Browse by Tags
» Security (RSS)
Showing page 1 of 5 (65 total posts)
I finally got a chance to deploy a Meraki MR12 wireless access point.
These are some sweet devices. I wasn’t that happy with the PoE brick that it comes with for power, but getting it setup has been quite pleasant.
As an enterprise device, it supports all sorts of options for authentication, including RADIUS authentication, and LDAP.
Back in September 2012, I wrote two articles for Point2Security on how to effectively handle breach notifications: The Who of Post-Breach Communication Post-Breach Communication: The Importance of How & When Sadly, to many organizations are doing something entirely different when it comes to post-breach notifications. I like to take ...
In 2012, the writers of malware and the attackers of networks were very busy, using both social engineering and increased technical sophistication to fuel an increased number of attacks.
Not incidentally, mobile devices just flew off the shelves this year, with predictions that over 122 million tablets and some 717 million smartphones will have ...
Earlier today, as I read a very self-serving article lamenting how online growth will be killed due to impending “Do Not Track” legislation, it became very clear to me why online privacy in the US is almost entirely non-existent.
As a society in the 21st century, we have willing accepted the idea that in order to be able to obtain anything useful ...
If you’re going to make use of cloud-based storage, it is a good idea to ensure that you keep it secure. Unless you are absolutely, positively certain that you will never, ever put anything in there that you wouldn’t want to find in a public place, you’re going to need to consider encryption.
Even if you don’t care about the data, you ...
In the past few days, we learned that Global Payments Inc, a middle-man credit checking company, suffered a breach of its systems starting in January of this year. It has been speculated that up to 10 million card holders might be at risk.
Even with the growing trend of these types of attacks, your personal security both online and offline ...
If you haven’t already heard of Carrier IQ, you need to do some serious web searching, as they are swiftly becoming the new name in technology misuse on a massive scale.
Over 6 years ago, Sony installed a rootkit with their music software in the name of Digital Rights Management. On some level, they have never recovered from the consumer ...
Despite the significant uptick in information security events on display thus far in 2011, and despite the diversity and caliber of organizations that are being breached, it seems that too many organizations are failing to learn the lessons of the victims.
More than that, it appears that when confronted with risks that require assessment, the ...
…that is the question.
Every time a software vendor experiences a vulnerability or releases patches for a serious security issue, the debate about Full Disclosure or Responsible Disclosure gains a little more steam.
Just how much information should a vendor disclose about the nature of the vulnerability that it has identified, and how that ...
Why should you take your organization’s information security posture seriously?
Just ask Sony. It has been estimated that Sony will spend more than $170 million dollars due to the recent breaches they have suffered. Personally, I think that the $170M figure is too conservative. I expect it to get much closer to $300M than ...
You would think that this is so obvious as to not need saying, but too many people appear to operate as though downplaying or ignoring risks have any impact on their reality.
That sign announcing “bridge out” isn’t really concerned with how much you believe it or agree with it. It doesn’t care if you are too busy to deal with ...
We are only one third of the way into 2011, but we have had some of the largest information security breaches of the decade – and the trend does not appear to be slowing down.
Here are just a few of the biggest reports for the year: http://www.eweek.com/c/a/Security/RSA-SecurID-Breach-Shows-Why-Everybody-Must-Stay-Vigilant-595858/ ...
Security is not just a state of being.
We are often called to provide an assessment about our present security posture, and usually, the person asking the question is doing so within a very narrow context – one that the may or may not have shared with you.
Answering such a question is difficult at best.
Imagine walking up to your doctor and ...
I had a chance to review the 2010 Verizon Data Breach Report today, which I was alerted to by ISC.SANS.ORG. They’ve put together data from 2004 through 2009, and it is quite interesting.
These are from confirmed data breach cases.
Here were 3 of the scariest stats in the document: 86% of victims had evidence of the breach in their log ...
Yes, you heard me correctly…
We still think about personal and corporate security only as an afterthought.
Despite all the regulatory and industry compliance that has been created and updated in the past 15 years, as we close out this decade, we are hardly any closer to proactively applying security guidelines in our personal or professional ...