CYBER SECURITY INFORMER - news and tips to help you stay safe online and protect your network

Staying Safe While Using Social Media for Business

Businesses are using social media more and more as a way of augmenting traditional PR and communications strategies. Blogs, Twitter and Facebook can help a company build its profile and reach a wider audience. But there are certainly rules that any company can follow to help ensure its social media use is a safe experience.

This week, Soya Marketing in Vancouver touched on online identity protection issues companies might want to keep in mind when creating their social media profile. "As a general rule of thumb, businesses looking to use social media should limit the kinds of information that they would put online to what you would normally want to make public anyway, such as contact information or basic company information," Soya Partner Jaqueline Voci says.

"Passwords could also be an issue, though it's not something we've run into," Voci notes.

For instance, weak passwords allowed a hacker access to multiple high-profile accounts such as Barack Obama and the Fox News network at the beginning of 2009. If companies want to use a wide range of social networking sites with different registration passwords to build their profile, they will need a system to remember them, such as always writing an encrypted version of the name of the site you're using into the password.

For example, Bob Jones, a newly-minted social media marketer for his company, creates the Twitter password Bob_Tvv1tteR_joneS.

His Facebook password looks like Bob_Faceh00K_joneS. His password for LinkedIn could be Bob_L1nked1n_joneS. And so on.

It's not an ideal solution to use just one password for a number of sites, so by using a system, Bob will be able to remember an unlimited number of passwords for every site and application he wants to use. It's not an impossible system to crack, but it will hopefully cause a potential hacker enough trouble that he won't bother trying to steal the account and will move onto an easier target.

For businesses using social media, one other security issue to remember is laptop and mobile device security. If you've got applications and clients set up to run with passwords already authorized and your device is stolen, unauthorized people may have authorized access to post whatever they feel like to your carefully-branded social media profiles. Don't lend out your laptop or device, and ensure you have a password set for using the device.

In the next issue of Cyber Security Informer, we’ll be continuing to profile organizations that are helping make the world a more secure place. If your organization is doing its part to build a more secure future by protecting partners, customers, website visitors and application users from cyber crime, contact us today at info@pcis.com

Webinar on June 24: PCI DSS and the Basics of Data Security Compliance

In this Case for Security webinar, PCIS aims to help business owners and executives understand their compliance requirements so they can maintain business continuity through better protection.

To register for this free webinar, follow these simple steps.

1. Go to http://boonbox.webex.com/meet/boonbox
2. Click "Show All Meetings".
3. Click the "Register" link on the right in the Status column for "Case for Security Webinar: PCI DSS and the Basics of Data Security Compliance" and fill in the short registration form. You will be sent your registration confirmation information and instructions on how to participate.

Date & Time: Wednesday June 24, from 8:30-8:45 am Pacific Time

More event information for the PCI DSS and the Basics of Data Security Compliance Webinar

June 23, 2009

Check out Cyber Security Informer Back Issues

Cyber Security Informer is distributed by:

Pacific Coast Information Systems Ltd. (IT Consulting)

Boonbox, a division of PCIS (Security Packaged Services)

Contact PCIS

Toll-free 1.877.744.7558

In this issue:

* Staying Safe While Using Social Media for Business

* Webinar on June 24: PCI DSS and the Basics of Data Security Compliance

* Hacker Bait 

* Ask A Security Expert

Cyber Security Informer provides security news and tips to help organizations protect their business and their customers. 

Give us your feedback about Cyber Security Informer

Name
*
Company
*
Phone
*
Email
*
Feedback
Please tell us how you found out about PCIS


"Submit Feedback"

Resources Links:

 

Hacker Bait

The latest Hacker Bait list contains highly trafficked websites that have been found to have vulnerabilities that hackers and cyber criminals could exploit. 

This is not a complete list of all vulnerable sites on the Internet, but only represents websites where vulnerabilities were found within the past 90 days. These are only the latest additions to an ever-growing club of sites found to be insecure according to various public sources and online tools used in the web security industry.

If you would like more information on our data and why these sites are listed here, please contact PCIS

Hacker Bait Sites With Vulnerabilities Discovered in Past 90 Days

alltopwebsites.com

artoftea.com

audiobookquest.com

codingworkshop.com

colortheory.com

coppersfield.com

creativewebsitedesigner.com

dangerzonejobs.com

datarecoveryipod.com

dotnetvideos.net

game-releases.net

globalrealestate.org

grieflossrecovery.com

myspaceproperty.com

officehumorblog.com

planetfortress.com

traffictoolshop.com

wrestling-online.com

yourjob.com.cn

zeromoneyinvestment.com

Ask A Security Expert

"What is the difference between a computer virus, worm or Trojan?"

A computer virus is a small program that can spread from one computer to another, disrupting your computers' operations, corrupting data or even deleting everything on your hard disk. It can be spread in many ways, including email, instant messages and attachments.

A worm is a self-replicating program that doesn't need a host program to attach itself to. They attack the network. Among other problems, they can be used to infect computers to create a "zombie" computer under the control of the attacker.

Trojans are programs that seem to be useful to the user (which is why one might be tricked into downloading them) but which facilitate unauthorized access to the affected computer. Hackers are then capable of remotely perform operations such as downloading, installing software, viewing the user's screen, keylogging and data theft.

All computer users should have their antivirus, antispyware, operating systems and applications updated and patched to help defend against these kinds of threats.

If you would like more information about how we can help you recover from a virus, worm or Trojan, contact us.

Boonbox and Pacific Coast Information Systems Ltd.

Boonbox is a division of Pacific Coast Information Systems Ltd., specializing in products for web security, network security, password management and data backup.

PCIS is a Vancouver-based company which provides strategic consulting, application development, technology solutions and managed services to companies and government organizations throughout North America.

HOW TO SUBSCRIBE/UNSUBSCRIBE

SUBSCRIBE: To subscribe to Cyber Security Informer, send a blank email message with subject line "SUBSCRIBE" to informer@pcis.com

UNSUBSCRIBE: If you do not wish to receive future issues of Cyber Security Informer, send a blank email with subject line "UNSUBSCRIBE" to:informer@pcis.com and we will promptly remove you from our distribution list.

WE WANT YOUR FEEDBACK

Our purpose for providing this free service is to keep our clients and business contacts informed of technology developments. This information can help them resolve common problems and achieve their full potential by strengthening their business processes and infrastructure. Your input is important to us and we welcome your ideas for new features and how we can continue to improve our service to you. Send your comments and suggestions to informer@pcis.com or contact us directly at 604.844.7558