For business owners who have decided to make their organization mobile and let people work remotely from home or on the road, security is an issue that must not be forgotten. Unless they think carefully about protecting data, they could land themselves in a whole heap of trouble.

Security increasingly is becoming a difficult problem for small businesses in Canada, many of which do not realize how quickly attacks are mounting. Years ago, the main security threat was from mischievous virus writers that wanted to wipe your hard drive or make your computer do odd things for fun. These days, attackers are much more focused on harvesting the data on your hard drive, hopefully without you noticing.

“That information is the holy grail for attackers, because they can profit from it,” says Michael Murphy, vice-president and general manager for Symantec Canada. “The landscape has changed. The computer is not the target. The attacks are exploiting vulnerabilities and lack of awareness, through methods including good old-fashioned social engineering.”

Social engineering attacks exploit a lack of user education to pilfer data. In the United States, for example, phishers – criminals who lure victims to fake websites using spoofed emails – pretended to be from the Internal Revenue Service, asking for peoples’ financial credentials. More recently, scammers have been sending emails from Facebook asking victims to install software to confirm a password change. The software then logs passwords entered for websites and remotely relays it back to the criminals.

For mobile workers, one of the biggest problems is that their information is spread across multiple physical boundaries. Some of it may reside at home. Other data might be on a mobile device or laptop on the road, while the rest is back at the office, but needs to be accessed remotely.

Trying to secure all this information in multiple places rather than keeping it all under lock and key at the office is a concept known as deperimeterization, and it is harder than it looks. For example, many small businesspeople who take their laptops on the road fail to encrypt the data stored on them. The inevitable sinking feeling when they realize they have left their laptop in the back of a cab is then followed by anguish when they realize the customer records on the hard drive will be accessible by anyone with a modicum of technical knowledge. If you think your Windows password is enough to protect your data, forget it. Unless the actual data on a hard drive is encrypted, it simply prevents system logons. Instead, invest in a full disc encryption product that protects data from criminals who could otherwise scan the hard drive using readily available tools.

However, this still leaves the problem of accessing remote data securely across public networks when out of the office. Many security professionals will recommend a simple virtual private network, which encrypts data in transit. Brian Bourne, founder of the Toronto-based security conference SecTor, issues a cautionary note.

“One problem with VPNs is that users simply copy information on to their desktop to work on it,” he says. That may not be a problem if the local hard drive is encrypted, but could be a security risk otherwise. Or, they could use the VPN to try and email sensitive data to themselves using a personal webmail account, which is even worse.

Instead, Mr. Bourne recommends using a remote access service (such as the type covered in the previous article, or Microsoft’s Remote Desktop Services), that gives users access to a representation of their desktop, and that can be configured not to allow, say, the copying of information to a local desktop.

Maintaining up-to-date antivirus software also is crucial, as is regularly applying security patches to your mobile and office-based systems. Ensure passwords are strong (combinations of letters, numbers and symbols are best, and store them in encrypted password management software on mobile computers). Identify where your most valuable data lies, and concentrate on protecting it – and, above all, backup that data to an encrypted store.

In a world full of online threats, complete security is never guaranteed – but you can at least make your company secure enough that online criminals will go elsewhere.

Source:http://www.financialpost.com/small-business/business-solutions/story.html?id=2749124

Citing bullying, cyber-bullying and other crimes, prosecutors Monday charged nine teens who they allege pushed a 15-year-old Massachusetts girl so far that she hanged herself two months ago.

According to law enforcement officials, Phoebe Prince was threatened and harassed almost from her first day at South Hadley High School.

Prince, who came to the school from Ireland, was ostracized for having a brief relationship with a popular boy, hanged herself in January — after a day that the district attorney described as “torturous” and that included being hounded with slurs and pelted with a beverage container as she walked home from school.

The teens face charges for what a prosecutor called “unrelenting” bullying, including two teen boys charged with statutory rape and a clique of girls charged with stalking, criminal harassment and violating Prince’s civil rights.

The bullying and cyber-bullying endured by Prince is becoming more and more common.

A February study by the Cyberbullying Research Center shows that 20 percent of the 4,000 12 to 18 year olds in the sample reported being cyber bullied during their lives. When asked the previous 30 days, 13.7 percent reported being the recipient of mean or hurtful comments and 12.9 percent said they had rumors spread online about themselves. Seventeen percent of the sample reported being cyber-bullied in one or more of the nine types reported, two or more times over the course of the previous 30 days.

The study also shows that cell phones continue to be the most popular technology utilized by teens with almost 83 percent of those in the study report having used one at least weekly.

And cell phones, especially smart phones, pose a problem for parents seeking to monitor their child’s activities. A home computer can have a program such as Net Nanny installed, which lets parents track their child’s usage. Traditional parental controls for cell phones have primarily focused on filters for what multimedia content, usage controls to limit the number of calls and texts a phone can receive or disable the phone at certain times, and location and monitoring controls.

SMobile Systems, recently unveiled the latest version of its Parental Controls and Monitoring service, which now includes GPS tracking and picture monitoring and takes traditional phone monitoring a step further.

The Parental Controls Dashboard from SMobile Systems (News – Alert) is a Web-based software, which enables parents to define and set keyword alerts, view the people contacting their child, utilize remote location services, and monitor pictures, images and messages sent to and from their child’s phone.

“Cell phones have become powerful mobile computing devices, complete with digital cameras and video recorders. As smartphone prices continue to fall, they have become a ‘must have’ for kids and teens,” said Neil Book, CEO of SMobile Systems. “There’s a perception out there that if we put parental control software on our desktops at home, we’re keeping our kids safe from cyber threats. But the reality is, our children are walking around with handheld computers in their pockets that are connected to the internet 24 hours a day. Our goal in developing the Parental Controls Dashboard is to give parents a similar set of tools to monitor their kids’ mobile activities as they have with programs like NetNanny and other Internet solutions for monitoring their personal computers.”

The Massachusetts Legislature cited Prince’s death and the apparent suicide of 11-year-old Carl Walker-Hoover of Springfield last year when members passed anti-bullying legislation earlier this month.

The Massachusetts cases aren’t the first time cyber-bullying has ended in death.

In 2006, 13-year-old Megan Meier killed herself after being harassed on MySpace (News – Alert) by a neighbor’s mother, posing as a 16-year-old teenage boy.

The death of the Missouri teen spawned legislative efforts, the Megan Meier Cyberbullying Prevention Act, which would amends the federal code to impose criminal penalties on anyone who transmits in interstate or foreign commerce a communication intended to coerce, intimidate, harass, or cause substantial emotional distress to another person, using electronic means to support severe, repeated, and hostile behavior. The bill has been in subcommittees since its April 2009 introduction.

Source:http://dns.tmcnet.com/topics/internet-security/articles/80474-software-help-parents-combat-cyber-bullying.htm