This sounds like a nightmare that could never happen.
US soldiers have been putting sensitive information online in non-secure third party websites. It defies belief, yet we’re reading that it happened. The story popped up on ‘Gizmodo’ .
It is alleged that US Soldiers were saving sensitive information on a couple of common flashcard sites, presumably of things they were trying to memorise and learn. It seems these are common learning tools used in universities to help students memorise facts. That works well so long as the facts aren’t top secret! Even worse, their settings were on ‘public’ not ‘private’!
It is a classic warning about the risk of people, however well intentioned, saving critical data online in places the organisation is unaware of, and can’t control. That’s why our KARE FOUNDATION proactive cyber-security plan helps identify use of these sites in your organisation.
For more detail : Why you need to know all the cloud services that your organisation uses – part 2 – (US DoD Nuclear Secrets!) – IT Solutions and Managed Services (kinetics.co.nz)
Shadow IT is part of our 10-point cyber-security check list
While there is no single layer of technology that can guarantee you will be safe from hackers, you can reduce your risk by adding layers of protection. How many of our 10-point check list are in place for you?
Pretending to be you or your colleagues
Just because it seems safe, doesn't mean it is. On some emails, you might see a warning that marks them as being ‘external’. This gets added as the email comes into your organisation. The idea is a simple one – if you see an email marked as external, then you will be...
Avoiding ad trackers when you browse the ‘net
Your own personalised stalker It always seemed slightly creepy that your computer shows advertising that is strangely accurately targeted at things you might have been interested in. On the surface, that seems quite useful. If you have to tolerate ads on your...
Phishing emails are getting smarter every day
In the old days (ie last year!!), a dodgy email had a whiff to it – there was something that triggered your subconscious. That’s because some phishing emails were really badly written with terrible English. But others just had a sniff about them- something that made...
A cyber-criminal only needs to get lucky once. You have to stay ahead of them all day, every day
"A cybercriminal only has to be lucky once, while a defender has to be lucky every minute of every day.” - Combating Ransomware - A Comprehensive Framework for Action: Key Recommendations from the Ransomware Task Force. The message we hear from governance boards over...
Do you know where all your organisations data is? You don’t know what you don’t know
What is 'Shadow IT'? Shadow IT refers to the various web tools informally in use within most organisations. These tools are often chosen without reference to IT or to management in general. They are often used for all the very best reasons. Your colleagues have work...
Bad news email attachments
Some emails are more than just bad news No one likes bad news! But sometimes it can’t be helped. Sometimes it sneaks up on you. One of the most common ransomware attacks is through a compromised attachment in an email. It’s easy to say “only open stuff you expect” but...
When you willingly share data, how do you stop it leaking?
Data Leak Protection (DLP) is the name of several policies in Office 365, setting up what data can, and can't be, shared and with whom. Imagine being able to automatically identify private information like passport numbers, Health IDs or bank account details and make...
“LOCK ‘EM UP AND THROW AWAY THE KEYS”
Password Vaults and You With more and more websites necessary for our everyday activities, it’s getting harder and harder to manage passwords. By now, you will know not to write passwords on post-it notes and paste them on your screen. It's not uncommon for...
Google Releases Security Updates
Chrome security fixes Google has released Chrome version 91.0.4472.101 for Windows, Mac, and Linux. This update includes 14 security fixes. Out of the 14 fixes, 1 is considered to be critical in nature. If you are supported by KARE Core Fundamentals or Premium KARE...
You probably have a cyber-insurance problem, but don’t know it
Good practice last year isn’t good enough anymore. Even cyber-insurance providers are getting more selective before accepting cover, or worse, before paying claims. With the number of claims skyrocketing insurers are increasingly asking, "What did you do to...