When you want privacy, one way is to encrypt your documents before you attach them to your email message.

Microsoft Office, for Windows and Mac, has a feature on the File menu called Protect Document. Choose that option, and enter a secret password.

Use a phrase such as: the chairs are in a row.

E-mail that file to your recipient.

Then, phone, or text, the password to your recipient. If you email the recipient the password, even if it is in a separate email message, whoever is reading your email messages will receive both the attachment and the secret code.

Please forward this to any of your friends who may want to send sensitive email attachments.

The post How to E-Mail Encrypted Attachments appeared first on Foster Institute.

Both Google and Microsoft strive to have great security. In most cases, the weak spot in security won’t be within Google or Microsoft itself. You’ll want to have great protection for the computers and connections that link the human user to the cloud service.

One of the best things you can do with Google and Microsoft is to enable two-step logon. That way, when someone learns one of your organization’s passwords, the unauthorized user will likely experience great difficulty using that stolen password.

An example of this solution: You enter a username and password into a web site, and then your mobile phone buzzes and tells you to enter the code such as 777888 to complete the login process.

Now an attacker, even if they know your password, would need to steal your mobile phone too before they could log on with your username and password. Obviously, if the attacker is in another city, then it is more difficult for them to steal your phone.

Drop Box, PayPal, Google Apps, Microsoft, and many other sites already support multi-factor authentication – you just have to “turn it on.” See https://www.google.com/landing/2step/ to set up your Google account’s 2-step verification.

The post Is Google Apps or Microsoft 365 more secure? appeared first on Foster Institute.

Is to differentiate between 1) Cyber-security changes the users will notice, such as making them change their passwords more often, vs. 2) Security changes that can be implemented without the user even noticing. Of course, #2 is the way to go. That way, the VP of IT and the CFO both win. Things are more secure, and the VP of IT doesn’t feel like he is getting in the way of business.

How strict you want your own VP of IT to be is part of your risk assessment. If your customers entrust sensitive information to you, and if your organization’s reputation will be tarnished if there is a breach, then those conditions dictate a more restrictive posture.

Please help spread the word that, as in #2 above, every organization should strongly consider implementing, first, the security controls that users won’t even notice.

Please post your comments below….

The post How Strict Do You Want your IT Pro to Be? appeared first on Foster Institute.

My kids are the ones who taught me to cough into the elbow, not hand, to keep from passing germs along to whatever I touch.

Oh. Why didn’t I think of that? It seems so obvious.

But what about Cyber Security? Will we learn from our kids about more secure computer behaviors? “Dad, you mean that you don’t have a lock code on your phone?” “Mom, you should encrypt that memory stick in case you lose it. It only takes a second. Here, I’ll show you!”

And it may not be your kids teaching you; it may be the other way around. Just last week, a participant came up after I finished speaking to say how eager he was to go share some security tips with his dad. Dad’s business has been struggling with some major Cyber Security issues.

Do your kids teach you about cyber security? Do you teach them? Make the world a safer place to work and live…

The post Kids, Coughs, and Cyber Security appeared first on Foster Institute.