Computers and the Internet have become one of the main means of transmitting and processing information. Most of the information on the Internet is open to all users, so many companies provide their employees with the Internet, make the protection of the corporate traffic.

VPN can provide reliable and coordinated work between computers of the company. It is also capable of transferring corporate IP traffic using the secure protocol. The abbreviation comes from Virtual Private Network.

The privacy is protected by using encryption protocol or the Internet Protocol Security (IPSec). In addition to the most common IPSec, encryption technology PPTP is also used to create VPN encryption technology PPTP.

Virtual Private Network – VPN

Their high reliability is provided via a firewall, which stands at the exit of one local area network and another local one. The access server directs the work VPN. It produces a secure connection of the client’s, routing and remote access.

Classification

Modern VPN can be created based

● Firewalls, which provide transmission and encryption of data; ● Creation of secure channels using routers; ● Software solutions; ● OS; ● Special hardware devices.

The type of used environment is divided into secure VPN, which includes IPSec, OpenVPN and PPTP VPN on the trust network. The appointment is divided into

● Intranet VPN, which combine multiple local networks of the company; ● Remote Access VPN connection of a single user to the corporate network ● Extranet VPN supports external users (customers).

In addition to strong encryption, the speed of information passage is a very important feature. When all network components are properly configured, VPN technology provides a high data protection against unauthorized access and each user has unique login and password.

Practical application

VPN allows you to create a virtual network like a local one, but the computers are not physically connected to each other.

The convenience is that you can create the analog of a local network between the computers of users from different countries and continents. The only negative is that such a network will not work without an Internet connection.

But today, most online operators offer constant and high-quality access to the World Wide Web. This is high-quality in the development of local networks and careful organization of corporate networks.

At this stage, this direction is very popular, more and more companies are paying attention to their own VPN with all its facilities. Of course, a cash investment will be an important component of the success and quality of such technology.

It's the unfortunate reality of the cybersecurity threat landscape today that malicious actors are advancing their tactics at a breakneck pace, finding new vulnerabilities in network defenses to execute attacks faster than IT teams can keep up.

This is especially true in the context of the modern distributed organization, where employees leverage an array of mobile devices — and access private networks from almost any location outside of headquarters — to conduct their work. This is a boon for business in that workers can enjoy flexible hours and not be tied to their desks to complete tasks, which can boost employee satisfaction and performance. But it also puts an increased burden on IT teams and network administrators, as they now are tasked with managing a practically borderless network with higher traffic volumes than ever before.

In fact, according to a recent survey of IT teams at major US organizations conducted by Researchscape for iboss, 80% of IT executives weren't confident in their ability to secure mobile traffic in the future, while only 56% of their superiors in the C-suite accepted the same reality.

This is compounded by the increased adoption of cloud services such as Office 365, Dropbox, and other off-premises storage providers, making it harder than ever for corporations to monitor the data leaving their network. Criminals are increasingly able to hide within encrypted traffic, exit the network, and slowly siphon out sensitive data without IT administrators immediately noticing.

While understanding the flaws in network defenses is valuable in planning for the future, it's also critical to know when and how sensitive data leaves the network, especially in expanding, high-stakes mobile breach scenarios. Here are three ways that cybercriminals can gain access to corporate systems through mobile devices and exfiltrate data.

Tor: Free Data Encryption First developed in 2002 as "The Onion Router," the Tor project directs traffic through a free volunteer overlay network that employs more than 7,000 relays to conceal information about users from network monitoring teams. Tor can be implemented in the application layer of a communication protocol stack that's nested like an onion — hence the original name — encrypting data, including the next destination IP address, repeatedly, before it goes through a virtual circuit comprising successive, randomly selected Tor relays.

Because the routing of communication is partially hidden at every port in the Tor circuit, traffic source and destination are hidden from the view of network administrators at every stop. This makes it increasingly difficult for IT and security professionals to determine whether traffic is legitimately exiting the network or if the activity indicates data exfiltration.

