PC PORTAL

Experienced. Trusted. Solutions.

VPN

By

Smart Wearables: Convenience vs. Security

Reading Time: ~3 min.

Fitness trackers and other digital wearables have unlocked a new era of convenience and engagement in consumer health. Beyond general fitness trackers, you can find wearables for a variety of purposes; some help diabetics, some monitor for seizure activity, and some can aid in senior citizens’ health and quality of life. But the convenience of an interconnected lifestyle may be a double-edged sword. Fitness trackers and wearables are notoriously unsecured. Wearables record and store some of our most sensitive health data—which is often 10x more valuable than a stolen credit card— making them a particularly attractive target for hackers.

So what types of data does your fitness tracker store? For a start, it holds the identifying information required to set up your account, such as your email, username, and password. But other fitness tracking specifics can make a user easier to identify, including as gender, birthdate, geographical location, height, and weight. Health and activity data provides an in-depth look at the user’s daily habits through the power of GPS monitoring. If your device is paired inside of a network, other personal device information will also be stored, such as your Unique Device IDs or MAC addresses. Depending on the device, your wearables may also store your credit card information or bank account information.

New vulnerabilities

Because of their versatility, wearables and fitness trackers leave us vulnerable in many ways. In last year’s MyFitnessPal hack, which affected 150 million users, attackers hoped to access credit card information but came away with only usernames and passwords. But what about the information that is more specific to wearables, like GPS tracking? After the fitness tracker Strava revealed hidden army bases through heatmap tracking, the Pentagon began to restrict the use of wearables by military personnel due to the potential security threat. And the recently uncovered MiSafe vulnerability left thousands of children unsecured, allowing hackers to track their movements, listen in on conversations, and actually call children on their smart watches. 

Even with these concerns, the wearables market continues to grow, with the prevalence of such devices predicted to double by 2021. Large healthcare organizations and insurance carriers are also starting to use insights from fitness trackers to influence both patient care and insurance rates. We’re even beginning to see the introduction of wearables for employee tracking, although this has met with mixed response. With this increased exposure to potentially insecure technologies, you’ll need to take extra steps to ensure your family’s security.

Where to start

Always research any fitness trackers or wearable devices before you commit, and be sure to avoid devices with any known security flaws. Notable examples to avoid are Medion’s Life S2000 Activity Tracker and Moov’s Now tracker. The Life S2000 requires no authentication and sends data unencrypted, and the Now tracker can leave users vulnerable to attack via Bluetooth connectivity. Even larger brands like Lenovo struggle to maintain an adequate level of security in their fitness trackers; the Lenovo HW01 smart band sends both registration and login data to its servers unencrypted.

Although it’s tedious, we recommend you always read the privacy policy of any wearable device or fitness tracking app before you use it. If the data storage and security measures outlined in the policy aren’t up to snuff, request a refund and let the manufacturer know why. Periodically reviewing your app’s privacy settings on your phone is also a good practice—just to make sure you’re comfortable with the app’s level of access. Take common-sense cybersecurity measures to help keep your wearables as secure as possible. Never reuse passwords or use third party login services like Facebook Login, and consider using a password manager like LastPass® instead.

Wearables and fitness trackers are here to stay, and the Internet of Things (IOT) is only going to keep growing. We have to work together to protect ourselves as we integrate these technologies into our daily lives. After all, the price of convenience cannot match the value of our personal security.

As always, be sure to check back here to stay updated on the newest cybersecurity trends.

The post Smart Wearables: Convenience vs. Security appeared first on Webroot Blog.

By

The Must-Have Tech Accessory for Students

Reading Time: ~4 min.

We live in a digital age where internet-connected devices are the norm. Our phones, our televisions, even our light bulbs are tied together in today’s tech ecosystem. For high school and college students, this degree of digital connection is the standard, and when school is in session, tech accessories are a popular way to customize the various connected devices that are now an essential part of students’ lives.

With their focus on specialized accessories, it’s easy for students to overlook the importance of securing their connected devices. What’s the point of an expensive phone case or the perfect PopSocket if you’re leaving yourself, and your data, vulnerable? Hacks, security breaches, and stolen identities are often seen as things that don’t happen to digital natives. But security breaches can happen to anyone—no matter how sophisticated a user may be—and are almost always preventable by practicing safe cyber habits and having the right security is in place. But where do you start?

Back to basics

For students at any level, these best practices may seem eye-rollingly intuitive, but they are the basic tools for staying safe and secure online. Flaws with basic cybersecurity often prove to be the catalyst for a chain reaction of breaches, so by making sure these essential fail-safes are in place, you go a long way toward protecting yourself from cybercrime.

