Inside the Perimeter

razor-wireAh, the good old days, when perimeter defenses and endpoint security software was all you needed to keep your network secure.  Was it ever really that simple? Probably not, but many business owners and IT professionals are still hoping that keeping the firewall and antivirus updated is enough.

Over 90% of exploits start as an email in somebody’s inbox.  According to NSS Labs, 97% of all breaches are enabled by ...

Continue Reading →
0

Adaptive Authentication To The Rescue

password1Keith Graham of SecureAuth was recently interviewed for a recent article on TechRepublic, and the subject of adaptive authentication came up.  He defined adaptive authentication this way:

“Adaptive authentication involves evaluating risk around the login process before the user even authenticates so that the system only steps up, or outright denies, the authentication when it deems a logon as a risk. Hence, it ...

Continue Reading →
0

Worst Passwords of 2015

bad-pwdHere are the 25 most commonly used passwords for 2014.  If your password is on this list, please understand that these passwords are among the first tried when automated password cracking software is used by a cyber-criminal.  So if yours is here, change it now.

Passwords are becoming problematic for several reasons.  The first, IMHO, is the use of email addresses as the user ID ...

Continue Reading →
0

Password Tips for 2016

password1Passwords – Is mine strong enough?  How do I know?  Every time I write a password article I feel as if this subject has already been done to death by me and others.  But I always get more positive feedback on this subject than others I consider more interesting, so we offer the following suggestions:

  • Use different passwords for personal and work systems.  That way ...
Continue Reading →
0

Facebook Offers Two-Factor Authentication

facebookFacebook has joined the crowd of major web services that allow you to set up two-factor authentication (2FA or TFA).  I just finished setting it up on my account, and I was please to see that it works with Google Authenticator.  According to the instructions, it will also work with the Facebook smartphone app for Android or iPhone.  Tech Republic has a great step by step tutorial, so I won’t ...

Continue Reading →
0

Business Cybersecurity Resolutions

newyear2016As we approach the new year it is traditional to make our New Year’s Resolutions.  Unfortunately, most resolutions are made but not kept, so I am a little reluctant to offer these ideas for improving your cybersecurity in the coming year.  But if you have not climbed on the cybersecurity bandwagon yet, you are definitely overdue. Pick a few of these ideas to implement in your business.

 

Here they are:

  • Stay informed about the ...
Continue Reading →
0

Amazons Offers Two-Factor Authentication

Amazon-LogoOne of the security practices that I am always looking for is two-factor or multi-factor authentication.  This is when you need a user name, a password, and a special code or device to provide the second authentication factor.

I have been using Google Authenticator with my extensive set Google accounts and with the password manager LastPass.  I was happy to learn that I can finally ...

Continue Reading →
0

Alert: WPEngine User Credentials Breached

WordPresslogoJust received an email from WordFence, the WordPress security plugin-developer, that popular WordPress hosting company WPEngine had a breach that may have included customer user name and password information.  The full text of the email I received follows.

“We learned about an hour ago that there has been a data breach at WPEngine. Some of their customer login credentials have been exposed. If ...

Continue Reading →
0

Facebook Hardens Authentication

facebookFacebook recently announced an improvement to it’s logon system.  Login security seems to be taking a position from and center lately.  Wednesday we wrote about Yahoo’s new authentication system, and today we will move on to Facebook’s Login Approvals.

Previously, Facebook users were able to get Login Notifications. When you entered your user name (usually your email address) and password from a new location, browser, or device, Facebook Notifications would send users an ...

Continue Reading →
0
Page 4 of 6 «...23456