Dekko Blog

The lastest in connecting and collaborating securely at work. From our leading minds in cybersecurity.

Cybersecurity Ventures predicts that business in 2021 will fall victim to a ransomware attack every 11 seconds, down from every 14 seconds in 2019.

In the digital age, it’s almost certain that at least some portion of your personal data or information has been compromised. For most people, this may be what appears fairly inconsequential information like an email or birthdate. However, for many this compromised data covers far more significant information like bank details and medical records.

How Common is Hacking?

The likelihood that someone has attempted to access your personal data or information before is extremely high. However the scale and sophistication of the attacks will likely depend on your threat level, for example, an average person would unlikely face the extremely sophisticated attacks that a politician or CEO may receive.

The average person will receive mostly automated hacking attempts such as malware or phishing attacks. These attempts can occur almost daily but most can be easily avoided with basic cyber security practices that we will be touching on later in the article. These attacks will typically come in the form of pop-ups and emails posing as someone you trust, trying to gain a foothold within your computer. Although these automated attacks have a low success rate, they are so frequent in their nature, that one will likely compromise data eventually without proper cyber security practices.

Furthering this 'low-value' data taken from these automated attempts, such as an email or birth date, are often used to build more credible and believable attempts in the future, searching for higher-value information like bank details.

Higher threat level individuals such as CEO’s, high net-worth individuals and politicians are far more likely to receive sophisticated hacking attempts. Hackers may silently, electronically monitor these individuals for months to gather the personal, family and financial details needed to create sophisticated, personalised and believable attacks. Hackers have been known to go as far as posing as family members to ask for money or creating realistic invoices from real business clients.

How to Find Out if I’ve Been Hacked.

You can check out ‘Have I Been Pwned?’, a free website that allows you to enter your email to check if it has been compromised in a data breach.

Also, look out for these signs:

  • Your password, username or personal details have changed on a website or application.

  • You have been locked out of an account.

  • You notice unusual emails.

  • Unusual charges to your bank account.

  • New icons or applications added to your computer.

  • Files on your computer are moved or deleted.

What To Do if You’ve Been Hacked.

1. If you suspect that you have been hacked, the first thing you should do is change the password on the compromised account and any other accounts that use the same password. If you have been locked out of the account by the hacker, that may not be possible, regardless proceed to the next step.

2. Get in contact with the company or provider that owns the account that was compromised. These companies will have a procedure for hacked accounts, these can be found through a google search or by contacting them directly.

3. Run your antivirus software to scan and remove malware that may have been downloaded.

4. The hackers may attempt to contact you by email or through the compromised account to extort money or attempt to gain deeper access to your information. Do not click any links attached to these messages as they may compromise you further.

5. Depending on the importance of the hacked data and the demands of the hacker, you may want to get in touch with the police. Cyber crimes can also be reported to the Australian government here.

How to Avoid Being Hacked.

  • Wherever possible use multi-factor authentication: Most platforms now offer two-factor authentication linked to your email, phone or an authenticator app. This will eliminate the risk of most automated hacking attempts.

  • Practice good password management: A password should be a minimum of 8 characters but preferably upwards of 13 with a mixture of special characters and numbers. You should use a different password on every account and store these passwords within a secure password manager.

  • Think about the information you share: You need to think about what information you put out there and be conscious of the fact that there is always the possibility it could become compromised. If it is not necessary to share the information, or having it compromised would be extremely detrimental, rethink your need to put it out there.

  • Share confidential information on a secure platform: If you are sharing confidential information such as financial details, intellectual property or anything you don’t want someone else seeing, use a secure sharing platform like DekkoSecure. Dekko uses advanced security and end-to-end encryption on file sharing, video conferencing, emailing and instant messaging to allow you to communicate simply and securely without the risk of being hacked.

DekkoSecure offers a complete product suite of communication and collaboration tools, all built within a security by design framework. To get more information on our products or start a free trial, visit:

65% of businesses only consider cybersecurity after it’s already too late, reveals the EY 2020 Global Information Security Survey. If you’re a business owner, CISO, or employee how do you make sure your business doesn’t fall into that category? The answer is to put security at the core of your systems, technology and products by adopting security by design principles.

What is secure by design?

Secure by design, or security by design, is an approach to product, system or technology development where security is built as the core product. The secure by design process incorporates security from the inception and continues to make it the top priority as the product or system is being built. It is a proactive, preventative process, minimising security flaws at all times rather than retroactively responding to security threats after they’ve developed.

Why use a secure by design process?

