Online banking or mobile banking reduces expenses by allowing customers to review transactions, transfer funds, pay bills and check balances without having to walk into a bank branch or make phone calls to a bank’s customer service call center.
Mobile banking, m-banking or SMS banking refers to online banking that occurs via mobile phone or smartphone rather than with a PC. The earliest mobile banking services were offered over SMS, but with the introduction of smartphones and Apple iOS, mobile banking is being offered primarily through applications as opposed to over text messages or a mobile browser.
As convenient as this is, you still need to consider security.

1. Set a passlock that times out in one minute to access your mobile.
2. Set your computer’s and mobile’s operating systems to automatically update critical security patches.
3. Make sure your PC’s firewall is turned on and protecting two-way traffic.
4. Always run antivirus software on your PC and mobile, and set it to update virus definitions automatically.
5. Run a protected wireless network. Don’t bank with your mobile on a public Wi-Fi network. Use a free service such as Hotspot Shield VPN.
6. Never click on links within the body of an email. Instead, go to your favorites menu or type familiar addresses into the address bar.
7. Beware of SMiShing, which is like phishing but in the form of malicious text messages instead.
8. Download your bank’s mobile application so you can be sure you are visiting the real bank every time and not a copycat site. Do not check the box offering to remember your login information.
9. Check your online bank statements frequently.

10. Use strong passwords with numbers and uppercase/lowercase letters and characters.
Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures

Googling yourself (or “egosurfing”) is formally known as vanity searching—the practice of searching for one's own name, pseudonym or screen name on a popular search engine in order to review the results.
The term egosurfing bugs me a bit because it insinuates people do it because they are narcissistic by nature. However, egosurfing really should be called “reputation surfing” because it’s extremely important to check your online reputation for any errors, inaccuracies, slander or unwanted exposure.
Think about background checks. Background checks are a necessary tool in today’s sometimes violent and certainly litigious society. It’s common sense to require employment background checks for school volunteers, coaches, teachers, janitorial staff—really, employees of all kinds. As a small business, one the worst things you can do is hire an employee who becomes a legal liability or has a history of crime that comes back to bite you.
As a self-check, you’ll want to perform your own background checks to make sure there isn’t any erroneous information out there, or to prepare yourself if a potential employer, landlord or school administrator points out something that makes you look bad.
Your online identity is also something that others can control, and you need to do your best to manage it. Managing your online reputation and protecting it is equivalent to marketing your personal brand, YOU.
Manage your online reputation and do a self-check often. Here’s how:
Start doing things online to boost your online reputation. Register your full name and those of your spouse and kids (owning your kids domains is better than someone else owning them) on the most trafficked social media sites, blogs, domains and web-based email accounts. If your name is already gone, include your middle initial, a period or a hyphen. It’s up to you to decide whether or not to plug in your picture and basic bio.
Set up a free Google Alert for your name and get an email every time your name pops up online. If you encounter a site that disparages you, Google has advice. Get a Google Profile. It’s free and it shows up on page one.
Go to Knowem.com. This is an online portal that goes out and registers your name at what it considers to be the top 150 social media sites.
Get a WordPress blog with your name in the address bar and blog often. You want Google to show your given name at the top of search results in its best light, so when anyone is searching for you the person will see good things. Frequent blogging buries bad stuff deep the in search results.
Buy a domain name that is, or is close to, your real name and plaster your name in the HTML header so it comes up in search results.
Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures

South by Southwest Interactive (SXSWi) is an incubator of cutting-edge technologies. The event, which takes place every March, features five days of compelling presentations from the brightest minds in emerging technology, scores of exciting networking events hosted by industry leaders, and an unbeatable lineup of special programs showcasing the best new websites, video games and startup ideas the community has to offer.
At the SXSWi conference this year, mobile was a big deal—which meant mobile applications and their security are high on developers’ radars.
Mobile Security
Access Point states, “Developers need to make sure they cover one other major concern when creating a mobile app: security. Consumers need to feel and know that their information is secure at all times, and developers need to lead the charge before they ask for additional measures. Creating simple but effective security checkpoints is a must—just make sure they are not so obtrusive that your users get annoyed and are resistant to adopting your application.”
Another point of interest at this year’s SXSWi was authentication. With all the data breaches over the last decade, the conversation to eliminate the username/password as a simple access point has begun. One painfully overlooked authenticator is the driver’s license. Gemalto presented a compelling program on why the simple plastic license needs a makeover.
Driver’s Licenses
Technology impacts our lives daily, but one item is not advancing—your driver’s license. A simple card made of plastic with a few bar codes, a magnetic stripe and a photo is all it is. By finding or even simply viewing one, someone can immediately access your personal information to use for fraudulent purposes. Stealing someone’s identity is way too easy. Most industries have already gone digital; now it’s time to tackle the DMV.
A new method of identification is needed: an electronic driver’s license (eDL). One simple chip (or smart card) could revolutionize decades of using the same technology—paper and plastic. EDLs stand to increase security and offer more privacy. The adoption of eDLs also lays the groundwork for a truly mobile wallet solution.
Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures

