Showing posts with label security. Show all posts
Showing posts with label security. Show all posts

Friday, 27 September 2013

How to secure your wireless network


By 


When setting up a wireless network for your business, it can be tempting to leave some security functions switched off. People rather get work done, than spend time on preventing events that may never occur. However, when they do, the consequences can be serious. Bearing this in mind, all businesses have to make sure that their networks are secure.

It is important to remember, that you can’t keep your wireless network within your premises. Anyone within range of an unsecured network may gain access. This means that not only can outsiders use your internet for free, but they can potentially intercept your passwords, financial information and customer records, leaving you vulnerable to a serious breach.


TechRadar.com suggests three ways of making your wireless secure:

Use encryption

Encryption is possibly the most important measure you can take to secure your network. Most likely all routers and wireless devices offer some form of encryption these days. Encrypting a network involves creating a password that is hard to break. Note that, not all forms of encryption are perfectly secure though. For instance WEP, the most basic and oldest form of wireless encryption is no longer considered secure, as hackers can crack it within minutes. WPA and WPA2 on the other hand are much more secure, as they were developed to overcome all weaknesses of their predecessor. 



Securing your WiFi network by Google

Use a firewall

Hardware firewalls provide the first line of defense against attacks coming from outside of the network. Most routers have firewalls built into them, which check data coming in and out and block any suspicious activity.
Most firewalls use packet filtering, which checks the header of a packet to figure out its source and destination addresses. This information is compared to a set of predefined and/or user-created rules that govern whether the packet is legitimate or not.

Software firewalls usually run on the endpoint desktop or laptop, with the advantage of providing a better idea about the traffic that’s passing through the device. 
Get your router settings right

  • Change the router's access name and password
  • Change the default network ID
  • Stop your router broadcasting its network ID
  • Enable MAC authentication for your users
  • Create a separate wireless network for your customers

For more information on how to make your wireless network secure, read the full article on TechRadar.com

About the Author:        
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Wednesday, 18 September 2013

MiiPC - the child-friendly computer


By 


IT security in business is essential, but it’s probably even more important when it comes to home computers, used by your children. The internet offers an unlimited range of images, videos and sites highly unsuitable for kids. However, it is impossible to continuously look over their shoulders. So what’s the solution? It’s MiiPC. 


MiiPC is an Android-based computer, developed to improve parental control without excessively limiting your kids’ browsing habits. It was designed to keep everything simple to parent and child alike. MiiPC is powered by a 1.2GHz processor, got 4GB of storage and runs on Android 4.2. It works with any screen, keyboard or mouse. But the best part is that this mini PC comes equipped with its own app monitoring service available in the AppStore. With this service, not only will you be able to remotely control access to applications, but you’ll also be able to view browser history and app use.  



Creator of MiiPC Young Song believes “most solutions for software blocks are too restrictive.” He explains blocking might be ideal for parents, but the most important thing is to have the remote, real-time control. A way to monitor is more useful, than outright blocking. Especially because blocking won’t result in long-term success, your kids will just go to the neighbours and play there. However, if you have the data to support your argument, your kids will be easier to convince to spend less time playing and surfing the web during homework time. 

About the Author:       
Sarah writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself. Sarah has 11 years of experience in the IT industry. 

Thursday, 12 September 2013

Touch ID - security concerns and flaws


By 


Apple’s Keynote on Tuesday did not bring too many surprises. Although, the company did not reveal as many new products as expected, the most important ones, such as the iOS7 and two new iPhones, got a fair share of stage time. While most people are admiring the new colours, the slightly changed looks or the simplicity of iOS7, IT pros and tech fans are concerned about mobile security issues brought by the Touch ID.

What it is

Touch ID is the name of Apple’s new pride, a fingerprint sensor in the iPhone 5S’ home button, that unlocks the device through biometrics.  Although, the Motorola Atrix had a fingerprint scanner two years before the new iPhone, ‘innovations’ sound more exciting to many, when presented by Apple. But let’s put trends and the craze aside, and see the potential flaws and risks of the revamped home button.



Concerns and flaws

According to the Cupertino-based firm, Touch ID will store the encrypted fingerprint data on the device’s A7 ARM chip and it won’t be sent to iCloud or any of Apple’s servers. Moreover, the company also reiterated that third-party applications won’t be able to make use of the fingerprint scanner, for now. But what will happen when the day comes? What will happen when apps can somehow access the encrypted data? If Touch ID could be extracted by an exploit, you'd be facing a much bigger problem, than a simple breach. Your fingerprint would be given away, instead of your password. And let’s be honest, passwords are easier to change than fingerprints. But that's not all, as fingerprints are not only used to your new iPhone. Think of biometric passports, or entering facilities where fingerprint authentication is required.

