Inside the BriefcaseWith 72% of British consumers being concerned about how secure their data is online, many businesses are taking action to step up and evaluate their current security measures. However, there is still plenty you can be doing yourself to ensure your own safety and privacy while on the web.
In 2002, law enforcement officials in New Orleans attempted to bring facial recognition to the public’s eye for the first time. It failed spectacularly. The technology was supposed to be used to during the Super Bowl to detect wanted criminals from among the crowds gathered to watch the game or partake in festivities at the stadium. But facial recognition software of the time proved to be ineffective in crowds and provided too many false positives, and the attempt was considered a failure and met with severe backlash.
We live in an era now where basic virus protection software isn’t going to cut it in terms of protecting your IT infrastructure. Many other problems can now arise and it isn’t just cyber-attacks we need to be wary of – it’s also physical access to our computers and servers. If you’re looking to step up your game and secure your IT practices, consider following the below steps.
Disposing of company data is something that has to happen for several reasons, for example, when hardware hits the end of its lifespan and needs to be replaced. Another reason for data disposal is if a company is trying to merge and condense their data into easier manageable solutions. There are many reasons why it needs to happen but, most importantly, when it does need to happen, it needs to happen with security in mind.
Delivering Windows 10 deployment data of 30GB+ over a company WAN reminds me of my brief life as a PC gamer back in the 1990s (ancient tech, 386 and MS-DOS). I became obsessed with a game called Wing Commander. I flew a fighter through space — slowing down to navigate asteroid fields and tangling with enemy fighters — to help get the mother ship safely to its destination before it was too late.
You can have the most sophisticated home security system in the world, but if you leave the front door open, it’s all for nothing. The same principle applies to enterprises. Protecting data starts with disallowing unauthorized access, and that begins with a solid username and password. Login information is the “front door” to your company’s data, but according to a recent study, most large companies are leaving basic, “dead-bolt” security measures on the table, potentially losing millions of dollars.
As technology continues to advance and BYOD (Bring Your Own Device) workplaces become more and more commonplace, IT leaders everywhere are faced with a critical dilemma: Do we embrace the more productive mobile workplace at the expense of security, or do we sacrifice productivity for peace of mind?
According to Forrester Research, applications are increasingly the face of interaction between companies and their customers; this includes customer-facing applications, differentiating mobile apps, internet-of-things (IoT) device interfaces and streamlined back-end processes. Meanwhile, application security technologies continue to advance based on new developer methodologies, attack vectors, application types and business needs. Moving forward, security pros must keep pace with these emerging and rapidly evolving technologies to help their organizations deploy apps that improve customer experiences without taking on new risks.
Small business owners generally don’t take internet security that seriously. I understand, of course: a lot of SMEs are so focused on their day-to-day business that they have no extra time to worry about the complexities of website security. There are other problems, however. A lot of small businesses simply think that they have nothing worth stealing, and that they are too small to ever be the target of a cyber-attack. I shouldn’t have to tell you that this is a mistake, but I will.
Where is your data stored? Back up will be the number one use of cloud in 2019. Download this infographic to quickly learn a flexible solution for Virtual, Physical and Cloud Environments – no matter how complex.
Virtual Private Networks, or VPNs for short, used to be associated with hackers running credit card fraud schemes. In recent years, though, they’ve become hugely popular for more legitimate purposes. A lot of people use them to get around country-specific limitations on TV shows and movies, such as those put in place by Netflix and other media companies. More seriously, a lot of political activists use them to circumvent restrictions put in place by their own governments.
According to OneLogin’s Curse of the Ex-Employees report, 20 percent of organizations admit accounts belonging to former employees remain active for one month or more after an employee has left the company. Unknown to employers, these “ghost employees” are harboring company data for months or even years after leaving an organization. This has resulted in the growth of a “shadow workforce” – or an underground network of ex-employees with access to the company network. In this interview, we connected with Al Sargent, senior director at OneLogin, who shares how companies can minimize risks brought on by this shadow workforce.
This white paper assesses how aware banks in Europe and North America are of FCIUs and what measures they have been taking to be more prepared for full implementation of their own FCIU.
with Stu Bailey, Open Data GroupIn this interview, Stu Bailey, CTO from Open Data Group, shares how enterprises can make analytic deployment a core competency vital to competing successfully in today’s business environment. Read More >>>
70% of surveyed organizations surveyed an OT security compromise over the past 12 months resulting in operational disruption or loss of confidential information in their industrial networks.
with Cuong Le, Data DynamicsIn this interview, Data Dynamics’ Senior Vice President of Field Operations, Cuong Le, shares his thoughts on why IT professionals need to be put back in total control of their data – and the best ways to make that happen. Read More >>>
As a business owner, you obviously want to make your IT systems as secure as possible. But even if you invest in expensive and sophisticated cybersecurity software, you can still be vulnerable, if you have your basic IT management done wrong. In fact, most security breaches are results of simple mistakes that could have been easily avoided. Here are five tips to make your IT environment a safer place by just doing the basic things right.
