Have you noticed consumer and business sites including mobile applications requiring multiple steps to verify who you are? Perhaps you’ve set-up a multi-step verification method to access your bank or Google email account? This security measure is growing in popularity as most data breaches today begin with a set of compromised credentials. From financial institutions to online stores to social media sites, many businesses are now requiring multiple factors of verification to ensure a user is who they say they are, reducing the chances of a cybercriminal successfully gaining access to their networks.
Today, your applications and files are no longer all contained within your four walls. With staff accessing your company's data and apps from multiple locations and on multiple devices, you need to know who is knocking at the door before you let them in. Your business might require complex passwords, but in reality, your staff is most likely using the same passwords across personal and business accounts, and the cybercriminals know it.
Every year, Cyber Monday brings us incredible deals and discounts; however, it's also the time of year when cybercriminals increase their efforts to steal our money and confidential information. To stay safe while shopping online, keep the following cybersafety tips in mind.
Microsoft recently announced a pair of Windows 10 Remote Code Execution vulnerabilities, CVE-2019-1181 and CVE-2019-1182. These vulnerabilities allow cybercriminals to obtain remote control of a computer over a network connection. Microsoft discovered the vulnerabilities during routine testing of Windows 10, which allowed them to publish the required security updates and notify the public at the same time.
Cloud-Based Modern Desktop
Many organizational networks are now cloud-based, allowing end users to connect from literally anywhere at any time, and with any device. Businesses who look towards enabling employees with a "Modern Desktop" environment typically want to meet these objectives:
- Empower staff through collaboration
- Enable business productivity without interruption
- Enhance security posture
Systems Engineering is paying special attention to a Cisco IOS XE Software Web UI Command Injection Vulnerability that was announced earlier this week. Also known as "ThrangryCat Vulnerability," it is serious enough to get the attention of the press. As quoted on ZDNet, "This vulnerability allows hackers to plant persistent "backdoors" on Cisco gear, even over the Internet, with no physical access to vulnerable devices."
Five years ago, I wrote a blog post that summarized the risks of unmanaged data within IT environments. As a specialist working with Systems Engineering's FileProtect (cloud backup service), I’ve only seen this problem compound. The problem lies in the fact that the majority of businesses haven’t taken on the challenge of cleaning out their proverbial digital junk drawers.
The 2018 Human Factor report by Proofpoint states that as many as 95% of web-based attacks now incorporate social engineering, or human error factor. So, with that simple fact, how can your organization prevent its employees from releasing confidential and critical information?
At Systems Engineering team, we are very conscious about practicing good IT security measures. As such, it's important to remember that protecting confidential data spans from desktops, to the cloud, to mobile devices, and more.
As data moves to the cloud and becomes accessible from anywhere, it’s more important than ever to ensure that both corporate and personal devices being used to access data and services are secure. There are many options for addressing these security concerns, but choosing the right tools and configurations can quickly become complex. Considering what to do about devices like laptops, tablets and smartphones while in the office, at home, and while traveling can become overwhelming or cumbersome. Some organizations may find a secure one-size-fits-all solution, but many will want, or need, a little more flexibility.