Besides the aforementioned potential security issues, future users of the iPhone 5S may encounter further annoying flaws, such as the strictness of the fingerprint sensor. Imagine you have just moisturised your hands or scarred your finger in a kitchen accident and suddenly you are unable to access your phone. Although, the four digit passcode and password options will remain available, it surely is frustrating not to be able to use one of the top features of your new handset. 

Many will have a go at it

Until the smartphone is officially out, we can only speculate about how Touch ID will perform in everyday life, but one thing is certain: many of us will try to fool it, one way or another. However, the more concerning fact is that so will hackers. 

About the Author:       
Peter writes for Firebrand Training on a number of IT related topics. This includes exams, training, certification trends, project management, certification, careers advice and the industry itself.

Friday, 31 August 2012

Webinar: How to reduce cost of network security by 30-70%


Sapphire Logo

Sapphire and Altimate are hosting a webinar to demonstrate the increased security, productivity and cost savings that an organisation could achieve by installing Stonesoft network security.

Stonesoft Mass Security is a range of network security products that offer:

    STONESOFT Network Security
  • Multiple security functions
  • Comprehensive, centralised and easy to operate administration
Stonesoft solutions are said to reduce network operation expenses and total costs from 30% to 70%.

  • Lowest total cost of ownership on the market with Stonesoft
  • Administration cost savings
  • Save up to 50% on appliances with our competitor trade-in scheme
The webinar will be taking place on Monday 24 September and offers a unique insight into how Stonesoft operates within an organisation

For more information, follow this link:
To register for the event, follow this link:
http://www.sapphire.net/event_register.html?event_id=312



Tuesday, 14 August 2012

Four ways cloud will change business and IT

The cloud system saw a lot of attention at the Global Summit on ICT in London this year with many talks on how it will change business and the IT world. Autonomy one of the leading specialist on cloud computing and well known for its 50 petabyte (1 million gigabytes) private cloud, had its founder Mike Lynch hold a conference in which he had much to say on cloud computing. Here is a summary of his four key points:

Power and control over IT
Power has shifted from the IT department to the business personnel due to the cloud giving anyone the ability to access or buy services.

Security
Despite many saying that cloud security is not a major issue, in terms of PR, it can be serious. Private information can get out.

Ownership of data
One of the key resources in cloud computing is owning data. Data is what will make money and is an important asset to any company. Customer data and many other kinds of information are being constantly looked for by large enterprises that are willing to pay a lot to get a hold of it.

Price of infrastructure
http://www.autonomy.com/Infrastructure price is very likely to go down due to the drastic increase of company buying power. In the past, companies would have to buy large and powerful servers, but cloud technology doesn’t need these servers. Cloud can actually run on a group of smaller and cheaper servers, this means that if a company like Flickr buys a big amount of servers, vendors cannot afford to lose an order of that size therefore not being able to set the price.

For more information on Autonomy, click here.

How else do you think the cloud will change the business and IT world?

Friday, 3 August 2012

$2.5 billion taken from world banks: OPERATION HIGH ROLLER


McAfee

In a recent report by McAfee and Guardian Analytics, it was found that a highly sophisticated and reoccurring cyber-attack has taken as much as $2.5 billion from bank accounts around Colombia, Europe and the U.S.A.


The report states that the organized criminal who deal with the malware have attempted to take $78 million  from accounts at 60 or more institutions, but it is stated that the total attempted fraud could go up to $2.5 billion if all were as successful as those discovered in the Netherlands.
It was named "Operation High Roller” and is formed by combination of a large understanding of banking transaction systems (highly possible from an insider) with a malicious code. The code requires no human interaction. 60 servers were found processing thousands of attempted thefts from high-value commercial accounts which included  large global banks, very rich individuals and credit unions.
The malware finds a victim automatically by searching for the highest value accounts and then transfers money to a prepaid debit card which is quickly emptied anonymously. It does this by altering the target's bank statement to conceal the theft. 
Reuters stated that “The new software allows the criminal to siphon money out at all hours, potentially increasing the number of hacked accounts and the speed with which they are drained.” It is said to be an advanced version of two existing malicious software, known as SpyEye and Zeus.

Tuesday, 17 July 2012

Intelligence Chief explains “astonishing” levels of cyber-attacks


A news article on BBC has reported that MI5 is battling "astonishing" levels of cyber-attacks on UK industry. The intelligence agency's chief, Jonathan Evans, has warned internet "vulnerabilities" were being exploited by criminals as well as states.

