Home / Archives For Security

Security

The Future Of ID: Secure Identities Will Move Beyond Smart Cards

Within the next five years, users will be carrying multiple secure identities on a single card or phone that can replace all previous mechanical keys and dedicated one-time password (OTP) hardware for physical and logical access control. This card or device will be part of an access control ecosystem that provides a seamless user experience and can flexibly scale and adapt while delivering growing value to the organisation. The technologies for realising this vision already exist and are poised to change how we use secure identities for many applications. Any smart device – whether a traditional card or a device with wireless technology such as Bluetooth or NFC – now has the potential to become a trusted credential used for authenticating individuals. Advances in converged back-of-house te......

It’s Time To ‘Think Different’ With IT Security

Despite healthy investments in security products and staffing over the past 10 years, most CISOs are not confident that they can stop cyber thieves from compromising their networks and stealing data. This is the finding of a survey of over 1,600 IT security managers in the UK, US, and the DACH region (Germany, Austria & Switzerland). The situation is so dire that Gartner recently published a report entitled: “Malware Is Already Inside Your Organisation; Deal With It”. What is causing such a monumental failure? In large part, IT security managers are fighting the last war. The enterprise IT environment has grown in complexity over the past few years, and the IT security systems have not adjusted to the changes. Here is a summary: Identification of risks on your network is too slow: Most......

Advanced Threat Detection Is More Than A Moment In Time

The changing nature of the threat landscape, and the ever-growing sophistication of hackers, means that the way organisations protect themselves against advanced cyber-attacks must change too. Hackers are no longer focused on what was traditionally deemed to be their destination – the perimeter of the enterprise. They’re now focused on the journey itself, leveraging an array of attack vectors, taking endless form-factors, launching attacks over time, and cleverly hiding the leakage of data. The reason that many of them are successful, is that most security tools today focus on prevention only – controlling access, detecting, and blocking, all at the point of entry. Typically, incoming files will be scanned only once, at an initial point in time, to determine if they’re malicious. In order ......

De-Mystifying Regulation Roadblocks

It’s been a busy decade for data privacy. Incidents such as Edward Snowden, the computer analyst whistleblower who leaked top-secret NSA documents, have thrust the issues further in to the public’s consciousness. Before that, Private Manning made Julian Assange a household name after he was convicted of violations of the Espionage Act for leaking the largest ever set of classified documents to the public via WikiLeaks. Worldwide more than 575 million data records were lost or stolen in 2013, including over 1.6 million UK records. As a result, regulation exists that aims to combat instances of data loss, but it’s a minefield and has spawned a climate of confusion due to its disparate nature and lack of transparency. There is little understanding of what exactly is in place, the impact of br......

Risk Scoring: A Safer, More Efficient Approach To Border Control

Border management agencies are faced with a constant balancing act between security, convenience and cost. They need to decide whether to carry out checks on huge numbers of travellers, resulting in long delays and inconvenience or – if they scale down the checks – risk letting in travellers and cargo that are illegal or pose a threat. Attempts to categorise travellers are often ineffective and can be seen as discriminatory if they aren’t based on relevant facts. Accurately identifying factors linked to risk is difficult. Powerful tools are needed that can analyse data in real time to highlight security risks. This leaves border agencies and customs offices facing a difficult choice. Do they carry out comprehensive checks, incurring inevitable delays and inconvenience and driving up costs,......

How Automation Is Helping Reduce IT Downtime

‘Automation’ seems to be a hot topic currently – at the big industry events it crops up again and again. But how is it being used to help the world of business continuity? Automated backup is becoming the norm nowadays. Automating the backup process means that even if the person responsible is away on holiday or gets sidetracked by more urgent activities, a backup will still be taken reliably every night. A key step in continuity is reliability, and automation can help reduce human error and forgetfulness in the backup process. With backup being just a small part of business continuity and disaster recovery, how can automation be used to improve recovery success and reduce downtime? Assuming your backups are flawless thanks to automation, then surely the recovery process ......

