Deborah Galea
Deborah Galea is co-founder and COO of Red Earth Software based in Silicon Valley, California. Deborah is a contributor to most of Red Earth Software’s white papers, articles and blog posts. After completing her Masters degree in European Studies (with a major in Communications) at the University of Amsterdam in 1994, Deborah completed a traineeship at the European Commission. She decided to follow her public relations passion and went on to hold PR & communications positions at the Sdu Informatie Bank (Dutch state publishers) and Hill and Knowlton (pr agency). After successfully running a UK software distributorship for five years, where she was responsible for PR, marketing and daily operations, Deborah decided to co-found Red Earth Software in 2001 and apply herself to creating useful ‘down to earth’ software that solves real business problems. View Deborah’s Linked in profile at: http://www.linkedin.com/pub/4/890/394.
Home page: http://www.policypatrol.com
Posts by Deborah Galea
Three Reasons All Companies Need A Uniform Email Signature
When communicating through email, your words and the look of your email convey a strong message. Customers, vendors and associates will undoubtedly judge your company by not only the content, but also the look of your email and your email signature. What are you conveying about your company with your email signature?
Here we offer three reasons all companies should broadcast a uniform email signature.
1) Convey A Professional Image
While it may seem cute to express your personality on your work emails with animations and colorful fonts, it’s simply not appropriate if you’re company is trying to project a professional image. It makes more sense for a company to have a simple, clean signature including the company logo. Not only does this communicate a higher level of legitimacy and professionalism to anyone who receives it, but it also provides instant brand recognition for your company.
2) Utilize Marketing Opportunities
Furthermore, every company has scheduled events, news to brag about and even new products to share with your customer base, why not use your outgoing emails to get the word out? By simply adding a note to your company’s established email signature, you can capitalize on the emails you and your employees send out every day. This creative way to increase your marketing reach costs nearly nothing, and is very easy to do with a centrally managed email signature solution.
3) Minimize legal, Confidentiality and Privacy Risks
Confidentiality, legal, and privacy email disclaimers are a common expectation in today’s digital based workplace. A uniform email signature provides companies the chance to add all necessary disclaimer information to all outgoing emails. Disclaimers protect your company, employees, customers and best interests.
Why risk undermining your professional image and legitimacy by not instituting a company-wide email signature? By simply adding a uniform email signature, any business owner can protect their business image as well as increase their marketing reach.
Security on Your Mobile Device
Mobile devices are one of the modern workplace’s greatest assets. The level of flexibility they offer makes computing on the go, from remote locations, and away from the office a great way to increase productivity. Despite all their benefits, mobile devices can be a huge point of vulnerability for security breaches.
What Makes A Mobile Device Vulnerable?
Mostly the lack of security on any mobile device is what makes it susceptible to breaches. Most users don’t run any sort of anti-spam software on their device making it a sitting duck for malware and other spam attacks. As we discussed previously, most users also don’t protect their devices with passwords. Sometimes it’s easy to forget that your smartphone or tablet is in all actuality a computer that needs the same level of protection as any other PC you’d use for business emails.
How Can You Protect Your Email and Data?
We’ve said it before, and we’ll say it again here: passwords, passwords, passwords. It is essential to protect your mobile device with a complex password of at least nine characters including letters, numbers and other characters. Nearly all computing devices have a feature for passwords and to not use that feature is an invitation for breaches. If your mobile device is connected to your company’s email system, chances are anti-spam software and email-anti-virus scanning is performed at the server level so this should protect your email on your mobile device too.
These few steps may seem simple, but they can make a huge difference in preventing a devastating security breach.
Doppelganger Domains and Typosquatting
Probability suggests that we’ve all done it. Our fingers have gotten ahead of us and typed in a URL that was close but not quite correct. We’ve arrived at a website that just looked a little off, so we checked the URL and saw our typo.
We’re the lucky ones.
Cyber criminals have found a way to capitalize on our typographical errors and omissions. With the success they’ve had in recent months phishing sensitive data, these attacks are here to stay.
What are TypoSquatting and Doppelganger Domains?
The simple answer is that it’s a URL that is spelled incorrectly or missing a letter or character. For example someone might want to go to “gmail.com” but accidentally type “gmial.com.” It’s a subtle difference, but just enough to land you on a dubious site. Generally these sites are designed to look exactly like the legitimate one. You may notice something just seems a little off, like the grammar. Doppelganger Domains are a form of TypoSquatting that exploit visitors by removing a dot between the subdomain and the domain, for instance “uscompany.com” instead of “us.company.com”. These are dangerously misleading as many companies have regional offices that do business and the difference is much harder to spot than a misspelling in the URL.
