Bulgarian-Swiss Business Connection

My Post

Last week, Centry supported the “Promoting business partnerships with Switzerland” forum, organized by the Bulgarian-Swiss Chamber of Commerce (BSCC) in cooperation with the Chamber of Commerce and Industry (CCI) Stara Zagora.

The main objective of the forum was to boost and develop business relations between Bulgarian and Swiss companies such as those already part of the BSCC Partnership Platform and other Bulgarian producers and service providers who plan on working with Swiss companies.

The information presented on Bulgarian-Swiss business relations issues and the role of BSCC in establishing sustainable partnerships between these companies served as the foundation of an interesting discussion during the event.

1.PNG

For more information about the forum, please follow this link to the BSCC website! If you have any questions or comments, feel free to reach out to us on any of our social media platforms.

 

Valid Concern or Tap Anxiety? An Evaluation of Amazon’s Alexa Recording

406213-amazon-echo

Alexa’s Infamous Recording

A couple weeks ago, a family from Portland, Oregon reached out to Amazon to investigate after they said that their home assistant device, “Alexa”, had apparently recorded audio of a conversation the couple was having and sent it to an acquaintance of the family who’s phone number was in their contact list. The acquaintance, a work colleague, immediately contacted the family to let them know that he received the recording, and told them to turn off their devices.

This led to a media frenzy, where countless sources questioned the security of home assistant devices, likening them to Orwellian wire-taps.

So, how did this happen?

When the family contacted Amazon concerning the incident, an engineer investigated the logs of the device and was able to confirm the recording and subsequent sending. The engineer suggested that the entire issue was a result of the device misinterpreting the sounds of the distant conversation as commands to record and then send the message.

The company’s official statement was:

“Echo woke up due to a word in background conversation sounding like “Alexa.” Then, the subsequent conversation was heard as a “send message” request. At which point, Alexa said out loud “To whom?” At which point, the background conversation was interpreted as a name in the customer’s contact list. Alexa then asked out loud, “[contact name], right?” Alexa then interpreted background conversation as “right”. As unlikely as this string of events is, we are evaluating options to make this case even less likely.”

Is this something to be genuinely concerned about?

In short, not really: the coverage of this situation was greatly sensationalized.

If you have ever “butt-dialed” someone from your mobile phone, this is not very much different of a circumstance. Accidental activation leads to a call or command.

Anyone who has one of these devices has probably heard it pipe up unprompted, whether it was from a distant conversation, the TV, radio, computer, etc. It’s important to remember that home assistant devices like Amazon Echo and Google Home are still first generation pieces of technology – they are learning on the go, and there is bound to be a few hiccups along the way. Human speech interpretation is very hard.

Both devices have large, easy to see indicators of when they are listening for the keyword. Alexa has a bright blue circle that illuminates on the top, and Google Home also lights up.

However, if you are still worried, here are a few steps you can take:

  1. Turn on command tones in the app. This makes the device “ding” when it hears the keyword, letting you know that it’s actively listening.
  2. Don’t ignore it when it speaks– tell it to stop. Otherwise, it could continue mishearing commands.
  3. Protect your WiFi network. These devices are only as secure as the network they connect to.
  4. Check in the app to see if there are any stored recordings, and delete them.

If you have any questions or comments, feel free to reach out to us on any of our social media profiles. For more content like this, subscribe to Centry Blog for weekly articles!

Remembering Mr. Rachid Boukhari

rachid pic.jpg

It is with deep regret that we announce the passing of our fellow colleague, Mr. Rachid Boukhari, 52, who died peacefully in his sleep last Saturday.

Rachid had eleven years of military service in the French Foreign Legion unit 2 REP with experience in combat operations and training in remote environments. He was straight, hardworking, and honest, and his service naturally led him down a career path in private security where he ultimately came to work with us at Centry in 2014.

Rachid worked as a Project Security Manager and Security Expert in some of our most challenging projects in remote locations in Yemen and Algeria. He was always proactive and willing to rise to a challenge.

We remember with admiration one occasion where, late in the evening, Rachid was comfortable at home in France, when he received a call from one of our colleagues asking him to be in Algeria in the morning to provide protection to one of our clients. Rachid went above and beyond to make extremely short-notice travel arrangements, and at the crack of dawn the following morning, he was there in Algeria ready to help. This story is just one example of the exemplary commitment Rachid had to helping others, particularly his colleagues in Centry.

We will remember Rachid as a true comrade, whose professionalism, loyalty, and expertise will be sorely missed. Rachid’s wife and two children who he left behind will have our continued support as we all grieve this loss.  Rachid’s funeral is taking place today, June 1st, in Maubeuge, France.

GDPR: Day One

The European Union’s General Data Protection Regulation (GDPR) officially went into effect today. The new regulation exists to give citizens of the EU control over how their data is used. It’s extensive and comes with the promise of harsh fines if non-compliant companies experience a data breach.

Centry’s GDPR Guide, shown on the popular webcast This Week in Law, breaks down the who/what/when/where and why of GDPR for those who want a quick briefing of what this means and why it’s important.

Now, on day one, we are observing the first ripples in the pond of this new policy. Already, BBC has reported that some US-based news websites are unavailable in Europe as the new regulations have come into effect. Some of these include the New York Daily News, LA Times, Chicago Tribune, Orlando Sentinel, and Baltimore Sun.

The above news sites are part of the Tronc media publishing group. Others under Lee Enterprises have been similarly affected. Freelance developer Owen Williams created a blog called GDPR Hall of Shame to provide a tongue-in-cheek illustration of the blunders some companies have made as they have taken the first steps of navigating the ruling.

