12 security tips for the ‘work from home’ enterprise

Credit to Author: Jonny Evans| Date: Fri, 13 Mar 2020 06:26:00 -0700

If you or your employees are working from home while our governments lurch awkwardly through the current crisis, then there are several security considerations that must be explored.

Your enterprise outside the wall

Enterprises must consider the consequences of working from home in terms of systems access, access to internal IT infrastructure, bandwidth costs and data repatriation.

What this means, basically, is that when your worker accesses your data and/or databases remotely, then the risk to that data grows.

While at normal times the risk is only between the server, internal network and end user machine, external working adds public internet, local networks and consumer-grade security systems to the risk mix.

To read this article in full, please click here

Read more

Apple, the FIDO Alliance and the future of passwords


Apple is the latest firm to join the FIDO Alliance, an industry standards group developing more secure ways to log in to online accounts and apps using multi-factor authentication (MFA), biometric authentication and physical security keys. Computerworld's Lucas Mearian joins Ken Mingis and Juliet Beauchamp to discuss the Apple move, how different forms of authentication work and how far away we are from a password-less world.

Read more

A week in security (March 2 – 8)

Credit to Author: Malwarebytes Labs| Date: Mon, 09 Mar 2020 20:07:46 +0000

A roundup of the previous week’s security headlines, including the introduction of a new series on child identity theft, an examination of law enforcement’s cybersecurity woes, a progress check on our stalkerware initiative, and more coronavirus scammers on the prowl.

Categories:

Tags:

(Read more…)

The post A week in security (March 2 – 8) appeared first on Malwarebytes Labs.

Read more

Bring your own privacy: VPNs for consumers and orgs

Credit to Author: Malwarebytes Labs| Date: Fri, 06 Mar 2020 17:24:33 +0000

VPNs are all the rage, but they’re not without their problems. Where do you stand on the great “Should we deploy a VPN” debate?

Categories:

Tags:

(Read more…)

The post Bring your own privacy: VPNs for consumers and orgs appeared first on Malwarebytes Labs.

Read more

Verizon: Companies will sacrifice mobile security for profitability, convenience

Credit to Author: Lucas Mearian| Date: Tue, 03 Mar 2020 03:00:00 -0800

Despite an increase in the number of companies hit by mobile attacks that led to compromises, four in 10 businesses sacrificed security to meet profit goals or avoid “cumbersome” security processes, according to Verizon’s third annual Mobile Security Index 2020.

It showed that 43% of organizations sacrificed security. More typical reasons for companies exposing themselves to risk, such as lack of budget and IT expertise, trailed “way behind” things such as expediency (62%), convenience (52%) and  profitability targets (46%). Lack of budget and IT expertise were only cited by 27% and 26% of respondents, respectively.

To read this article in full, please click here

Read more

Will pay by palm be a thing? Should it be?

Credit to Author: Evan Schuman| Date: Tue, 03 Mar 2020 03:00:00 -0800

Amazon is experimenting with a way to allow shoppers to use a palm-print biometric to authenticate payments and to do so in physical stores far beyond Amazon-owned brick-and-mortars, (Whole Foods, AmazonGo, AmazonBooks, Amazon 4-Star and Amazon Pop-Up). Amazon is reportedly looking at QSRs (quick-service restaurants), especially coffee shops.

Palm prints have several advantages over more popular mobile biometric methods, such as fingerprint (prescription drugs, cleaning chemicals, burns and various other things can interfere with fingerprint readings) and facial recognition (finicky method that requires the face to be a precise distance from the scanner — not an inch too close or too far — and can suffer from hair growth, lighting, cosmetic changes, some sunglasses, as well as giving false positives to close relatives). And unlike my favorite biometric for security (retina scan), it’s far less invasive. It’s fairly accurate, convenient and (other than forcing customers to remove gloves, which could be a problem with outdoor shops in the winter) should be well-received.

To read this article in full, please click here

Read more

How and why you need HomeKit-secured smart homes

Credit to Author: Jonny Evans| Date: Thu, 27 Feb 2020 04:40:00 -0800

Once upon a time the Internet was amazing, enabling niche interests and connecting people. Apple’s iMac was the epitome of the era, while the iPhone became the prophet of change.

What is HomeKit-secured and why should you use it?

These days hackers break into home networks using our routers and smart home devices, which is why everyone must learn how to use HomeKit-secured routers to keep their connected homes safe.

Apple announced HomeKit-secured routers at WWDC 2019. The first few devices to support the tech recently began to reach market, including options from Linksys and (now) Amazon’s Eero routers.

To read this article in full, please click here

Read more

Apple joins industry effort to eliminate passwords

Credit to Author: Lucas Mearian| Date: Fri, 21 Feb 2020 03:00:00 -0800

In a somewhat unusual move for Apple, the company has joined the Fast IDentity Online (FIDO) Alliance, an authentication standards group dedicated to replacing passwords with another, faster and more secure method for logging into online services and apps.

Apple is among the last tech bigwigs to join FIDO, whose members now include Amazon, Facebook, Google, Intel, Microsoft, RSA, Samsung, Qualcomm and VMware. The group also boasts more than a dozen financial service firms such as American Express, ING, Mastercard, PayPal, Visa and Wells Fargo.

“Apple is not usually up front in joining new organizations and often waits to see if they gain enough traction before joining in. This is fairly atypical for them,” said Jack Gold, president and principal analyst at J. Gold Associates. “Apple is often trying to present [its] own proposed industry standards for wide adoption, but is generally not an early adopter of true multi-vendor industry standards.

To read this article in full, please click here

Read more