Kindus 100 Posts and Counting

This is the 100th blog post on Kindus.co.uk, rest assured that none are AI generated but instead reflect the analysis and opinions of people who understand computer security.  We have tried to stay away from a ‘bug of the week’ approach but keep to helpful and informative advice.

This is as good a place as any to highlight some interesting places to start reading.

Artificial Intelligence has recently (2023) become a hot potato news story.  It has been used to create copious content quickly and easily although the copyright implications are often ignored.  The relatively good quality grammar and spelling produced by AI makes it harder to spot scams and phishing requests. News sites are generating unreliable articles to fill up their pages.  The purpose of these sites (beyond vanity) is unclear but they could host malware or be used to exploit advertising revenue.  AI might be used to generate fake reviews on shopping portals.  Amazon certainly has used AI to detect possible sources of fake reviews (commonly used to boost product ratings).

COVID highlighted many of the security issues involved with working from home.  Few organisations are able to provide a complete, locked down set of equipment and connecting devices to access corporate systems remotely.  Most will rely on at least some privately bought or administered equipment.  This is unlikely to have gone through the same purchasing scrutiny and may have been acquired with cost rather than security in mind.    Other risks from home working are smart speaker devices and eavesdropping on confidential meetings.  Any risks can be mitigated by training to raise use awareness of the issues.

The flip side of using personal devices for home working is to allow them to be used within the office.  Keeping the same tablet or phone for use inside and outside the office can facilitate work but brings risks or restrictions depending on who retains ultimate control on administration of these devices.  Carrying several devices each with the same function but different purposes is not ideal and can result in use of the wrong device for the wrong purpose.  This affected the UK government where ministers used compromised private phones for official messaging.   A Mobile Device Management policy should restrict what data or systems is accessible from which devices.  The UK government has relevant policies for example concerning WhatsApp but has failed to make ministers constantly tow the line.

Much can be done to minimise the damage from real or potential security threats.  Any suspect activity should be reported.  Any attempt to buy off the perpetrator or hide the evidence will not guarantee that the truth will eventually come out.  A policy of openness with customers and associates is usually the best approach if something does go wrong.  Threats are not necessarily external as employees might be unwittingly manipulated to disclose confidential data.  The consequence of compromised passwords can be reduced by a zero trust approach and investigating options that either avoid passwords or use additional means to verify access to an account.

A significant proportion of cyber security issues are related to social rather than machine factors.  User training and security awareness at all roles within an organisation will reinforce security.  At Kindus we provide technical solutions together with training regimes to optimise data security.

More from Security

13/05/2024

eCommerce Shop Scams

Data from Security Research Labs has revealed a China based fake shopping network that they have named ‘BogusBazaar.’  They claim that: ‘As of April …

Read post

08/05/2024

Lockbit Ransomware Takedown

In February 2024 the UK National Crime Agency released details of how the NCA and other international policing agencies had disrupted the actions of …

Read post

23/04/2024

UK Cyber security breaches survey 2024

Lies, damned lies, and statistics (attributed to Disraeli) The UK Cyber Security Breaches Survey 2024 was published on 9th April 2024.  Not surprisingly it …

Read post

25/03/2024

Digital Gift Card Issues

Both Apple and Google offer gift card services for use on their App stores.  Just as it states on the tin the card can …

Read post

Sign Up

Sign up to our newsletter list here.

    Successful sign up

    Thank you for signing up to our newsletter list.

    Check your inbox for all the latest information from Kindus

    Categories