Wednesday, 26 December 2018 13:20

Securing the Print Device and the Humans Who Use It

Written by Garland J. Nichols

By Garland J. Nichols, PhD, Xerox Vice President Information Security, Research & Product Development

 

The Internet of Things — really the Internet of Everything — has disrupted how we view security. It’s not just locking the front door and installing an alarm system as we do to protect physical things. We must secure every aspect of our digital presence on the Internet to be assured we are indeed secure.

Here are a few ways to secure your digital presence along with parallel tips to secure a networked multi-function or single function printer.

1. Apply GOOD Passwords, and Please Change Them!

For your mobile devices, apply passwords that are difficult to guess. Do this for all accounts that you access online. Some suggestions for creating good passwords:

10 characters long
Combinations of lower and uppercase letters, numbers and special characters
Don’t duplicate passwords, especially for websites that allow financial transactions such as banks or online shopping.

You should change your passwords periodically. Every thirty days is recommended, but probably difficult to maintain, so determine a frequency you’ll stick with. If your “favorite” password is compromised at one website, it can be used to scan thousands of websites to see if there is a successful login. Hackers use the power of computers to compromise passwords; they aren’t personally logging into your accounts one by one.

2. All Wi-Fi Is Not Created Equal

Are you connecting your mobile devices to free Wi-Fi in public places like coffee shops or airports? If you are, free is not necessarily safe, and your transmitted data is not protected. Such connections are meant for convenience, not security. Anyone with the right tools can intercept data you input, such as passwords, which are transmitted in the open when you use unsecure Wi-Fi. Your data is not encrypted from the PC to the Wi-Fi access point. It is only secured once a connection is made with the website via HTTPs.

In addition, a hacker can easily create a rogue access point and trick you into connecting. It will look legitimate, but it’s malicious. Everything you access while using it, such as e-mail, social networking accounts and your banking accounts can be compromised.

3. Keep Your Software Up To Date

Ensure that automatic updates are enabled for your mobile devices, especially your home-use PCs. The latest software can protect your information from vulnerabilities that those with malicious intentions can exploit. Software updates on your cell phone are critical, but are often well “after the fact” of identified vulnerabilities. Many carriers test software compatibility with all of the other apps installed on your phone before they deploy them. Those are the apps you have to keep, whether you want them or not. This means any vulnerabilities that might be resolved are not new and may have existed for some time. For that reason, apply updated software as soon as it becomes available.

4. To Click or Not to Click

How often do you get an e-mail that entices you to click on a cute video or an important message from your “friend” or a “business” that requires your immediate action? This might be phishing, the fraudulent practice of sending emails seemingly from reputable companies or individuals in order to induce people to reveal personal information, such as passwords and credit card numbers. Malware can also easily spread by unconscious link clicking, resulting in compromise of your information.

Today phishing is not only in e-mail; it has extended to cell phones in the form of texts on your phone. Be wary, pause before you click and ask yourself, would this person just send me something like this out of nowhere? Would my bank ask me to go and log into my account via an e-mail or text with a hyperlink? When in doubt, confirm the sender and the information in the e-mail is legitimate or just delete it.