS: Enable this feature. It isn’t so much for security as for sanity. If a participant’s voice is garbled, they can select original sound. Then you may be able to hear them.

WAITING ROOM: This is one of the most important and useful security settings in Zoom. Enable and lock this setting so that when participants try to join the meeting, they are held in a waiting room until the host permits them to enter.

Go back up to the top of that very long page. You’ll notice three headings: Meeting, Recording, and Telephone. Click the word Recording to move to the recording tab.

LOCAL RECORDING: Local recording means a participant can save the meeting to their computer. Disable the setting for confidential meetings. Otherwise, an unauthorized person could access that recorded file. A security risk is that the user could store the data in the cloud without a password.

CLOUD RECORDING: Unless you need to have a recording of the meeting, disable cloud recording too. In theory, cloud recordings are more secure since the users don’t have a file they must protect.

You’ll find many additional options. You might want to involve your IT Professional to help you choose the settings.

Scroll back up. Look in the left-hand column under PERSONAL and click on the Profile settings:

PERSONAL MEETING ID: Leave the random number alone. Zoom sets up a private meeting room for you to use anytime, and that PMI is the address to your room. Don’t make it easy for someone to find your PMI address. It is tempting to make your PMI match your phone number, but don’t.

In the left-hand column on the screen, skip down to Personal > Settings. On the Meeting tab, confirm that the host video is off and that Join before the host is disabled too.

Now go back up in the left-hand column to your Personal > Meetings settings, click on the Personal Meeting Room tab at the top. Confirm the settings match what you configured already. Essential settings include a green checkmark for Mute participants upon entry and a green checkmark in front of the Enable waiting room setting.

If you have other users and groups, Zoom suggests you review their account to verify the settings took hold.

When you schedule a meeting: Meeting ID: Generate Automatically. By now, you know to keep your Personal Meeting ID private except for a few people you trust.

Last, you can check for Zoom updates. Open your account settings by clicking on your account icon. Then select the option to check for updates. Zoom makes updates that improve Zoom’s security, but the updates do not help you until you install them.

To help protect your Zoom meetings, watch other videos that cover concerns about using Zoom, configuring the two-step login feature, and a video run-through of settings for paid accounts so you can simply follow along.

Zoom Security – Set Up Two-Step Login

Zoom Security Issues – Protect Yourself

Zoom Security – Follow Along to Set Settings

The post Zoom Security Settings – The Concise Details appeared first on Foster Institute.

Make your Zoom Secure

Mike Foster — Thu, 02 Apr 2020 20:55:51 +0000

Tomorrow (Friday) morning, expect a completed guide that is quick for you to implement to lock down your Zoom security. Get started now on a few settings:

To help prevent an attacker logging into your Zoom account, enable two-step login. Once activated, then when you log in, you’ll enter your password along with a separate numerical code. Rather than sending the code as a text message, Zoom uses a more secure approach and requires you to use a passcode generator app. To configure two-step login, go into your account settings. Scroll down until you see the word Admin in the left-hand column, click on Advanced and then click the security option. Scroll down the main window until you see Sign in with Two-Factor Authentication. Enable the option. Sign out of Zoom and sign back in to complete the installation. Follow the prompts to associate your authentication app with Zoom.

When you schedule a meeting, for Meeting ID setting, select Generate Automatically. I’ll explain why soon, know that you need to keep your Personal Meeting ID private except for a few people you trust.

Zoom permits you to choose whether or not to require passwords for your meetings. In most cases, you should require a password. As long as someone gets the meeting notice you send them, they won’t even need the password because the password gets imbedded into the meeting invitation. However, embedding the passphrase inside the invitation exposes you to a risk. If an unauthorized person obtains the invitation, they too can authenticate to your meeting without needing to know the password.

One of the best security features is a tool called Waiting Room. Tomorrow’s tool will show how to set it up quickly. Be sure to sign up for our newsletter to receive the links for a powerful experience tomorrow and a concise video on Monday morning.

The post Make your Zoom Secure appeared first on Foster Institute.

Prepare Your Organization for a Reaction to Coronavirus

Mike Foster — Wed, 26 Feb 2020 21:41:24 +0000

The city of San Francisco just declared a state of emergency over the Coronavirus. Other cities will follow suit – maybe yours.

I’m in San Francisco right now at the RSA cybersecurity conference. Hand sanitizer is everywhere, and people are using it.

Italy shut down some towns. There is a possibility, however remote, and perhaps not for months, that US cities might shut down too. Prepare for the potential impact on your organization. For example, if schools shut down, will some of your workers, including IT team members, be unable to come into work because they need to stay at home to watch their youngsters?

Make sure all of your network users can work from home concurrently. Your IT team might need to increase the capacity of your servers to handle the additional workload. Can your workers use their phones to conduct business remotely? Does your IT team need to set up remote VoIP phone clients? Are IT team members cross-trained to be able to cover other workers’ duties? Does everyone know who to contact at your company for the most current information?

Even if your workers can work, they will put the safety of their families first. When Italy shut down some towns, the grocery stores ran out of food and supplies quickly. Encourage workers to stock up on food and products they usually buy, including non-perishables. They need to have enough medications. Once their family is taken care of first, then your workers can devote attention to work.

