Data Security | Cloud Backup

Data security to safeguard your information and reputation

Data security is an essential part of every company’s risk management strategy, and securing your business information will nett you a lot more than a good night’s sleep:  it will also safeguard your company’s reputation in the marketplace.

As we look forward to a prosperous 2024 filled with business opportunities, it’s important to recognise the very real risk that cybercrime poses to organisations in South Africa. Keeping your company information safe from ransomware attacks with business backups should be the top priority of every IT department and business owner this year.

The double risk of a cyber-attack: Data and reputational losses

There’s no denying that we all live and work in an era where data is as precious and valuable as money. Any company that has been the victim of a ransomware or cyberattack and has lost several months’ worth of revenue can attest to this fact.

More alarmingly, the financial losses caused by a cyberattack may pale in comparison to the long-term effect it could have on a company’s reputation and ability to attract clients.

  • The importance of data in our daily lives, and the crucial role it plays in the running of our businesses, means that any company which takes private data into its care needs to be ready and willing to protect it at all costs.
  • Clients are naturally concerned about the safety of their sensitive data – especially if it’s financial in nature. This is especially true in light of South Africa’s growing reputation as a cybercrime hotspot.
  • Having enhanced data security will give your business an instant credibility boost and put your clients’ minds at ease, potentially leading to longer term business relationships and more referrals.

On the other hand, failure to do so could result in a huge PR scandal when a breach or cyber-attack takes place, potentially placing sensitive information of customers in the hands of criminals.

Immutable storage boosts data security for peace of mind

Recognising the threat that cyberattacks pose is a good first step to protecting both your data and good name, but what steps can businesses take to add an extra layer of security to their accumulated client data?

  • Immutable storage is a high-tech encryption system that makes it impossible for data to be altered once it enters the cloud.
  • As one of the few effective ways to stop cyber-attacks in their tracks, this technology is becoming the gold standard at data centres around the world.

If your company handles any kind of sensitive data – be it your own or your clients – you simply can’t afford to risk your reputation in the event of a major breach.

Soteria has integrated immutable storage into our range of packages for businesses of all sizes. Visit our website today to discover the solution that suits your company’s needs.

Data Encryption | Data Security

Data Encryption Matters – How Treasury Plans to Get SA off the Grey List

National treasury has announced a raft of changes to SA banking legislation, in order to comply with international requirements and remove the country from the Financial Action Task Force (FATF) grey list.

In February 2023, FATF placed South Africa on a list of countries that includes Jamaica, Morocco, Barbados, and the UAE, citing problems with the local banking industry’s measures to combat money laundering and terrorist financing.

This decision could have a potentially huge impact on the economy and even prevent foreign funds from investing in the long-term.

In response to the decision, the SA government has announced a variety of changes to the law, especially where personal and commercial financial services are concerned, and this is sure to have an impact on the data security industry.

Banks set to share more financial data than ever

One of the biggest changes to the South African banking landscape in the wake of greylisting will be enhanced sharing of financial information between banks and other institutions.

This is designed to identify illicit transactions since criminals tend to have multiple bank accounts when carrying out money laundering activities and linking them to their true owners is the first step in combating these crimes.

From a cybersecurity point of view, this essential measure presents a huge challenge in terms of securing privacy and personal data.

  • Some banks still use outdated, mainframe computers with software that is several decades old. These will need to be updated to ensure compatibility with cybersecurity measures.
  • The flow of sensitive information between banks could create the potential for massive data leaks, breaches, and hacking attempts, which could see crucial financial information falling into the hands of cybercriminals.

Data encryption is essential as financial information flows rapidly

Before SA can leave the grey list, we expect the naming industry to revamp its IT policies and embrace encrypted cloud security solutions as an industry best practice.

While banking customers can’t fully control the way their institutions share information, there certainly are things that can be done to protect your personal financial data online.

Soteria’s range of secure cloud storage packages offers an easy solution for your data security needs. Choose the option that suits your business, budget, and storage requirements today for total peace of mind.

