If you are from your company’s legal department, it is important to be aware of the increased incidence of cybercrime that is happening due to our new home office context. In this article, we will list some important tips to help you avoid these types of problems, as well as cheaper and safer solutions that help in the security of all departments.
According to a recent article by the Infosecurity Group, cyber attacks have increased 37% in the last month. Considering only phishing attempts, the site indicates a growth of more than 600% since the end of February, which includes traditional impersonation scams, but also the compromise of commercial email (known by the acronym BEC) and extortion attacks. This is due to the fact that companies have allowed people to work from home, either on their personal computers or on computers provided by the company, without the necessary secure connection infrastructure. In such cases, what would be the best measure to take?
TAKE CARE OF YOUR COMPUTER AND ACCESS
1 – Use anti-virus programs, such as Avast;
2 – Keep all the programs on your computer up to date. If they are out of date, they can become vulnerable and easier to be invaded by malicious people;
3 – If you are using your personal computer, create a user to perform only remote work activities. Ideally, this new user has not been configured as a computer administrator, which will prevent intrusions on this user profile from making changes to your machine;
4 – Review all your passwords, ensuring they are using a secure combination. If you prefer, use a password manager for computers and cell phones, such as 1password or KeePass. Furthermore, NEVER SHARE YOUR PASSWORDS;
5 – Enable two-step authentication (ideal for any and all passwords and never use SMS to receive the PIN);
6 – Do not open attachments from strangers;
7 – At the end of the day, turn off or disconnect your computer or other devices you are using to work from the network;
8 – If possible, use a good quality VPN that is not free, as free ones have vulnerabilities that make them insecure;
9 – Use secure tools for corporate communication, ensuring that they have end-to-end encryption, such as Riot (text) and Jitsi (videoconference);
10 – Back up your files or documents in more than one place and make sure they are safe.
CHECK THE SECURITY OF YOUR CONNECTION
1 – Change the connection password for your wifi router provided by the operator. Use a password manager to create a secure password;
2 – If your operator allows it, also change the password to access the router’s settings;
3 – Restart your router daily. By doing this, your IP changes with each restart;
4 – Check if your router has the WPS button. If so, disable it, as it allows connection to your router without a password. In some cases you will have to ask a technician from your operator to disable this option.
PAY ATTENTION WHEN CONTRACTING ONLINE SERVICES AND PRODUCTS
1 – Before buying any service or product online, do research to verify if there has ever been a leak of data or information from that company;
2 – It is important to understand if the company is already in compliance with the data protection legislation from your region, such as the GDPR in Europe or the LGPD in Brazil. Even though some of them might not yet be in force, companies that are in compliance are much more concerned with information security.
TAKE ADVANTAGE OF ORIGINALMY SOLUTIONS
Since the beginning, security has always been our concern when building our solutions and that is why we chose to use blockchain technology. Our idea has always been to prove the existence of files, documents and people without having to keep any kind of user information. But how is that possible?
Before explaining it in practice, it is important that you understand what blockchain is. In a very simplified way, blockchain technology is a distributed and decentralized database that stores different types of information in a linear and immutable way. This information is stored in “blocks”, and each block is connected to the previous one through a code called a hash, forming a chain.
Each time a new block is added, the computers connected to that network (called “nodes”), check if the data contained in it corresponds to that of the previous block – ensuring that they are not modified improperly. In addition, blockchain works from three fundamental characteristics:
– immutability: the recorded information is practically impossible to be removed or modified;
– decentralization: there is no information controller that could deliberately include, modify or exclude data based only on their own will;
– distribution: the information registered in the blockchain is replicated on thousands of computers around the world.
Such characteristics provide the blockchain with the necessary security to prove the authenticity of information and auditability, including the date and time the record was created (the so-called “timestamp”).
Knowing this, you can be sure that all of our solutions are as secure as possible.
Nowadays, fraud happens all the time and one of the reasons for this is the ease of handling files and/or digital documents. Therefore, it is extremely important that the content is certified before a document is made public or sent to third parties.
Using PACDigital, it is possible to authenticate digital files and documents. This way, there is proof of the authenticity of the file or document, avoiding a series of legal problems. In this context, we can mention the use for intellectual property of creation such as books, projects, software source code and all types of creation that need protection.
When sending a file or document to be authenticated in blockchain, we keep the hash of it, not your document or file. Thus, the information contained in it will remain confidential and at no time do we have contact with the content of the document. What will be recorded is the hash, which is a unique code for your document. Only the original document or file is able to generate the same hash and thus prove whether it is authentic or not. That is why no changes can be made to the document, because if this happens, it will no longer refer to the hash of the authenticated document.
Many companies are still looking for tools to assist them in becoming compliant with the GDPR. The Blockchain ID solution meets the main requirement of the General Data Protection Regulation on the use of personal data: consent. It can be easily integrated into websites, portals or applications, in addition to turnstiles or ordinances. In addition to access, it allows you to sign contracts or digital documents.
To create your blockchain identity, you will be asked for some information and our system will validate it on public and private databases. Your Blockchain ID will also have a hash and whenever you use it, you will have to authorize the company to access your data.
In addition to signing contracts, it is possible to sign any digital document, such as payslips, authorizations, vouchers, etc. To sign, you need to create your Blockchain ID, because only then can we prove the authorship of your signature. And here it is important to make it clear that your signature will not be the drawing signature that we are used to, but a digital signature made through your Blockchain ID. To submit the contract, the same principle of PACDigital applies here. When submitting the contract on our platform, we will store the contract hash and for this reason, all people who will sign the contract, will need to submit the file on our platform, in order to prove the possession of the original document.
Through our plugin, we generate a report with all the necessary metadata, in addition to the image of what is being viewed on your computer at that exact moment. After blockchain certification, we generate the hash of this report and with it, we create the certificate of authenticity of your report for you to present in court. By the way, it is an excellent tool to prove cyber crimes such as: threats via WhatsApp or other social media, slanderous comments, among others.
Would you like to test our solutions?
Just order your free trial here.