TIGERFLEET NEWS

Cyber Security

Cyber Security Tips and AdviceThe following content is based around the Small Business Cyber Guide and the Easy Steps Checklist pubslished by the Australian Cyber Security Centre. For more comprehensive information visit www.cyber.gov.auOn 6 August 2020, the...

Recent NSW Work Health & Safety Law Reforms

Recent NSW Work Health & Safety Law Reforms The NSW Work Health and Safety Act 2011 was amended on 10 June 2020 [Amendment (Review) Bill 2020 (NSW)], with a number of significant reforms introduced.  The key changes to the WHS Act include: The introduction of a...

Vehicle Daily Checks

Vehicle Daily Checks The operator of a heavy vehicle is responsible for ensuring that each vehicle is roadworthy. A daily check is a quick visual inspection that can be undertaken on a heavy vehicle prior to leaving the yard, depot or rest area. The NHVR have released...

Coronavirus Detection and Prevention

Coronavirus Detection and Prevention Information from NSW Department of Health and the World Health OrganisationSymptoms of COVID-19Symptoms of COVID-19 include fever, cough, runny nose and shortness of breath. In more severe cases, infection can cause pneumonia with...

Peace of Mind (Part 3) – Why TigerFleet?

Peace of Mind (Part 3) – Why TigerFleet? TigerFleet is a leading fleet management and compliance tool, with over 20 years of consultative development between industry experts and a range of transport companies. Our software platform has evolved to become a market...

Peace of Mind (Part 2) – Understanding Cloud Technology

Peace of Mind (Part 2) – Understanding Cloud Technology In part one of this discussion on data protection and technology we looked at some of the ways that you can protect your personal data while browsing the internet and shopping online. This part looks at the shift...

Peace of Mind (Part 1) – Protect Yourself and Your Data

Peace of Mind (Part 1) – Protect Yourself and Your Data Our personal data is everywhere, and we can no longer afford to be blasé about our data security – if we are not taking proactive measures to prevent the use of our personal information, we are opening ourselves...

Notes Screen Searchable

Notes Screen Searchable Did you know that the notes you make in the TigerFleet Management Vehicle's and Employee's Notes screens are now searchable?    We thought that this would be a great place to store all of the information that just doesn't have anywhere else to...

2020 Vision

2020 Vision Wow! January is already over – only 11 months left in 2020, so we had better get cracking! Before we do though, we would like to take a moment to reflect on the turbulent times that Australia has faced since the end of 2019. We have seen terrible bushfires...

Trailer Tracking That Works

Trailer Tracking That Works Transform Data From Your Fleet Of Trailers Into Valuable Information To Help Your Company Make And Save Money Complete Visibility Into Real-Time Operations Designed specifically for trailers, our Wireless Links trailer tracking devices...

Cyber Security Tips and Advice

Cyber Hacker with skeleton mask and computer reflected in glasses

The following content is based around the Small Business Cyber Guide and the Easy Steps Checklist pubslished by the Australian Cyber Security Centre.

For more comprehensive information visit www.cyber.gov.au

On 6 August 2020, the Australian Government released Australia’s Cyber Security Strategy 2020.

To coincide with this, we at TigerFleet thought that it would be a good opportunity to give an overview of some of the steps that you can take as an individual or small business to protect yourselves from cyber attacks.

To better protect yourself from cyber criminals and secure your accounts and devices, the ACSC recommends that you:

Secure your email, social media and apps

Put strong security on important accounts where you exchange personal or sensitive information such as email, bank and social media accounts.
  • Turn on two-factor authentication, such as a code sent to your mobile, for an extra layer of security.
  • Use strong passwords on your accounts. A strong password is a passphrase of at least 13 characters, made up of about four words that are meaningful for you but not easy for others to guess. For example, ‘horsecupstarshoe’.
  • Don’t use the same password on any of your accounts.
  • Consider using a reputable password manager.

Hint: Use a Passphrase

A passphrase is similar to a password. It is used to verify access to a computer system, program or service. Passphrases are most effective when they are:

  • Used with multi-factor authentication – see below
  • Unique – not a famous phrase or lyric, and not re-used
  • Longer – phrases are generally longer than words
  • Complex – naturally occurring in a sentence with uppercase, symbols and punctuation
  • Easy to remember – saves you being locked out.

