6 Top Tips from Security Experts
We’ve all read the horror stories of businesses falling victim to hackers. It can have a devastating effect and even destroy a company.
It is a risk posed to businesses large and small and keeps CEOs awake at night worrying that they will be the next victim of attack by ransomware, phishing or malware. They want and need to know the online systems that they and their staff use for business communications are impenetrable.
Secured Communications asked its top team of experts in cyber security for their advice on how businesses can keep their online activity safe. Here’s what they had to say:
Be Confident That You Have True End-To-End Encryption Even in Your Video Conference Meetings
Damien Fortune, Chief Operations Officer of Secured Communications, says: “Think about what you discuss in meetings these days: future earnings, legal issues, sensitive HR actions, strategy, crisis response – all sensitive matters where timing, access, and messaging are critical. Think about how you’re sending that information around from office to home to coffee shop and back, across secure and insecure networks, in ways that can be intercepted. Safeguard your information by using end-to-end encryption on proven, security-minded platforms.
“Encrypted messages are better than plaintext SMS, but did you know there are wildly different levels of messaging encryption? Many of today’s popular messaging services rely on now-outdated encryption methodologies that leave your messages vulnerable to interception. The current best practice is to use a system with Messaging Layer Security (MLS), which encrypts messages end-to-end, and changes keys with every individual message, adding additional layers of security. As we approach viability and proliferation of quantum computing, MLS is the most secure messaging encryption solution.”
Post Quantum Encryption – Y2Q Is Coming. Prepare Now!
Tom Patterson, Director of Secured Communications, said: “A play on acronyms from Y2K, Y2Q denotes the moment in time that adversaries can use a “Cryptographically Relevant Quantum Computer” (CRQC) to decrypt current encryption standards. If you have sensitive communications that you need to keep safe for some time in the future, you should be switching to a post-quantum encryption methodology today, as intelligence services around the world are known to be harvesting encrypted data today, for decryption tomorrow.”
Use Platforms That Offer Messaging Layer Security
John Parkinson, President of Secured Communications, says: “End-to-End Encrypted (E2EE) messaging applications have made it easy to connect with colleagues, vendors, and other business partners around the world. But many E2EE protocols used in popular apps today lose their security integrity when more than two people or devices are involved in a conversation, compromising even direct messages. Most messaging platforms on the market use “sender keys”, which are sent with the message for the other participant’s devices to decrypt. This exposes group conversations to hackers and once compromised, an intruder can monitor any conversations going forward.
“Messaging Layer Security (MLS) is an additional layer of security whereby each message is individually encrypted and protected. Think of normal ‘secure’ messages passing through a big “pipe” which are vulnerable to anyone who gets in the pipe. However, with MLS, each message is individually protected passing through its own encrypted pipe inside that big pipe.”
Use Multi-Factor Authentication (MFA)
Dylan Knight, Chief Technology Officer, adds: “MFA improves the security of the authentication (or login) process by requiring at least two methods of authentication. These typically include something you know, such as a password; something you have, such as your device; or, as the most secure option, who you are, i.e. biometrics using Touch ID or Face ID.”
Consolidate Vendors and Use a Unified Business Communications Platform:
Robert Wilson, CEO of Secured Communications, says: “Switching from one communications platform to another in your workday increases security vulnerabilities. Choose a platform that includes all your company’s needs in one secured platform – file sharing, messaging, meetings and calls, which will reduce the risk of intrusion by hackers.”
Keep On Top of Your Administrative Policies
Helen Parkinson, Global HR Director, advises: “Have a robust set of policies for passwords, posting and data retention. Put controls in place to set access limitations for administrators, users, and guests including their use of individual devices.”
Keeping your business activities secure online will always be ever evolving as technologies used by hackers and those with malicious intent mature to be a constant threat. Business owners can keep on top of their game by choosing trusted and secure platforms and keep up to date with the latest developments and improvements.