One of the worst offenders is the social media/micro-blogging platform Tumblr, which requires users to manually deselect more than 300 boxes to prevent each entity from utilizing their data. There is no available option currently for mass selection.

Others are taking the change to data regulation in full stride. Microsoft has expanded their GDPR-compliant policy to protect all of their users, not just the ones based out of the EU.

If you have any questions or comments about GDPR, feel free to contact us on any of our social platforms!

For more content like this, subscribe to Centry Blog for weekly updates related to the security industry, cyber security, risk management, compliance, and global affairs.

Fake Social Media Profiles: What to do if You are Being Impersonated Online

My Post (1)

Impersonation on social media is rampant; whether you know someone who have received a message from a fake profile, or you have found your own identity personated on some platform online, it seems that there are precious few degrees between individuals and fake accounts.

When account setup is as easy as inputting a name and email, it’s no wonder that these false accounts are everywhere. And they will continue to be created, unless social platforms integrate stricter terms for signing up.

For now, all of the bots/impersonators of the world can continue to thrive in account creation as easy as 1-2-3.

Insta1Good enough for Instagram.

So, what can you do to prevent this from happening in the first place? The short answer is, unfortunately, nothing. But you can address the issue after these fake accounts have been identified, and it is important to do so. At best, impersonators may be a minor nuisance. At worst, they could damage your online brand.

Fortunately, most popular social networks have processes to report false profiles. Without further ado, here is how you can take action.

Facebook

If you see a profile impersonating you or someone you know, here are the steps you can take to address it.

Navigate to the fake profile, and on the lower right corner of the cover photo, there should be a symbol that looks like facebook dots.PNG .  If you select this, a drop-down menu will appear, from which you can select ‘Report’ and follow the onscreen instructions.

If you do not have a Facebook account and wish to report a fake profile in your name, you can do so by filling out this form.

LinkedIn 

The process for reporting a fake profile on LinkedIn is very similar to that of Facebook. Like Facebook, LinkedIn has the three-dots symbol on its profiles that will enable you to select the option to Report/Block. Then, in the reporting pop-up window, you’ll be able to detail the impersonation under “What do you want to do?” > “Tell us a little more”.

Twitter

Twitter’s policy is complex because it does allow parody accounts so long as they clearly state that they are not the individual that they are parodying, however, you can still take action against fake profiles in your name by filling out this form.

Instagram 

You can report fake profiles on Instagram either within the app or by filling out a separate form, which will require you to provide a piece of government issued photo ID, such as your driver’s license or passport.

Finally, after going through the reporting process for the false profile, be sure to let your friends and followers know that this impersonator account is not real and that they should not click on any links coming from it.

This article was written by Kristina Weber of Centry. For more content like this, be sure to subscribe to Centry Blog for weekly articles and follow us on Twitter @CentryLTD!

What to Pack in a Grab-Bag

One of the ways that you can prepare yourself for an emergency is to stock a grab-bag. That is, a bag containing a handful of supplies that could make all the difference in recovering after an emergency, whether it’s a natural disaster or hostile threat.  The idea is that you need only to take this single bag with you as you respond to a crisis, ensuring that you have what you need for immediate survival following the contingency.

The exact necessities that you pack will be impacted by your geographical location and the regional-specific risks therein, but here are a few ideas to get you started:

Information & Documentation

This should include your passport and/or visa, and any other important documents related to your identity. This is especially important if you are travelling abroad, particularly if the contingency requires you to leave the country. Even if it is for a home-emergency, being able to have at least a couple identifying documents will assist you in the recovery of other important documents after the fact.

Food & Water

A stock of high energy, non-perishable food items and as much water as you can feasibly carry.

Communications

A spare mobile phone with a charger.

Health & Safety

Basic first aid kit and any essential medications that you may require day-to-day.

Other

Some other items to include in your grab bag are money, a change of clothing, candles, matches, a flashlight/torch, and spare batteries.

Keep in mind that the general advised contents of this grab bag address the needs of the average individual whether they are at home or traveling. Family and/or group kits will vary, especially if there are pets involved. 

If you have any questions or would like expanded detail of this, please don’t hesitate to contact us at info@centry.global! Remember to subscribe for weekly updates on Centry Blog, and follow us on Twitter @CentryLTD for more content like this.

Social Networks & Data Protection Policies

tree-200795_1920

In preparation for GDPR, a comprehensive EU data protection law, a few big-name social media companies have taken the time to review their privacy policies, making it easier for users to know where and how their information is being used.

Facebook has made some changes to its privacy settings in light of the Cambridge Analytica scandal and Mr. Zuckerberg’s congressional hearings. While it is not changing the information that the company collects from its users, it is making strides toward greater transparency on what that information is and how that is shared. It created a central hub with a more user-friendly interface to enable people to more easily see what data they are sharing and who can see it.

Additionally, the social network will make it easier for users to see all the data that the company has on them – previously, this could be accessed by a massive data dump download, however the new Access Your Information tool allows individuals to explore the information by category.

Twitter updated their privacy policy, sending out emails to their users with information on some of their key revisions. These include more focus on the controls that they offer users over their personal data, more focus on how Twitter shares public data, more transparency and control over how the data is shared with business partners. Furthermore, there is more clarity about how data may be shared to prevent harm, comply with the law, or serve public interest.

LinkedIn has adapted its policy to enable members to download their personal data, and it has followed up on GDPR’s right to erasure, by clarifying that personal data such as audience email addresses will be automatically deleted within a 90 day time frame if it is not edited or being used in active campaigns.

If you are active on any social media networks, be sure to take a proactive approach and review your privacy settings, as well as the availability of your personal data.

This article was written by Kristina Weber at Centry Ltd. For more content like this, subscribe to Centry Blog and follow us on Twitter @CentryLTD!