Prepare for loss of, or delays in, sales and income. Develop contingency plans. Would the loss of one of your primary suppliers devastate your business? Are you prepared if some essential piece of machinery, or network server, needs repair and you cannot get spare parts? Assign someone or develop a team at your company to focus on the risks and develop contingency plans. Remember IT.

Warn your workers that there will be an increase in spam and phishing as bad actors prey on their worries of the virus. They must be vigilant to spam and fake news.

For more information, Homeland Security offers suggestions at ready.gov/business/implementation/IT CDC provides a useful document at CDC.gov/flu/pandemic-resources/pdf/businesschecklist.pdf

Notice signs of things to come including a potential reaction to the virus. The falling stock market is a sign, Italy closing cities is a sign, and San Francisco declaring a state of emergency is a sign. Prepare now in case things start happening rapidly.

Please forward this to your friends so they can prepare their organizations for possible public panic and quarantines over Coronavirus.

The post Prepare Your Organization for a Reaction to Coronavirus appeared first on Foster Institute.

Executives Appreciate it when IT Professionals Communicate Effectively

Mike Foster — Mon, 24 Feb 2020 17:31:16 +0000

Today, an IT Guru called to gather more information as he prepared to meet with his executives. His methodology was impressive, and executives might want to forward this to your IT professionals. IT professionals want to do a great job of communicating with executives and they welcome guidance for communication.

A while ago, the executives approved IT configuring the firewall to block gambling, job search, and some other website categories from workers. As usual, the workers pushed back.

The executives asked the IT team to meet with them. What stands out is how the VP of IT prepared before the meeting. First, he organized a list of pros and cons for the executives before the meeting. He listed substantial risks from unauthorized websites, including security risks, ransomware, credential harvesting from fake login screens, and more. He examined mobile phone records and was able to demonstrate that since they had 1000 mobile devices, and using a total of 25 Gigs of data, they could save 50 per year per device. That adds up to save fifty thousand dollars each year. He wasn’t advocating blocking, or not to block, the content. He provided the executives with accurate numbers so they can decide.

He pulled service tickets and showed the time expense of blocking, and converted that to a numerical figure of how much money they could save by continuing blocking. He also pulled specific websites that users submitted to have unlocked. That way, the executives could choose what to open up. He printed sixty category choices to review with the decision-makers if they want. Rather than merely stating that blocking unauthorized music and media websites will speed up Internet connectivity, the executives benefit more when IT pulls logging information and provide specific numbers such as 80% of the traffic is unapproved. He offered alternatives to add safety even without blocking, including virtual browsers, to host the user’s browsing experience in the cloud and keep the traffic entirely off of their computers.

The way he finished the conversation with me was beautiful. He said that he wanted to give the executives the right information so they can make an informed decision. Please forward this to your friends in case they want to share the example with their IT professionals too.

The post Executives Appreciate it when IT Professionals Communicate Effectively appeared first on Foster Institute.

Adobe Flash Stops on December 31, 2020. Are You Ready?

Mike Foster — Fri, 03 Jan 2020 17:09:55 +0000

For more than 20 years, Adobe Flash helped websites deliver video content to your screen. However, attackers use Flash to inject ransomware and other malicious code into computers. The bad actors are usually one step ahead of security patches.

To end this security nightmare, Adobe set Flash’s official termination date to December 31, 2020. Expect your browsers, Firefox, Chrome, Edge, etc. to disable and remove Flash on or before that date.

That helps security, but Flash’s demise could negatively impact your organization. If one of your websites requires your customers to use Flash, it is time to convert the content asap. Unless you are sure, meet with your web development team and confirm your visitors and customers do not need Flash to use your sites. If so, your developers can convert your content to use supported technologies.

Additionally, ask your IT professionals if your team members rely on sites that require Flash. If so, now is the time to work with those providers to spur them to transition away from Flash. If they refuse to move, you need to find other options.

While frustrating to many, especially frustrating to attackers, the ultimate demise of Flash helps make the world a safer place!

Please forward this to your friends in case they aren’t aware that Flash’s termination date is December 31, 2020.

The post Adobe Flash Stops on December 31, 2020. Are You Ready? appeared first on Foster Institute.

Remember to Give Your IT Pros a Holiday Gift

Mike Foster — Tue, 17 Dec 2019 08:00:30 +0000

Your IT Team pours out so much time and energy. If you aren’t already, you can brighten their holidays by giving them a gift.

The work they do is often so complicated, yet they make it look easy. Unless you are a high-tech executive, it can be difficult to appreciate how sometimes your team accomplishes a miracle.

In some organizations, the only time the IT team gets noticed is when something technology-related stops functioning correctly.

IT pros, by nature, need to invest more than 40 hours a week to keep up with rapidly changing technology. That doesn’t include responses to the helpdesk crises and completing the projects assigned to them.

Executives reading this newsletter already feel compassion for and support their IT teams. But just in case you know an executive who doesn’t, or the gift slipped their mind, please forward this message to them. And why not add an IT Appreciation Day to company calendars?

