X
Število kibernetskih napadov se je v zadnjem letu podvojilo. Vas zanima, kako se jim lahko izognete? Postanite del naše skupnosti.
In the last year, the number of cyberattacks doubled compared to the year before. Do you want to repel potential threats? Join our community.
  • Skip to primary navigation
  • Skip to main content
  • Skip to footer
Carbonsec – Cybersecurity Consultancy Services Company

Carbonsec - Cybersecurity Consultancy Services Company

Cybersecurity services for businesses to be hackerproof, because it sucks to waste unnecessary time dealing with cyber criminals instead of focusing on business.

  • Services
    • Password security test
    • Penetration test
    • Red Teaming
    • DDoS test
    • ICS Security
    • Cybersecurity Consulting
    • Secure Static Code Review
  • Solutions
    • Pentera Automated Penetration Testing Solution
    • SecurityScorecard Risk Rating and Supply Chain Security
    • Simulated phishing attacks
    • Free Tools
    • Breach and Attack Simulation (BAS)
  • Training
    • Security Awareness Training
    • Security for Developers
    • Purple Team Coaching
  • News
    • News
    • Blog
  • Resources
  • Company
    • About Us
    • Core Team
    • Careers
    • Partners
  • Contact
  • SLO
  • Email
  • Facebook
  • LinkedIn

Keep sensitive data secure even during the summer vacations

The security of sensitive data should be a top priority when you allow employees to use company devices for private purposes.

28. June, 2022 by Carbonsec Team

The security of sensitive data should be a top priority if you allow your employees to use company devices for private purposes.

The school is over, and we have seen the first wave of summer leaves partly empty the offices. However, most summer vacations are still coming up in July and August. Nowadays, many employees tend to take care of some business also on holiday. So, how can we ensure the security and integrity of sensitive data transmitted over numerous networks all over the world?

In this blog post, we will focus on three elements of (cyber) security to ensure that sensitive data stays in place and is not compromised in any way while you are away for the summer.

Why is the security of sensitive data put to the test in the summer?

Simply because you relax and put your brains at rest. You are less likely to use PCs, while you spend more time using your smartphone, where the sense of commitment to data protection is weaker. You spend more time browsing social networks, where you are also more active in writing comments and participating in various prize draws and games. Among all the legitimate posts, a well-set trap can be quickly overlooked.

At the business level, cybersecurity is at stake in the summer due to the often reduced staffing in security operations centres (SOC). Fewer experts in the SOC results in a higher probability of a successful cyber-attack. Attackers are aware of this fact, and according to some reports*, the number of attempted cyber-attacks is highest in the summer months. Hackers try to gain entry to the corporate network by spear phishing, targeting employees with the content related to the absence of their managers; e. g. “a manager” asking an employee to make an urgent purchase in an online store.

Review controls and remind employees of security policies

In business environments, we need to ensure sustainable cyber security at two levels: for “normal” users, where ongoing security awareness training is necessary, and in the IT department or the response centre (SOC).

Considering the before-mentioned fact that IT departments and SOC centres are short on staff during the summer, it sounds reasonable to review the existing controls and security measures. This will allow the colleagues covering the primary team to react more quickly and be alert when the alarms are raised.

Furthermore, make sure that users are aware of current security policies, both in terms of appropriate arrangements for securing the physical workplace and for using mobile devices and accessing corporate data from remote locations.

In the last two years, many companies have embraced remote working and set rules on the use of business and personal devices for business purposes. This has certainly improved the security of sensitive data. However, the perception of use is different when we are at home, working, or at the seaside, casually checking our work email while chatting on the beach.

A clean desk policy is a basic hygiene measure

An essential hygiene precaution before you leave for vacation is to tidy up your workplace. You do best if there is nothing on your desk except your PC, which should be completely shut down (not sleeping or hibernating). If you cannot put all your documentation in cupboards or drawers, make sure that at least sensitive information is not being left on your desk. This way, passers-by or potential attackers do not even have a reason to spy around your desk.

It is also a good idea to back up your (work) computer before you go on holiday. Be careful what you want to back up. It is often the case that employees keep private data – either documents or photos – on company devices that should not be stored in the business backup. Transfer such documents to a private cloud (e. g., Google Drive or private MS OneDrive) or store them on an external storage media.

Put your brain at rest while you keep your devices and sensitive data cyber-secure

Rule No. 1: Don’t publish on social media that you are travelling. It’s perfectly normal that we like to share lovely moments with our friends online. But there’s also nothing wrong with posting photos from your travels when you return home. The information about our absence can be exploited by cybercriminals who use it for spear fishing, as well as by burglars who can take advantage of our absence.

Rule No. 2: Turn off automatic connection to wireless and Bluetooth networks on mobile devices. Avoid connecting to open wireless networks, as a hacker can connect to such networks just like you do and may remain hidden, intercepting traffic or spoofing your sites. If you have no choice but to use an open wireless network, try at least to use a VPN connection, which encrypts traffic and does a good job keeping your data secure once you have established a secure connection. However, there is still a time frame between connecting to an open network and establishing a VPN connection when an attacker can intercept your traffic and capture a password. So make sure you are connected to a closed, password-protected network or use a mobile hotspot, which is considered a secure connection for the time being.

Rule No. 3: Make sure your apps and browsers are always up-to-date. Regularly updating your software can reduce the chances of attacks to a relatively large extent, as patches also address security flaws. Be careful when installing new applications, and always check that an application is trusted before installing it. Install apps from official online stores (e. g., Google Play, App Store) and not from websites.

By following these tips, you will enjoy a cyber-secure vacation and preserve the integrity and security of your sensitive data.

Find a way to a responsible use of the internet and IT assets.

Security Awareness

Security Awareness Training

Since users are the most vulnerable part of IT systems, regular security awareness training is crucial for a stable security posture.

Simulated phishing attacks

Simulated phishing attacks

Simulated phishing attacks are an effective way to train employees to identify phishing attacks and malicious links.

Simulated phishing attacks

Free Tools

Take advantage of free tools to test how social engineering simulation attacks work and how can they help you improve your cybersecurity posture.…

* Vir: Hudson Reporter

Blog,  News,  News,  Security Awareness security awareness,  security awareness,  social engineering

Let’s work together

Get in touch with us and send some basic info about your project.

Get Quote

Footer

ABOUT

Cybersecurity services for businesses to be hackerproof, because it sucks to waste time dealing with cyber criminals instead of focusing on business.

  • Email
  • Facebook
  • LinkedIn

CONTACT

CARBONSEC Ltd.
Hacquetova ulica 8
1000 Ljubljana
Slovenia

info@carbonsec.com

QUICK LINKS

  • Join our community.
  • Blog
  • Terms & Conditions
  • Privacy Policy
  • Cookies

SERVICES

  • DDoS test
  • Penetration test
  • Red Teaming
  • ICS Security
  • Cybersecurity Consulting
  • Secure Static Code Review
  • Training

Copyright © 2023 Carbonsec · Created by mod.si

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Cookie settingsACCEPT
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may have an effect on your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT