Posts

The jargon around cybersecurity is cryptic and confusing, which is exactly what criminals want. But understanding these terms can help you keep safe.

The cyberspace is filled with terms that either look the same, sound the same, or mean the same (but are not identical).

Knowing the difference between these similar terms can be tricky, especially when you’ve to keep up with all the common terminologies and principles used in the security domain. Add to it the constant innovation and change happening within cybersecurity, and you’ve got a whole set of complex terms that you need to understand and constantly learn about.

So, here are some similar security terms that are often confused and misused.

Security vs. Privacy

Online security and privacy go hand-in-hand. They are used interchangeably during discussions because they sometimes overlap in today’s connected world.

But there are some key differences between the terms when used in the cybersecurity context.

  • Security: Security refers to the protection of your personal information from malicious threats. It can include any information that can be used to determine your identity.
  • Privacy: Privacy refers to the rights or control you have on your information and the way it’s used.

While security is concerned with preventing unauthorized access to data, privacy focuses on ensuring that personal information is collected, processed, and transmitted compliantly and with the owner’s consent. In simple terms, security protects your data while privacy protects your identity.

To achieve security and privacy, organizations use tools and techniques such as firewalls, encryption protocols, network limitations, and different authentication and authorization techniques.

Authentication vs. Authorization

Authentication and authorization are similar-sounding security concepts within the scope of user identity and access management. Here’s how the two differ.

  • Authentication: User authentication is the process of verifying that users are who they claim to be. It relates to identifying users’ identity.
  • Authorization: Authorization is an act of establishing a user’s rights and privileges. It verifies what specific files, applications, and resources a user has access to.

Authentication is achieved using passwords, PINs, fingerprints, facial recognition, or other forms of biometric information. It’s visible and can be partially changed by the user.

Authorization, on the other hand, works through access management settings implemented and maintained by an organization. They aren’t visible and can’t be changed by the end user.

In a secure environment, authorization always takes place after user authentication. Once a user is verified, they can access different resources based on the permissions set by the organization.

Data Breach vs. Identity Theft

It’s easy to get confused between a data breach and identity theft, as the two are closely connected. The threat for users and the outcome is the same either way; that is, sensitive information is compromised. But there are some differences.

  • Data Breach: A data breach refers to a security incident where confidential data is accessed without authorization of the owner.
  • Identity Theft: When a cybercriminal uses your personal information, such as ID or social security number, without your permission, it constitutes an identity theft.

A data breach occurs when a cybercriminal hacks into a system you’ve entrusted with your information or a company that has your personal information anyway. Once a breach occurs, criminals can use your private information to open an account or commit financial fraud in your name.

The main difference between a data breach and theft is in terms of the damage caused by the incidents. The implications of a breach are usually far more damning compared to an identity theft. According to a report by the US Securities and Exchange Commission, 60 percent of small businesses don’t survive a breach.

However, the damages caused by identity theft can be highly consequential too. The impact of misusing identity go beyond forged checks, fake credit cards, and insurance frauds, and can even endanger national security.

Encryption vs. Encoding vs. Hashing

Encryption, encoding, and hashing are data security terms often used interchangeably and incorrectly. There’s a lot of difference between these terms and it’s important to know these differences.

  • Encryption: It’s a process used to convert readable data, also called plain text, into unreadable data, called cipher text. The data can only be decrypted back to plain text using the appropriate encryption key.
  • Encoding: Encoding is a process in which data is changed from one format to another using an algorithm. The aim is to transform data into a form that is readable by most of the systems.
  • Hashing: Hashing is an irreversible cryptographic process used to convert input data of any length into a fixed size string of text using a mathematical function.

This means that any text can be converted into an array of letters and numbers through an algorithm. The data to be hashed is called input, the algorithm used in the process is called a hash function, and the result is a hash value.

Encryption, encoding, and hashing differ in terms of functionality and purpose. While encryption is meant to ensure confidentiality, encoding focuses on data usability. Hashing, on the other hand, ensures authenticity by verifying that a piece of data hasn’t been altered.