NFC is an acronym for near field communication, a wireless technology that allows devices to talk to each other. In the case of a mobile wallet application, those devices would be a mobile phone and a point-of-sale device, such as a credit card reader at a checkout counter. NFC can be used in other ways beyond credit card transactions. It can integrate with hardware, such as your car, to lock or unlock a door.
Consumers perceive a lack of security with NFC, but in fact NFC is much more secure than having your data stored on a magnetically striped credit card, which can be more easily compromised. There are numerous layers of security in an NFC payment, including both hardware and software, and major payment networks such as MasterCard and Visa require certification before any payment application or hardware is let loose on the public.
There are important key features that reinforce mobile NFC security:
1) NFC SIM cards storing a consumer’s payment credentials and the payment applications are certified according to security standards. These standards are defined by financial services’ authorities and are comparable to CHIP-N-PIN security.
2) Consumers can choose to authenticate transactions by entering a PIN code on the payment application. Consumers can also request the PIN to be entered for all payments, even for small amounts—providing the end-user with complete control over protection features.
3) Secure over-the-air technology for remote management enables immediate remote blocking of the payment application. This works in a similar fashion to blocking a bank card in opposition mode.
Check out NFC and see if your device offers NFC here and definitely give it a try!
Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures

Time isn’t just money. Time is what you spend with your family, on a vacation or watching a kid’s dance recital. Time can be gained or lost based on how efficiently or inefficiently you use and implement mobile technology.
First and foremost, your mobile phone is a communication tool. It should be set up to access and communicate with everyone in your life that you depend on and who depends on you.
Contacts: There are apps built into all devices that store your contacts’ names, addresses, phone numbers and email addresses, and you really should make sure all these points of data are entered and backed up. Google’s Gmail Contacts is one way to have all your contacts backed up and in sync with your device. It baffles me whenever I text someone and the person responds, “Who is this? I lost my phone and my address book.” Gmail backs up automatically from your desktop or your mobile device.
Calendar: Every device has a built-in calendar. Again, I prefer Google Calendar. I can set appointments from my desktop or device, and every appointment has a set of alerts to remind me one to two days and then two to eight hours ahead of time. I get lots of pings and beeps as reminders, but with a busy life, I need that extra bit of reminding.
Docs: Yes, I use Google Docs too. There are dozens of documents I need access to wherever I am. I have yet to find a more efficient program than Google Docs to safely store and access my documents right on my mobile.
Google Chrome browser: The beauty of this browser on your desktop and on your mobile device is in that you can access whatever tabs you have open on your desktop from your mobile and vice versa.
All this works just as well on a tablet as on iOS and Android. Thank you for saving me time and making life more efficient, Google. Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures

One fourth of all global information workers use their own devices at home and at work for work purposes. A recent survey report, commissioned by Unisys and conducted by Forrester Consulting, involved 2,600 IT workers and 590 business and their IT executives.
CIO Insight points out that these are the “mobile elite,” a class of professionals who overwhelmingly opt to use their own tools because they claim these devices and applications make them far more productive than products supported and distributed by their companies’ IT departments.
Mobile-elite professionals appear to maintain a decided edge when it comes to client service and innovation. And they are also likely to take the initiative when it comes to sparking organizational change and introducing new technologies.
A recent Deloitte study highlights many common business and technology innovations being explored:

• Improving time to market, customer satisfaction levels and sales
• Improving infrastructure and data security, and reducing risk of incident or loss
• Potentially reducing costs associated with hardware, monthly service fees, provisioning and ongoing support

