Twitter data breach | Data breach

Twitter data breach leaves 5 million users at risk

Twitter has revealed that a major data breach in January resulted in more than 5,4 million users’ personal data being lost to hackers. To make matters worse, this information is now being given away on the dark web – potentially putting millions of phone numbers and email addresses at risk of being compromised.

The social media giant, which was recently acquired by Elon Musk, is undergoing a dramatic restructuring as it struggles to retain advertisers.

This latest revelation about data security will add a further layer of challenges to the task ahead for Multi-billionaire Musk and his latest acquisition, as the company does damage control to regain user trust.

One cybersecurity slip up compromises millions of accounts.

Every business handles customer data, but when it comes to social media giants like Twitter, the sheer volume of sensitive information is staggering.

With almost 400 million registered users worldwide the platform is a major target for cybercriminals, and once in a while they manage to breach the company’s powerful online defences.

January’s incident, which was carried out by exploiting an API vulnerability, resulted in millions of users entering sensitive information only to have it stolen by hackers.

The feature that allows Twitter users to find the Twitter ID of other users by submitting their email address or phone number proved to be especially vulnerable to attack. This flaw in the platform’s API mirrors recent incidents in which location-enabled apps like EskomSePush and WeChat have been used by criminals to carry out a variety of illegal activities.

Stay safe while you get social

Keeping your personal data safe when using social media apps is essential in the current cybersecurity climate. Here are some tips that will help keep hackers away.

Change your passwords. You should aim to do this at least once a year, with once every three months being ideal.
Opt for two factor authentication. This will help ensure that you and only you have access to your account.
Beware suspicious messages and emails. You’ll never be required to provide your login details via email. If you can’t do it using the app, it’s probably not legit.

About Soteria Cloud

Based in Cape Town, Soteria offers a full range of cloud storage packages suited to the needs of businesses and families alike. Keep your data safe in the cloud with us.

App Entrepreneurs | Mobile App Development

Stellies Student Scoops Agritech App Entrepreneurs Award

Tech may not be the first thing that comes to mind when most people think about the agricultural industry, but for one Stellenbosch student they couldn’t be more closely linked.

Economics student Lunga Momoza recently received the Stellenbosch Network Entrepreneur of the Month award for his app called Basket which promises to connect energetic farmers with customers for their fresh produce.

Local innovators using technological solutions have the potential to solve many of SA’s development challenges and help the economy to grow. Let’s take a look at the Basket app and how it promises to revolutionise the way business is done in the Stellenbosch agricultural industry.

planting the seeds of tech transformation

South Africa’s agricultural sector is brimming with potential, but many upcoming farmers don’t have sufficient access to customers. At the same time, small traders find themselves paying higher than necessary prices for the fruits, vegetables, and other products they sell on a daily basis.

The Basket app is designed to close the gap between these two groups, providing direct market access for small farmers and allowing suppliers and customers to fine-tune their orders according to the produce that’s in demand at a given time.

The app is still under development, but once it exits the prototype stage and goes live it’ll be available for download, offering farmers and customers a unique opportunity to connect online.
The app will operate on a transaction fee structure of 3.5% percent, remaining affordable for small traders and farmers
Recognising that many informal traders still operate on a cash basis, Basket will make provision for COD payments with a 7.5% delivery fee.

an online future calls for high tech data security

Economic development goals and the challenges facing the agricultural sector can more easily be achieved with the help of future farming technology like the Basket app.

With bright young tech partners coming up with innovative solutions, every industry in our economy could soon benefit from lower transaction costs and increased efficiency.

Moving business online means moving sensitive data online too, and secure cloud storage with full encryption is the ideal solution for business data security. Browse our range of cloud storage solutions today and keep your business information in the right hands.

Processing Business Data Securely | Data security

How to process company information and data securely across your business

Whether you are a small start-up or a large corporation, data security is an all-or-nothing business, yet many of us assume that having antivirus software and a standard firewall is more than enough to keep our data safe.

If your data security measures don’t work together in sync, your organisation’s sensitive information could still be severely at risk.

In this article we take a look at the overall strategy that’s required to keep data safe in every corner of your business while giving you some tips for implementing this far-reaching approach to cyber security.

the 3 keys to processing business data securely

Considering how damaging a data leak or breach can be to your business, both financially and in terms of reputation, there’s no time to lose when it comes to implementing an organisation-wide data security policy. But what should it be?

