Security risks increase when your business moves outside of the safety net of your main workplace. Mobile executives carry sensitive data around with them, and often times open it up to vulnerabilities just for the sake of convenience.

It all seems perfectly innocent. Connecting to wireless Internet in your hotel room, or syncing up to free wi-fi in a restaurant just to get a little work done. Convenient? Yes. Necessary? Sometimes. Is working remotely a down trending habit? Absolutely not. And so, we must learn (and educate our workforce) about how to work remotely more safely.

Protecting your mobile workforce is essential to protecting your business. And it can be accomplished (or at least done more successfully) by following a few simple tips to help keep your business safe from hackers, no matter where you go:

Stay Off the Free, Open Wireless

More and more public places are providing free, or shared wireless Internet. These open networks are dangerous. They’re risky for personal communications, but they are absolutely not suitable for conducting business without protection.

When jumping on public shared wireless connections, it’s essential to do so using a secure VPN connection with the latest encryption methods. This will funnel all your online activities (email, surfing, chat, etc) through this secure connection so prying eyes can’t see what you’re doing. Several companies offer this service but we’ve heard good things about Anonymizer.

As an alternative, Verizon, Sprint, AT&T, and others have mobile broadband services available for a reasonable monthly subscription. Spring for the mobile Internet access card. It’s a small expense for what you get in exchange – the ability to conduct business more securely outside the office.

Bonus Tip – turn off your wireless connection at all times when not in use so you are 100 percent sure about when you are connected to the Internet. If you’ve previously connected to default network names (like Linksys) then anytime that network name reappears at another location, you will be automatically connected to the network opening you up for risks.

Let Hardware Do the Hard Part

We’re joined at the hip to our laptops, mobile devices, iPads, and other mobile gadgets. These crafty handheld devices help us work more effectively, and their processing capabilities and compatibilities increase every day. There’s no turning back from the convenience they provide, and believe me, we wouldn’t want to because the benefits in most cases far outweigh the risk.

Next time you’re packing for a trip, or just to work remotely for the day, think twice about your hardware requirements.

• Use a “travel only” laptop. A stripped down version of your of your regular workhorse but with limited history and minimal applications installed. Of course, passwords and all the “conveniences” of your regular machine won’t be readily available, but do you really need it all when you’re on the road? For some trips, perhaps, but always weigh the risks against the convenience.
• Use Web access rather than physical software for email when possible. Obviously, this is more convenient if you subscribe to the “travel only” laptop model. Either way, take pause to consider all the confidential information that may be stored on your physical machine’s email software if it fell into the wrong hands.
• Clear browser history every time you close Safari, FireFox, Chrome, etc. If anything, this will make it more difficult for cyber thieves to retrace your steps.
• Don’t store documents, presentations, spreadsheets, PDFs, etc, locally. Always connect to your designated location on an approved network and put your information there. The goal is to make your physical hardware as useless as possible. This way, if your laptop goes missing, none of the important information goes with it.
• Don’t store or “remember” passwords, type them in every time unless you want to give unlimited free passes to cyber criminals.
• Don’t leave home without “lojack-like” software, such as Computrace, that can wipe the contents of your mobile device. This provides an extra layer of protection in case your phone or laptop falls into the wrong hands.
• Anti-virus software can be installed on most laptops. There are several reputable virtual security companies that provide reliable service, but in a pinch you can download a free version that is better than nothing, as they say.

Pull the Fire Alarm

Two-factor authentication (aka 2FA or “the fire alarm”) provides an additional layer of protection and awareness for user systems. It’s incredibly simple, affordable, and effective, so there’s no excuse to not have this service for your users 100 percent of the time, but it can easily be enabled for users on the road.

It works like this: When (stolen or legitimate) credentials are successfully entered into a login prompt, the “fire alarm” software places a phone call to the authorized user to 1) alert the authorized user that a designated system is being accessed and to 2) retrieve a secret pin and complete the authentication. With this service enabled, attempted security breaches can be identified quickly, snuffing our suspicious activity before a full-blown crisis ensues.