VPN vs. Proxy

VPNs and proxies are both used to change your online location and stay private. They have some overlap, but the differences are quite apparent.

  • VPN: A VPN, short for Virtual Private Network, is a discrete program that changes your geo-location and reroutes your entire internet traffic through servers run by the VPN provider.
  • Proxy: A proxy server is a browser extension that changes your IP address to unblock geo-restricted web pages, but doesn’t offer the extra protection of a VPN.

The main difference between a proxy and VPN is that a proxy server only changes your IP address and doesn’t encrypt your web activities. Secondly, unlike a VPN, a proxy only redirects traffic within the browser. Data from other applications connected to the internet won’t be routed through the proxy.

Spam vs. Phishing vs. Spoofing

Spam, phishing, and spoofing are social engineering tactics used to lure users into revealing personal information.

  • Spam: Spam is any unwanted junk emails, instant messages, or social media messages sent out to a wholesale recipient list. Spam is usually sent for commercial purposes and can be damaging if you open or respond to it.
  • Phishing: Phishing is an unsolicited email designed to harm users by obtaining personal information like usernames, passwords, and even bank details. A phishing email looks like it comes from a legitimate source, but is intended to trick users into clicking on a link containing malware.
  • Spoofing: Spoofing is a subset of phishing attacks in which the attacker impersonates an individual or organization with the intent to gain personal and business information.

Phishing aims to gain personal information by convincing users to provide it directly while spoofing disguises an identity to steal information. The two are closely paired as both involve a level of misrepresentation and masquerading.

Better Understanding, Better Protection

Cybersecurity terminologies and concepts evolve almost as rapidly as memes on the internet. A lot of these terms sound similar but mean something different when you dig a little deeper.

Learning the key terms and their differences will help you better understand and effectively communicate your cybersecurity needs.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from makeuseof.com SOURCE

Most tech companies, such as Microsoft, collect certain information about their users so they can provide better, more personalized experiences. However, these companies also often use the data they gather for advertising purposes. The good thing is that as a Microsoft user, you have a fair amount of control over your own privacy. In fact, you can disable Windows 10’s intrusive privacy settings — here’s how.

Turn personalized advertising off

Windows 10 assigns each user an “advertising ID” that is used for ad personalization based on your recent browsing history. If you’d rather see generic ads targeted to you based on demographics rather than your ID, we recommend turning this feature off. Here’s how to do it:

  1. Click on the search box at the bottom left of your screen. If your search bar is hidden, right-click the taskbar and select Search > Show search box.
  2. Next, type in “Privacy,” then click on Privacy Settings and select General.
  3. Turn off the option that states “Let apps use advertising ID to make ads more interesting to you based on your app activity.”
  4. Lastly, open your web browser and go to this link. Once there, turn off the “Personalized ads wherever I use my Microsoft account” and “Personalized ads in this browser” options.

Following these steps resets your ad ID, letting you surf the web without targeted advertisements.

Disable Cortana

Voice-controlled digital assistants have become big business. Microsoft aims to capitalize on this market with Cortana, an incredibly resourceful built-in assistant that allows you to quickly set reminders, schedule events, and send emails, among many other intuitive features. However, the way it uses the information it collects can become overbearing at times. Here’s how to disable Cortana:

  1. Type “Task Manager” in the search box, or use the keyboard shortcut Ctrl + Shift + Esc.
  2. In Task Manager, click the Startup tab and find Cortana in the list of programs.
  3. Right-click the row and click Disable.
  4. Open the Start menu, then find Cortana under All Apps.
  5. Right-click on Cortana, select More, and click on App settings.
  6. Toggle the switch under “Runs at log-in.”

Once disabled, the Cortana option disappears and you’re now left with just a search bar, which you can use to search for things online or on your desktop.