How do these attacks work?
Attacks can occur when mistyping a URL in a browser, which can lead you to an infected site or a phishing site. These confusingly similar domains can also be used to receive emails that are addressed to the misspelled email domain, and even worse to impersonate emails from the legitimate company for phishing purposes. Unfortunately, these cyber criminals have figured out that if they email you a link that looks very similar to the legitimate one, you’ll likely not question it. They can also shorten a link to hide the URL until you are already on the Web page before you can even see the full Web address.
What can you do to protect against TypoSquatting and Doppelganger Domains?
As always, the first thing to do to protect against these attacks is to educate those around you. Employees are every company’s easiest point of attack for any scammer. Make sure you have a solid email policy in place that clearly explains the dangers of email and how employees can minimize these. Have an effective spam filter in place that blocks dubious emails and phishing attempts. Monitor what is going on with your company’s emails. Use email monitoring software to keep tabs on what is going out as well as coming in. Talk about email security risks in staff meetings. Understanding your company’s email usage is critical in finding ways to best protect your company and data.
Denver Named As City Vulnerable to Online Security Beaches
A recent AVG survey of consumer behaviors in 35 major US cities showed Denver as the 8th most vulnerable to online security attacks.
The most shocking results to come out of the survey were directly related to habits of mobile device users. Over 40 percent reported not using a password on their mobile device with an even more alarming 75 percent reporting that they don’t make any effort to back up the data on their mobile devices.
Behaviors That Lead to Breaches
Even though most of us know about threats lurking out there, sometimes we just don’t make the connection when it comes to our online security. The most common behaviors and practices that lead to vulnerability all center on how users protect their data. Multiple people reported sharing their passwords with at least one other person; even more reported never running a manual anti-virus, or having anti-spam software to protect their PCs or mobile devices. Despite how much we know about the risks our data faces online, we’re still amiss in following through.
How To Protect Yourself
It’s no longer enough just to keep an eye peeled for spammy emails. Unfortunately, those looking to exploit your data online are clever and always scheming. There are easy steps you can take to help ensure you don’t become a victim. First and foremost, change your passwords. Make sure all passwords are at least nine characters long and use a mix of letters, numbers and characters whenever possible. Also, change your passwords often; especially if you’ve accessed a password-protected site from a public WIFI spot. Use secure data sharing software when you absolutely must share sensitive information online. Be aware of phishing scams and never follow a link provided in a suspicious email. Type the desired address in your browser yourself to avoid ending up on a dupe or phony site. If you are using your mobile device for work reasons, make sure you follow the security guidelines set out in your company’s email policy.
When it comes to your online security, the power to protect yourself is in your hands.
Natural Disasters and Your Email Security
2011 has seen a number of natural disasters. Serious blizzards, tornadoes, earthquakes, hurricanes and wildfires have affected several cities during the course of the year. During a natural disaster, the safety of you and your loved ones comes first. Then, as a business, the security of your data comes into focus.
Have An Email Policy in Place That Addresses Security
Risks to your email security during a natural disaster can include damage to a site housing a server or an employee remotely accessing data during a natural disaster leading to privacy and security breaches. Worst of all, natural disasters can leave you vulnerable to phishing attacks. Criminals prey on the scared during natural disasters. Common scams include phishing attempts soliciting charity donations to obtain your passwords and account numbers.
With so much on the line for any business, proactive measures to protect your data become just as important as a disaster recovery plan. The first thing you need to do is have an email security policy in place that addresses protecting data in the event of a natural disaster and educates employees not to fall for phishing scams. In addition, email security software is needed that provides server reports on email activity as well as blocks spam and phishing attempts before they reach their recipient.
How Scammers Capitalize on Natural Disasters
One of the most underestimated points of vulnerability during a natural disaster is phishing scams. Whether it’s a loss of vigilance against spam messages, or simply being duped by seemingly legitimate credentials, scammers know when to pounce after an emergency.
In a recent phishing attack after Hurricane Irene, reports surfaced of those involved with the scam posing as FEMA employees in order to obtain sensitive information from individuals. While many of these attacks were carried out using phones, others were sent using email and claiming that phone service was unavailable. Some of the best protection against this type of activity is to educate yourself, your employees and your customers.
Just as you’d be sure to have insurance to protect against ruin after a natural disaster, it’s critical to protect your data by having security guidelines that can be part of your overall email policy.