Cloud Encryption | Cybersecurity

The how and why of cloud encryption

Data encryption is a major part of every effective cybersecurity setup – but what is it, how does it work, and why should you be interested in data storage, and more specifically, how your data is encrypted in the cloud? To answer these questions, we’ve put together a guide on cloud encryption.

Read on to find out everything a business owner needs to know about keeping cloud data safe.

cloud encryption 101

The Internet has revolutionised the way we do things, and it’s all thanks to the flow of data.

  • There are quadrillions of data fragments floating around in cyberspace at any given time, and it’s essential for internet users to keep theirs safe.
  • One of the ways you can prevent hackers and other cyber criminals from accessing your data is by making sure that it’s encrypted.

Encryption is a technical term that basically means scrambling your data so that outsiders won’t understand it. If you ever played code cracking games at school or have watched a documentary about the old decoding machines used by spies during World War II, you already have a good idea of how this process works.

Modern day encryption simply takes this process to the next level by ensuring that data moving between your computer and the cloud (data in transit)  can only be read by authorised users and ditto for the data stored on your devices (data at rest).

Encryption is done by using secure end to end protection that scrambles the information being sent and received. This offers better protection than HTTPS which is found on every web browser.

the benefits of encryption

There’s a lot of valuable data moving around between your computer and the cloud: just think of how much information you send via the internet on a daily basis.

  • Your Internet banking details, email passwords, information used to file tax returns with SARS, and other valuable company information could be intercepted by hackers or malware creators – and if they can read it, the damage could be almost unlimited.

By encrypting your data you’ll ensure that you (and  only you) can read it. Even if it does get intercepted the unauthorised user would need to crack the code before they can use it for anything – and that usually takes more time and skill than most hackers are willing to invest.

keep your data safe with secure cloud hosting

Don’t you wish you could secure your data remotely and access it whenever you need to? You can. Our range of cloud storage solutions with data encryption are ideal for families and businesses of all sizes. For more information, contact us today.

End-to-End Encryption More Essential Than Ever

don’t ever take end-to-end encryption for granted – ever

It would seem as if the more we communicate and share information on digital platforms, the more interested governments become in what we have to say (and share).

Over 2 billion users on WhatsApp have sent in excess of 100 trillion messages over the last twelve years. It’s astounding then to think that the roll-out of end-to-end encryption was only completed in 2015 – six years after the messaging platforms initial release. Many users simply assumed that their communications were secure from the get-go.

With end-to-end encryption now almost a global ‘norm’, and an expectation when using a messaging service or mobile platform, it would appear that there are rumblings afoot to take it away from us. Surprisingly, it’s not the hackers trying to get into our private conversations this time (although they are always hard at work doing just that); it’s world governments!

how world governments have responded to end-to-end encryption

Many believe that the reaction and actions of world governments in response to the effectiveness of end-to-end encryption is essentially threatening our freedom.

In this modern world of technology and interconnection, people have a tendency to assume that their conversations are private and encrypted, protected from the prying eye of governments and cybercriminals. And so they should be! However, it would seem that elected officials across the world think otherwise.

Here’s a round-up of  the type of action governments are considering:

  • Brazil

In Brazil, the Supreme Court is in deliberations over whether to deny their citizens of end-to-end encrypted messaging services.

  • India

Top regulators in India have released new laws for messaging services allowing governments to access private conversations if required.

  • Europe

Officials in Europe are pushing for companies to implement methods to undermine their own encryption settings and access sensitive private conversations on demand.

what does life without end-to-end encryption look like?

Given our reliance on global communication, the impact of life without end-to-end encryption is a real fear. Confidential communication and privacy make it possible for doctors to consult remotely, for medical records to be shared or for journalists to have a sense of protection. The reality though is that in many parts of the world people already live in fear that their networks are being used by authoritarian governments to spy on them.

On the flip side, end-to-end encryption makes it harder for “criminals” to be caught when plotting and scheming. Harder for law enforcement to find evidence of a crime. Perhaps the argument, which should not be seen in isolation, has some merit to limit end-to-end encryption as a way of keeping us safe.