A recent IDG report disseminated by DronaMobile enumerates the benefits of permitting employees to use their own tools.
Employees allowed to choose their own devices are happier and more satisfied in their work. With the added flexibility of choosing the applications and cloud services to use, employees get the leeway to be innovative. As smartphones and tablets blur the line between personal and work hours, employees pursue ideas at their own pace, time and location. Without the pressure of conforming to office hours and working on office equipment alone, workers are observed to be more productive, efficient, creative and appreciative of this privilege.
Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures

The holidays are over, the Consumer Electronics Show has passed, and now you have all these new shiny wireless gadgets you’re just itching to play with. Now, before you go and connect to the internet, please understand that it’s all fun and games until someone gets hacked. And many times, this means when you are using wireless.
But it’s often the security lies that can get us in the most trouble, and today I’m exposing them.
Hiding your SSID is bunk. Your router’s Service Set Identifier (SSID) is its broadcasted signal, and by default it might be called “Linksys,” “Belkin,” “Netgear” and so on. Or some people customize the SSID and name it “My Neighbor Should Clean His Yard.” Lots of security articles will tell you that one way to secure your wireless is to hide it or turn off its broadcasting. But really, this doesn’t help. There are a plethora of tools that can detect your hidden wireless network, so this presents a false sense of security. Broadcast your signal, but encrypt it.
The idea that Wired Equivalent Privacy (WEP) is “good enough” is bunk. WEP is bad enough in that if you use it to encrypt your wireless network, you might have your neighbor (the one who should clean his yard) hacking into your network and placing spyware on your devices so he can frame you for crimes you didn’t commit so you can go to jail and find that his lawn hygiene is the least of your problems. WEP is a dinosaur that was extinct a long time ago. Use WPA2 encryption and live happily ever after.
Turning off file sharing when using public Wi-Fi is partly bunk. Yes, you should turn off shared files on your devices when you leave your home network and access a public network, but that’s not going to protect all of your files. If you are on a shared public network without any encryption—which is what makes it public—then the data you share over Wi-Fi is vulnerable. When using public Wi-Fi, download a free program called Hotspot Shield to encrypt all wireless communications on your Windows, Mac, iOS and Android.
Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures

A dinner, hosted by Yahoo’s CEO and another 11 CEOs and execs from Twitter, Google, Apple and more, recently took place in Silicon Valley. These major players, responsible for shaping our world of tech, simply sat down to break bread. You gotta wonder what the conversation was like.
So this got me thinking: With whom would I want to sit down to dinner, and what would I ask them? The “dinner” part of this dinner is already a problem for me. I’m thinking I’d want to eat ahead of time so I could engage my companions in conversation; otherwise, when I eat, it’s similar to a hyena taking down an antelope in the plains of the Serengeti. While some people do get a kick out of my eating drama and it certainly makes for great entertainment, it might not be the ideal scenario for a repast of this gravity.
Facebook CEO Mark Zuckerberg. Mark, fascinating platform you’ve built here. When you designed and built it, it was for college kids only. But what happened that made you decide to open it up to everyone? And at what point did you recognize the real value of connecting the way everyone has? How did you know that so many people would freely share they way they have? Is there a way you can prevent people from sharing so much? Don’t worry—I’m not bringing up privacy. I’m talking about how I’m pretty sure many of us have heard enough!
Gemalto CEO Olivier Piou. Olivier—I’m sorry, Mr. Piou…or is it Sir Knight? I’m sorry to be asking this, but in your bio it says you are “a Knight of the Legion of Honor in France,” and I’ve never been to France or met a knight. The closest I’ve come to a knight is the 1976 white Corvette that I bought when I was 18, with WHYNYT on its license plate. I know—corny, but the babes loved it. Anyway, I’m just going to call you Mr. Piou. Great company you’re running. My only question: What’s it going to take to convince all the world’s citizens that we need to be properly identified, proofed and documented, keeping their privacy in mind but in a way that prevents fraud, deception and identity theft by ensuring accountability for everyone? I know YOU are the guy to do it!
Zappos.com CEO Tony Hsieh. Tony, dude, NICE JOB! Love Zappos! Did you model your business after Amazon? Because you’ve made shopping for shoes and everything else as easy as Amazon has made it for getting books and macadamia nuts. Can you sprinkle some Hsieh dust on me?
Microsoft founder Bill Gates. Bill, thank you for all you’ve done. I know you’ve caught a lot of grief over the years, but seriously, thank you. And fabulous job you’re doing with saving the world with all your charity work. One question: Could you tell the developers at Microsoft to stop making Internet Explorer so annoying?
Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures

