With newly emerging cyber threats that keep evolving, IT personnel have a major challenge managing their firewall configurations and tend to spend a lot of their time fixing security vulnerabilities in their system. But studies from Gartner show that over 95% of all firewall breaches are triggered by misconfigurations and not flaws. Firewalls form a vital part of network security and a misconfigured firewall gives easy access to any attacker to do some real damage to your business. And yet there are mistakes made in firewall configurations, so it is essential for businesses to thoroughly check the processes of their firewall security in order to correctly identify and address existing holes in their configuration. Chances of a breach can be dramatically reduced by avoiding basic firewall configuration mistakes that also hamper the functioning of other critical security elements.
When implementing a firewall project, some of the common challenges faced are basic errors in policy rules, improper capacity planning, lack of testing solutions before purchase, and incorrect design of zoning which can influence security performance and quality of service
- Policy rules
Read the rest of this entry »
Small to medium sized businesses can use cloud technology to automate a whole host of essential business operations, such as payroll, expenses optimizing web traffic, email automation or marketing, to work smoothly across multiple devices (computers, smartphone, tablets. etc). This latest technology trend can cut unnecessary expenses on hardware and software updates too. Applications, services and resources that were earlier only available to enterprises are now within the reach of smaller businesses, thanks to virtualization. Exact and Pb7 found in their research study that small businesses that made the shift to the cloud doubled their profit and increased their revenue growth by about 25%. No wonder then that the use of cloud technology by U.S. start-ups is predicted to jump from 37% to nearly 80% in half a decade, according to Emergent Research and Intuit.
The cloud is the creation and consolidation of a virtual computer software or services, such as a server, storage device, network resources that people can use on the Internet, without needing to install any software first. There is efficient data centre utilization because of easy accessibility to the data stored on a central server from any computer or mobile device. If your business is not already utilizing the cloud, here are a few reasons to embrace the cloud.
1. Switching to the cloud reduces costs Read the rest of this entry »
In a report published by Morgan Stanley, it was reported that 91% of adults have their smartphones within arm’s reach all through the day. It is no surprise then that so many employees are using mobile devices, such as smartphones, media tablets every day within businesses to get work done, Mobile Device Management (MDM) has become vital for IT departments. Employees are no longer tied to their office desk and many workers are located away from the office and often need access to company services and data, so there is a need to implement MDM for the service, and security of all employee-owned devices being used for office work.
A solid MDM practice is an absolute necessity for businesses that follow a BYOD or CYOD strategy, to prevent any breach of sensitive data, which requires a fine balance between mobile device security and operations. Simply put, device configurations have to match corporate policy, be protected by strong password and have a system to wipe sensitive data off the mobile device remotely in case of loss or theft. But with the different types of mobile devices and platforms in use, managing and monitoring mobile device security has become a complex affair.
MDM provides the perfect device security management solution for organizations to enable their employees to use the devices that they love for work too, while addressing issues like cost, compliance, security risks, application delivery and management challenges. Adopting MDM supports ‘managed diversity’ for businesses through appliance service to include both personal-owned and business specific devices.
MDM is usually offered on-premises or as SAAS tool and it works as collaboration between IT services organization and the business to draw up an IT architectural design, policy and communication goals. This helps control costs, while offering a diversity of solutions to improve business growth and possible competitive advantage. Without MDM, businesses may see rising costs because of reduced user productivity and lack of IT support to suit individual employee need. This perception can result in high noncompliance costs and flaying of IT rules within the organization that may lead to further security risks. Read the rest of this entry »
The days of searching for your wallet in the bottomless handbag or trying to slip the bulky wallet into your pocket could be numbered, with mobile payment services gaining credence. Samsung has gone live in the U.S. with its mobile wallet service Samsung Pay, which is set to rival Apple Pay and Android Pay, in providing shoppers an alternative to plastic cards for in-store purchases, using their handsets.
While mobile payment services may still be somewhat of a novelty, the big names in tech are betting on consumers turning to it for convenience and also for the additional security element of not having to use a plastic card through a payment terminal that may be compromised. Samsung has the advantage over its competitors in the payments market, in that it is not limited to tap-to-pay, NFC based payments alone and its technology, acquired from LoopPay, works with a greater number of existing payment terminals.
Samsung Pay Uses MST Technology Read the rest of this entry »
Google is a global technology giant that has instant name recognition anywhere in the world and brand value like Apple or Microsoft. The company’s name has become a verb, with most of us likely to ‘Google it’ whenever we have queries. Our dependence on the search engine has increased with time, as it becomes even more deeply entrenched in our lives. Officially incorporated first in 1997, Google has just announced its reorganization under a new parent company known as ‘Alphabet.’ The company has come a long way since its inception and now has over sixty thousand employees, while enjoying a market capitalization of almost $395 billion. Google is a leader in innovation through its products and services, such as Gmail or Google Maps, as well as acquisitions, like You Tube, that has made it a household name.
Here is a look back at some of the major highlights from the past 20 years.
1995 Read the rest of this entry »
IT with proper analysis, capacity management that aligns with business needs can help avert network outages and customer service disasters, especially routine failures that cannot be pinned on a major disaster. Businesses can take preventative measures to not just protect their network from potential threats such as hacks, infrastructure attacks and environmental factors but also to improve the performance of critical applications running on the network. Monitoring your network along with setting up of hardware or software systems such as load balancers and application delivery controllers will protect businesses from potential threats to avoid any unplanned downtime. In today’s technological age having the right network infrastructure is vital for all businesses to save millions of dollars.
