An important step for authentication security
With the launch of Windows 10 on July 29 comes a higher level of protection and convenience: the integration of FIDO U2F security keys.
This is big news for endpoint security. Soon, you'll be able to use a HyperFIDO™ U2F Security Key in order to safely and easily log in with Windows 10 sign on, Azure Active Directory and a large number of SaaS services ( Microsoft lists 2,493 applications) including Office 365, Exchange Online, Salesforce, Citrix, Box and many more. Why is this such an important step for authentication security?
Why you should demand better security from your bank
Is online banking really safe? Is my bank account vulnerable? How safe is my money? Has my bank been hacked already? What happens if my bank is hacked? One of these thoughts must've crossed your mind in the last few years. They're a natural reaction when we see data breaches happening to our governments, financial institutions, businesses, top organizations and so much more. But even so, are we getting the whole picture?
Strengthening your security defense and offence
It seems we're bombarded daily with news about identity theft, online banking fraud, data breaches, hacks, and much more, all showing us that anyone can be a target: big business, governments, health care facilities, mom and pop stores-even our own personal accounts. What you may not know, though, is that everyone's often using the same protection: a static password. Static passwords offer extremely limited protection since the average hacker can crack them in a matter of minutes . Even more alarming is that some of us are still using the top 25 most common passwords or the same password for multiple accounts.
So why are we still using vulnerable static passwords when there are so many security options to protect our accounts?
Past, Present and Future
We all want things to be faster, easier, and more convenient. We want less worry and extra free time to do the things we enjoy. This is what connecting common household items like fridges and watches can offer for us. They're simpler to operate and ease our everyday stresses by automating tasks. But at what cost? What are the security risks and the potential disasters lurking within these shiny new products?
Why should you care?
The media is erupting with more and more stories of “hacks”, “data breaches”, and “cyber-attacks.” Governments are mandating corporations to disclose these breaches and inform those affected.
What you might be wondering is, why should you care about yet another data breach among the multitude of attacks we are constantly hearing about? The answer is simple: it affects you. Sometimes directly, sometimes indirectly, and sometimes it is just a really big warning sign letting you know you should be taking precautions.
You have too many passwords to remember, but is the solution worse than the problem?
We all know about it. I sign in to a service and they ask me to set some ridiculous password. Needs to be 8 or 10 digits. Needs to have characters, numbers, letters, uppercase, lower case—oh yeah, and it should be unique only to that site. Well, hate to break to the news to all those sites, but that’s pretty complicated. How can anyone remember all of that? It’s pretty impossible. And the best part is the next time I go to sign in, I forgot that super complicated password, so I have to reset it again, and it says, “Please set a different password, this was used in the past.” Wonderful, so now I set a new password that will surely be forgotten in 10 minutes.
Wearables like smart watches might be a growing trend, but are they just an open door for hackers?
New technology is exciting and wearables are no different. Wearables are smart devices that can be worn, and which are connect to a main device such as a computer or a smart phone. These wearables mainly collect data and output it to the main device, but as their technology advances, more and more wearables are becoming vulnerable access points. With these new and improved versions launching into the market, consumers are grabbing them up to improve their lives—but at what cost?
Know Your Enemy
In Part 1 of Best Practices for Data Security we touched on the basics; in Part 2, we got a firm hold of the risks associated with laptop use in the work place. Here in Part 3, we're going to take a look at some common areas of attack. By knowing what hackers are capable of, we can begin to prepare ourselves for those kinds of threats.
How to Keep Up with the Hackers
With more people becoming aware of email phishing scams, old-school phone scams (vishing) are gaining momentum. These scams are getting better as technology increases: you can now receive calls from scammers that seem completely legitimate. They may even be able to verify certain information with you, such as your birthdate and address with just a few minutes spent on Google. So how can we protect ourselves from scammers that have our data and seem genuine? How can we use our new technology to prevent the oldest hacks in the book?
Suggestions for WorkPlace Laptops
In Best Practices for Data Security: Part 1 I discussed some basic tips, with this post I will look deeper into Workplace laptops. Using laptops at work can pose a certain amount of risk: they're easier to steal than a desktop computer, and if accessing the internet via Wi-Fi, that poses a potential threat, as well. When a laptop leaves the office, it places the company at an even greater risk. Employees tend to store large amounts of sensitive data on their company-issued laptops, which—combined with weak security policies, weak authentication methods, and personal use of the computer—makes them an easy target for hackers.