As consumers slow down for the year-end break, cybercriminals are entering their biggest time of the year yet, writes DOROS HADJIZENONOS.
As consumers wind down for a much-needed year-end break, cybercriminals are entering their busiest time of year. A time when consumers are quick to snap up festive season savings and when they use their devices more for entertainment and less for work.
While most people will be reading books or letting their children play games on their devices, some will still access their work emails and documents at the beach. It is therefore crucial that businesses adopt robust, user-friendly security technology that protects users when they’re not in the office.
Ideally, all business-sensitive information should be stored in a capsule on devices that is separate from the user’s personal information. The password-protected capsule should only be accessible by authorised users and should encrypt all information stored within it so that the data remains secure if the device is lost or stolen.
Ignorance is not bliss
Information security cannot only be the responsibility of the IT department, especially when users access private and business information on one device. Not only should users take steps to protect their devices but they should also be aware of the tactics used by cybercriminals to trick people into downloading malicious apps or visiting harmful websites. They should also use common sense when granting apps permission to access information on their devices – a photo editing app does not need access to a phone’s contacts list, for example.
Festive season cybercrime tactics often involve “discounts” when shopping online or through a retailer’s app. What consumers are often unaware of is that, even though the app or URL look legitimate, they are not have been designed with the sole purpose of stealing information.
The fact that users can often bypass app stores and download apps directly from publishers’ websites has made it easier for cybercriminals to trick people. By simply sending an email that appears to come from a trusted retailer, prompting the user to download its app to receive a R200 discount voucher, hackers take advantage of unsuspecting shoppers looking to save money on their festive expenses, simply by directing them to a link that downloads a fake app.
All it takes is one click and the app will have access to a user’s camera, microphone, GPS location, contacts, calendar and anything else the user allows it to, because let’s face it, no one reads the list of permissions when downloading apps; we blindly accept the terms and conditions without a second thought. And hackers know this.
Apps behaving badly
Hackers may create an app that looks legitimate but has malware installed in it.
Consider a traveller who has arrived in a new city and wants to download a local city guide application. These are readily advertised in tourist locations with a QR code. A hacker could stick his own QR code over the poster advertising the application and the unsuspecting tourist would then be directed to the hacker’s application that looks exactly the same as the original city guide application.
Once a user has downloaded what he thinks is an app to help him find interesting city information, he will be oblivious to the fact that a hacker is monitoring his every move. And because he gave the app permission to access many parts of his phone (including photos, camera, microphone, GPS location, etc), it is possible for the hacker to view this information as well as send screen captures of whatever is displayed on the screen, which can put company information at risk even though a secure container may be used to store this information.
Just as we protect our houses with security bars, electric fencing, alarm systems, beams and guard dogs, companies also need a multi-layered security approach, so that if a hacker breaches one system, there’s a good chance he’ll be tripped up by another.
While anti-virus solutions are good at blocking known malware, they are less effective against unknown malware. Hackers can also turn known malware into unknown malware in minutes using freely available online modification tools. Security should therefore be bolstered by sandboxing and other security monitoring tools.
Once an app bypasses the anti-virus system, a sandboxing solution will emulate how the app will perform if a user were to open it and will either alert the user if it is malicious or prevent the user from downloading it.
The next level of control involves monitoring the app for suspicious behaviour once it does execute, for example, if the device’s camera still records even though it is turned off. The software will either alert the user to the suspicious behaviour or quarantine the app for further investigation.
It’s tempting to agree to download an app in exchange for 25% off a shopping cart, but users should exercise caution and investigate not only the link they are being directed to but also the information the app asks to access before installing it. It’s safer to go directly to the retailer’s website and follow the download links, or to download the verified app from an app store, than to blindly trust a link in an email or SMS.
Businesses should assume that consumers are not protecting their devices or following due diligence when downloading apps and should implement multi-layered security systems that make it difficult for malicious apps to enter the network.
Hackers will continue to prey on network vulnerabilities and human error to steal information. As long as we stay one step ahead, we can afford to relax this festive season knowing our information is secure.
* Doros Hadjizenonos, Country Manager of Check Point South Africa
Now for hardware-as-a-service
Integrated ICT and Infrastructure provider Vox has entered into an exclusive partnership with Go Rentals to introduce a Hardware-as-a-Service (HaaS) offering, which is aimed at providing local small and medium businesses (SMEs) with quick, affordable, and scalable access to a wide variety of IT infrastructure – as well as the management thereof.
“Despite an increasingly competitive business environment where every rand counts, many business owners are still buying technology-based equipment outright rather than renting it,” says Barry Kemp, Head of Managed IT at Vox. “The problem with this is that the modern device arena has grown in variety and complexity, making it more difficult to manage, and to reduce the overheads of controlling these devices.”
According to Kemp, there is a global trend being observed in businesses moving away from owning and managing IT infrastructure. This started with the move away from servers and toward cloud-based subscription services, and now organisations are looking to do the same with the remaining on-premise hardware – employees’ desktop systems.
The availability of HaaS changes the way in which local businesses consume IT, by allowing them to direct valuable capital expenditure toward the more efficient and competitive operation of their organisation, rather than spending on hardware products.
