This article was written by William Shilson, President of Connected Technologies

Data security is the practice of keeping data protected from corruption and unauthorized access. The focus behind data security is to ensure privacy while protecting personal or corporate data. As large-scale cybersecurity attacks continue to proliferate in the enterprise, attackers are broadening their approach in order to strengthen their impact.

How can you and your employees help keep your data safe?

What to watch out for

Ransomware / Malware: One of the biggest threats currently facing organizations and IT professionals is from ransomware & malware attacks. Traditional antivirus and antimalware software won't stop these threats. Making headlines around the world, the 2017 WannaCry ransomware attack infected over 300,000 PCs globally, exploiting unpatched and older Windows operating systems.

Educating users (i.e. you and your employees) is the best form of protection! Be extremely careful about opening any email attachments, or following links in emails from known or unknown sources.

Identity Theft & Spoofing: A wolf in the clothing of John from accounting. Cyber criminals are experts at hijacking identities. Even if the email appears to be from someone you know, be careful and look for the signs of Phishing based emails (such as strange wording, slightly off punctuation and spacing, and weird email addresses).

Infected Office Documents: Microsoft Office can be used by attackers to deliver malware. Infected documents link to hostile code, which delivers the infection. Therefore, ONLY accept documents from verified and trusted sources and do not allow macros and links to run when prompted.

Typosquatting: A relatively new malware attack occurs when you incorrectly type a URL. Many "squatters" are registering popular domain names like Apple and Google, that have been registered in Oman, where the top level domain is .om. Be careful when you type a URL and don't click "enter" until you've doublechecked it.

Tips to keep your data and your company's data safe

• Be extremely careful about opening any email attachments, or following links in emails from known or unknown sources.
• Even if the email appears to be from someone you know, be careful and look for the signs of Phishing based emails (such as strange wording, slightly off punctuation and spacing, and weird email addresses).
• ONLY accept documents from verified and trusted sources and do not allow macros and links to run when prompted.
• Strong passwords are required! Long passwords are the strongest and hardest to crack. Don’t replace characters with symbols or numbers, like P@ssw0rd. These short, hard-to-read passwords look complicated for humans, but very simple to computers. Choose a random series of words to build a strong password which is easy to remember. And don’t use the same password for multiple sites.
• Cell phone security: Update your software! Secure your device with a PIN and have it automatically lock. Use biometric features, such as Touch ID and Facial ID, whenever possible. And report lost or stolen devices immediately.
• Public WIFI security: Starbucks is not a trusted source for internet connectivity. If using Public WIFI, always use a VPN. Keep WIFI off, unless needed. Use cell phone tethering whenever possible.
• USB Key Threat: Never trust an unexpected USB key. Only trust brand new USB keys purchased from a trusted source.
• Phone Attacks and Social Engineering: Be very suspicious of all calls asking for sensitive information. Caller ID is easily spoofed and cannot be relied on to know the source of a caller. If it sounds fishy, it often is. The call scam from the “CRA” is an example this.