Happy Holidays – and you deserve a bunch of credit too!

The post Remember to Give Your IT Pros a Holiday Gift appeared first on Foster Institute.

Protect Your Network Even when Attackers Trick Your Users

Mike Foster — Tue, 05 Nov 2019 15:11:53 +0000

A business contacted our office last week because a bad actor tricked an employee to give them full access to their computer.

The bad actor immediately took over the network and started performing highly illegal activities that appeared to come from the victim’s systems. User training is not enough. It is essential to take additional steps to help protect your network when an attacker is crafty enough to trick a user.

Firewalls, almost universally, have a feature called web content filtering. There is a possibility that your IT professional configured the firewall to block known gambling, gaming, and sites with people with no clothes.

Unless you do business with every country in the world, tell your IT team to block the firewall from permitting traffic from all countries except those where you do business.

It is possible that some of your third parties use sites in other countries to handle your sensitive data, and this is a great time to find out by blocking other countries to see what happens. Your security is only as good as the security of your third party providers, and they need to disclose to you any risks they take with you, and your customers’ confidential data.

If you want to be super cautious, rather than block everything at once, you can ask your IT professional to dump the contents of your web filter’s log into a spreadsheet, or some other database, that will identify traffic trends, sources, and destinations.

Now is an excellent time to ask your IT professionals, even if you outsource IT, to devote time to tuning your web content filtering to be restrictive.

You can even update your routers at home if they support web content filtering, and they might. An excellent place to start is at the device manufacturer’s website. There will be instructions to download and install the most recent firmware. Look at the support site about ways you can enable supported security features in your home devices, including web content filtering.

Please forward this to everyone you know so they can ask their IT professionals to turn up your web content filtering to help protect against social engineering attacks.

The post Protect Your Network Even when Attackers Trick Your Users appeared first on Foster Institute.

Microsoft Will Stop Protecting Windows 7 on January 14, 2020

Mike Foster — Thu, 05 Sep 2019 18:27:54 +0000

Windows 7 computers will still run, your anti-virus will still work, as will your other programs. But you are taking a significant risk because Microsoft will no longer provide security updates that help keep attackers out of your network.

Security patches are one of the best ways to protect your systems from attacks.

Any of your computers that you purchased six years ago came with Windows 7 installed. Unless you paid for new licenses and gave your team time to upgrade them, those computers run Windows 7 today.

Some of your options include:
– Buy new computers
– If the computer is strong enough, upgrade Windows 7 to Windows 8.1 or Windows 10
– You can ask your IT team if you use a technology called VDI. If so, they can uninstall Windows 7 completely. They can install Linux, or make a bootable thumb drive, or use a No Touch Desktop program. The computer can function as a screen and keyboard to a server where Windows runs

If, for any reason, you need to keep Windows 7 on some workstations, be sure to give your IT team time to implement compensating controls. For example, they can isolate the computers from the rest. Ask them to install Microsoft’s downloadable EMET security tool that works in Windows 7.

Support for Windows 8.0 ended in 2016.
Support for Windows 8.1 ends on January 10, 2023.

Please forward this to your friends and business associates, so they know January 14 is the when Windows 7 becomes a severe security risk to their networks.

The post Microsoft Will Stop Protecting Windows 7 on January 14, 2020 appeared first on Foster Institute.

Never Permit Tech Support to Access your Computer

Mike Foster — Wed, 03 Jul 2019 14:53:45 +0000

A company had a problem with their bank’s remote deposit software. They called technical support, and the bank’s software support person announced, “First, I need to connect to your computer to see what is going on.” Fortunately, the company’s team member told the bank’s technical support person, “It is against company policy to permit any third parties to connect to our computers.”

The tech support representative at the bank pressed, “I cannot help you if you do not let me into your computer.”

The team member said, “Yes, you can. I can read you anything displayed on the screen, and I can type or click where you say. But we cannot permit anyone to connect remotely. What do you need me to read to you?”

The technician said, “Uh… Ok. What does the error message say?”

The team member replied, “The routing number field is not long enough.”

The technician said, “Ok, that is easy to fix.” And continued to help resolve the problem and all was fine.

Never, ever, permit anyone to remote into your computer.

Once you permit any third party to access your computer, your company’s security is only as good as their security. And you have no idea how good their security is.

Your internal IT team, or outsourced managed service provider, can already take control of your systems without asking you. They will not need to ask your permission. So, if you ever receive a call saying, “This is tech support, you don’t recognize me because I’m the new guy. I need your help to fix your computer. Please go to this website so I can take control of your system to resolve a technical glitch before it crashes your system,” then blow a whistle into the phone as loud as you can. That’s a bad guy using a social engineering ploy in an attempt to trick you into allowing them access into your system.

When in doubt, go back to the only reasonable answer: “No. You will not get access to this computer or any other computer at our organization.” Report this immediately and warn everyone else.

Please forward this to everyone you know or care about, so they know: Never permit anyone, even third party technical support, to access your computer remotely.

The post Never Permit Tech Support to Access your Computer appeared first on Foster Institute.