There are countries where end-to-end encryption will never be the norm. China is one such example with their most popular (and permitted) messenger service existing with built-in measures to monitor and flag any “inappropriate” conversations. The internet service in China is similar, limiting what citizens can do online.

Of course, there’s always a way around things and some citizens remedy their lack of privacy by talking in code, using emojis, or using animated GIFs. It’s sad to think that people have been pushed to the point of deceitfulness in the way they communicate simply because of government interference and the lack of the right to privacy and data security.

last word

South Africa is as yet to respond on any action that they might take to limit end-to-end encryption. Here at Soteria Cloud, we’re all for encryption which is why we offer 256-bit encryption with our backup packages for business and home. We’d love to hear what you think about the current end-to-end encryption debacle, so share your views and thoughts with us!

Facebook Data Breach – Is Our Data Protected?

Is Facebook protecting our data as users?

The question begs to be answered; what is Facebook really doing to protect the data of its more than 2,7 billion users? The simple answer is; not a whole lot. The most recent Facebook data breach to threaten the platform in April of 2021, is the third major security scandal to make the headlines (involving Facebook) since 2018. The latest incident makes one wonder what happened to the data, why cybercriminals are so fixated on getting it, and what we can do to prevent our data from being stolen in the future.

what happened in the 2021 facebook data breach?

An estimated 533 million Facebook profiles had their information leaked over the long weekend of the 2nd – 5th of April 2021. Let’s think about that for a minute. Half a billion people in more than 100 countries were left vulnerable and wondering whether their data had been compromised and stolen.  And while we know that millions of people were affected, it’s hard to say precisely who because Facebook’s current social media cybersecurity measures don’t have any feedback function to alert users.

The attack was discovered on an underground website used by cybercriminals who are seeking the data of innocent users online. This is not the first time a cyber leak of such magnitude has occurred on the platform. So, what happened? All eyes are on Facebook to share further information!

why are cybercriminals after our data?

It is a well-known fact that data is extremely valuable in today’s times. It allows companies to tap into their target markets and maximise their profits. It also allows social media platforms to ensure that adverts on their platforms reach the most likely people interested in the product or service advertised.

Facebook has been a little slack recently with its social media cybersecurity measures; thus, the platform has become an excellent opportunity for cybercriminals to tap into our data and sell it for large amounts of money. However, this may be the least of our worries as cybercriminals may also be looking to make attempts at identity theft which is a serious concern for all parties involved.

how to protect yourself online

While cybercriminals spend a vast amount of their time looking for opportunities to steal data, users have to become more vigilant. It’s up to users to ensure that they know how to protect themselves when online. Here are a few tips to help:

1) Minimise the amount of personal information that you post online
2) Create unique passwords for every site you wish to register on
3) Utilise encrypted data backup storage methods
4) Avoid having Unkown users as ‘friends’ on your account

These methods are the best form of defence against this sort of data attack as it ensures that hacking and data theft is minimised and guarantees peace of mind over your cybersecurity.

Conclusion

With cyber-attacks and data breaches on the rise, it is more important than ever to be cautious about sharing data on platforms such as Facebook. It is about time that Facebook steps up to the page and instils a sense of security for its users.

Still ‘Zooming’ in From Home? Here’s How to Enable Encryption

When the world retreated and people started working from home at the beginning of 2020, data encryption and security were not yet top of mind for everyone. As face-to-face meetings migrated to remote meetings and new remote working software applications became a necessity, ‘Zoom’ was suddenly one of the new buzz words.

This still relatively unknown video conferencing service was being used by everyone, from the executive businessman to the teen connecting with friends, family birthday celebrations to corporate workshops. When it emerged that Zoom had no end-to-end encryption putting users’ data at risk, it seemed as if the world held its breath. Seemingly unfazed, Zoom responded by addressing the security concerns with a new feature: end-to-end encryption.

the zoom end-to-end encryption debacle

In the early days of lockdown as the security concerns gained momentum on social media, Zoom claimed to offer end-to-end encryption, but that turned out to be not entirely true. In reality, Zoom only offered TLS encryption which is Transport Layer Security.

