Information security and data protection

What is information security? And why is it so important?

Information security, computer security or virtual security is the process by which unauthorized use of a computer system is prevented and detected. In other words, protecting our data against hackers who have bad intentions or who intend to make a profit from it. Some basic precautions are the installation of an anti-virus or firewall software (part of the computer system that blocks unauthorized access).

Protecting information is extremely important. This prevents the theft of passwords, bank account numbers, credit card and customer information, work documents, spreadsheets, etc. Cybercriminals can misuse this information, using your photos or email to damage your personal image or create harmful content.

Threats have a global dimension and can affect any person or organization, anywhere in the world. Furthermore, they are difficult to eradicate due to the inadequacy of efficient legal mechanisms in cyberspace. As an example, in Spain alone in 2015, cyber-attacks cost around 14 billion euros.

What areas does information security cover?

Information security is based on the following four pillars, where it is protected:

Confidentiality: only users with permission can access resources, data and information

Integrity: it is ensured that only authorized persons can modify data

Availability: having access to the information when required but avoiding illegitimate access during eventual breakdowns in the system

Authentication: ensuring that data and communication is maintained only with verified persons

Below, we will provide you with basic advice for the maintenance and prevention of your security:

– Set-up automatic backups of important data

– Install legally purchased software. The “free” installation pages can contain all kinds of viruses

Protect your Wi-Fi network with a strong password and avoid open Wi-Fi networks that you connect to away from home

– Choose large and complex passwords. We recommend a minimum of 8 characters, including at least one uppercase, one lowercase, one number and one special character

– Take care of the data you share on social networks, as many cybercriminals can use it to carry out attacks

– Do not run any USB storage without first having it checked by an anti-virus

The defense strategy should not be based only on protection, but on monitoring to prevent attacks.

How do you know if you are being targeted?

Data protection

It is estimated that 97% of cyber-attacks are produced through social engineering techniques, in which the subject in question is psychologically manipulated to deliver information voluntarily and unconsciously. According to data obtained through a report by Cisco, a multinational technology company, about 6% of employees have admitted that they have transferred files from their work to their personal computers during working from home.

Some of these attack techniques are:

Phishing: Impersonation of a company’s identity to use it in portals, emails, social networks or text messages to steal information

Vishing: Impersonation of a service company, government or other entity in which the victim is tricked through phone calls

Pretexting: creating a scenario in which the victim, without being aware of it, provides access to his or her computer and capture information or install malware (malicious program).

Signs that you may perceive if a security gap occurs on your computer device:

New programs appear that you have not installed

– Your computer slows down

– Push-up notifications and announcements on your screen start to multiply

– You lose control of your mouse or keyboard

Cyber fraud can seriously affect your business. Such an incident can make customers feel insecure and affect their loyalty to the organization. When a security gap appears, it is very important to notify the entity in charge of data protection in your country. Otherwise, your company risks being sanctioned.

If you notify this fact within the given period:

  1. You will reduce the penalty that the company could receive
  2. It cleans up the image it offers to public opinion

How can DL help protect your data?

To begin, we’d do a thorough study of your case and, based on your needs, develop customized courses that could range from

  1. Guidelines on what you should not do to violate your privacy
  2. Instruction for employees to know what the threats are and what their consequences are, and how to prevent them
  3. Virtual security conferences where we would inform about the use and importance of generating secure passwords, correct usage of clouds and recommendations to manage all devices in an optimal way

Similarly, through platform awareness workshops, we would create a security awareness plan, which would include not only the IT security team, but all areas and departments. All this through scenarios that would train employees to avoid being targets of cyber-attacks through activities and tests. On the other hand, Digital Latam can offer them from experience, the creation of corporate emails with high security passwords. Also, we can recommend the best patches and security software for your devices.

Do not hesitate to contact us and we will solve all your questions and doubts about information security.