Stop peer-to-peer file sharing

With peer-to-peer or P2P file sharing enabled, Windows 10 shares downloaded updates to your PC with other Windows 10 users in the same network by default. This helps other users update their systems faster and speeds up your upgrade downloads. However, if you are unhappy with your files being used by other users, you can turn P2P sharing off.

  1. Click the Windows icon and head over to Settings.
  2. Click on Update and Security then choose Delivery Optimization from the sidebar.
  3. Under “Allow downloads from other PCs,” switch the toggle to “Off.”

If you want to share your files with PCs on your in-house network only, leave this option on and select the option that says “PCs on my local network.” For more detailed instructions on how to stop P2P updates, click here.

Blunt Microsoft’s Edge

Microsoft Edge is chock-full of features — such as Cortana Integration and typing prediction — that send data back to Microsoft. To turn off these intrusive functionalities, open Edge and click on the three dots in the far right corner.

Then, click on Settings > Cookies and site permissions. There you have the option to disable a bunch of settings, such as those related to ads, automatic downloads, and location sharing.

These simple security tips will stop Microsoft from tracking your online activities for good. Don’t hesitate to contact us today for all matters security-related.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE

Windows 10 helps users by giving useful suggestions as they type and by displaying ads based on their online searches. But these can feel invasive after a while. To ensure your privacy and keep Microsoft’s watchful eye off your computer activity, follow these tips.

Turn off personalized advertising

Windows 10 assigns each user an advertising ID to personalize their ad experience based on their recent browser history. You can turn off the advertising ID feature by doing the following:

  1. Click Start Settings > Privacy > General.
  2. Toggle off the option “Let apps use my advertising ID for experiences across apps.” This will reset your advertising ID.
  3. If you don’t want to receive locally relevant content from websites, toggle off the option “Let websites provide locally relevant content by accessing my language list.”

Disable Cortana

Microsoft has ventured into the market of voice-controlled virtual assistants with Cortana. This personal assistant allows users to set reminders, schedule events, and send emails, among other tasks. Every time you use Cortana, it collects information about your computer activity — “learning” it, so to speak — to improve user experience. But if you find this feature intrusive, you can disable Cortana completely with these steps:

  1. Search for the Windows Registry editor in the Windows search bar, or press Windows + R, type “regedit,” and click OK.
  2. Copy and paste HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows into the address bar at the top.
  3. Look for the Windows Search folder. If it doesn’t exist, create it by right-clicking the right-hand pane, then choose New > Key. Rename the folder “Windows Search”.
  4. Select the Windows Search folder, then right-click the right-hand pane and select New > DWORD (32-bit) Value.
  5. Name it “Allow Cortana,” and make sure the Value Data is set to zero.
  6. Restart your computer.

Stop peer-to-peer (P2P) file sharing

Windows 10’s P2P file sharing feature enables your PC to share downloaded updates with other Windows 10 users by default. This helps other users update their systems faster and speeds up your upgrade downloads. To turn it off, do the following:

  1. Go to Settings > Update and Security > Windows Update > Advanced Options > Choose how updates are delivered.
  2. Note that the default setting is “Updates from more than one place.” If you want to disable this feature entirely, toggle off this option. If you want to share your files with PCs on your home network, leave this feature on and select PCs on my local network.

Change Microsoft’s Edge settings

Microsoft’s relaunched browser is chock-full of features, such as web experience personalization and typing prediction. Such features may make you uncomfortable since they all send back data to Microsoft. Here’s how to turn them off:

  1. Open Edge and click on the menu icon (three dots) in the upper right corner.
  2. Next, click on Settings > Privacy and services. Scroll down and switch on the “Send ‘Do Not Track’ requests” option.

There’s also a bunch of privacy and services settings that you may want to disable, such as tracking services, navigation error resolution, block potentially unwanted apps, and more.

For more tips on keeping Microsoft from tracking your online activity and more information about how to safeguard your security and privacy, drop us a line today.

If you are looking for an expert to help you find the best solutions for your business talk to GCInfotech about a free technology assessment

Published with consideration from TechAdvisory.org SOURCE