This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
This Website Uses Cookies
By closing this message or continuing to use our site, you agree to our cookie policy. Learn More
This website requires certain cookies to work and uses other cookies to help you have the best experience. By visiting this website, certain cookies have already been set, which you may delete and block. By closing this message or continuing to use our site, you agree to the use of cookies. Visit our updated privacy and cookie policy to learn more.
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • Home
  • News
    • Security Newswire
    • Technologies
    • Security Blog
    • Newsletter
    • Web Exclusives
  • Columns
    • Career Intelligence
    • Security Talk
    • The Corner Office
    • Leadership & Management
    • Cyber Tactics
    • Overseas and Secure
    • The Risk Matrix
  • Management
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • More
  • Physical
    • Access Management
    • Video Surveillance
    • Identity Management
    • More
  • Cyber
  • Sectors
    • Education: University
    • Hospitals & Medical Centers
    • Critical Infrastructure
    • More
  • Exclusives
    • Security 500 Report
    • Most Influential People in Security
    • Top Guard and Security Officer Companies
    • The Security Leadership Issue
    • Annual Innovations, Technology, & Services Report
  • Events
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
    • Security 500 West
  • Resources
    • The Magazine
      • This Month's Issue
      • Digital Edition
      • Archives
      • Professional Security Canada
    • Videos
      • ISC West 2019
    • Photo Galleries
    • Polls
    • Classifieds & Job Listings
    • White Papers
    • Mobile App
    • Store
    • Sponsor Insights
    • Continuing Education
  • InfoCenters
    • Building AppSec in Enterprises
    • Video Management Systems
  • Contact
    • Editorial Guidelines
  • Advertise
Home » How to Fight Back Against Hackers
Access ManagementCyber Security News

How to Fight Back Against Hackers

Ben Scaglione
October 1, 2012
Bernard Scaglione
KEYWORDS Bring your own device / data security / password protection / security apps / smartphone security
Reprints
2 Comments

In the beginning of September, a group of computer hackers calling themselves AntiSec announced that they had stolen a file containing unique identification data for 12,367,232 Apple iOS devices. They claimed the database was stolen from the compromised laptop of an FBI agent. Simultaneous to AntiSec’s release, the FBI denied the claim. To substantiate their claim, AntiSec released one million of the unique identifiers minus the personal data embedded in the stolen file.

My reaction to this obscure story is: what was highly confidential data doing on a laptop computer, and why weren’t there security measures in place within the laptop to prevent the theft? It seems that every day there is another incident reported in the media of data being stolen or computer networks compromised. The problem persists even though companies spend millions of dollars every year to curtail the theft and breach of their virtual systems.  

Part of the problem resides with the employees themselves and their personal security practices related to their computer devices. Previously I wrote about the blending of our social lives and work and personal lives. However, access control within our social and professional lives expands well beyond Facebook and Twitter. It extends to the virtual devices we use. Devices like smartphones, laptops, tablets and even desktop computers are the conduits that connect our personal and business lives. And by doing so, we expose these devices to potential attack from hackers. Most of us have a desktop computer, a smartphone and probably a laptop or tablet as well. On all of these devices we keep our personal and work information together in order to make our lives simpler. We transfer pictures, documents and postings between all of our devices regardless whether they are personal or professional. Today’s technology not only opens us up to public scrutiny, but it enables hackers and corporate spies to infiltrate our data and our lives and create havoc with our devices. Providing access control to personal devices is just as important as securing social networks, and utilizing just a password is not enough. Because technology makes our lives so very easy, we forget the potential liability we incur because of involvement in our social networks or just because of convenience.

So how, as social entities and corporate officers, can we help to secure the access of our social and corporate devices within the virtual world? Here are a few simple practices to help increase the security of your devices.

If data transfer to a laptop is necessary in order to conduct business, the computer should be locked down. There should be no apps, programs or anything that could potentially compromise the computer. However, if Internet Explorer, Adobe or Java is needed to conduct business, the device is susceptible to an attack. In this case, proprietary data should not be stored on the device. All proprietary data should be kept secure off-line. When using the data, it should be uploaded, worked on and then downloaded. And social networking should be done on your smartphone or tablet device.

Many programs and apps have passwords for access. This feature should be activated, especially if they store data and the data is propriety. The password utilized for the app or program should not be the same as the password to log onto the device. In the case of data storage or programs that contain proprietary information, a third password is recommended that is very different than the others you use. Ensure your device is accessed through a password as well, so if it is stolen the perpetrator cannot gain access into your device.

It is also helpful to turn off Wi-Fi when your device is lying dormant. This way access into your device is impossible. A good time to establish this practice is at night when the device is charging.  

Key to controlling unauthorized access to mobile devices is the identification of apps and programs that can create vulnerability. Keeping tabs on news related to breaches and vulnerabilities can help with this process. When a breach is publicized for an app or program, you have the option of deleting it until a fix is made public or just ensuring that the program is closed on your device when it is not in use.

