Category Archives: CSF Blog

Content Filtering

Do you filter the content that comes flooding down your internet pipe and straight to the desktops of your users, or maybe to the devices of your beneficiaries?  If not then you might want to consider ensuring that at least your bit of the internet is ‘safe to surf’.  Perhaps your charity has a particular stance on, say, gambling, so it would be rather ironic if your users were spending their lunch hour in a virtual casino.  Of course the other side of this coin, so to speak, is the company-imposed censorship and the lock-down of liberty experienced by hardworking staff.  After all the internet is just a bit of … Continue reading

Posted in CSF Blog | Leave a comment

Pentesting

The mysterious art of penetration testing shouldn’t be a mystery to us information security professionals, in fact it should be a staple of our infosec diet along with policies and awareness campaigns.  Yet for many charities the thought of paying for what is properly termed ‘ethical hacking’ is often deemed a step too far.  Perhaps it’s the thought of what will appear on the invoice, or what will appear in the report and need fixing. For some, ignorance may be preferable to bliss. But as a means to seriously raise the stakes when you know that your external facing defences may be a little flaky, the power of the pentest … Continue reading

Posted in CSF Blog | Leave a comment

Social Media

It seems that the modern world now revolves around the use of social media.  You know the sort of thing we’re talking about – Twitter, Facebook, Snapchat, Instagram, Pinterest…  the list goes on. And it’s likely that your charity will be making it’s presence felt on these platforms to rally supporters to the cause.  But as an infosec professional it’s worth stopping to think about the information security aspects of these services.  For an individual, it’s probably not a good idea to live your life online through these platforms but many do and mainly get by, despite often intentionally, or unintentionally, revealing their personal and innermost thoughts.  For charities though … Continue reading

Posted in CSF Blog | Leave a comment

Black Fridays & Cyber Mondays

Now we’re fully in shopping mode as we approach the season of goodwill to all men, it’s worth just taking a second look at the website you are just about to trust with your credit card details.  It should go without saying that you’ll be looking for the ‘golden padlock’ but we more than most should understand what that means deep down in the depths of the web.  Is that SSL certificate the real thing? Does it confer the trust we expect? Can we safely push the submit button? Our data may be safe in transit – thanks to that SSL encryption – but what happens when it reaches its … Continue reading

Posted in CSF Blog | Leave a comment

Point of Sale

Going shopping?  Perhaps at your local charity shop? The past few years have seen an increase in malware designed to infiltrate Point of Sale systems – otherwise known as tills – with the explicit purpose of harvesting payment card data processed by those devices.  With many tills running on out-of-date software it’s going to get easier to for the bad guys to steal the card data.  When’s the last time you patched your PoS systems? Threat reports consistently highlight the types of business that are targeted by card fraudsters.  It’s often been the leisure and hotel industry that feature highly in those lists and it would become a problem for … Continue reading

Posted in CSF Blog | Leave a comment