7 IT sins when seeking fun in the sun
23 June 2006
It is that time of year again when people take to skies, roads and sea in an attempt to find rest and relaxation and enjoy their holidays. At this time IT security is the last thing on their mind.
Technological advancements have now meant that many feel the need to keep track of their e-mail, bank-account status and other data whilst away - things they didn’t care about a decade ago. Only two decades ago people would not have even concerned themselves with the fact that they did not have a phone whilst abroad. Yet now there is pressure to be reachable at all times and one of the first items packed is the mobile phone.
It is also now increasingly common for people to either take a laptop with them or visit an Internet café - ensuring that they can keep track of everything even whilst on holiday. However, with the mix of determination to have fun in the sun and still stay in constant communication, people quite often forget about security.
To aid you in enjoying your well deserved holiday and not falling foul to Internet threats Norman have produced the 7 “sins" below and how to over come them:
1. Protection tools are not updated
Make sure your antivirus, antispam and antispyware are up to date before you leave and are continually updated during this time. The first thing you should do while connecting to the Internet is update all security software, every time!
2. Operating system security patches are ignored
When connecting to the Internet take a moment to check for operating system patches. Zero Day exploits are becoming increasingly common and operating system vendors as Microsoft release emergency patches when they deem the exploit critical.
3. Firewall settings are not considered
Make sure your Personal Firewall is as secure as possible with as few connections allowed as required. If you happen to open the connections towards your system and your security is not tight enough or not up to date, someone may acquire access to your system and misuse it to transmit all kinds of information.
4. Using open Internet connections without consideration of the risk
If you connect to an open WiFi network the gateway to the Internet to which the WiFi connects may contain a proxy application and store your complete Internet traffic behavior as well as passwords used. Be very careful submitting information over such connections. The best way to prevent this is to use secured transmissions (SSL/https)
5. Using open shares on a network
When being connected to the Internet via a cable, modem or WiFi, make sure you do not have any open shares. Any open share is accessible by others who are on the same network. Although this possibility is usually blocked by ISP’s when directly connecting to them (direct connection such as modem or ADSL), when connecting through cable or WiFi connections the routers/switches in between are not under control of the ISP and may be configured (intentionally) to allow others to access your open shares to see what you have there or to put something there.
6. Keeping Bluetooth enabled
Most modern laptops have Bluetooth capabilities. Bluetooth can also be facilitated to act as a network host allowing people in your vicinity to peek into your system without you noticing it. Make sure Bluetooth is disabled.
7. Checking bank account details at Internet cafés
If you plan to use systems in an Internet café, be careful when checking your bank account status. You do not know what kind of software is installed which could include some forms of spyware. Before you know it, your login and password are captured, and if you happen to make a transfer there, your Transaction Number may be recorded as well. In case of malicious intent, the system may contain a Trojan that forces an error and the transaction is not executed. This means that the Transaction Number may still available to the criminals, allowing them to make a new transaction, often involving vast sums of money.
If you have to use an Internet café for checking your online bank details create a new text document with all of the letters of the alphabet in upper and lower case, you can then copy and paste each character needed for your password using a mouse only, this makes it a lot harder for key loggers to detect your account details and passwords. Always delete any temporary Internet files and the text document securely when you have finished.
Of course, the best security is the same as usual:
Use Common Sense when dealing with your personal information.
You are not going to reveal your pin to just anyone who asks for it, so adopt the same levels of caution when using passwords on the Internet.
Have a very pleasant and secure holiday and don’t forget to have a bit of fun!