"Vulnerabilities in the internet are being exploited aggressively not just by criminals but also by states," he said. "The extent of what is going on is astonishing."

"This is a threat to the integrity, confidentiality and availability of government information but also to business and to academic institutions," Mr Evans said.

"What is at stake is not just our government secrets but also the safety and security of our infrastructure, the intellectual property that underpins our future prosperity and... commercially sensitive information."

"We appear to be moving from a period of a deep and focused threat to one where the threat is less monolithic but wider," he said.

He also said greater collection of communications data will be allowed from social networks to tackle crimes, including terrorism.

"It would be extraordinary and self-defeating if terrorists and criminals were able to adopt new technologies... while the law enforcement and security agencies were not permitted to keep pace with those same technological changes," he said.

The last few months have seen high profile hack attempts, including the Flame Virus and 1.5 million password leaks by LinkedIn.

Security skills are in-demand and much needed. To view security courses offered by Firebrand, visit: http://www.firebrandtraining.co.uk/courses/security


Monday, 30 April 2012

Security to be worth $18 billion by 2016


A report by Infonetics Research has forecasted that Managed Security services are expected to reach $18 billion by 2016. The report highlights that Global cloud and CPE managed security service revenue grew 12% in 2011, to $11.7 billion.


“Companies have to worry about desktops, laptops, servers, smartphones, tablets, kiosks, iPods, set-top boxes, and any other device that can connect to the Internet. The highly distributed nature of Internet-connected devices and the diversity of those devices drives many companies to look at managed services (cloud-based services in particular) to provide consistent protection regardless of device type, location, operating system, or browser.” notes Jeff Wilson, principal analyst for security at Infonetics Research.

For all the security courses offered: http://www.firebrandtraining.co.uk/courses/security

Thursday, 26 April 2012

Companies to spend 14% more on IT security


Information Shield, in its 2011 Information Security and Data Privacy Staffing Survey, which polled 190 organisations in 34 countries, reveals that IT security staffing budgets are expected to rise by 14%.

RSA chief Arthur Coviello stated that, “never have the attacks been as targeted, with the aim of breaching one organisation as a stepping stone to breaching others.” Cyber-attacks have reached scary levels of sophistication, and the demand for ethical hackers and other ‘cyber ninjas’ has been on the rise.

Friday, 13 January 2012

5 Easy Steps to Make a Hacker’s Life Difficult

Following are five steps which will help in preventing security breaches. While no one can guarantee preventing breaches, these steps will help make life difficult for hackers:

1. Optimised Passwords – We wrote a blog about poor passwords a while ago. There was a time when the password “password” used to be a fail-safe way of deceiving hackers. Although most people now know how poor the password “password” is, there are still quite a few who would use some equally obvious choices of passwords. For instance, using your name, and your date of birth – such information is now easily accessible via social media. 

Don’t use passwords which can easily be guessed. Mix characters in the words. For example, use exclamation mark instead of the number 1, ampersand sign for number 8 etc.

Another problem with passwords is that people tend to become lax after making one. Even if your password is difficult to crack, it is good practice to keep changing it every now and then. People who do not change passwords and use the same on multiple sites are more likely to suffer a breach.

2. Efficient Anti-virus, and rightly set Firewall – These are one of the most basic things which are wrong in a user’s operating system – if you don’t have anti-virus software running in your environment, you’re in trouble. A completely up-to-date anti malware, anti-virus software needs to be up and running constantly. Where possible, deploy a hardware firewall and ensure that it isn’t allowing unnecessary traffic to penetrate your systems.

3. Patching Machines – Operating Systems and other software companies release patches and updates to the software. While some updates add new features, others improve the security flaws that may have existed beforehand. Therefore, it is important to keep the latest versions in check.

4. Securing Data – Do you carry your sensitive data in a USB around with you? If so, watch out. Unprotected data is a big deal. A lost USB, Hard-disk, Laptop or iPod can land you and your organisation in a messy situation. Encrypt everything portable.

5. Protect Your Wi-Fi – Despite the known vulnerabilities in open Wi-Fi Networks, some still keep it open and insecure. Some people use Wired Equivalent Privacy (WEP), but it has been shown that WEP can be broken into in as little as four seconds. It is recommended to use at least WPA as a bare minimum. WPA2 is a better alternative. WPA2 is a modern wireless security standard that is supported by most modern operating systems, and is a lot more difficult to break into than WEP or WPA2.