AdobeStock_208557529.jpeg

OUT AND ABOUT

Technology is awesome.  Whether we want to surf the net, touch base with friends and family, or keep working whilst on the move, our phones, laptops and digital pads are our portable friends.

Unfortunately, this portability presents new opportunities for malicious actors to hijack our sensitive data for personal gain. So, what are the key threats and how do we mitigate them?

 

SHOULDERING & EAVESDROPPING

It is all too easy to forget the people around us when taking an important call or emailing a business client whilst on the train or in our local coffee house.  However, such ignorance puts our devices and our data at risk.  Not only are we advertising the make and model of our brand new phone or laptop to would-be thieves, our personal information may also be exposed to people looking over our shoulder or earwigging our conversations.

MITIGATION:

  • Consider purchasing a privacy screen: For your mobile device. Many of these solutions are scratch resistant, bubble free and touch sensitive. More importantly, however, they make the screen invisible to any casual onlooker.

  • Be aware of your environment: And the sensitivity of the information that you may be unintentionally sharing. It might be better to wait 5 minutes before firing up your device.

PUBLIC WIFI

On the surface, public Wi-Fi provides convenient access to the online world; hotels, restaurants, public transport, telecom providers and even local 'soft play' centres offer it.  However, a hacker can:

  • Set up their own 'public Wi-Fi' and give it a name that sounds perfectly legitimate.  As soon as you connect, your traffic can be captured by the attacker and inspected.  In cyber security circles, we tend to call these devices 'rogue access points' or 'evil twins'.

  • If this wasn't bad enough, some of these access points can cause your device to automatically connect. It does this by pretending to be a trusted hub - like your home Wi-Fi or a connection point that you have previously used.  This is especially deceitful, because you could be connected to a compromised network without even knowing it.

MITIGATION

  • Consider purchasing a VPN: From your app store.  A VPN will encrypt your network traffic, so that it cannot be understood or exploited by a hacker. Additionally, many VPN's on the market today will hide your location and preserve your anonymity.  That being said, a VPN can slow down your internet connection. So, if speed of access and security is paramount, consider a reputable commercial product over the free alternatives. 

  • Disable Wi-Fi: Failing that, it might be wise to disable your network whilst out and about and rely on your mobile data plan.   

  • It also pays to keep your devices updated, so that a malicious connection poses less of a threat in the first instance.

ACCIDENTAL LOSS OR THEFT

Whether we part with our digital devices accidentally or through the malicious actions of another, we need to either:

  • Optimise our chances of recovering our property.

  • Make sure our personal data is protected if we cannot recover our device.

Therefore:

  • Make sure your device has to be unlocked: Before it can be used. Passwords and biometric security (such as a thumb print or the use of facial recognition) will prevent immediate access to your sensitive data.

  • Hide your device: By not leaving it out in the open.

  • Minimise the amount of important data you store: Consider, for example, backing up important files online instead of carrying it on your device. Not only will most cloud vendors offer a secure vault which is encrypted, many also offer 2 Factor Authentication (2FA) so a hacker cannot gain access to your data even if they have your password.

  • Set up account recovery:  To prevent you being locked out of your own account, many providers will let you add an emergency email or phone number for account recovery.

  • Track your device: There are any number of reputable apps that will do this.  Some will even wipe your data if your gadget cannot be retrieved.

See something not quite right? Email: EMSOUCyberProtect@leicestershire.pnn.police.uk