Awareness

Being aware of your surroundings and the connectivity of your devices is the first step towards a digitally secure life. But what does awareness mean from a cybersecurity standpoint? It means turning airdrop, file sharing, and open Bluetooth connectivity off, before you use your device in a public area. It means not leaving your laptop unattended, even if you’re just running to the bathroom at the coffee shop. It means using a free tool, such as haveibeenpwned.com, to see if your data has been breached in the past and taking corrective measures if it has been. Most importantly, it means treating public networks like they are public, and not accessing sensitive information through them unless you take the proper precautions (more on that below).

Two-Factor authentication

Two-factor authentication, where a validation message is sent upon login, is a security feature that verifies that you are the one who is actually attempting to access your account, particularly if the access request is coming from an unrecognized device or location. Two-factor authentication is the best way to stop unauthorized users from logging into your accounts. Most social media services offer two-factor authentication, but if you don’t trust them to be up to the task, use a third party service such as Authy or Google Authenticator. SMS and email two-factor authentication measures are demonstrably weaker than other available two-factor measures, and should be avoided if possible (although it’s better than using only a password alone).

Multiple passwords

No one likes to remember multiple passwords, let alone multiple secure passwords. But never reusing passwords is the best way to prevent third-party breaches from affecting multiple accounts. A good tip for varied passwords you can remember? Choose a phrase (or favorite song lyric) and break it down into sections. For example, the quick brown fox jumps over the lazy dog, becomes three separate passphrases.

  • the quick brown
  • fox jumps over
  • the lazy dog

This is a handy trick to wean yourself off the same two passwords you’ve been using since middle school, and is better than password redundancy. Make sure you include spaces in your passphrases. In the rare case spaces are not allowed, then a phrase without spaces will suffice.

Digging deeper

If the tips above are the metaphorical security sign in the window of your digital life, the measures outlined below are the actual security system. A small amount of additional effort on your part will help keep you safe during your educational career. 

Antivirus software

Making sure you have trusted antivirus software running on all devices is one of the most effective ways to stay safe from online threats. A cross-device service, such as Webroot SecureAnywhere® solutions, will keep you safe from potentially malicious emails, files, or apps. An important step to never skip? Keeping your antivirus software up to date. This will help prevent newly surfaced viruses and malware from penetrating your systems. Or, chose cloud-based antivirus solutions, like Webroot’s, that do not require updates.

Password managers

Don’t want to bother with remembering passwords at all? Password managers with secure encryption make generating and storing passwords safe and easy. Many password managers are compatible with common browsers such as Chrome and Firefox, making it easy to securely auto-fill passwords and other forms online.

Message encryption

Encryption services use ciphers to convert messages into random symbols, which are only able to be converted back when accessed by the intended recipient, with a special key. Common encryption options are Apple Messages and Signal, as well as WhatsApp, which is owned by Facebook. If you prefer an encryption option that isn’t owned by a large corporation, Signal is a part of Open Whisper Systems.

Virtual private networks

If you must access sensitive information through a public network, setting up a virtual private network (VPN) will block and redirect your IP address, preventing outside parties from tracking and storing your information. Your VPN setup will largely depend on both your specific devices and price point, but with a little research and energy you can prevent anyone and anything from accessing your digital vault.

Vigilance is key

These tools are the true must-have tech accessories to support young people today and their digitally enhanced life. It’s easy to be overwhelmed as a student with school, work, and social life, but don’t let your cybersecurity defenses lag. Stay informed and stay updated.

The post The Must-Have Tech Accessory for Students appeared first on Webroot Blog.

By

What Separates Webroot WiFi Security from Other VPNs?

Reading Time: ~2 min.

Virtual Private Networks (VPNs) are quickly becoming a fundamental necessity for staying safe online. From large corporations to family households, people are turning to VPNs to ensure their data is encrypted end to end. But as with any emerging technology, it’s easy to become overwhelmed with new and untested VPN options. So, how does Webroot® WiFi Security distinguish itself from other VPNs?

Whether or not you can trust your VPN provider should be the first thing to consider when selecting a VPN. A recent analysis of nearly 300 mobile VPN services on the Google Play store found that, unlike Webroot WiFi Security, almost one in five didn’t encrypt data as it was transmitted through their private network, a core tenant of VPN protection. At Webroot we have decades of cybersecurity experience. We’ve built confidence with every customer, from the world’s leading IT security vendors to families just like yours. Security and privacy are what we do best, and Webroot WiFi Security was purpose-built to always encrypt your data without screening, storing, or selling your private information.

