Alan Craig
I am currently a Security Supervisor- Behaviourial Detection Officer at Victoria and Albert Museum, London.
A professional Investigator, Executive Officer with extensive experience of investigations.
Location Harrow on the Hill, London
Activity
-
Hi Vidya, a VPN is a Virtual Private Network- it comes up later in the course...
-
Alan Craig made a comment
Good bye and good luck...
-
Alan Craig replied to Rufus Kenule Collins
@TerryBurbidge Fair point...
-
Alan Craig made a comment
Thanks a great course with good examples of what and what not to do. Many thanks. All the best to my fellow students...
-
Alan Craig made a comment
I am security aware whenever I am using my equipment. this level is raised whenever I use other systems such as work. i had expected that work would be of a higher standard but the various test throughout this course have revealed a startling number of weaknesses.
-
Alan Craig made a comment
Thank you for the answers to these key questions...
-
Not so sure Rufus, its interesting that the organisations are able to implement measures and funds after the event not before...
-
Alan Craig made a comment
I identified 1 area of risk which I am currently working on...
-
Alan Craig made a comment
Have you set up firewalls to protect your networked computers from external attack?
Yes, on my home system I have firewalls installed and set to a high level.
Are you protected by up-to-date antivirus software?
Yes, the latest available and the paid for version.
Are your operating system and key applications up to date?
Yes, I perform checks and when ever... -
Alan Craig made a comment
For using my banking app I would modify the risk by not using it in unsecure areas such as coffee shops, hotels or airports. If I needed to use it in an emergency then I would use a VPN to mitigate the risk.
-
Alan Craig made a comment
Startling. My works browser came up with 'appears to be unique' with the estimate that your browser has a fingerprint that conveys at least 18.35 bits of identifying information.
For my own computing I use Duckduckgo as my search engine.
-
Alan Craig made a comment
I have already instigated these steps over the course of this year. I would recommend to my fellow students to stay away from free security software and pay for what you need. As they say there is no such thing as a free lunch...
-
Alan Craig made a comment
Completed, it represents a consistent view as per other students...
-
Alan Craig made a comment
I have used these risk management matrix's before when doing the Emergency Planning Course at FL. They provide a good baseline to see what is the correct order for tasks and decisions to be made...
-
Alan Craig made a comment
In terms of assets' its the thing that cant be replaced that have the most value to me. for example I can re-write a lost report but photos of family are priceless.
-
Alan Craig made a comment
A key component here is risk management and protocols in place for when things go wrong- because they do...
-
Alan Craig made a comment
Looking forward to the final week...
-
Alan Craig made a comment
Another good week- valuable information and tips...
-
Alan Craig made a comment
My question is what if you work for a company who budget is always tight and they keep using out of date software and fail to keep security patches current. They are the gatekeepers, but how do you challenge...
-
Alan Craig made a comment
I create backup on my desktop and then on Dropbox. After reading some of the weaknesses involved in cloud systems I will also add a third external HDD backup...
-
Alan Craig made a comment
I didn't realise the implication and weaknesses of using the cloud- drobox etc for backups- if a file is deleted on my linked computer the saved backup is also deleted.
-
Alan Craig made a comment
Interesting I only use 2 backups not three. I didn't realise the limitations on some external hardware systems.
-
Alan Craig made a comment
I use Dropbox as the backup system for my important docs and files...
-
Alan Craig made a comment
Useful advice. I would add that backups should always be kept separately of important docs...
-
Alan Craig made a comment
Good advice
-
Alan Craig made a comment
In Ghana the principles of data security are covered by the 2012 Data Protection Act which is used to protect the personal data and privacy of its individuals. Failure results in either Civil or Criminal responses.
-
Alan Craig made a comment
The problem with all law's is that they try to cover every eventuality and thats not always possible. It just makes the legal very framework very complex and difficult to navigate. I talk from experience...
