Time
1 hour 1 minute
Difficulty
Beginner
CEU/CPE
1

Video Transcription

00:00
so welcome back to mobile device security course. And in previous video, I have been talking about how to secure mobile devices with emphasis on mobile phones and tablets.
00:11
And in this video I will talk about specifics on securing notebooks. So
00:18
the first thing you have to be aware off when you're using your notebook
00:23
is Toby wear off fishing. So I have already talked about what the fishing is,
00:31
and there are some things that you have toe, especially take care when using no books, because at this point, the vast majority of phishing attacks are directed that you're no books,
00:41
especially if you're using Windows operating system or even Apple operating systems. Why? Because the majority off email today is still read through,
00:54
UH, no books or PC's, especially the important ones. So the ones that
01:02
so the people that can be hacked with most advantage the hackers are people working for big companies that have lot of money that can be ransomed. That can be
01:15
you can you can tap into their email banking system and clear their accounts off money or whatever.
01:23
So
01:25
fishing is today still mostly meant to harm people with some kind of personal computer.
01:34
So if you receive an email, that doesn't look 100% good. And this is an example of email that I have sent to myself opened in my alcoholic email client and you see that there is a body of text and then there is, ah,
01:52
somebody with my name and last name sending me,
01:56
um, information about what should I do with my corporate mileage tracking reports?
02:01
Of course, this could be somebody else. Um, and actually that this email can be disguised This guy's so that it seems that it came from my colleague, but it actually was coming from another place. So I need to first look at the from field.
02:17
I have to make sure that it's sent from some of the actually from my company.
02:23
Although this is not 100% proof, so you cannot be sure about that. They can fake email address, and, um
02:32
then, in this email, there is an attachment. And there is also
02:38
ah, link.
02:40
And, uh, yeah, these are
02:44
things that you should avoid if you're not 100% sure. Of course there are filters. If you're using company email, that will probably prevent most of these things from coming true to you
02:58
and the, but you still should be aware. So one of the things I mentioned is that you shouldn't open your emails in HTML format because in that way you cannot be infected by malware. That is, inside the body off the message.
03:15
And that's the first thing if and the actually zero thing is that you've seen an email and doesn't look 100% okay,
03:27
if you have i t security or anti for anti phishing team in your company, contact them first, so send this email to them as an attachment of Save the Male. Ah, send email to the whoever is in charge of checking it fishing
03:45
as an attachments have done forward. It's just to them because then
03:49
all the infections things would be, well being that female, um,
03:53
and wait for a response from them some. If it's something urgent and you're expecting the resurgent there, they're some of the things you can do. So, for example,
04:03
if you need to open the link,
04:05
it would be nice if you could use browser that work in virtualized environment.
04:11
We're talking about no books only of course, because these things usually work under windows only at this point,
04:17
and I mean Windows operating system and, uh, that that way, even if you get some kind of infection by clicking on a link, it will stay in a virtual environment. Once you close the tab or browser
04:34
at that, infection will be lost together with that virtual machine in which
04:39
the browser was opened
04:43
and the the last thing that you can do. If there is an attachment, just save that attachment toe desktop for somewhere on your hard drive and then scan it and Onley, then open it. So
04:58
don't open it if you have not been sure that the file has been scanned, because if you open it directly from your message, it might avoid some kind of anti virus or anti Melber skinny.
05:14
So
05:15
when the file is in this, you just right click. You will probably find the option to scan the selected item viruses that file, and then once you do it, then who opened the file not
05:29
before.
05:31
So the other thing that you can use if you're using no book toe, protect yourself from
05:38
being
05:40
abused during usage off by five
05:46
is to use VPN. Of course, VPN is something that your network administrator ICTY administrator has to provide for you and they will probably give you some software and instructions how to use it. But let me just explain to you how weepy and work. So if you're on the public network and you just log on it, you just make a connection
06:06
and you connected.
06:09
And then you want to access your Web mail, for example,
06:13
and your us for passwords and you type in your passport, you presenter.
06:18
And what happens is that your password in unencrypted form is going through local WiFi network and then to the Internet.
06:26
And that's bad.
06:27
So you don't want to do that?
06:30
Some of these listening on that. Why, five? Instead of this router in the middle, there is a PC. They can get your password and the damage has already been done.
06:40
So what the VPN is doing is that instead of correcting directly to the Internet,
06:46
you actually have ah server
06:49
of your company and your connecting to that server.
06:53
So now when you type in the password, any kind of typing
06:59
it goes over the network not in unencrypted but in encrypted form. And then it gets encrypted. Benin Creatures Company server.
07:06
So
07:09
in this case, you are protected because all the communication between your PC and your company's server, whatever secure server you're using is encrypted,
07:20
even
07:21
the part of communication that is used to establish dealing between your PC
07:29
and you're in the server in question. So even that part of communication is encrypted, and
07:36
it's
07:38
theoretically possible. But in real life, it's not possible for somebody to help your communication if you're using VPN, so if you are provided with VPN, use it whenever you're connected to WiFi.
07:51
Some companies make it mandatory, but in some cases given to you just as an opportunity. If you're giving that opportunity, use it absolutely every time because it is enough for hackers just once
08:05
to tap Interior PC while it's communicating over unprotected network and with damages.
08:13
So in this media, you have learned about specific actions for protection or no books, not just know desktop PC's. This is just about no books because notebook connected WiFi networks and no books are used on lots of different places in which there is no secure connection

Up Next

End User Mobile Security

This course should give you basic ideas on importance of mobile device security, what needs to be protected on mobile device, who should be responsible for mobile device security and what are basic thing you need to do in order to reach that goal.

Instructed By

Instructor Profile Image
Milan Cetic
IT Security Consultant
Instructor