“New products from unknown companies can be risky—what data are they capturing, what are they doing with the data, and how are they protecting that information?” notes Andy Mallinger, Webroot director of product. “Webroot has been in the security business for more than 20 years, and has built machine learning-based security systems for more than a decade. We designed our products to evolve with the ever-changing threat landscape. Adding VPN protection with Webroot WiFi Security, is a perfect next step in our continued evolution.”

Best-in-class security

Webroot WiFi Security was built to provide best-in-class security, while still being easy to use. A one-click setup automatically enables security features without any confusion or missed steps. For extra security, Android®, Mac®, and Windows® users can enable Webroot WiFi Security’s unique “killswitch” feature. If your VPN connection is lost, the kill switch prevents the transmission of your data over an unsecure network until you are reconnected to the VPN.

“Webroot WiFi Security also helps protect your privacy by obscuring your location,” says Randy Abrams, senior security analyst at Webroot. “Websites are able to precisely pinpoint your location and use that information to track your browsing habits. With Webroot WiFi Security, you can be in Broomfield, Colorado, but your VPN IP address can make it look like you are in any one of the more than 30 countries where our VPN servers are located.”

Privacy plus security

Webroot WiFi Security also offers Web Filtering powered by BrightCloud® Threat Intelligence*. This feature provides an extra layer of protection that keeps your financial information, passwords, and personal files from being exploited. Webroot goes a step above other VPNs by safeguarding users from visiting malicious or risky websites known to be associated with malware, phishing, key logging spyware, and botnets. Web Filtering is a feature that the user can choose to enable or disable.

The combination of consumer trust and the power of best-in-class threat intelligence makes Webroot WiFi Security one of the most unique and secure VPN offerings on the market. Webroot has a deep history of protecting its customers’ privacy, and we are excited to showcase this dedication in the VPN market.

Ready to make the switch to Webroot WiFi Security? Learn more after the jump.

*The BrightCloud Web Filtering feature is only available on Windows®, Mac®, and Android® systems.

The post What Separates Webroot WiFi Security from Other VPNs? appeared first on Webroot Blog.

By

5 Tips for Optimizing Your VPN Experience

Reading Time: ~3 min.

By now, you likely know that a Virtual Private Network (VPN) is essential to remaining safe when working remotely. But, once set up, how can you optimize your VPN to work well with your devices and meet your security needs? Here are our top five tips for maximizing your VPN experience.

Pair it with an Antivirus

One of the biggest misconceptions about VPNs is that they protect your device from malicious programs. While a VPN will encrypt your network traffic, preventing others from viewing intercepted data, most do not warn you when you visit dangerous sites. If your VPN provides advanced web filtering for risky sites, that can be an additional defense against cyber threats such as malware and phishing.  Alternatively, while strong antivirus software actively monitors for viruses and malware within files and applications, it does not encrypt your data or prevent it from being monitored. Both are equally important for protecting your devices, and are ideally used together. Combining the two services provides additional security.

Enable a Kill Switch

Setting up a VPN to keep your data safe is an important first step, but what happens if your VPN server goes down or disconnects while you are entering sensitive data and you don’t notice the connection was lost? Without the protection of a VPN kill switch, your devices will often automatically reconnect to the network without alerting you, this time without the protection of your VPN. A kill switch feature blocks sending and receiving data until the VPN connection is re-established.. For maximum protection, select a VPN with a kill switch feature and ensure it has been enabled.

Understand the Impact of Setting Up a VPN on Your Router

Having a VPN on your home router may seem like a helpful boost to your cybersecurity, but it’s actually the opposite. Most routers lack the processing power of a modern CPU, meaning that even older personal devices (phones, tablets, computers) will have a much easier time handling the task of encrypting/decrypting data than your router will. Instead, set up a VPN for each personal device to prevent a bottleneck of data to your router while simultaneously securing it at all access points. Selecting an easy-to-use VPN solution with cross-device functionality will make this task much easier on the end user, while providing maximum security.

Protect All of Your Smart Devices

When it comes to cybersecurity, we tend to imagine a nefarious hacker out to steal and sell your data. But not all data collection is illegal. Your Internet Service Provider (ISP) has a vested interest in tracking your streaming habits, and they may even throttle your network depending on your usage. Our phones, computers, and tablets are each a potential interception point for our private data. Securing each of your smart devices with a VPN, even those that stay in your home, is the best way to prevent your data from potentially being monitored by third parties. 