They are three basic elements that form the foundation of a good data security approach: team education, secure cloud storage, and data encryption.

Train your team to spot and deal with threats. Company-wide education about email threats, a comprehensive data security policy, and a cyber incident response plan can all put your team in a position to respond swiftly to cyberattacks and prevent them from occurring. Ensure that your team know how to identify scams and phishing attacks and instil a sense of responsibility in each member.
Get secure cloud storage. There’s no substitute for safe online data storage. Taking information off your physical devices and keeping it safe in the cloud is non-negotiable in 2022.
Encrypt your data. Opt for cloud storage that uses advanced data encryption and activate encryption on all the apps and communication channels your business uses.

take the first step toward a cyber-safe organisation with us

Secure cloud storage with data encryption should be a non-negotiable foundation of your data security strategy. Our range of business cloud storage packages is the ideal way to ensure that you prioritise data protection to keep your sensitive information under close guard.

Email threat training | Email Cybercrime

Email threat training reduces common threat markets

We all receive dozens of emails a day, but could these essential communications be exposing your business to online threats? According to 80% of businesses surveyed by Microsoft earlier this year, the answer is yes.

Malicious emails are becoming one of the biggest cybersecurity threats facing businesses around the world. While firewalls and antivirus software offer a degree of protection, the last line of defence against email-based digital threats is user training.

Let’s take a look at the email-driven data security threat landscape and how you can train your staff to detect and deal with suspicious communications.

think before you click: why you shouldn’t just open that email

According to recent research, an astounding 80% of organisations report having experienced an email security breach over the past year.

When you consider that most companies have at least entry-level antivirus and email security software in place, it’s clear that these messages aren’t enough to keep malicious emails at bay.

Fortunately, there’s a low-tech solution to this high-tech problem: training your staff to detect, delete and report malicious emails when they arrive.

Here are some pointers to share with your team.

If it looks weird, be suspicious. Emails with subject lines full of grammatical mistakes are a definite red flag, especially if they come from someone who usually doesn’t make language errors. The best strategy is to flag them as suspicious, report them, and delete them.
Open attachments you’re expecting and no others. If you receive an unusual email from someone you know with a request to open a strange looking file or click a link, proceed with caution.
Double check before you send. Best Email security practice isn’t just about the emails you open but also the ones you send. Employees should ensure that they send sensitive information only to the recipient it’s intended for and correct any sending mistakes immediately.
Check the email address. Phishing emails have become increasingly more sophisticated and often appear to be from a reputable company or financial services company, perhaps even one you bank with. Always check the senders address and domain name (the name after the @symbol) as no reputable company will use @gmail which is a big giveaway.

increase your company’s data security with secure cloud storage

Every data security strategy needs a reliable provider of secure encrypted storage that makes data safe and available in the cloud. Our range of packages for businesses and individuals are designed to keep your information safe while staying within budget.

Data is your responsibility | data backup

Make data your responsibility 365 days a year

Today, productivity is taking place in the cloud more than ever before. In fact, it’s hard to imagine a time when we used to rely on physical storage like hard drives to keep our data safe. Switching to cloud-based apps and online backup for business and personal use comes with a raft of benefits, but it also means that every member of your organisation needs to understand that “data is your responsibility” for good cybersecurity.

Here are some ways you can encourage data responsibility in your business and keep your sensitive information safe in the cloud.

everyone is online nowadays, hackers included

The past two decades have seen a major shift towards cloud-based computing as Internet bandwidth has increased and more organisations switch to decentralized remote-based working.

In most industries, specialised software that used to come on CD, DVD or- if you’re old enough to remember these – floppy disks, is increasingly available for download on a subscription basis.
For users these innovations mean connecting to the Internet to access data from servers around the world every time a computer is used in the workplace.
Billions of people accessing information online every day means that the opportunity for cybercrime has skyrocketed in recent years.

