Welcome our sixth instalment in a series of blogs we are publishing each week, all under the title “Keep it safe: Sharing with Surevine”.
In our first post we introduced the series, with our theme of Passwords, and focussed on Password Storage.
In week 2 we took it one step further, and talked about Password Complexity.
Week 3 was Beyond Passwords and dealt with 2FA.
Week 4 we talked phone pins, and why we all need so many passwords. And that wrapped up the series on Passwords.
Last week we moved onto Anti-Malware, which takes us nicely into…
Encryption
Encryption used to be hard and complicated. Now, it is pretty easy to set up and an absolute requirement for anything containing business (or personal) data. Microsoft and Apple have made it fairly painless to setup. There are many guides on how to make it work. Just remember the password advice.
Why do you want encryption I hear you ask?
Imagine your laptop is out of your control (stolen or lost). Despite any login passwords or other “security” you may have, an attacker can read your data straight off the disk very easily. Once a hacker has an unencrypted laptop, they could send/receive email as you, maybe connect to your company VPN.
Basically, anything you can do, so can they.
Before you’ve even noticed the laptop is missing, they could have sent password reset requests to your online shopping accounts to lock you out, changed the delivery address to their own and ordered all manner of things. By the time you get a replacement laptop, get the email account password reset, login to your email account, read all the order acknowledgement emails and try to do something about it, Amazon Prime has done a next day delivery of £10,000 worth of HDTV and you’ve got a massive credit card bill to sort out.
If they were really cruel they could have leaked confidential business information to competitors or newspapers. Like what happened to Sony
Even if nothing happens as a result of the loss, you could be fined nearly £1million for having your laptop stolen if it is not encrypted. See this BBC news article for just one example.
With so much at stake, this is one mandatory requirement we have at Surevine. If you haven’t got encryption on a device, please don’t use it for doing business with us!
Hopefully you are well along the journey to being a security geek now, so keep with us! Next week we have the last in our series, perfectly titled “What else?”