What is the safest method of cyber communication?
No electronic communication handled by companies can ever be seen as completely secure. While advancements in technology have improved the way we protect ourselves online, targeted attacks and threats are also rapidly evolving, meaning companies must remain vigilant about their processes and staff training. So which communication methods are the safest to use?
Email continues to be the main method of communication between employees and often transports extremely sensitive data about the company and its employees. For the sake of argument, assume that no ‘free’ email service is safe. Gmail, for example, is a fantastic platform for personal email and casual communication, but nowhere near secure enough to send confidential data. Even a standard paid-for service can have serious flaws, including meta-data exposure. A secured email server
with robust encryption is therefore needed for a company of any size to protect from threats. See our dedicated blog post for keeping yourself safe when using email.
“Phone hacking” came to the forefront of British attention several years ago when News of The World were found guilty of infiltrating numerous phone calls and voicemail systems to obtain details for stories. Since then, phone hacking has been seen as a far more serious threat than it once was.
Increasing numbers of employees are given mobile phones to help make their workload more manageable and stay in touch away from the main office. Basic protection methods can be implemented by mobile phone users to ensure the data held on the phone does not compromise the company. For example, employees shouldn’t store financial data on their phones, use it to store passwords or keep confidential voicemails or text messages. Encrypted apps such as Whatsapp and Skype and firewall protection can help aid a safer form of communication between employees, and rules surrounding which apps are downloaded to the phone should be discussed on an individual company basis.
While mobile phone use can be relatively safe when used properly, they come with the unique privacy concern that they are often left unattended, get lost on public transport and end up in the wrong hands. Therefore, all company mobile phones should have passwords that are regularly changed by the user and any lost or stolen phones must be blocked and protected by the company’s security software.
Web and video conferencing is on the rise. In fact, one survey showed that 60 per cent
of companies are sharing sensitive data via web conferencing. Luckily, hackers are more interested in email than web conferencing. But that doesn’t mean online conferencing is completely safe. Some companies use what’s known as ‘vanity URLs’ to send to conferencing attendees (e.g. www.jointheconference.com/companyname). This makes it easier for a phisher to impersonate a company and infiltrate a meeting. It is also important for companies to monitor any static dial-in credentials during a web conference. This is because, much of the time, the call-in and PIN numbers don't change. Often web conferencing hacks and email hacks go hand in hand, as much of this login information is sent to the user’s email address.
Reporting risk-taking communication methods
While it is crucial for companies to understand what the safest methods of cyber communication are, it is just as vital to maintain an environment where mistakes can be noted and owned. But this is sometimes easier said than done. One survey has shown that only 60 per cent
of employees who observe a behaviour or attitude that could put a company at risk (such as seeing a colleague send a work related email with confidential documents attached to his personal account) feel comfortable reporting it or giving the employee feedback. Yet 90 per cent say they would want to do this. Therefore, it is important that workplace cultures have the appropriate procedures in place so that whistle-blowers can make themselves known without feeling compromised. This helps the company avoid unnecessary cyber risk and ensures all employees are accountable for their actions.
At Storm Internet, we offer full managed web hosting and secure email so that you can feel confident your data is as safe as possible. We recognise that threats are constantly evolving and strengthening, which is why we use proactive measures to ensure your employees can communicate effectively without compromising sensitive data or exposing a company to a threat.