To fully benefit from the convenience and productivity boosting features of cloud-based apps you need to ensure that every single user on your network takes responsibility for the safety of the data they use, twenty-four-seven and 365 days a year.

data security from the ground up

To keep your business information safe and prevent data leaks or hacking attempts, you’ll want to consider the following strategies:

Start with the basics. Up-to-date antivirus software, a strong firewall, secure passwords, zero trust, and a strict privacy policy form the bedrock of your cyber security approach
Train positive behaviours at work. It’s essential to instil a sense of responsibility in your team for all the data that they use on a regular basis and ensure that no sensitive information is shared with unauthorised users.
Keep your cloud cloud-based data safe with secure encryption. This type of data is difficult to decipher even if it’s leaked, making encryption your front line defence against unauthorised data access and hackers.

make data your responsibility and stay safe in the cloud with Soteria

As your company embraces cloud-based productivity, our range of secure cloud storage solutions will help keep your information out of the wrong hands. To learn more, contact the Soteria team today.

Nespresso Data leak | Cybercrime

It’s a Caffeine hit with Nespresso Data leak

Cybersecurity has been in the headlines a lot lately, with South African companies increasingly falling victim to hacking, malware, and data breaches.

Two of South Africa’s best loved brands, Absa and Nespresso, recently had their share of cybercrime trouble when the companies suffered large data breaches in which the personal information of their clients, suppliers, and distributors was at risk.

Here’s what you need to know about these major cybersecurity failures as we all do our best to stay safe online

Nespresso data breach: jitters caused by the latest major data leak to hit SA

Many of us like to start our day with a nice fresh cup of coffee, but for Nespresso distributor Top Coffee, the morning of March 8 began with something less appealing: a huge data leak.

The company, which is responsible for distributing the well-known Nespresso machine and the variety of coffee pods that go with it throughout South Africa, holds a significant amount of personal information relating to clients and coffee retailers in its database.

While Top Coffee was quick to point out that no sensitive financial information is likely to have been leaked, highly personal information like names and phone numbers may have been part of the data that was lost. The company has since fixed the error that lead to this incident and assured clients that their data has been protected.

Nespresso is just one of hundreds of South African companies that have fallen victim to cybercrime over the past few years, with the number of these incidents having increased since 2020.

Absa data leak update: 15 months later, worse than we thought?

Clients and suppliers were shocked in November 2020 when Absa announced that it had been the victim of a major data leak . The bank, which has almost R1.4 trillion in financial assets and 9.7 million customers throughout South Africa, was widely respected for its comprehensive digital security measures until the breach occurred.

According to Absa, the personal information of many clients may have been compromised in the leak. The bank is in the process of contacting clients who were directly affected on an individual basis.

This information was released by Absa following an extended investigation by the bank that lasted more than a year.

These two major data breaches highlight the importance of having comprehensive data backup and security in place no matter how large or small your organisation may be.

be proactive: protect your data with secure cloud storage

Cybersecurity measures like a strong firewall, updated antivirus software, and secure cloud storage are some of the ways you can protect your business against data-related crimes. Reduce the downtime and recovery of an unwanted data leak with encrypted and automated online backup.

To learn more about our range of cloud storage solutions, contact the Soteria team today.

The Metaverse 101 – Digital Buzzwords 2022

Breaking down the metaverse, digital real estate and NFTs

Facebook has been travelling a rocky road over the past few years and the end of 2021 was no different with the announcement of a name change. The app’s parent company, now named Meta, is hoping to repeat the success of its early years as a pioneer of technology. It wasn’t long before a new buzzword – the Metaverse – started doing the rounds, and it has people in the tech industry both excited and disturbed.

It’s not easy to keep up to date with everything that’s happening in the tech world nowadays. If you haven’t caught up with this new trend, here’s what you need to know about the Metaverse and how you can find your place in it as the internet evolves yet again.

breaking down the metaverse 101

The word Metaverse may be a recent buzzword, but it was coined back in the 1990s in a sci-fi novel by Neal Stephensen called Snow Crash. In the book, characters plug into a virtual reality rig featuring goggles, headphones, and controllers and spend hours each day living virtual lives.

Fast forward to 2022, and what used to be science fiction now sounds like reality for many of us – especially the under-40s.

Today’s Metaverse is the latest evolution of the internet, featuring full integration of online work, entertainment, the digital currency economy, and the blurring of lines between our physical and digital lives.
Web 2.0, which came to exist in the age of social media, threw us headfirst into a digital life with more and more people spending a significant part of the day scrolling Instagram, making YouTube and TickTock videos, and following their favourite influencer the way people used to follow Hollywood celebrities a generation ago.
The Metaverse also promises to give internet users full control of their personal data by encrypting it and decentralising it, thereby keeping it out of the hands of digital giants like Google, Facebook, and others.

life in the metaverse: what to expect

The pandemic and the lockdown lifestyle that it brought about has given rise to a wave of virtual living as people stay home, quit their jobs, and find new ways of thriving in the online realm.