“The rental costs are up to 50% lower than if they buy these products through traditional asset financing methods. Furthermore, using HaaS gives businesses the ability to scale up and down depending on their infrastructure requirements. Customers on a 12 month contract can return up to 10% of the devices rented, while those customers on 24 and 36 month contracts can return up to 20% of the devices – at any time during the contract,” adds Kemp.
More than just a rental
HaaS gives business access to repurposed Tier 1 hardware from vendors such as Dell, HP and Lenovo, equipped with the required specifications (processor, memory, and storage), and come installed with the latest Microsoft Windows operating system, unless an older version is specifically requested by the customer.
Kemp says: “Where HaaS is different from simply renting IT hardware is that businesses get full asset lifecycle management, such as having all company software pre-installed, flexible refresh cycles and upgrades, support and warranty management and transparent and predictable per user monthly fees.”
The ability to upgrade during the contract period means that businesses can keep pace with the latest in technology without needing to invest on depreciating equipment, while ensuring maximum productivity and efficiency for employees. Returned devices are put through a decommissioning process that ensures anonymity, certified data protection, and environmental compliance.
Businesses further stand to benefit from Vox Care, which incorporates asset management and logistical services for customers. This includes initial delivery and setup in major centres, asset tagging of all rented items, creation, and the repair and/or replacement of faulty machines within three business days – again in the main metropolitan areas.
Vox Care also assists in the design, testing and deployment of custom images, whereby HaaS clients can have the additional programmes they need (security, productivity tools, business software, etc) easily pre-installed along with the Windows operating system, on all their machines.
Kemp says HaaS customers can get further peace of mind by outsourcing the day to day management of their desktop environment to Vox Managed Services, as well as leverage the company’s knowledge and expertise to manage and host workstation backups to ensure business continuity.
Says Kemp: “Hardware-as-a-Service allows businesses to reduce the total cost of ownership of their hardware and ensure they only pay for what they use. Making the switch to a service model helps them take advantage of the global move in this direction, and to turn their business into a highly functional, flexible, low cost, change your mind whenever you want workplace.”
Seedstars seeks tech to reverse land degradation in Africa
A new partnership is offering prizes to young entrepreneurs for coming up with innovations that tackle the loss of arable land in Africa.
The DOEN Foundation has joined forces with Seedstars, an emerging market startup community, to launch the DOEN Land Restoration Prize, which showcases solutions to environmental, social and financial challenges that focus on land restoration activities in Africa. Stichting DOEN is a Dutch fund that supports green, socially-inclusive and creative initiatives that contribute to a better and cleaner world.
While land degradation and deforestation date back millennia, industrialization and a rising population have dramatically accelerated the process. Today we are seeing unprecedented land degradation, and the loss of arable land at 30 to 35 times the historical rate.
Currently, nearly two-thirds of Africa’s land is degraded, which hinders sustainable economic development and resilience to climate change. As a result, Africa has the largest restoration opportunity of any continent: more than 700 million hectares (1.7 billion acres) of degraded forest landscapes that can be restored. The potential benefits include improved food and water security, biodiversity protection, climate change resilience, and economic growth. Recognizing this opportunity, the African Union set an ambitious target to restore 100 million hectares of degraded land by 2030.
Land restoration is an urgent response to the poor management of land. Forest and landscape restoration is the process of reversing the degradation of soils, agricultural areas, forests, and watersheds thereby regaining their ecological functionality. According to the World Resources Institute, for every $1 invested in land restoration it can yield $7-$30 in benefits, and now is the time to prove it.
The winner of the challenge will be awarded 9 months access to the Seedstars Investment Readiness Program, the hybrid program challenging traditional acceleration models by creating a unique mix to improve startup performance and get them ready to secure investment. They will also access a 10K USD grant.
“Our current economic system does not meet the growing need to improve our society ecologically and socially,” says Saskia Werther, Program Manager at the DOEN Foundation. “The problems arising from this can be tackled only if a different economic system is considered. DOEN sees opportunities to contribute to this necessary change. After all, the world is changing rapidly and the outlines of a new economy are becoming increasingly clear. This new economy is circular and regenerative. Landscape restoration is a vital part of this regenerative economy and social entrepreneurs play an important role to establish innovative business models to counter land degradation and deforestation. Through this challenge, DOEN wants to highlight the work of early-stage restoration enterprises and inspire other frontrunners to follow suit.”
Applications are open now and will be accepted until October 15th. Startups can apply here: http://seedsta.rs/doen
To enter the competition, startups should meet the following criteria:
- Existing startups/young companies with less than 4 years of existence
- Startups that can adapt their current solution to the land restoration space
- The startup must have a demonstrable product or service (Minimum Viable Product, MVP)
- The startup needs to be scalable or have the potential to reach scalability in low resource areas.
- The startup can show clear environmental impact (either by reducing a negative impact or creating a positive one)
- The startup can show a clear social impact
- Technology startups, tech-enabled startups and/or businesses that can show a clear innovation component (e.g. in their business model)
Also, a specific emphasis is laid, but not limited to: Finance the restoration of degraded land for production and/or conservation purposes; big data and technology to reverse land degradation; resource efficiency optimization technologies, ecosystems impacts reduction and lower carbon emissions; water-saving soil technologies; technologies focused on improving livelihoods and communities ; planning, management and education tools for land restoration; agriculture (with a focus on precision conservation) and agroforestry; clean Energy solutions that aid in the combat of land degradation; and responsible ecotourism that aids in the support of land restoration.