-
Alan Craig made a comment
I worked under RIPA and the authorisation process for gaining authority was very strict...
-
@DHussain In a sense you are right, but there are legal requirements that must be proven before you can be authorised.
-
Alan Craig made a comment
GDPR is taken very seriously in our organisation with compulsory courses required for new entrants.
-
Alan Craig made a comment
I am not sure if the McKinnon case is a good example. I remember there may have been underlying mental issues with the defendant and he may not have been fully aware. I don't believe there was any ransom or money stolen in this case- just a system to crack...
-
Alan Craig made a comment
I have checked my email address and it is good. I have been subject of credit card fraud. I had made a purchase at a local store, afterwards I received a legitimate call from my credit card company stating my card had been used abroad to the tune of £800.00. Thankfully the credit card company bounced the purchase , cancelled my card and issued a new on. I was...
-
Alan Craig made a comment
The scale is immense...
-
Alan Craig replied to Susan Chambers
Thanks for sharing this example...
-
Alan Craig made a comment
As always the weakest link is the human element- whether knowingly or un-knowingly....
-
Alan Craig replied to Rufus Kenule Collins
As always the weakest link is the human element- whether knowingly or un-knowingly....
-
Alan Craig made a comment
The key here is that the weakest link is often the person themselves displaying information on media sites and poor personal security - social engineering...
-
Alan Craig made a comment
Learnt new principles this week...
-
Alan Craig made a comment
A good baseline system...
-
Alan Craig made a comment
I haven't used TOR, but I do use a VPN. I wasn't aware that while on TOR a VPN should not be used as it may break some security aspects. It would be interesting to know what they are?
-
Alan Craig made a comment
More new info...
-
Alan Craig made a comment
Currently testing Surf Shark VPN on my mobile phone...
-
Alan Craig made a comment
Works system set up by internal IT team. At home I use Windows 10 and firewall. On my phone- anti-virus and VPN...
-
Alan Craig made a comment
Enjoyable to check and configure...
-
Alan Craig made a comment
On my works system the Firewall Domain is off and appears out of date. i was not allowed the option to 'turn/off' due to administration rights...
-
Alan Craig made a comment
On works system, interestingly Domain network is active but firewall is off. I wonder are they using some other firewall system?
-
Alan Craig made a comment
Check completed- all good on first exposure test. There was no file share test on site...
-
Alan Craig replied to Laura Bray
@LauraBray I had the same problem.
-
Alan Craig made a comment
I use at firewall at home and so does my company.
-
Alan Craig replied to Mike Moss
@PeterThomson Thanks for the explanation...
-
Alan Craig made a comment
Another interesting week. i feel more 'geeky' as the week goes on...
-
Alan Craig replied to mark eccles
Its better to forget the maths and just understand the principles and uses ....
-
Alan Craig made a comment
Checked my bank and it displayed a closed padlock system and the info section confirmed that the digital certificate was present and valid.
-
Alan Craig made a comment
This gets more complex, but in the complexity lies the security...
-
Alan Craig made a comment
I would have liked and example of this
-
Alan Craig made a comment
The use of encryption is an ongoing process of innovation and increased security...
-
Alan Craig made a comment
Not able to complete this due to security settings on works computer...
-
Hi Laura I like the video remark, I am in a similar position to you..
-
Alan Craig made a comment
Not able to install on works system but read through install procedure...
-
Alan Craig made a comment
I had never considered encrypting my mail?
-
Alan Craig replied to Christopher R
As a matter of interest how much do they charge?
-
Alan Craig made a comment
In my example I store a lot of information on a excel spreadsheet for ease of use. This ease of use also makes me very vulnerable should it get lost or hacked. The use of encryption would relive my worry about this. I believe a program like Vera crypt might be used. i will further research this myself on the basis of what I have learned so far....
-
Alan Craig made a comment
I always check for a secure site or padlock symbol...
-
Alan Craig made a comment
A clear video..