Virtual work aside, the rise of virtual play and virtual finance have been major features of the past few years.

NFTs**, unique digital images stored in Blockchain which are selling for record-high prices, are redefining both the fine art and investment markets.
Recently it was reported that NFT images of Rolexes are selling for more than the original watch, showing just how remarkable this trend is.

**Sorry – for those of you wondering what on earth we are talking about here – an NFT is a Non-fungible token. None the wiser? Yah, neither are we (in all honesty) but basically, ‘non-fungible’ is something unique that can’t be replaced by anything else. Bitcoin for example, is fungible and you can trade it for another bitcoin, but a unique trading card is irreplaceable – trade it for another card and you get, well – another card!

And then, just as we are getting the hang of it, we have to wonder: what’s the point of owning a virtual watch that doesn’t even tell the time? For today’s on-trend citizens of the Metaverse 101, NFTs can provide some much-needed bling for their virtual properties.

online real estate

Yes, you read right – virtual online real estate is big business this year. Virtual spaces like Decentraland have been offering digital plots for sale where users can build houses and interact with their neighbours online.

Before investing in the Metaverse with your hard-mined Bitcoin though, you may want to consider that you’re not buying real property.

With an infinite amount of land available in the Metaverse, your digital home may not appreciate reliably over time – but there’s nothing stopping you from making a nice profit on that NFT image you bought on a whim.

secure data storage essential for future digital lives

With a new world of possibilities opening up online, securing your personal data has become an essential aspect of daily life. Our range of cloud storage solutions will help keep your vital info safe and encrypted in the cloud while you dabble in the metaverse!

Have the Right Credentials | Ransomware Attacks

Do you have the right Credentials to evade Ransomware attacks?

Ransomware is a particularly nasty type of malware that’s used to hijack your important business data and – like the name says – demand a ransom in exchange for its release.

Attacks of this type have been rising in South Africa, with big names like Transnet and most major banks having been hit by wily hackers. Protecting your business from this type of crime is a major priority in 2021 and beyond.

The cost both to your company’s finances and its reputation in the wake of a ransomware attack can be huge, and like all unpleasant things it’s always better to prevent it in the first place.

Having an excellent antivirus software, firewall and other data security measures in place as well as opting for secure cloud storage are all excellent ways to defend your business from ransomware. But here’s the thing: all of these great measures could still fail if you neglect a small but essential aspect of data security: secure user credentials.

make sure the authorised user is really you

One of the easiest ways for hackers and ransomware creators to access your data in the first place is by breaching the first line of defence. Yes, that’s your trusty old password.

AI-driven password cracking software is now capable of decoding an eight-letter password in a number of hours and a twelve-letter password in just a few days.
As the software advances, these processing times are likely to drop further, and that means one thing. The days of using a password as your only means of data protection are long over.

A password is a piece of information that you know – and that means that someone else can know it too just by stealing it. A better approach to data security is to use information like biometric data that’s a physical part of you.

New credential verification systems like those used by Microsoft and eBay are helping users around the world to go “passwordless”, separating identities and passwords once and for all.

keep your data safe with a cloud-based storage solution

If the headaches that come with securing your data on-site don’t seem worth it, it’s because they aren’t. Leave the security to us and opt for cloud storage for your enterprise. Contact us today to find out how.

WhatsApp Apps | App Security and Updates

The Low Down on WhatsAppening to WhatsApp Apps

Mobile apps have transformed the way we live our lives. From ordering online to keeping tabs on our health, from banking to gaming there’s an app for everything, and communication apps are a big part of the conversation. In fact, can you even remember how you conversed before the days of Skype, Slack, Facetime, Telegram, WhatsApp or WeChat?

However, with modern technology and mobile apps changing at virtually the speed of light, it’s important to remember that these innovations can come with an added cost to your security.

Take Facebook owned WhatsApp Messenger as an example.

Launched in 2009, this platform is one of the most popular messaging apps in the world. Ever evolving, messaging apps such as WhatsApp are difficult to monitor and control making them a frequent target of hackers and scammers. We take a look at recent updates and developments to the platform and how these might affect your data security.

whatsApp updates

WhatsApp first announced its improved multi-device capabilities in July 2021. This meant that apps supporting the WhatsApp function would no longer require a smartphone connected to the internet in order to function properly.

