by Scott M. Lewis
Some of the most common security mistakes:
1) Sending sensitive data to the wrong destination. A 2008 AOL study found that 32% of people admitted to sending emails to the wrong person. In a more recent study, it was found that number had climbed to 78%. This is a real problem and can create real issues with your customers and vendors.
Here are six tips to preventing email mistakes by the Creative Group.
a. Give your undivided attention. Avoid multitasking when drafting or responding to important messages.
b. Save the distribution list for last. When writing a confidential message wait until it is complete before selecting the recipients.
c. Take care with those you copy. Think twice before you hit reply all and copy only those people who need to be part of the conversation.
d. Review it on a big screen. Emailing on smart phones and small devices can increase the likelihood for mistakes and change the intent of the message.
e. Check attachments. Confirm any attachments by opening them again prior to sending them.
f. Keep it professional. Keep in mind electronic messages are easily forwarded and copied, and company email can be monitored.
2) Clicking on unknown links or funny pictures. There are real risks when it comes to links and pictures whether it is on websites or email. Nowadays websites and email systems use the same basic code so there is very little you can do on a website that couldn’t be done in an email at the same time. This would include links, active pages, HTML coding and background tasks. A couple of the most common email risks come with Phishing, which is when you receive an email that takes to you a fake website. Once on the site you are asked to enter sensitive data about yourself or an account. The most common phishing trick sites are sites that look like they are your bank, the IRS or somewhere that you may commonly do business. Malware and viruses, which would include Ransomware, can come in the form of a picture, a link or some other executable type file. In some cases today, they may not execute with the primary file but be a sub file to the file you downloaded that executes independently of the first file.
How would you know what links to click on and which ones not to? If you just ordered something online, you should be expecting to get a confirmation email and shipping information. Take the time to look at it first and make sure that it is what you were expecting. Another one could be that you just signed up for an online account. You should be expecting to get a confirmation email from them, however they should not be asking you to verify the information you should already know and have already entered that into the registration form.
What should you avoid? An unexpected email from your bank asking you to log in and verify your information or account. Unless you initiated that activity it would be recommended to assume the unexpected email is a fake and you should delete it. An unexpected email from a friend asking a question that would not typically be in character for them or if they are asking you to verify personal information that a friend should already know.
If you need to verify the person sending you the email is real or not, or if the link is real or not, there are a couple of things you can do to verify. In the example of the bank, do not click on the link, open your own browser and manually type in the link that you know and log in. If you have a message from your bank, it will be there. If not, then the email with the link is a fake. In the example of your friend, it is easy to text them and verify that they sent you something, or you can open a browser and manually type in the link and verify the spelling as you type, creative spelling or misspelled words in a link are a key indication that the link is fake and will take you somewhere you don’t want to go.
3) Copying data to flash drives, lost or stolen mobile devices, and use of personal equipment for business. Flash drives and USB drives have gotten so popular that a British dry cleaner reported finding more than 9,000 of them that had been left in coat pockets and pant pockets in a single year. In a separate survey, Credant Technologies found that more than 12,000 of them were left in taxi cabs in a single year. USB and Flash drives have become so popular they are the target for specific worm viruses and malware that will use them as a transport method between systems.
Some basic steps to protecting USB and Flash drives according to Symantec are:
a) Protect your data. Don’t copy personal information such as social security numbers, credit card information, bank account information or other personal data to a USB flash drive.
b) Use encryption. If you must put confidential or personal information on a flash drive, make sure that it is encrypted first.
c) Use secure devices. Some of the newer flash drives have features such as finger print authentication, and some have built in encryption features or use some form of two factor authentication.
d) Pick a storage spot. Since these are small devices make sure to designate a spot in your desk, counter, briefcase that you store these devices so you can find them and they are kept secure.
e) Keep home and office separate. Never use the same device to store both business and personal information. If you lose one device, you put both at risk.
Scott Lewis is the President and CEO of Winning Technologies Group of Companies. The Winning Technologies Group of companies is an international technology management company. Scott has more than 30 years of experience in the technology industry, is a nationally recognized speaker on technology subjects such as Collocation, Security, CIO level Management, Data and Voice Communications and Best Practices related to the management of technology resources. Learn more about Winning Technologies at www.winningtech.com or call 877-379-8279.
Submitted 6 years 268 days ago