Insider threats continue to be an organization’s number one weakness. This is because an insider is able to bypass any firewalls, detection systems, or access gates. Most breaches that are the result of insiders happen from negligent employees or managers. Malicious insider incidents are fewer but often cause far more damage. How much damage can one employee do to an organization? The answer is dependent on access, information quality, and intent. Everyone who works with or in an organization is an insider.
Software and app development is moving at warp speed, thanks to the agile approach and role of DevOps. But security struggles to keep pace, as traditional physical and virtual perimeter solutions are not sufficient to address vulnerabilities in code that are being updated and deployed on a daily basis. As a result, DevOps must become more aware of security and rethink how they build it into their software at the code level. In this Q&A, security industry veteran Manish Gupta discusses how organizations can change their behavior and mindset, bringing security in from the start of the software development process.
Do you monitor your DNS logs? If not, you may be missing important clues about cyber attacks on your network. I recently attended SANS Network Security 2017 and watched a presentation by Seth Misenar on what he calls “actionable detects” in DNS logs. Security teams can use these indicators to prevent and detect security problems.
In this IT Briefcase exclusive interview, Joseph Carson, chief security scientist at Thycotic, explains how outside attackers or malicious insiders can exploit vulnerabilities using examples such as a compromised email account password that escalates into a full-blown breach of network security. By dissecting the make-up of a privileged account hack, it can be shown exactly how cyber criminals target their victims as well as what can be done moving forward to reduce risk and prevent abuse of critical information assets.
It seems like there isn’t a single company that doesn’t rely on various online services and web-based applications and technologies to carry out various day-to-day tasks. Whether it’s advertising, buying or selling, identifying a new market, communicating with partners, suppliers, vendors, and customers or something simple as completing a bank transaction, the internet is becoming an integral part of a smooth-functioning business.
The recent global cybersecurity history is pockmarked with incidents that have grabbed global headlines, produced outrage, and caused political strife. What’s more, the cyberattacks listed above are distinct in their size, source, and categorization. WannaCry and NotPetya were large-scale ransomware attacks. Equifax suffered a breach from hackers exploiting an outdated patch in their web application framework. And, Parliament, the DNC, and the Clinton campaign were all penetrated through email phishing scams.
with Henning Volkmer, Cortado Mobile Solutions Inc.In this interview, Henning Volkmer, president and CEO of Cortado Mobile Solutions Inc., shares his thoughts on using device-native capabilities to secure devices implementing productive mobility strategies, as well the benefits, simplicity and cost savings a cloud-based approach offers. Read More >>>
with Linus Chang, BackupAssistIn today’s exclusive IT Briefcase interview, BackupAssist’s CEO, Linus Chang, shares his thoughts on the growing and continuous threat of ransomware, not only across enterprise environments, but the small-to-medium business (SMB) space as well. Read More >>>
with Patrick Carey, Black Duck SoftwareIn this interview, Patrick Carey, VP of Product at Black Duck Software, gives his perspective the Equifax data breach and how to protect privacy moving forward. Read More >>>
Last year, few IT professionals believed they would be close to completing their migration to Windows 10 by this time. Some even estimated that they wouldn’t be at the halfway mark. Given the scale of this mission—migrating thousands of systems without business interruption—this conservative outlook is perhaps understandable.
Every day, there appear new pieces of evidence that the world’s Cyber Security (CS) industry still does not correspond to the required levels of safety. Moreover, there is no agency that would be able to eliminate the detected vulnerabilities and resolve the related problems in tight deadlines. As a result, many people have already become victims of hackers, internet offenders who abuse their financial or personal data for personal benefit or just for fun.
While many companies might put security testing at the bottom of their lists, it’s a critical step businesses need to take to ensure their solutions can properly protect and defend against cyber-attacks. There are numerous ways that enterprises can go about the testing of solutions, but it’s important to understand the industry best practices and recommendations when it comes to testing and evaluation.
with Raj Gopalakrishna, AcalvioIn this interview, Raj, the Co-Founder and Vice President of Architecture at Acalvio discusses what businesses need to know in order to detect, engage and respond quickly to malicious activity on their networks Read More >>>
