With the increasing adoption of mobile devices and the enormous information stored in the cloud, users are exposed to countless digital threats. The way? The defense in depth.
Faced with the popularization of smartphones and tablets, mobile "malware" has registered a remarkable growth in recent years. Santiago Pontiroli, security analyst at Kaspersky Lab, said that in 2012 were found 40,000 samples of malicious code, the number exceeded 140,000 the following year and reached 190,000 in 2014.
In the framework of the IV Latin American Summit of Security Analysts, Pontiroli said that the trend of mobile banking Trojans is also growing. While in 2012 there were 67 cases, the number was around 1,500 in 2013 and 2,500 in the current year.
In that sense, the analyst stressed that the user can not make mistakes in terms of computer security, since their information can be exposed to cybercriminals. For that reason, he pointed out that the ideal path against possible threats is to adopt different security measures "to complicate the life of cybercriminals". That approach is called "defense in depth".
Pontiroli recommended, in that same line, to use a configuration of Virtual Private Network (VPN by its acronym in English), which allows the computer to receive and send information to public or non-controlled networks, such as the Internet, as if from a private network it was
Another suggestion is to encrypt the information. "It consists of applying cryptography to the disk or to the physical storage of the device, that is, we protect it with a password, so that if a user plugs the computer by USB to a computer, garbage will appear unless it has the key," he said. the specialist. "For a cybercriminal, that (device) has no value because you can not really access the information, if you do not have the password, it's simple to activate (that option) for both Android and iOS."
If you use cloud services, it is advisable to activate two-way authentication. "It is not enough to use a username and password, a text message can also be used to validate that we are registering correctly, and an electronic token can even be used to facilitate the authentication process," concluded Pontiroli.
No comments:
Post a Comment