In short, data encryption is offered between individual users and service providers. It does not guarantee that communication directly between users of the system is encrypted. Which means that Zoom could have chosen to access user data and could also expose it to a third party…if they wanted to.

End-to-end encryption differs in that it encrypts data at the source device. The data remains encrypted while it is sent through the servers and is only ever decrypted when it reaches the recipient’s device.

how to activate end-to-end encryption on zoom

With Zoom offering full end-to-end encryption, it makes sense to implement the service so that you too can benefit from a security standpoint. How you activate the service will be determined by whether you are an individual user or the admin of a group. Here’s what to do.

  • Sign into Zoom using the Zoom web portal
  • Click “settings” in the navigation menu and then click on “meeting”
  • In the “security” tab, toggle the “allow use of end-to-end encryption” to “on”
  • Verify your choice by clicking “turn on”

If you are unable to do this because the options appear grey, this typically indicates that the admin of your group has disabled the feature.

Admins of groups or overseers of accounts with many users need to follow the same steps as above, except you will notice that there are extra options that allow you to lock all users’ accounts under the settings that you choose.

what you need to know about zoom end-to-end encryption nuisances

It’s not all rainbows and butterflies with Zoom’s end-to-end encryption. Unfortunately, there are a few inconveniences that you need to be aware of. Here’s what you need to know.

  • End-to-end encryption features will only work if everyone on your call has the feature enabled.
  • All call participants must call from the Zoom mobile app or Zoom desktop not from a Zoom Room or a telephone.
  • End-to-end encryption is not compatible with certain features including live transcription, breakout rooms, cloud recording, one-on-one chat, polling, and meeting reactions.
  • No one can join the meeting before the host does when end-to-end encryption is being used.

keep zooming, but more securely

While it might seem like the inconveniences are a bit of hack, having the added security is really worth the while, especially for sensitive conversations and meetings. Of course, you still need to ensure that your device is never compromised, so the responsibility of true security for your data and sensitive information really does lie with you and how you backup your data.

Beware the Cybersecurity Threat of an Inside Job

Cybersecurity experts are often left scratching their heads after a breach or attack on their systems. Sometimes, it just seems as if the hacker knew too much about the sensitive operations of the business…and the reality is that they probably did. The ‘hacker’ could be the very person sharing an office space with you, or at the very least, one of your seemingly loyal staff members could be the “informant” or the “spy”.

The Statistics of Cybersecurity Threats Speak for Themselves

The 2019 Global Data Exposure Report unveiled statements from a plethora of companies on their data breaches. Over the last 18 months, half of the companies reporting hacking events also admitted that it was an inside job.

Even with so many attacks and data breaches being attributed to an inside job by one or several staff members, companies still view state-sponsored cyber warfare and individual hackers as the biggest threat. This infers that these companies aren’t thinking about the problem methodically…and the result is that many of them don’t have sufficient systems in place to protect against insider cyber-security threats.

Why Are Your Staff Stealing Your Data & Hacking Your Business?

The reality is that things have changed in the job landscape over the years. Gone are the days where people found a good job and stayed in it for years. Nowadays, loyalty to a job is rare, and the majority of the workforce is actively looking for new jobs. When an employee feels no real affiliation and loyalty to a company, the risk of data theft and hacking increases.

Another reality is that stealing data has become so easy that an employee may think nothing of it. Data is oh-so portable these days. It takes next to nothing for an employee to walk out with a digital copy of your full customer list with the intention of selling it on to the competition, or a hacker looking for opportunity. It’s just as easy to leave the business premises with sensitive documentation, secret unpatented designs, and even details of the payroll.

There are times where data breach can be intentional, such as in the case of a disgruntled employee being dismissed from the company and seeking to cause damage to the business.