This new capability offers app users the ability to use WhatsApp on an additional four non-phone devices, without being connected to the phone.

how secure are third-party WhatsApp apps?

To run an official WhatsApp version on a tablet currently you need to use the WhatsApp web platform, but users often download modified versions of the app such as GBWhatsApp and WhatsAppPlus.

These third-party apps go against the Terms of Service of the WhatsApp platform and aside from the security risks that users expose themselves to, they also stand the risk of having their WhatsApp account banned for using an unsupported version of the app.

coming soon to iPad

Facebook is in the process of giving WhatsApp a virtual facelift by creating an app suitable for tablets, adding this to their own virtual tool-belt of multi-device support capabilities.

The multi-device 2.0 will mean that you can use your iPad as a linked device without needing your smartphone to act as a hub for the link although you will still need to have a phone number. Currently, the app can be connected through portals, Windows and MacOS but these need to have a primary smartphone device connection.

While still under development, you can expect to see these changes in the very near future. In addition, the changes will mean that WhatsApp will work independently for iPad, and those with iOS will automatically have the iPad version once it is rolled out.

will whatsApp still be secure?

To keep users secure, WhatsApp has revamped its security measures. Each multi-device will have its own identity key mapped to the user’s account. As a result, messages are encrypted and not stored on servers once delivered.

In addition, using improved technologies will prevent compromised servers from snooping on communications if they add additional devices to the user’s account.

Extended security codes – unique identifiers so contacts can verify devices
Automatic device verification – devices automatically trust each other without reregistering
Biometric authentication for linking devices – fingerprint of facial recognition to link devices
Device list – a visible list of devices can be monitored for use and logged out of remotely.

is your data secure?

Sadly, the best security technology in the world often can’t protect you from your biggest security threat – your own end users.

Human error, whether it be malicious intent or naïveté isn’t always in your control but having an effective set of company security policies and an automatic data backup system means that you have a backup plan to access data in the event of a system failure or cyberattack. We ask you – whatsAppening with your security?

What is Data Management?

Data management is the new buzzword on the block for business owners who haven’t realised the importance of it – until now, that is. Organisations are responsible for the data they collect. They need to have valid reasons for collecting it and have the necessary measures to protect themselves from data breaches.

To understand data management, you need to understand what it means and how it works. A broad definition of data management is “a wide range of practices and methodologies intended to help organisations better control their data”. The main objective of data management is to ensure data is kept safe and accessible while providing value to the organisation.

Effective data management follows the below processes:

Data Collection: Organised collation of information to improve value of data
Data Access: Easy and strategically implemented access to data across the organisation and archives
Data Storage: The various data storage types where information is saved such as on-site hardcopy files, off-site backup & cloud storage
Data Availability: Disaster and recovery plans that can be implemented in the event of data breaches
Data Security & Privacy: Continuous monitoring and implementation of strong security and privacy policies

It’s important to note the difference between data management and data governance. Data governance sets the standards and baselines that control the processes managed by data management. It does this by setting expectations for the use, security, and integrity of data, while data management implements the objectives defined by data governance

key best practices for data management

1. delete duplicate data

Duplicating data for backup purposes in the event of a disaster is prudent. However, only the most recent data copy is required to restore previous versions. Deleting unnecessary data copies saves storage space and costs and keeps your data trail tidy and ready to be used when needed.

2. maintain quality data

Data should be accurate, relevant, and useful for ongoing analysis.

3. emphasise the importance of data protection and security

Data protection and privacy standards should be regularly updated and comply with the rules set by regulators’ where your organisation operates. Keeping your data secure requires the following measures:

Access control – users only have access relevant to their role
Encryption – encrypted data is only decipherable by your organisation
Physical security – strong security measures on-site
Keeping data off-site – doing encrypted backups of your data to the cloud

4. setup monitoring and alerts

Set up metric-based monitoring processes to provide valuable insights into crucial data patterns and events.

If an organisation’s data is not relevant, inaccurate, and outdated, it won’t be a useful source of information should a disaster or data breach occur. Nor can it provide any valuable insights for the organisation to analyse or action.

last word on data management

The more data you have, the more you need to manage it. There’s no time like the present to prepare a data management or get your current plan up to date. Let us know if you have any tips on how you best manage your data.