Making IT work… sharing information securely
Information Technology is prolific in our daily lives.We put a value on our phones,laptop and tablets.If these were lost or stolen we would tend to be more concerned about the cost to replace the hardware than the potentially valuable data on-board.
We are in an information rich society,and like it or not a great deal of information about us is transmitted across the internet each day.Car insurance quotes, bank transactions, tele-marketing and email marketing lists,social media and more.Most of these are encrypted, which protects the data from interception or ‘man in the middle’ attacks.In the old days phone calls were easily tapped and the listener would be able to hear both sides of the conversation without detection.In a similar way, an email from one person to another passes through literally hundreds of devices on its journey.Most email is unencrypted,so it would take just one of the devices to be compromised to allow a hacker to read the email and all of the attachments.
Top tips for information sharing:
1) Install software such as WinZip or 7-Zip to encrypt your attachments before sending them.
2) Text the password to the recipients. This way if the email is intercepted or accidentally received, the attachment cannot be read.
3) Agree a ‘project password’ to use for all people working on a project up-front. Use this for all attachments.
4) Use collaborative working tools such as SharePoint. This way you create a document on your computer, upload it to SharePoint and then email a document link to the recipient, pointing them to the SharePoint Portal. Only authorised users will be able to follow the link to read the actual document.
5) Be really careful to check your email recipients before pressing the send button. Sending to the wrong ‘john’ is easily done and can be at the least a little embarrassing and potentially a security breach or compliance problem.
6) Ask if the information really needs to be sent by email. Consider posting a CD, or why not use this as an opportunity to meet up with the person.
The easiest thing to do is to train your staff with basic ‘Cyber Hygiene’ skills. This will keep them alert, on-guard and with all of your team now more ‘cyber savvy’, will protect your business or organisation from inside as well as outside threats.