Then again, there is also an unintentional data breach through human error. Consider the employee with sensitive data who chooses to use a social media platform to send important and sensitive information instead of the company’s approved file-sharing system. Or the employee who walks away from his/her desk without signing out of systems and applications. There’s also the employee who clicks on a link in an email and has no idea that ransomware has been installed on their computer.

From the above scenarios, it’s easy to see just how a data breach can occur from inside your business.

What to Do to Protect Against Insider Job Breaches & Hackings

What can you do to ensure that the cyber-security risk doesn’t originate from within your business? Here are a few tips:

  • Have a policy of only using business laptops, desktops and devices at work. Ensure that there are reliable endpoint detection response tools to spot unusual activity on the devices. Run daily cyber-threat tests on these devices and ensure that when an employee leaves the company, these devices are retrieved, and all the passwords and access points are cleared.
  • Educate your employees. Make sure that employees know of the risks and set subsequent policies in place to ensure that they don’t make silly mistakes. Prohibit the clicking of links from unknown senders or the clicking of unexpected links from known senders. Make it company policy to sign out of systems and applications when not using them. You could potentially set an automatic time-out on these, just to be sure.
  • Have a no take-home policy. Staff members should not be leaving the premises with sensitive information. Ensure that staff members are unable to remove any business property when going home, including hard drives, flash drives, and so on. If they do leave the premises with such items, they need to be checked and signed for.
  • Install software to automatically back up data to the cloud so that no sensitive information is left “lying around” on staff devices. When you do this, ensure that the backed up data is encrypted and that staff only have limited access to the files that are backed up. Set staff allowances wherever you can.

Last Word

It is better to be safe than sorry, and with the stats proving that a large portion of cyber-security threats originate from within a company, can you really afford to take that risk? Get to work setting mechanisms in place to safeguard your business from the inside too. Good luck!

Data encryption is so much more than a buzzword

Data encryption is something that can be easily overlooked as just another industry buzzword, without any real bearing on our lives. But therein lies the problem. Data encryption is essential to protecting private/vulnerable information from falling into the wrong hands. It’s also used to verify that data comes from the promised source and provides details on any alterations to the original that may have been made along the way.

What is data encryption?

Data encryption is a process that involves converting data from a readable format into an encoded format. The encrypted information or document cannot be accessed, which makes it safe and secure from opportunists. Once the encrypted file is decrypted, the format will be readable once more.

The importance of data security

You might be wondering why you need data encryption for your computer and network security. Aren’t the programs and passwords in place enough? The simple answer is no.

Unfortunately, hackers and data thieves have become far smarter than we give them credit for. Nowadays, a hacker can get into your router and onto your computer in a matter of seconds. And once there, with unencrypted data readily available, they can wreak all kinds of havoc including:

  • Identity theft by accessing your personal information.
  • Credit card fraud, if your computer cache hasn’t been cleared and your card details are set to auto-fill when you shop online.
  • Theft of vulnerable information. At home and in the office, you might have sensitive files stored. Perhaps it’s trade secrets that keep your business ahead of the rest, or it could just be pages of employee and family personal particulars. Either way, these types of data breaches can have devastating effects.

How does data encryption work

You might have a general idea about how data encryption works, but how does it really work? There are various types of coding methods used in the process of encryption. Here are just the very basics.

  • Asymmetric Cryptography

This type of encryption mathematically links two keys together. The keys are public and private keys. To break it down into simpler terms; the keys are lengthy numbers that are paired together. The numbers are entirely different. You can share the public key with other people, but the private key is kept secret. Users can use either of the keys to encrypt a message, and the opposite key can decode the message/file.

  • Symmetric Key Cipher

This is a single key provided to a recipient of the encrypted file. The key is used to return the file to a readable format. The same key is used for encrypting and decoding. This type of encryption is best suited to private users at home.

Data encryption is not just a buzzword. Hack attacks are not going to stop. In fact, they are only going to become more advanced and prevalent. To protect yourself from being a victim, protect your data and files with encryption.

Take a look at just how Soteria encrypts your data and learn more about online backups and how best to encrypt your personal data.