The starting point of predictive analytics is collecting and analyzing meaningful data records of machine, log, usage trends and costs with detailed assessment of performance and current resource capacity & consumption. Work to inventory and identify usage trends based on historical data as well as current or planned capacity to enable IT to foresee any weaknesses from future growth, heavy traffic or failure of machines. Intelligent data projection can test and permanently fix these problem areas cost-effectively by adding resources in a planned way than randomly after network issues have impacted end users publicly.
Analyze response Read the rest of this entry »
With cyber crime and internet fraud making headlines regularly, online security measures, login id, username and password have become common currency among all people. Businesses and individuals are looking to strengthen their online security to stop hackers from accessing their sensitive digital information, such as personal and financial details and two-factor authentication is the latest form of electronic lock to help protect your data. Historically, 2FA may not be a new concept but it is gaining traction now, with the rise in identity theft on the Internet, as well as phishing via email.
Two-Factor Authentication Explained Read the rest of this entry »
In almost every workspace today, a computer has become an essential tool in successful completion of a task. Businesses can improve their productively by running their computers efficiently, at high speed and optimum performance. When your computer breaks down or is not working for some reason, it can be very frustrating and get in the way of getting jobs done on time. Studies have also found that slow computers from old hardware, dodgy network or lengthy startup can cause businesses over five and half work days every year. Slow or unresponsive technology or applications results in our attention wandering as our brains switch off the work at hand. Your computer needs regular maintenance, cleaning and updating to avoid costly downtime. Read on to learn about a few simple things you can do to optimize your PC performance in the workplace to increase productivity.
Update your antivirus software regularly
The most important preventative step in ensuring your computer is not bogged down, by viruses and malwares that are sure to slow your machine down, is installing and running a good anti-virus and anti-malware product. Your entire network should be protected by an enterprise firewall to proactively monitor and defend against cyber-attacks. All the computers and servers throughout all departments in your business should be protected with strong antivirus. The free versions of antivirus do not do a good job of protecting your machines and once they scan to find a virus, you will be asked to upgrade to a paid version of the software for a clean-up. Businesses should take the advice of their IT provider for recommendations and proper management of IT network and systems. This will ensure scheduled regular updates will get done and monitoring system to easily detect issues with the antivirus.
Close programs you are not using Read the rest of this entry »
Organizations are generating enormous amount of data that is being shared in varied ways. Hackers are busy evolving malicious ways of gaining access to confidential data. Even employees may undermine the data security protocols of the organizations unwittingly. Added to this, businesses have to cope with the security fallout of adopting new trends such as Bring Your Own Device and Bring Your Own App. Cyber criminals are always on the lookout for easy access to your network and file sharing without any security policy in place, can be compared to handing out a copy of the key to your front door to these crooks.
While in 2013 over 800 million records were reportedly accessed without proper authorization, in 2014 just one data breach at The Home Depot led to 56 million customer credit cards and email addresses being stolen. 2015 saw a surge in millions of personal data sources being compromised from businesses and government agencies. When hackers successfully breach security systems affecting millions of people, it makes headlines but they account for only about a quarter of breaches. Most data breaches are from end user mistakes, unintentional misuse, and insider leaks. This leads to loss of revenue, jobs and reputation.
Companies have to ensure secure options for their employees to share documents at the enterprise level, without which they may tend to use free vendors and have unaudited accounts with little security monitoring. More businesses are moving to the cloud and using file sharing or cloud storage services. While convenient applications like Dropbox and OneNote make it easy for users to collaborate and share files easily, there are potential risks to sensitive data, when using them for business purposes. Added to this, some employees tend to use similar passwords for these third party programs as their company passwords. Read the rest of this entry »
The infamous Italian firm, Hacking Team, that sold hacking tools to intelligence agencies from around the world, had its systems breached. Its Twitter account was also hacked to leak over 400GB worth of files, data, contracts, emails, passwords allegedly stolen from the company. Hacking Team has been accused of selling their solutions to oppressive regimes that don’t have a good record of human rights but the company while confirming that its systems had been breached, denied commenting on the authenticity of the published files or breaking any laws. Within days security analysts pored over the leaked data to uncover several exploits, including two serious Adobe Flash bugs, CVE-2015-5122 and CVE-2015-5123, which allow malicious files to execute code to take control of the users system by installing malware on the victims’ computers. These security holes were probably being leveraged by Hacking Team in its spying solutions to install the malware on the devices of targeted people.
Adobe Flash has been majorly affected with critical security holes in the past year, causing some experts to call for the retirement of Flash. However, with the latest Hacking Team Flash vulnerabilities being revealed in a matter of days, Adobe has issued an alert and finally made the move from talk to action.
The discovered vulnerabilities affect Windows, Mac and Linux computers. A readme document was found which included a proof-of-concept (PoC) code for exploiting the hole in Flash Player zero-day and writing to memory. According to the document the vulnerability is “the most beautiful Flash bug for the last four years since CVE-2010-2161,” and affects Flash Player 9 and Internet Explorer, Chrome, Firefox and Safari too. Symantec has also confirmed the zero day vulnerability even testing the exploit on a fully patched version of Adobe Flash (184.108.40.206) with Internet Explorer, which takes advantage of a use-after-free (UAF) issue in the ByteArray class to cause a crash and take control of the infected computer. The security hole has already been exploited by cybercriminals and integrated into exploit kits before Adobe even rolled out a patch. Kafeine, a French security researcher and Trend Micro revealed the bug was already being used by exploit kits such as Angler, Neutrino, Rig, Magnitude and Nuclear Pack. Angler is known to distribute the famous Cryptowall 3.0 ransomware. Read the rest of this entry »