(Video) What is managed web filtering?

Roger Smith, CEO at R & I ICT Consulting Services Pty Ltd and Amazon #1 author on Cybercrime discusses managed web filtering

[Start of transcript]

Hello, my name is Roger. What is managed web filtering? Well, we all know that everybody likes to access the internet, whether it’s on a tablet, on a mobile phone, laptop, computer, even on the server when you need to download updates and things like that. You always need to access the digital world in some way.

But the trouble is, the bad guys know how we all access the internet, and they are always willing to put little traps and systems in place so they can actually get information out of you or infect your computers.

Now what I mean by that is there are, websites are created, and we all have websites. Websites are not created equally. Some are high-end, high-processing, e-commerce sites that are secure and locked down, and everything is really hunky dory.

But at the other end of the scale, there’s people who put together a WordPress website, who doesn’t worry about security, doesn’t worry about patching or widgets, making sure all the plugins are working, making sure the plugins are all patched up.

Now if this website, the one that was done in WordPress, gets hacked, now there are a number of ways they can do things to you. They can hack your website and take it down. Bang, there goes your website. Or they can just deface it. We were here, stuff you. Great.

The worst one they can do is they can actually infect it so that all of the visitors coming to your site will actually be asked to download now or then. Now when that happens, what happens is you need a system in place that will protect you from that happening to you. Now how do you do that?

Well there’s a number of products around that allow you to protect the way you surf the internet. And by that protection, it will come up and go, don’t go to this website, because it’s infected, or it may go to something that says when you log on to the website, something is wrong.

And that is really important for business. Because you get malware on your PC or your laptop, or your tablet, or your phone, then the bad guys have access to that information. What people don’t understand is it can happen to anybody’s website.

It takes, it can happen at the lowest level with your web-hoster, hosting company, has been hacked, and the server with all of those websites on it are now vulnerable. Or you could be a major news site.

There’s been times where places like ninemsn have been not so much hacked, but the information for things that run their ads have been infected, which then infects the people who come to it.

The other way that you get infected is through Ethernet. So this is a process that the bad guys call water holing, because everybody has to go there to get information. The biggest one that we’ve ever seen was when they infected a site that looks after human resources. So everybody had to go there, work out their leave, and every time they went there they got infected.

But, on top of that, if you get an infection from a website, that you, and you haven’t been protecting yourself in such a way as it will come up and tell you that you’ve got a chance of being infected by the website, then you have a problem with your own technology itself. Because it is no longer yours. It has spyware, it has malware. It may even have things like drive-by malware that encrypts all the information on your system. You don’t want to be in that situation.

On top of that, people also believe that if you go to pornographic sites that you’re going to get infected. To tell you the truth, pornographic sites are probably the securest internet websites on the internet and have ads. And there’s something, because the pornographic sites need people to come to them all the time. And yes, it’s huge business, it’s really a lot of money that they get.

So, you need to have some way to protect yourself, and that is where a managed web filter will come into. That managed web filter will sit on the desktop, or the laptop, or the tablet and phone, and actually intercept the information before it gets to your technology itself, and will protect you. And because it’s a managed web filtering, it’s like any other cloud product, it is a monthly fee.

Thank you.

[End of transcript]

How to secure your mobile device!

Mobile devices are the way we now do business.   From checking email, surfing the web to  connecting on social media and creating reports, we are always on, always connected, always busy.

Smart devices, phones and tablets, are critical to having an edge over your competition.  They hold a large amount of data that most people do not consider important – until we lose it.   We realise, too late, that we have lost some very important information.

Using mobile devices means that we can work from anywhere at anytime, if we want to that is.    The lines between work, business and our personal lives are blurring especially if you are a business owner or a manager of a small or medium business (SMB)

The risk requirements for both BYOD and business supplied devices is very important to ensuring the rest of the business is secure.

With so much happening on our mobile devices, how do we protect them from both the physical world as well as the digital world.

Think about these ideas that you need to deploy to protect your physical device.

  • Never leave it alone.   In some places your phone can be stolen right out of your hand while you are talking on it – In NY this is called apple picking.   In most places, the simple act of leaving your device on a table while you pick up your coffee is the only opportunity that the bad guys need.
  • When it is not being used – lock it.   Using a simple 4 number code, a decent password or biometrics ensures that the information on your device is secure for the initial attempt at access.   Change the settings to 3 attempts or 5 attempts before it is locked for x minutes will ensure that you have time to remote wipe the device.
  • Back it up – you never know when something bad is going to happen to your phone.   From a theft to dropping it in the toilet, if it happens how are you going to gain access to your precious data – your contacts for instance.

That is the physical side, what about digital protection:

  • Passwords – Yes we hate them, but in today’s digital world it is one of the only things that keeps the bad guys out.   All passwords should be 8 or more characters, use complex and complicated features (capitals, numbers and symbols), not be a dictionary based word, be easy to remember and be unique for each site.    That’s the reason we ignore those requirements and use the same one for everything.
  • If passwords are a problem then get a password manager or a single sign on (SSO) system.   This will ensure that you can use complex passwords and not have to worry about them.   SSO can also be deployed by an organisation to protect their social media and infrastructure requirements.   If a device is compromised, just delete the access to your business systems.
  • Run Anti-Virus / Anti-Malware.   Most people think that the operating systems of android and apple are secure.   This could not be further from the truth.   Although apple is a little more secure, malware is not always targeted at operating systems.   It is targeted at sub systems like Java, flash and adobe.   That is why all devices need AV as a real time protection system as well as a regular scan to pick up malware that may have disguised itself in the installation process.
  • Only install legitimate software.   Software that is in the app store (Apple) and the Google store (Android) have been vetted to a level to ensure that they do not include malicious code.   Some systems sneak through but they are quickly weeded out.   Applications directly downloaded from websites are especially prone to infection and do not have this protection.

Managing business risk is critical to the resilience of the business.   Make sure that your road warriors have the resources available and needed to work but that they are also safe, secure and protect your business..

Roger Smith is the CEO of R & I ICT Consulting Services, Amazon #1 selling author on Cybercrime, author of the Digital Security Toolbox and author of the SME Digital Security Framework.   He is a Speaker, Author, Teacher and educator on cybercrime and how to protect yourself from the digital world.