Encrypt Your LTE Connection

While your cellular network is more secure than public WiFi options, it remains vulnerable to an attack. LTE user data can be exploited by what is known as an “aLTEr attack”. This attack redirects domain name system (DNS) requests, performing a DNS spoofing attack that can fool your device into using a malicious DNS server. This spoofed DNS server will deliver you to websites as normal until you request a high-value website the attack is targeting, like your banking or email provider. Oftentimes this fake website will scrape your data before you realize what has happened. You give yourself an extra layer of security by wrapping your LTE connection in a VPN, allowing you to access your most sensitive data confidently.

When it comes to getting the most out of your VPN, this list is just the beginning. Our privacy concerns and security needs will continue to change as our connected devices mature and we recommend keeping an eye on your VPN provider for any potential updates to their services.

Ready to take back control of your privacy? Learn how our Webroot WiFi Security VPN protects what matters most wherever you connect.

The post 5 Tips for Optimizing Your VPN Experience appeared first on Webroot Blog.

By

Webroot WiFi Security: Expanding Our Commitment to Security & Privacy

Reading Time: ~3 min.

For the past 20 years, Webroot’s technology has been driven by our dedication to protecting users from malware, viruses, and other online threats. The release of Webroot® WiFi Security—a new virtual private network (VPN) app for phones, computers, and tablets—is the next step in fulfilling our commitment to protect everyone’s right to be secure in a connected world.

“Launching Webroot WiFi Security is a valuable and exciting progression in our mission,” said Webroot Director of Consumer Product Andy Mallinger. “Antivirus solutions protect your devices from malware and other cyber threats, and a VPN protects your data as it’s sent and received over networks—especially public networks. This combination allows us to extend our protection of personal data beyond the device to the network.”

Shifting tides

Webroot WiFi Security arrives at a time when the fragile state of our online privacy is becoming more apparent and better understood by internet users around the world. Recent revelations of government surveillance via the Snowden leaks, social media data collection like that in the Facebook/Cambridge Analytica scandal, and data breaches including the Equifax hack have fueled a palpable rise in data privacy concerns.

Over half of internet users from around the world say they are “more concerned about their online privacy than they were a year ago,” according to a 2018 CIGI-Ipsos Global Survey on Internet Security and Trust.

Another key factor with grave implications for data privacy in the United States specifically was the 2017 repeal of privacy regulations for Internet Service Providers (ISPs), which aimed to ensure broadband customers had choice, greater transparency, and strong security protections for their personal info collected by ISPs.

“ISPs are facing less regulation today, and so can continue to share, sell, and profit by passing on user information to third parties— browser history, location, communications content, financial details, etc.—without the user’s knowledge or consent,” said Webroot Sr. VP of Product Strategy & Technology Alliances Chad Bacher.

Taking control of privacy

Now more than ever, individual users must take steps to regain control over their online privacy and security. Along with keeping trusted antivirus software installed on mobile and home devices, users should actively protect their data in transit over networks with a VPN.

But it’s important to note that all VPN applications are not created equal. Many users looking for a privacy solution find themselves wondering if they can trust that their VPN provider has their interests at heart. Consumer wariness concerning the privacy of VPN products is justified—some VPN apps, especially free ones, are guilty of sharing or selling their user data to third parties, limiting bandwidth, or serving ads. Facebook’s VPN app was recently removed from the Apple App Store® following concerns over the app’s misuse of user data.

Webroot WiFi Security provides one of the most powerful forms of encryption available, AES 256-bit encryption, and protects user data from cybercriminals and ISPs alike. Webroot WiFi Security does not collect your browsing activity, the sites you visit, downloaded data (or shared or viewed), DNS queries, or IP addresses. The full Webroot WiFi Security Privacy Statement can be found here.

Privacy plus the protection of Web Filtering

In addition to the privacy safeguards of Webroot WiFi Security that protect users while they work, share, bank, and browse online, users also benefit from the integration of Webroot BrightCloud® Threat Intelligence.* The app’s Web Filtering feature provides an extra layer of protection to keep your financial information, passwords, and personal files from being exploited. Webroot WiFi Security is powered by the same threat intelligence platform the world’s leading IT security vendors trust.

“Not only is Webroot protecting user privacy, it’s also shielding users from phishing sites and websites associated with malware,” said Malinger.

Webroot WiFi Security is compatible with devices running iOS®, Android™, macOS® and Windows® operating systems, and is now available to download on the Apple App Store, Google Play™ store, and Webroot.com.

*Only available on Windows, Mac and Android systems

The post Webroot WiFi Security: Expanding Our Commitment to Security & Privacy appeared first on Webroot Blog.