by admin | Jul 31, 2015 | Uncategorised
In early 2014, the New York Times reported that US law firm Mayer Brown LLP may have had confidential emails between it and Indonesia, whom it was advising in a trade dispute case, monitored by the Australian Signals Directorate – their equivalent of the NSA or GCHQ. High-profile cases like these may seem unlikely to affect small businesses, and most malicious parties don’t have the resources national intelligence agencies do. But cybercrime is a growing problem, and one of the reasons is that emails are often unsafe. What actually happens when you press ‘Send’? It depends on the provider, but for most cloud-based services such as Gmail, when you press send your email is sent via an encrypted (SSL/TLS) connection to Google’s servers. Here it’s checked for spam and viruses, and is duplicated so there are backups. Then it’s sent on, again via an encrypted connection, to the recipient. The sending process, therefore, is relatively safe (as long as your connection is encrypted – not all are). But what about the emails themselves? They often contain sensitive data, but they’re in plain text format. This means that if someone can access the email file, possibly as it moves through the internet or possibly when it reaches its destination, then they can read it. There are methods to protect your data – PGP (Pretty Good Protection) is one. It works very well: you just need to generate a private and public encryption key with one of a number of providers, then share that public key with everyone whilst keeping the private key totally secret, then find an add-on to an...
by admin | Jul 24, 2015 | Advisory, Enterprise
It’s a natural response. Your business runs on accounting data: profits; turnover; payroll; etc. Someone getting access to that data, whether they’re a competitor hoping to discover your pricing strategy and undercut you, or a disgruntled customer planning to dump your data online and discredit your business, is your worst nightmare. It’d be lunacy to put all that data into the cloud, which everyone knows is insecure. Except that’s wrong. Counter-intuitively, storing your data in the cloud – especially accounting data – is much more secure than storing it locally on your own computers. Why? Because, as David Linthicum helpfully describes, there’s a difference between control and security. When your accounting data lives on your hardware, you have full control of it. But it’s not very secure. To see what this means, imagine someone wants to gain access to your accounts. Imagine you own and run a fleet of ice cream vans, which drive every day to the best rural paradises Britain has to offer, refreshing those who wish to relax in nature with refreshing, organic gelato. One day, a family drives to a cool and shady glen, and amuse themselves by dropping litter, destroying flora, and terrifying fauna. They then, upon wishing to avail themselves of an ice cream, discover you’re no longer stocking chocolate in solidarity with the cocoa bean pickers of Ghana. Furious, they leave, vowing revenge. They have a cunning plan – they’ll hack into your accounts and publish them online, so that your competitors realise the size of the market you’ve tapped into. Rival ice cream vans will descend, and the unspoilt idylls will...