Apps or programs that are not in use should be turned off. That means going into your device and either quitting the program, closing or exiting it from the tool bar or turning the app or program off on your mobile device and keeping it off until you need to use it again. 

And finally, make sure that your devices are set to close automatically, within two to five minutes after it becomes dormant. If proprietary information has to reside on your device, make sure your device auto-closes at a minimum time – 30 or 60 seconds.

Following these simple, basic practices will dramatically reduce the opportunity for hackers to access your smart devices and steal important data. However, the best practice to follow when it comes to proprietary information is leave it offline and protect the device it resides on by using encryption, controlling access through a password and securing it so that it is not lost or stolen.  

 

This article was previously published in the print magazine as "Hack Away at the Hackers."

  Read more Get Into Access & ID at SecurityMagazine.com/Columns/AccessID

Subscribe to Security Magazine

Recent Articles by Bernard Scaglione

Hospital Security Lapses in 2013 Turn Spotlight on Security Officer Training

How GTRI Practices Could Protect Schools from Violence

Assessing Access Control Standards

Managing Modern Risks in Access Control and Identification

Bernard J. Scaglione, CPP, CHPA, CHSP is the Director of Healthcare Security Services for G4S Secure Solutions. He has 30 years of experience in the healthcare security field including a Master’s Degree from Rutgers University School of Criminal Justice in New Jersey. Ben currently serves on the Board of the International Association for Healthcare Security and Safety (IAHSS). He served on IAHSS Education Council from 2005 until 2011. Ben is past Chairman of the ASIS International Healthcare Council and the Past President of the New York City Metropolitan Healthcare Safety and Security Directors Association. He has been a columnist for Security Magazine and contributing author for the Journal of Healthcare Protection Management. Ben was an adjunct faculty member at Pratt Institute in New York teaching engineers and architects in physical security. He taught at Interboro Institute in New York and at New Jersey City University. He was also an instructor at John Jay College Peace Officer Academy.

Related Articles

How GTRI Practices Could Protect Schools from Violence

How Cities Use Mesh Networks for Surveillance

Related Products

The Database Hacker's Handbook: Defending Database Servers

Related Events

Mobile Surveillance Applications

Mobile Surveillance Applications

You must login or register in order to post a comment.

Report Abusive Comment

Subscribe For Free!
  • Print & Digital Edition Subscriptions
  • Security eNewsletter & Other eNews Alerts
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Popular Stories

cybersecurity breach

The Top 12 Data Breaches of 2019

ransomware-enews

British American Tobacco Suffers Data Breach and Ransomware Attack

Dispelling the Dangerous Myth of Data Breach Fatigue; cyber security news

Major Retailer Macy's Is Hacked

server room, cybersecurity, penetration testing,

Explained: Firewalls, Vulnerability Scans and Penetration Tests

SEC1219-Cover-Feat-slide1_900px

Contracted vs. In-House Guarding: No Universal Right Answer

SEC2019_Everbridge_1119_360x184customcontent

Events

December 17, 2019

Conducting a Workplace Violence Threat Analysis and Developing a Response Plan

There are few situations a security professional will face that is more serious than a potential workplace violence threat. Every security professional knows and understands that all employers have a legal, ethical and moral duty to take reasonable steps to prevent and respond to threats of violence in their workplace.
January 23, 2020

The Value of a Unified Approach to Critical Event Management

From extreme weather to cyberattacks to workplace violence, every organization will experience at least one, if not multiple, critical events per year. And in today’s interconnected digital and physical world, the cascading safety, brand, and revenue impacts of critical events are more severe. Organizations need to be prepared through a unified and rapid response to these events.
View All Submit An Event

Poll

Emergency Communications

What does your enterprise use to communicate emergencies to company employees?
View Results Poll Archive

Products

Effective Security Management, 6th Edition

Effective Security Management, 6th Edition

 Effective Security Management, 5e, teaches practicing security professionals how to build their careers by mastering the fundamentals of good management. Charles Sennewald brings a time-tested blend of common sense, wisdom, and humor to this bestselling introduction to workplace dynamics. 

See More Products
SEC500_250x180 clear

Security Magazine

SEC-December-2019-Cover_144px

2019 December

This month, Security magazine brings you the 2019 Guarding Report, featuring David Komendat, Boeing CSO, and many other public safety leaders to discuss threats and solutions for 2020 and security officer training. Also, we highlight Hector Rodriguez, Director of Public Safety and Security at Marymount California University, CCPA regulations, NIST standards, VMS and much more.

View More Create Account
  • More
    • Market Research
    • Custom Content & Marketing Services
    • Security Group
    • Editorial Guidelines
    • Privacy Policy
    • Survey And Sample
  • Want More
    • Subscribe
    • Connect
    • Partners

Copyright ©2019. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing