Note: This blog post was originally written in Japanese for our Japanese website. We used our machine translation platform Translation Designer to translate it and post-edit the content in English. The original Japanese post can be found here.
We are always connected to some kind of network, such as through cloud services, mobile devices, and social media. Raising awareness of cybersecurity has become an important issue for both businesses and individuals. In addition, due to the diversification of work environments such as working from home and using coworking spaces, the complexity of cybersecurity requirements is increasing day by day.
Even with the most advanced data protection technologies and powerful computers, risks still exist if the people who use them are not aware of the risks. In other words, we need to be constantly aware of cybersecurity trends, stay up-to-date, and be prepared for crises.
At Kawamura International, we handle confidential documents of various industries provided from our customers. In order to meet the demands of our customers who have strict security requirements, we conduct security awareness training to educate our employees. In training, we share and update the latest information. In this post, we would like to share some information about what to watch out for and keep in mind in regard to cybersecurity.
Social engineering
In a tactic called social engineering, an attacker poses as a business associate and asks for your passwords or confidential information. It is a method of obtaining sensitive information using psychological manipulation. It tricks users to lower their guard and into making security mistakes.
Some examples are:
- Asking for passwords over the phone.
- Looking over your shoulder for key or password inputs (i.e., shoulder hacking).
- Going through your trash to obtain important information that has been inadvertently discarded (i.e., dumpster diving).
It is a classic tactic but finds the way to your information.
An organizational effort is required as a countermeasure. It's important to make arrangements for how to handle passwords and confidential information. Other common methods of social engineering are taking advantage of users' anxieties and bringing up hot topics. Because of this, it is also important to constantly improve your literacy with respect to such information.
A secure workplace
Is the place where you are currently working safe? Now that we have various options for where to work from, there are many situations where there are random people around us who have nothing to do with your work.
A secure workplace is generally defined as a place where you keep the following in mind:
- Keeping important data close at hand and basically in a locked space.
- Protecting the printer and avoiding unnecessary printing.
- Always accompanying visitors and having them wear a visitor badge.
- Preventing unlocked computers or confidential documents laying around when unattended, even when you are working from home.
Also, if you are working from home and have family members around you, that is another risk. There have been cases where information was leaked unintentionally through family members due to social engineering acts on them. Thorough information management is important even for family members.
What is secure communication?
Working with emails and cloud services are indispensable for businesses, but mishandling them can lead to information leakage. In general, it's good to keep in mind the following points about secure communication:
- Don't use unencrypted email services.
- Don't use unauthorized cloud services.
- Use data exchange tools approved by your company or business partners.
- Always encrypt sensitive data.
- Don't use your personal email for work.
Unencrypted data and emails can easily be snooped on by malicious people, who are targeting such opportunities. Recognizing that anyone can read unencrypted information and taking precautions to handle data will lead to reliable communication.
Carrying security with you — securing mobile devices
It is still fresh in our minds that the increase in remote working during the pandemic led to a surge in demand for laptop computers. Now, it is even more necessary to understand the risks of such mobile devices. In addition, the use of smartphones and tablets for work is increasing due to their improved performance. Because of this, there is a need to renew awareness of cybersecurity for mobile devices.
A characteristic of mobile devices in regard to cybersecurity is that the connection to the network is basically through Wi-Fi. Remember to never use unsecured free Wi-Fi for work, and only connect to secure Wi-Fi networks.
Another risk specific to smartphones and tablets is information leakage through the use of apps. In this case, you should pay particular attention to Bluetooth connections, not just Wi-Fi. As a specific example, there was a case where information was leaked from a terminal connected to a rental car via Bluetooth. In the modern days, Bluetooth is always on for mobile devices. You should be careful about connecting to unintended devices with Bluetooth connections.
Furthermore, there is a risk specific to mobile devices — you can easily lose them. Being portable is the greatest advantage and disadvantage at the same time. It is important to take measures such as locking the device, not leaving it unattended, and always keeping it close to you (e.g., don't place it on an overhead luggage rack on public transportation). If you lose a device provided by your company, it is most important to report it to the designated person in charge at the company as soon as possible.
Summary
We hope this post brought some awareness to how you should be careful about cybersecurity.
More and more, cyber attacks are becoming diverse and targeting data in unexpected ways. Not only the devices but also we need to be prepared for these attacks. We need to update our awareness of cybersecurity on a daily basis. Knowing the latest trends and always being prepared is the path to prevent damaging cyber attacks.
Kawamura's localization services
Kawamura International offers a wide range of machine translation solutions that you can use in a secured environment and meet your translation needs. We will find the optimal solution for your translation purpose, field, and user base as well as that fit your security requirements.
Feel free to reach out to us if you need professional translation services or have any other questions about translation and localization services in general.