Passphrases will significantly increase security. The table below (from www.cyber.gov.au) gives some comparison on the ease of password styles to crack:

 

PASSWORD/ PASSPHRASE TIME TO CRACK EASE TO REMEMBER COMMENTS
(Brute Force Attack)
password123 Instantly Very Easy (too easy) One of the most commonly used passwords on the planet.
Spaghetti95! 24-48 hours Easy Some complexity in the most common areas, and very short length. Easy to remember, but easy to crack
5paghetti!95 24-48 hours Somewhat Easy Not much more complexity than above with character substitution, and still short length. Easy to remember, but easy to crack.
A&d8J+1! 2.5 hours Very Difficult Mildly complex, but shorter than the above passwords. Hard to remember, easy to crack.
I don’t like pineapple on my pizza! More than 1 Year  Easy Excellent character length (35 characters). Complexity is naturally high given the apostrophe, exclamation mark and use of spaces. Very easy to remember, and very difficult to crack.

Watch out for scam messages

Online scams and ‘phishing’ by email, SMS, social media posts and direct messaging are designed to steal your logins, credentials and personal details or to download malicious software onto your devices.

  • Check before you click links – hover over the link to see the actual web address.
  • Never enter your username or password from links in messages to your accounts – go to the official website or app.
  • If a message seems suspicious, contact the person/business through a separate, legitimate source to confirm it.

Secure your mobile and computer

  • Always use a PIN or password on your mobile and computer.
  • Always do the software updates such as Microsoft, iOS and Android.
  • Make sure you download apps from official stores such as the Apple App Store or Google Play for Android.
  • Install security software on your devices to protect you from malicious software.

Check public Wi-Fi before connecting

Information shared through public Wi-Fi hotspots in cafés, airports, hotels and other public places can be intercepted.

  • Turn off automatic connection to public Wi-Fi on your devices.
  • Choose to connect to non-public Wi-Fi for a more secure connection.
  • Consider installing a reputable Virtual Private Network (VPN) solution on your device.

Software Considerations Key areas

Securely organising your software can drastically increase your business’ protection from the most common types of cyber threats.

For example, your operating system is the most important piece of software on your computer. It manages your computer’s hardware and all its programs, and therefore needs to be updated, backed up and maintained.

Improve resilience, stay up to date and stay safe with these software considerations for small businesses.

Automatic Updates

An automatic update is a default or ‘set and forget’ system that updates your software as soon as one is available.

  • Better online security
  • Improved protection (in real-time, directly by the experts) from loss of money, data and identity
  • Enhanced features and efficiencies for programs and apps.

Automatic Backups

An automatic backup is a default or ‘set and forget’ system that backs up your data automatically, without human intervention.

  • Quicker and easier to get your business back up and running if information is lost, stolen or destroyed
  • Protects credibility of your business and help meets legal obligations ^
  • Peace of mind that you’re always protected so you can focus your business efforts that deliver value

Multi-Factor Authentication

Multi-factor authentication (MFA) typically requires a combination of something the user knows (pin, secret question), physically possesses (card, token) or inherently possesses (finger print, retina).

The multiple layers make it much harder for criminals to attack your business. Criminals might manage to steal one proof of identity e.g. PIN, but they still need to obtain and use the other proofs of identity. Two-factor authentication (2FA) is the most common type of MFA.

Small businesses should implement MFA wherever possible. Some MFA options include, but are not limited to:

  • Physical token
  • Random pin
  • Biometrics/ fingerprint
  • Authenticator app
  • Email
  • SMS

People and Procedures Key areas

Businesses, no matter how small, need to be aware of and consciously apply cyber security measures at every level.

Given small businesses often lack the resources for dedicated IT staff, this section addresses how you can manage who can access, and who can control your business’ information, and the training of your staff.

Your internal processes and your workforce are the last, and one of the most important lines of defence in protecting your business from cyber security threats.

Access Control

Access control is a way to limit access to a computing system. It allows business owners to:

  • Decide who they would like to give access privileges to
  • Determine which roles require what access
  • Enforce staff access control limits.

Access control systems help you protect your business by allowing you to limit staff and supplier access to your computer:

  • Networks
  • Files
  • Applications
  • Sensitive data