Making Online Learning Safe
As a Registered Training Organisation, Blast Management International (BMI) utilises cloud-based software applications to deliver flexible learning which meets the current privacy and data security principles set by the Commonwealth Government.
The following provides useful information that you should consider and apply.
Whether you’re shopping, banking, doing your accounts, or simply checking your email, cyber criminals and scammers are always looking for ways to access your money or sensitive information.
There are precautions you can take to reduce the risks. Spend a few minutes reading the following information.
Phishing and Malicious Emails
A phishing email is a favourite way for cyber criminals to get access to your sensitive information, including your usernames and passwords, credit card and bank account details, etc. This kind of email may look as if it comes from a trustworthy source, but its aim is to trick you into:
- clicking on a link that will infect your computer with malicious software
- following a link to a fake (but convincing) website that will copy your login details
- opening an attachment that will infect your computer.
Once you’re on their hook, the cyber-criminal may try to steal or extort money from you, or gather sensitive personal or business information they can use for other attacks. However, you can protect yourself and the people you do business with by being aware of these scams. Here are some ways to identify a malicious email:
- Incorrect spelling or bad grammar. Even genuine senders don’t get it right all the time, but be suspicious of emails with basic errors.
- The linked URL is different from the one displayed. To check, hover your mouse over any links in an email (DON’T CLICK) to see if the actual URL is different.
- The email asks for personal information that they should already have, or information that isn’t relevant to your business with them.
- The email calls for urgent action. For example, “Your bank account will be closed if you don’t respond right away”. If you’re not sure and want to check, then go directly to the bank’s website via the URL you would normally use or phone them. NEVER click on the link in the email. The email says you’ve won a competition you didn’t enter, have a parcel waiting that you didn’t order, or promises huge rewards for your help. On the internet, if it sounds too good to be true then it probably isn’t true!
- There are changes to the way information is usually presented. For example, the email is addressed to “Dear Sirs” or “Hello” instead of using your name, the sending email address looks different or complex, or the content is not what you would usually expect.
These are just a few of the things to watch out for. But even if there’s nothing specific you can put your finger on, the email may just not feel right. Trust your instincts, and don’t get hooked.
If you receive a suspicious email follow these rules:
- DO NOT CLICK on any link or attachment contained in the email.
- DO NOT REPLY to the email.
- Delete the email
- Update your anti-malware (anti-virus, anti-spyware) and run a full scan on your computer.
If you suspect you’ve received a phishing or malicious email, and it says it’s from Blast Management or uses the Blast Management logo, don’t click on anything in the email. Please report it by letting us know through our website contact page.
The Basics of Cloud Security
These days, it’s very common for businesses like Blast Management to store training data online in the cloud. What does this mean to you and is it as scary as it sounds?
What is the Cloud?
In simple terms, it’s a way of describing data and applications that are stored online.
Until recently, programs were run directly from people’s computers. Users installed the software themselves onto the hard drive, and the data created by that software was also stored on the hard drive.
With increasing internet speeds much cheaper data storage, that’s all changed. Now many applications run online from remote servers and the data they generate is also stored in the same locations.
As businesses all over the world are moving to the cloud, let’s look at cloud security and ways you can make your data safer in the cloud. But before we jump in, remember that nothing is 100% secure.
Five Key Benefits of Cloud Computing
There are some significant benefits to using the cloud:
- Lower IT costs but improved experience: Software upgrades, patches and backups are vital to keeping a business running. Cloud applications can do most of this for you.
- Faster updates: Software is being developed with new features added and bugs fixed. Updating from the cloud means you always have the latest software – no need to wait a year for the next version.
- Access from anywhere at any time: You can access your software and data from wherever you happen to be. All you need is an internet connection.
- Better business continuity: Power outages, fires, floods, burglaries, earthquakes – all of these are potential business risks. Cloud-based companies can recover faster from disaster than those with data stored on-site. Recovery can happen within hours, instead of weeks or longer.
- Greater flexibility: Many cloud systems can share data and integrate with each other. For example, external purchase orders and invoicing can feed directly into a client’s cost control system.
How is Your Data Stored?
This is a very common question. In most cases it’s stored on servers in big data centres, which are secure and managed 24 hours a day. Data generated by Blast Management is stored in data centres that are based in Australia.
The professional cloud applications we operate use secure, encrypted connections which encrypt your data before it’s sent to the server – and also when it comes back again. In effect, nobody can decipher what’s being sent or received.
Despite all this security, there are still things you can do to keep your data even safer.
Ways To Make Your Data Even More Secure
There have been some high-profile hacking cases in recent years but in nearly every case, there were other elements that contributed to the attack. Here are five ways you can increase the security of your data:
- Use strong passwords
Many people use passwords that aren’t secure. They might use their pet’s name combined with their date of birth, or their child’s name spelled backwards. Or they might use other combinations that seem clever but are actually easy to guess.
Short passwords can be cracked by brute force simply by giving a computer a word list and letting it try combinations. While longer passwords are harder to crack, they can be harder to remember.
Despite this, keep your passwords long, as random as possible, and unrelated to your own life. Use a different password for each cloud application. If you want something more secure than a password, try using a passphrase – a phrase that makes sense to you that’s typically 20 to 30 characters long. While these need to be meaningful, try not to use your birth date or username.
Finally, use password manager software to help you securely store multiple logins and generate strong passwords. Then you only need to remember one password to access the manager.
- Take advantage of monitoring software
For example, some online services display details of when you last logged in to their service. If you notice this is incorrect, or from a suspicious location, then raise it with the appropriate party. Remember, tools like this are provided as a service – use them.
- Use anti-malware (also known as anti-virus) software
When malware (short for malicious software) gets onto your computer, laptop, tablet or smartphone, it usually means you’ve clicked on a link or attachment in an email, or visited a website that’s not secure. If there’s a link or attachment that you don’t know or trust then don’t click on it.
Once malware is on your machine, it might copy your user ID, password or credit card information and send it to a hacker. Or it might quietly take over your computer and use it to attack other machines.
Malware is designed to be hidden, so you’re not likely to notice it by chance. Make sure you use reputable anti-malware on your phone, laptop, desktop and tablet. And always ensure your anti-malware and any other software is kept up to date.
- Be aware of phishing or other hacking methods
The weakest link in cyber security is not the computer but the person using it. For example, imagine a phone call: “Hello, it’s John from IT support. We’re upgrading your software but it looks like your password has changed since last time and we can’t get access to run the upgrade. Can you give me your new password please” This is type of hacking attempt is called “social engineering”.
As outlined previously, another method of hacking is called ‘phishing’ which happens through emails that contain links the hacker wants you to click on.
Cyber Security is all about your attitude:
Remember, nothing is 100% safe and secure but if you follow the steps outlined above, you’ll be well on your way to protecting your data.