Hiding Within Legitimate Traffic Sensitive data may also be hidden within files or documents that wouldn't normally be tagged as malicious content by traditional network security monitors. A hacker who may already have crossed the perimeter might hide sensitive data within Word documents or .zip files, for instance, that feature familiar naming protocols and size characteristics.

If security protocols at the gateway aren't taking a detailed approach to vetting content as it exits the network — that is, taking a layered approach to evaluating entire files that goes beyond adhering to proxy settings or standard decryption — hackers can funnel data out of the network for weeks, months, or years before administrators even notice.

Leveraging Cloud Storage Applications The problem with many cloud applications is that they usually require users to send content into a data center shared by multiple customers, where many users and corporations leverage the same storage capacity and bandwidth. Cloud providers are also a third-party service, which means that data is potentially at risk of being mishandled by the provider if they aren't a proven, trusted partner, or if their security protocols aren't up to snuff.

File encryption and strong passwords can go a long way toward protecting corporate data housed in the cloud. But the most effective way to prevent data exfiltration is a defense-in-depth strategy that is as vigorous in vetting traffic entering the network as it does leaving it, by looking at data packets individually to determine the true intent of the content. For example, this could include sandboxing features that allow documents to play out in a simulated network environment that tests for malicious inclinations once the document crosses the network perimeter. Putting data about to leave the network through the same proxies and firewalls as incoming traffic is another possible solution.

This approach is especially critical for mobile devices accessing network data via remote channels and public Wi-Fi. With the increasing mobility of employees who frequently and easily access cloud services from coffee shops and airports, companies need to make sure that all their active user and device directories remain up-to-date, and that the network is constantly monitored to ensure all users are following best practices. This requires taking regular inventory of the devices and users accessing the network — quarterly, monthly, or even weekly — to ensure that unverified traffic is easy to spot on a rolling basis. The more rigorous that security teams are in making sure their reference points are up-to-date, the more effective their use of leading cybersecurity tools will be in preventing data exfiltration.

The increasing use of smartphones for daily activities, such as emailing, banking, web browsing, shopping, bill tracking, social networking, file storage, and entertainment gives your mobile device the ability to know everything about you.  Not only do you know your smartphone, but your smartphone knows you.  Your smartphone’s knowledge, if not protected, is a potential risk to your security and privacy.  The ultimate question to ask: Is my privacy and security at risk?

Mobile malware is a rising threat to privacy and security.  What is mobile malware?

Mobile malware is a program specially created to infect your mobile phone or device.  Once installed on your device, it may disrupt the phone’s system, in order to gather information stored in the device.  It may also gain access to the device’s operating system, and take over the phone.

Mobile malware may present itself through fake mobile applications, web-browsing, and SMS/Text messages.

• App-based malware attacks can target a user’s financial information.  This might include bank account numbers, passwords, and PINs.  The access of such information may result in the loss of money and/or account take-over.
• Web-based Smartphone attacks can be a result of clicking on an unsafe link.  This may potentially give rise to “Phishing” scams or downloading infected files.
• SMS/Text message-based attacks can be used to spread malware through unsolicited SMS/texts that request the user to reply or click on a link.  Unbeknownst to the user, malware may be installed on the device, leading to unauthorized access to the device’s information.

Securing your Smartphone device:

• Passcode:  A passcode is a simple step you can take to protect your smartphone.  If it is stolen, with all of your personal information, this simple step may be the key to protecting your information from unauthorized users.
• Antivirus software:  Use mobile security antivirus software.   There are Smartphone apps designed to monitor and protect your device against malware and spyware.
• Software updates:  Updating your smartphone’s operating software is another step towards securing your device. Software updates are designed to fix problems in the device’s operating program, which may include fixing security vulnerabilities or other bugs that may diminish your smartphone’s performance. Therefore, stay up-to-date on any software updates and make sure to install the latest version.