-
Alan Craig made a comment
Interesting solution to the 1970's problem...
-
Alan Craig made a comment
As with passwords to the key is to get a good balance between length and complexity...
-
Alan Craig made a comment
So binary is the default key...
-
Alan Craig made a comment
I am looking forward to this section.
-
Alan Craig made a comment
A great course I am understanding more terminology and how everything syncs in order to achieve the world wide web.
-
Alan Craig made a comment
I hadn't realised the distinction. Now I do. Thanks...
-
Alan Craig made a comment
Interesting. Has anyone experienced any problems with this using the current version of chrome?
-
Alan Craig made a comment
A clear description.
-
Alan Craig made a comment
The internet has to have set standards to ensure compatibility and ease of secure use.
-
Alan Craig made a comment
I would never consider using a public Wi-Fi without the use of a VPN. Most free Wi-Fi sites now also require a lot of details prior to getting to the free part. That's the concern for me. Also didn't realise that mobile is a more secure system overall...
-
Alan Craig replied to Carl Maxon
@PeterThomson Thanks for the heads up...
-
Alan Craig made a comment
I am really glad I invested in a VPN.
-
A possible phishing expedition?
-
Alan Craig made a comment
Never heard the term before.
-
I am similar Paulona- travel in other countries...
-
Alan Craig made a comment
I will use public and coffee house Wi-Fi networks when the need arises and I am travelling but I will always use good security practices including a VPN.
-
Alan Craig replied to Rose M.
a wise idea- even if you take precautions...
-
Alan Craig made a comment
I used PayPal. Its registration country matched its IP address.
-
Alan Craig made a comment
Interesting...
-
Alan Craig made a comment
Hello I work in a museum in Central London with relation to the security aspects...
-
Alan Craig made a comment
Interesting what information can be found out with the tools available...
-
Alan Craig replied to Paul Gold
@PeterThomson I appreciate the answer...
-
Alan Craig made a comment
Interesting how the various levels work together and that packets can be broken and sent via different routes to the same destination and then reassembled.
-
Alan Craig made a comment
Enjoyed this week- new concepts learnt...
-
Alan Craig made a comment
I had not heard of these concepts but my knowledge is growing...
-
Alan Craig made a comment
This is becoming more prevalent with Apple and Windows 7. As a user you get so confident and familiar with a system you have used for years you don't want to go through the learning process again.
-
Alan Craig replied to Ashleigh Nichols
Its worth getting the software and if you don't have one a VPN...
-
Alan Craig made a comment
At the moment I am using Avast anti-virus with Surf Shark VPN...
-
Alan Craig made a comment
The use of heuristics in detecting new types of viruses is interesting. I was not aware this was how they were tackling viruses with new signatures...
-
Alan Craig made a comment
I use anti-virus on my mobile and a secure VPN.
-
Alan Craig made a comment
Thankfully I have not had my computer attacked by a botnet. I stopped using Social Media around 7 years ago when travelling and so I have removed a major cause. Also by travelling in other countries I had to adopt secure ways to use the internet while in hotels, airports, cafes etc. This made me more proactive which has helped me...
-
Alan Craig replied to P Tang
@PTang Nice summary
-
Alan Craig made a comment
The sheer amount of money that can be achieved through fraud of this kind makes it understandable why hackers and criminals target this revenue stream
-
Alan Craig made a comment
Thankfully I stopped using Social Media many years ago and so that's at least one area I can remain secure from attacks.
-
Alan Craig made a comment
These emails play on the fear factor invoked by the thought you may have lost money or your account has been hacked. The problem is that the elderly and vulnerable are a prime target and unless their knowledge is good will naturally presume its true and click on the dangerous looks. I liked the 'hover' function with the cursor to reveal the true sender of the...
-
Alan Craig made a comment
its startling to think that 55% of emails sent throughout the world may be spam. The sheer number indicates that the criminals are still able to use this exploit.