The fast-paced nature of the modern economy means firms and technologies must constantly evolve and change to stay competitive however if security by design principles aren’t built into this mindset it will inevitably lead to vulnerabilities. As these technologies, necessary to stay relevant, become more complex it becomes increasingly difficult to add security retroactively.

The solution to this issue is adopting a security by design approach to the adoption and development of products and systems. When security is at the core of a technology, new features should be built out with security at the ground level of feature development, minimising the risk of security compromises being exposed as the feature set gets built up.

Historically there has been an inclination by firms to build security tools around existing products, using checklists to ensure compliance. However the reality of this approach is, covering for a security weakness is never as secure as eliminating that weakness in the system. This approach has also contributed to the mindset of CISOs as impediments to innovation and change. When CISOs and security teams are constantly ensuring compliance by checking systems and making fixes they will inevitably slow innovation however this can be subverted by allowing CISOs and security teams to adopt technologies with security at their core. This will lessen the workload on security teams in system maintenance and allow them to be free to approach more innovative security solutions that provide the ability for a firm to stay nimble and agile whilst maintaining security.

How DekkoSecure implements security by design.

DekkoSecure was built with a security by design mindset right from the outset. Founded by leading technologists and privacy advocates, the business began making security products and expanding its feature range over time. As the product suite developed, security and our world's first end-to-end encryption technology were always built into the core of our expanding feature set.

The Dekko Team

All Dekko products are built around end-to-end encryption, providing world-leading encryption technology to all our communications tools. However Dekko isn’t just an encryption company, we are primarily a security company (and encryption is just one key step in that security process). We also provide additional security features such as data sovereignty, authorisation, authentication and auditability. Furthering this, for a product to be truly secure by design, it cannot simply address technological risks it also has to address the ever-present human risks of the people who use their systems. DekkoSecure reduces human risk through security features such as no misaddressing and running through the browser to ensure there is no risk of missing a software update and exposing a vulnerability.

Another key component to security by design is a commitment to continual testing of systems to identify potential vulnerabilities. DekkoSecure performs this through regular, independent testing by Enex TestLab who verify the legitimacy of our security claims.

DekkoSecure offers a complete product suite of communication and collaboration tools, all built within a security by design framework. To get more information on our products or start a free trial, visit:

With more and more of your personal and businesses digital footprint being stored in the cloud, have you ever thought about the implications of where your data is being hosted?

What is Data Sovereignty?

Data sovereignty is the idea that data remains in the country of its origin, stored within its own borders and subject to the laws and regulations of that country alone.

One may think that if you’re sending data (such as a message or document) to another person located in the same country, that data would stay in the same country. However in reality, data is often routed and stored in many countries before and after arriving its destination. This means that your data is subject to the local laws and regulations in any country which your data is routed or stored.

The Laws and Regulations of Data Sovereignty

Most countries claim the right to any data that passes through or is stored on their servers however the legal precedent surrounding this notion is often untested and shaky.

The US Patriots Act of 2001 states that in the event of a high-security threat that the U.S. government can access any data stored within the country, without notification of the data owner. Meaning Australian’s with data stored within America are potentially subject to their data being seized without notice. In many European countries as well as Canada, governments are bringing in strict regulation to guarantee that data remains within the country to protect the security of their citizens.

In Australia numerous government departments are already compelled to host data within Australian data centres, such as the government's COVIDsafe app that utilises Amazon’s webs services to ensure data sovereignty.

Why It Matters

Before the insurgence and popularity of cloud storage, data sovereignty was a relatively unheard of phrase but as individuals, enterprise and government began shifting data to the cloud it has become increasingly relevant.

Having your data stored on foreign soil means that data is open to seizure by foreign governments and individuals through subpoena, legal proceedings or malicious intent. This means those who store data, communications or intellectual property must accept the fact that they are increasing the likelihood of this data no longer remaining confidential. If such data was to be breached it could have potentially catastrophic effects for many businesses such as a loss of reputation and client confidentiality.

How Can I Achieve Data Sovereignty?

In order to achieve data sovereignty, your data must remain and be stored within the country of its origin. For example if you are in Australia and sending a file to another colleague in Australia, the data must be stored in Australian data hosting centres rather than potentially cheaper options in America or Asia.

If you are not actively pursuing data sovereignty then there is a high likelihood that at least part, if not the majority of your digital footprint is hosted in international data hosting centres. At Dekko we give users the option of where they can store their data to ensure they can keep sovereignty over their data. This is available for all Dekko services such as video-conferencing, file sharing, chat and document signing.

If you would like to read more about our data sovereignty capabilities then read our security page:

If you would like to try one of our completely secure communications and collaboration solutions then visit:

© DekkoSecure 2020. All rights reserved.

Subscribe To Our Newsletter