Is Traditional Disaster Recovery Dead?

With the rise of the cloud presenting new opportunities to technology companies, traditional ways of doing things may well be a thing of the past. Take disaster recovery for example. From entirely unprotected IT systems that were prone to failure and downtime, we now have a society where the majority of companies have at least a backup solution. This means we can get data back if required but it may take a long time – and customers may see a knock on effect of a company’s IT systems being down. Move on to a world where backup is no longer enough, and IT availability is critical to a business. In come disaster recovery companies – some are specialists in recovering from backup in the event of a failure while more advanced options give a second set of systems, with synchronous data rep......

As Football Fever Heightens, 5 Top Tips To Stay Safe Online

On the back of such a successful World Cup, interest in club football is higher than ever. Sports fans across the globe will have gotten a taste for football fever and will be looking to stream all sorts of sites to get information about next month’s Premier League. While this seems harmless, you need to be mindful of the fact that hackers exploit your enthusiasm to explore new sites. There are hundreds of malicious websites disguised as legitimate ones that can hack into your system and trick you into revealing your account credentials, cause malware to become installed on your system, and even access your online accounts. To prevent you from becoming exposed to hacking and scams, here are five top tips to help you identify potentially malicious websites. 1. Does Anything Look Suspicious?......

Cavalier Attitudes To Mobile Security Is Putting Business Data At Risk

Despite the growing prominence of mobile device use – and the fact that mobile has the potential to be a highly secure platform – businesses and users appear to be cavalier in their attitude toward the application of mobile security in the workplace. New research shows that UK business data is currently at risk as a result of haphazard approaches to keeping mobile devices secure. Even though users may know that a specific mobile device might not be secure, and despite company security policies in place, many users are not adhering to policy. A high proportion of respondents admitted to losing their device they use for work up to three times in one year, and most are using the simplest form of protection – the PIN lock. The research also shows that business owners who have the most to lose ......

Why User Education On Security Needs To Start At The Top

Organisational security has long been the province of the IT manager or CIO. Their role is the management of systems, data and technology, and security is part of that management. But as businesses are becoming more data centric, and technology is permeating all levels, the scope of responsibility is changing. Whilst IT managers and CIOs are still providing the expertise, security can no longer be their responsibility alone. When the security of systems and data are fundamental to the business, they become fundamental to all those in senior management. Which is why we are starting to see C-level culpability in respect to security. The recent high profile security breach at Target, in which the US retailer admitted hackers had stolen 40 million debit and credit card numbers from its data ba......

Heartbleed And Society’s Addiction To Passwords

Internet security once again bubbled to the forefront of the news in the form of the now infamous Heartbleed, the latest internet security issue that rendered passwords and other confidential information vulnerable to the prying eyes of the malicious hacker. Already, law enforcement has started cracking down on hackers that have leveraged this security vulnerability with the prime example of the 19 year old computer science student being charged with swiping tax data on over 900 citizens. Internet security experts are urging consumers to change all of their internet passwords – so have you? Ask your friends if they’ve changed their passwords following the Heartbeed scare. Despite the seriousness of threats like Heartbleed, it seems that sometimes we just can’t be bothered to do anything ab......

Is There Such A Thing As Privacy Anymore?

“Not too long ago, theorists fretted that the Internet was a place where anonymity thrived. Now, it seems, it is the place where anonymity dies.” The words of James Joyner writing in the New York Times in 2011. His observations then, more than ever now, sum up the deep paradoxes at the heart of the information age. From the revelations of Edward Snowden, to the hugely significant decision of the European Court of Justice recently, which ruled in favour of an individual’s “right to be forgotten”, we are it seems constantly playing catch up in an attempt to understand and adapt to the changes technology is having upon our society. As we find our lives increasingly hardwired into the burgeoning array of internet enabled devices, what some commentators have taken to calling the Internet of Thi......

Skip to toolbar