Watch Your Back, Jack

Your coffee cup is empty, so you grab your wallet and ask the nice person next to you to “watch” your laptop while you go refuel. For an experienced cyber criminal, it takes just second to grab some data off of your computer, phone, or tablet. And lesser skilled (however not necessarily less malicious) hackers could just grab your goods and run. Thieves are everywhere and they park themselves in places where people work for this very purpose.

The coffee shop isn’t the only crime scene. Airports, car rental shuttle, hotels, and the back seat of your car are equally susceptible to theft. Check your bags at every turn. Make sure you’ve got the correct luggage and account for all your personal and professional belongings. Report any stolen items to the police and your IT staff at once.

Be Responsible. Your Business Depends on It.

Anytime you’re doing business on the road without security in place, you’re open for business, but for the wrong customers. You wouldn’t take your customers’ money and let it hang out of your pockets for anyone to grab would you? By leaving data access points open to hackers, you’re essentially doing just that.

Be conscious of how easy it is for hackers to take your company’s valuable information. Take the time to ensure that your company, and your customers’ data, is always protected and accountable, no matter where you are in the world.

A version of this article appeared in eCommerce Times on June 22, 2010.

During the presentation, we will demonstrate how easily cyber criminals can compromise a website and provide real “is hacked” examples that have taken businesses offline. We will also reveal some common (and easily patched) website vulnerabilities so you leave armed with key defense tactics that can be put in place immediately.

Session Agenda Includes:

• Hacker Profiles and Motives
• Open Source Vulnerabilities
• The Security Ecosystem
• Hot to Protect Your Website

Do not miss this opportunity. Take the first step toward protecting your business’ online identity. One lucky audience member will receive 6 months free, secure website hosting, so register now!

According to recent reports, hackers have systematically stolen thousands of files about the U.S. military’s new Joint Strike Fighter, our most advanced fighter in history. Specifically, hackers stole files concerning the design and electrical system of the new fighter, by infiltrating Pentagon and defense contractor computers.

Additionally, hackers were able to break into air traffic control systems operated by the U.S. Air Force. This gave them the opportunity to view the location of any U.S. military aircraft, in real time. While Department of Defense and Pentagon officials believe attacks such as these are the result of foreign states, rather than the work of individuals or small groups, such extraordinary attacks raise numerous questions about computer security in general.

“If hackers can infiltrate the Pentagon, what could they do to my small business?”

For malicious hackers, the potential of billions in profit from the theft of information from businesses of all sizes presents an extraordinary opportunity. Considering the relative ease of penetrating a small businesses credit card database, the limited risk of exposure to legal action, and a plentiful supply of easy targets, it’s becoming a matter of “when” not “if” your business will be attacked.

The time to protect your business is before an attack occurs, rather than afterwards. Attacks resulting in compromised data could mean disaster for your business. If your company does business online, you will need comprehensive security measures from a secure web hosting provider. Protection of your business online is a comprehensive strategy, much of which is executed at the hosting level. As a secure hosting provider, FireHost offers unparalleled protection for clients, including redundant network infrastructure, application protection, and virus protection to completely safeguard your website.

To learn more visit FireHost.com, and contact a FireHost Agent today.

Modern hackers have highly advanced tools at their disposal which can cripple your website, or worse, steal your data. Hackers have started exploiting vulnerabilities in open source platforms, and if your CMS is not properly secured, hackers can ruin your web reputation, or worse your business.

Having a security-focused web hosting provider can help prevent attacks. Before you trust any hosting provider with your website, ask them how they handle security for your website. Most hosting providers have an intrusion detection system (IDS), which simply notifies you after an attack. By that time, the damage has been done. This reactive approach does not provide real security, putting your website, your data, and your business at risk.

At FireHost, we use three layers of application protection to catch, stop, and prevent attacks. Our first priority is providing security to our clients, which we deliver through dynamic intrusion prevention. This is proactive security you can trust and rely on.