Here we are in the third week of Cybersecurity Awareness Month and, with holiday shopping coming up, I thought I would share some tips on staying secure during the biggest time of the year for shopping and gifting:
Your wallet should be RFID protected: Radio Frequency Identification or RFID is a technology built into the microchip on your debit and credit cards that permits you to use the ‘tap’ feature (Near Field Communication or NFC for the geeks reading this) to pay for goods without needing to swipe or insert your payment card. This same technology is now also being used on ATM’s. Your passport also includes this same type of technology. Because this tech is very friendly to sharing data wirelessly when a card reader device is close by, it can also be a source of security risk. A RFID blocking wallet or passport holder or RFID blocking card sleeves are all readily available for purchase and these help prevent someone standing in line behind you from using a portable card scanner to scan your payment cards in your wallet or your passport in your pocket and collecting information from it. If you have a RFID blocking wallet or passport holder, take out your payment card and use it and then return it to your wallet immediately.
Cash e-transfers: Using email or SMS text message-based electronic transfers to send money or pay bills can be very handy and efficient. The risk associated with this technology is that you need to be absolutely certain you have typed in the correct email address or phone number for the recipient since misrouted transfers are not, according to most banks, the responsibility of your bank to refund. So, misrouted e-transfers are lost money for you. One way to help keep an e-transfer safe (aside from ensuring you have the recipient’s email or phone number correct) is to always add a strong unique password or passphrase to the transfer and communicate the password (or passphrase) to the intended recipient via a telephone call or some other known means that you have used to previously communicate with them.
ANTHONY ENGLISH Vice President, Mariner Security Solutions
PCIP, C|CISO, MCSE, CISSP, CISA, CISM, CGEIT, CRISC, CBCP, CIPP/C, ISO 27001 Master, CTT+, A+, HiTrust Certified CSF Practitioner, ISO27033 Lead Cybersecurity Manager
Anthony is one of the top cybersecurity professionals in Canada with extensive Canadian and International experience in cybersecurity covering risk assessment, management, mitigation, security testing, business continuity, information security management systems, architecture security reviews, project security, security awareness, lectures, presentations and standards-based compliance. He sits on the Standards Council of Canada (SCC) IT Security Techniques committee (MC/ ISO/IEC/JTC 1/SC 27), the Disaster Recovery Institute Canada (DRIC) Certification Committee, Cloud Security Alliance committee on the security of health care data in the cloud and is an Exam Development Volunteer for ISC2. Anthony has worked in utilities, law enforcement, consulting, education, health care, lottery and gaming, auditing and the financial sector.