The best thing about the “New Year” is committing to new or old resolutions and starting fresh. Whether you are an individual or a small business, the following applies:

1. Delete. Go through your files, deleting and organizing as necessary. Clutter is confusing. Security and “confusing” don’t work well together. Delete!
2. Back up your data. Back up to a secondary hard drive inside or external of your devices. Utilize cloud-based backups, too. I have my data on four local drives and two cloud-based servers.
3. Reinstall your operating system. Reinstalling your operating system every year or two eliminates bloat and malware and speeds up your PC.
4. Get device savvy. Whether you’re using a laptop, desktop, Mac, tablet, mobile, wired Internet, wireless or software, learn it. Take the time to learn enough about your devices to wear them out or outgrow them.
5. Get social. One of the best ways to get savvy is to get social. By using your devices to communicate with the people in your life, you inevitably learn the hardware and software.
6. Implement social media policies. Social media is a great platform for connecting with existing and potential clients. However, without some type of policy in place that regulates employee access and guidelines for appropriate behavior, social media may eventually be completely banned from every corporate network. Teach effective use by providing training on proper use—especially what not do too.
7. Get digitally secure. Your security intelligence is constantly being challenged, and your hardware and software are constant targets. Invest in antivirus, anti-spyware, anti-phishing and firewalls.
8. Protect your mobile. Bad guys are paying attention to mobiles and creating thousands of viruses meant to steal your data. There has been a significant increase in Android-related hacking, and Android users therefore must download and install all the latest updates and invest in a mobile security product.
9. Go EMV. EMV, which stands for Euro MC/Visa, also known as “chip and PIN,” is the new more secure credit card and is underway in North America. Both Canada and Mexico are going full-on EMV, and several major banks in the United States are beginning to test and even roll out EMV. EMV cards are far more secure than traditional credit cards, and consumers should embrace these new, more secure cards.
10. Get physically secure. Security cameras, alarm systems and signage are essential to protect the perimeter of your property from vandals, as well as protecting the inventory from theft, or even the cash register from sweethearting or robbery. Security cameras are an essential component to any small business security system.
11. Hire honest employees. Unfortunately, too many people lie, cheat and steal—and when they come to work for you, they drain company resources until they are fired. It’s best to use prescreening services.
12. Upgrade wireless. If your wireless router is more than 2 years old then it’s time to buy new. Security standards continue to be upgraded and old is often not secure.
13. Don’t’ worry about any of the above! Seriously! Now I didn’t say don’t do it, because you should, but don’t needlessly worry. Take action, get secure, keep on top of it, and have a Happy New year!

Robert Siciliano, is a personal security expert contributor to Just Ask Gemalto and author of 99 Things You Wish You Knew Before Your Mobile was Hacked! . Disclosures

Evaluating risk vs. reward is a process most people go through on a daily basis. For example, you are about to make a left-hand turn but a car is coming. You think you can make it but he’s kind of coming fast. The risk, of course, is misjudging his speed and getting into an accident.
At Ready.gov a risk assessment is a process to identify potential hazards and analyze what could happen if a hazard occurs. A business impact analysis (BIA) is the process for determining the potential impacts resulting from the interruption of time sensitive or critical business processes.
A business impact analysis (BIA) predicts the consequences of disruption of a business function and process and gathers information needed to develop recovery strategies. Potentie Their Security Risks in the New Year al loss scenarios should be identified during a risk assessment. Operations may also be interrupted by the failure of a supplier of goods or services or delayed deliveries. There are many possible scenarios which should be considered.
Risk is a fundamental part of a small business operation. The question is how much attention you pay to each risk and what the reward is for reducing the risk. The cost/benefit key is to effectively recognize risk and reduce it with as little investment as needed.
Define Risk
Be able to define, articulate and be alert to what risks the organization may face in a given year. If any of these risks could cause loss in any way, they need to be addressed far in advance.