ELGIN — Two- or multi-factor authentication, web browsing security, antivirus, browser extensions, phishing and updates are all-too-familiar jargon in today’s world. Technological advances have improved life for many, while opening a Pandora’s Box for others.
Robert Leasure, a security engineer at the Oklahoma City-based Alias Infosec, presented a talk on cybersecurity measures during Elgin Chamber of Commerce’s September meeting to stave off bad actors’ practices.
Alias “specializes in detecting, investigating, responding to and preventing data breach incidents,” the company’s website states. Alias works with companies across the U.S. performing information technology and peripheral component interconnect audits as well as penetration tests, social engineering and monitoring intrusion detection systems, intrusion protection systems and security information and event management solutions.
Leasure’s presentation informed the group that many cases Alias works “stem from employees and even management being unaware of common risks.”
Alias recommends enabling multi-factor authentication on services and devices that offer the option. Utilizing two-factor authentication protects accounts even if passwords are compromised. Users may receive codes through text messages after they have entered their password information.
As for web browsing security, Leasure advises that users ensure the legitimacy of Uniform Resource Locators of all websites users access. URLs (website addresses) that are faked can be common. “For example, if somebody were to make aliasinfosec.net it would not be the real website, aliasinfosec.com, and could be a fraudulent or scam site,” he wrote.
Antivirus protection is key to ensuring your personal or business’ information is safe. For businesses, Alias recommends Mountain View, California-based SentinelOne because of its ability to detect suspicious behaviors and alert users to abnormalities in their system. SentinelOne’s management tools enable users to run scripts on chosen machines. Personal protection against viruses starts with detection. Alias recommends Malwarebytes. A global cybersecurity firm with offices in California, Florida, Ireland, Estonia and Australia, Malwarebytes has numerous awards and certifications on its website including AV-Test.org’s Top Product award for Approved Corporate Endpoint Protection as well as PCMag’s Business Choice.
Alias also recommends uBlock Origin to alleviate “annoying” malware and adware advertisements and popups.
“The uBlock Origin extension remains an industry leading, open-source, cross-platform browser extension with software developed specifically for multiple platform use, and as of 2022, uBlock Origin’s extension is available for several of the most widely used browsers, including: Chrome, Chromium, Edge, Opera, Firefox and all Safari releases prior to 13,” the company's website states.
As for phishing and smishing, Leasure said the best action is “don’t take the bait.”
Generally, email is the most common way attackers compromise a network. Documents may look benign but have malicious macros running; links may contain malware, and “pages that redirect [users] to a false website can steal your credentials,” he wrote.
More tips users may consider:
• Be careful with attachments, avoid clicking links, and verify the email address of senders before opening any attachments. Verify what they sent before you open it.
• Never give your information to anyone who has contacted you. Make sure you are the one initiating contact with anyone that needs your information.
• Be cautious of scammers imitating companies via text messages.
• Never reply to messages from suspicious numbers. Even if the text message says “text 'stop' to stop receiving messages,” replying may actually result in more messages getting spammed to your phone.
• Don’t open any links in a scam message.
Users should keep their information updated on personal computers and phones. Business owners should routinely patch machines to prevent the exploitation of vulnerabilities.
“Robert gave some very good pointers to businesses and people alike,” Elgin Chamber President Leslie Durham said. “His presentation was very informative, and he listened to people’s concerns and answered questions very well.”
The next Elgin Chamber meeting will be held at noon Tuesday, Oct. 11 at Elgin High School Library.
For more information on Alias Infosec, visit aliasinfosec.com.
For details about the Elgin Chamber of Commerce, go to www.elginchamber.net.