Important Note:  Do not allow your device to remember passwords. If your device is lost or stolen, the information is now compromised.

Android or iPhone: Which one do you have?

• Regardless of whether you use and Android or an iPhone, your privacy and security may be at risk.  Understanding the operating system of your smartphone will require work on your part.  This knowledge will help you understand the capabilities of your device and help you understand potential threats to privacy and security.
• Both platforms have their own App Stores and both employ different security measures to monitor and vet the apps that are allowed to be on the Android Market or the Apple App Store:
• Android’s Google Market runs an open market. As the smartphone industry grows, it attracts more malware developers to organize attacks and put smartphone privacy and security at risk. The Android Market has been criticized by the industry several times for not vetting its mobile applications before they are added to the Android Market. What does this mean for you Android phone users? You will need to exercise caution when downloading apps to your device.
• If you are an iPhone user, Apple reviews applications before they are added to the App Store. According to Computerworld, “When Apple reviews an app, it tries to verify several things, including these: Does the app do what it says it does? Does it function reliably? And does it respect the limitations that Apple has put on developers?” However, despite tighter security measures, it does not exempt the iPhone user from privacy and security threats.

Application Permissions/Access:

Ever wonder if the apps that you download put you at risk?  If not, you probably should. Many apps are designed to capture a wide range of information. Did you know that apps can:

• Read phone state and identity?
• Track your location?
• Read owner data?
• Read contact data?
• Record audio – your calls?
• Take pictures?
• Modify or delete SD card content?
• Edit SMS/text or MMS messages?
• Write sync settings?
• Send SMS messages?
• Write contact data?
• Fully access the internet?

The best security practices when downloading apps are exercising caution and reviewing the app’s ratings, regardless of whether the app is free or paid.

You should carefully examine and pay attention to the permissions the app is requesting to access:

• Android Market apps require the user to either grant or deny access – if you deny access you will not be able to download and install the app.
• iPhone apps will not disclose what the application has permission to access. When downloading an app whether free or paid, Apple requires the recognition of consent by having the user sign in using their Apple account.  The primary reason behind Apple’s non-disclosure of the information, according to Computerworld, is because “Apple tries to prevent developers from having full-scale access to all of the data and hardware” on a device running on Apple’s operating system. However, apps still have access to certain system components.

Because apps have access to a lot of your personal information and data on your Smartphone, familiarize yourself with what the app really needs in order to run.  If you feel it requires more than it really should, reconsider installing it.

Only download applications you trust.  Android users are allowed to download apps from third-parties, whereas, iPhone users are only allowed to download apps from the Apple Store; unless, of course the iPhone has been “jail-broken.”  Jail-broken iPhones can download applications from the “Cydia App Store” (apps that have not been approved by Apple).

Location (GPS) and WiFi:

• Many applications request permission to access location.  Consider turning off the location services (GPS) on your phone to protect your location privacy, unless it is necessary to perform a desired function.  Keep in mind that you have the ability to enable and disable the location services on your phone.
• Have you ever taken photographs with your smartphone and posted them online?  What’s the worst that can happen? As careful as you may be, if your GPS is enabled, your personal information may be exposed through a process called “geotagging.”
  • According to PCmag.com, “Geotagging adds the current geographic location of the camera or smartphone to an image or message, or adds the static geographic location of a street address.”
• • This information most often includes latitude and longitude coordinates which are derives from a global positioning system (GPS).
  • While it sounds complicated, it really isn’t.  It simply means the marking of a video, photo, or other media with an embedded location of where it was taken.
  • Smartphones featuring GPS have made this “tagging” possible.
  •  “Geotagging” has been considered an infringement on public privacy and problems can arise if the information is given out unknowingly and/ or pulled by the wrong people. So, the photograph you took in front of your computer, at your doorstep, etc. has been recorded and may have possibly given your location.
• To protect yourself, you can:
  • Turn the geotagging feature off.
  • Download disabling software (it will search for geotagging information and delete it before sending).
  • Be aware and educate yourself.  Understand the information you are sharing.
  • Consider what you post on the Internet.  You never know who has access to it.
• Protect your privacy and security by exercising caution while doing financial transactions or checking banking information while connected to public wireless networks (WiFi). Credit card and personal information transmitted through public WiFi may be up for grabs by identity thieves.
• If you are a Smartphone user, it is highly recommended to use your Provider’s 3G or 4G Network to conduct any financial business.  After all, you are paying for the service.

Oracle has released a security patch update to address a critical remotely exploitable vulnerability that affects its MICROS point-of-sale (POS) business solutions for the hospitality industry.

The fix has been released as part of Oracle's January 2018 update that patches a total of 238 security vulnerabilities in its various products.

It was recently revealed that more than 43 percent of cyberattacks are targeted at small businesses – up from just 18 percent in 2011. This is likely to be because compared to their larger counterparts, startups and small companies lack the internal expertise and budgets to invest heavily in expensive cyber defenses. But cybersecurity has gone from being a luxury to something that no organization can afford to do without. Figures released by the Ponemon Institute revealed that the average cost of a data breach in the U.S. is more than $7 million. And the EU is bringing in new legislation that states that any company that that holds the data of EU citizens must commit to far more stringent data protection regulations or face fines of up to €4 million.

Clearly, then, from a financial perspective alone it has never been more important for businesses to invest in cybersecurity and defences for their digital systems. Here we take a look at some of the ways that small businesses can keep their crucial company data safe from cybercriminals and hackers.

Educate Your Staff and Colleagues

It is important to understand that the most crucial line of defence against hackers is not a firewall or an external cybersecurity team but your own staff. Unfortunately, it is the case that some of the most effective forms of cybercrime are facilitated by accidental or careless actions by employees. For example, one of the most common hacking techniques is a phishing email which purports to be a genuine email to get an employee to reveal login credentials for your computer system.

This means it is vital for you to provide training to staff and colleagues on common hacking and cybercrime techniques and how they can avoid being caught out.

Encrypt

Stolen customer data can be a nightmare for a business, not to mention for the individuals whose data has been taken. And while it may not always be possible to stop sophisticated hackers from getting into your system, it is possible to stop them from getting access to key data by encrypting it properly. Encryption is useful for everything from protecting information that has been stored on the cloud to keeping internal emails private and confidential.

Don’t Forget HR Data

Many companies put a great deal of work into protecting sensitive customer information with a secure computer network and a custom-made database but then forget that they also store a great deal of internal and HR-related data. Keeping your staff data in a system that is not secure makes it an easy target for hackers.

To ensure that you are completely protected, it is very important to use high quality, security-conscious HR databases and staff rota software.

Upgrade to Secure Sockets Layer (SSL)

If you have not yet made the decision to upgrade your website to SSL, it is really worth doing. SSL is a process that ensures that a channel between websites and computers are always secure. You may have noticed more websites with the HTTPS in the URL bar rather than the traditional HTTP – these are the sites that have upgraded to SSL. Now is the time you do so, too. It will ensure that anyone visiting your site is more secure. Some businesses assume that HTTPS is only necessary when someone is purchasing something, but it is now considered to be a best practice.

Stay Up to Date

It’s still true that it’s far more likely for hackers to compromise a system if it is not regularly updated. Failing to update your software can leave the whole of your business highly vulnerable, so ensure that your website and any computer systems that you use in the course of your work are kept entirely up to date.

Work With Specialists

Finally, it is worth pointing out that companies often suffer at the hands of cybercriminals simply because they lack the expertise to set up useful safeguards. For smaller companies who may not have the luxury of a large IT department, it is helpful to work with external cybersecurity professionals to benefit from their experience and knowledge.