security

Your Email is Out to Get Your Users – Part 1: How did this happen?

Part 1: How did this happen?

By Ron Temske, Vice President of Security Solutions, Logicalis US

Email is widely and increasingly used as an attack vector for malware. In fact, it has become one of the largest attack vectors and no organizational size is immune. Let’s look at the complexities of the challenge IT organizations face when it comes to email as an attack vector and some recommendations for mitigating this threat in your organization.

Read more

Higher Education Requires Complex Compliance with Data Security Regulations

By Adam Petrovsky, GovEd Practice Leader, Logicalis US

Data breach, identity theft, credit card fraud and malware are top-of-mind challenges facing our digital, connected world.  Cybersecurity analysis, threat and identity management, intrusion prevention, and determining encryption standards are challenging topics – making security frameworks more complex and constantly changing.  For Higher Education organizations, these data security problems are magnified due to state and federal regulations.

Read more

Enterprise Security Blog: Ransomware

By Ron Temske, Vice President of Security Solutions, Logicalis US

Recent large-scale ransomware attacks have placed a premium on information about ransomware and what you can do to best protect your organization. Please note – ransomware attacks continue to spread, even as this blog is published, so new information may expand on (or contradict) what’s noted below. This post is current as of May 15, 2017.

Read more

The Importance of Multi-Factor Authentication

By Ron Temske, Vice President of Security Solutions, Logicalis US

In this article, I want to talk about the importance of Multi-Factor Authentication (MFA) when it comes to providing a comprehensive enterprise security strategy. I’ll provide a brief overview of the technology, discuss why it’s so important and then identify some solutions in this space.

First, the idea of authentication is one that most of us understand. Put simply it’s a method for validating that we are who we say we are. Almost all modern systems provide access based on an authenticated user identity, so getting that correct is critically important, and getting it wrong can mean providing someone with bad intentions access to your privileged systems.

The challenge is that authentication that is simply based on a password alone can be easily compromised. Even if you skip the more common errors, such as simple to guess passwords, writing them on sticky notes, using the same password on multiple accounts, and other poor password and password handling choices, there are many tools that can crack most passwords in a short amount of time. End users often end up changing their passwords, sometimes making them simpler and easier to crack again.

Multi-Factor Authentication is a good method for solving this dilemma. The idea is simple – combine something you know (the password) with something you are or something you possess. The latter can be some type of token, either a physical card or hardware device, or an application running on your mobile device or received as a SMS, something you are may be some type of biometric factor, like a fingerprint or retina scan. Most of your end-users have already used multi-factor authentication whether they realize it or not. When they use their ATM cards to obtain cash, for example. The card is what they possess and the pin is what they know. Without both tightly coupled authenticators they cannot withdraw cash.

MFA is a good idea for all users, but it is also a mandated step by various security standards such as PCI-DSS. According to the Cloud Security Alliance nearly 22 percent of those who reported a breach said it was caused by compromised credentials. This means that a simple, and affordable authentication solution could protect against nearly one-quarter of all security breaches.

Additionally, we there are managed services built around these solutions where a security provider can either manage your new or existing environment, or provide a security-as-a-service solution. Whatever option you choose, an MFA solution is the right choice.

 

Learn More

Read a two-part article exploring what an umbrella approach to security can look like in your enterprise – Part One: Potential DNS Vulnerabilities (http://ow.ly/Gd7Q307SBUE) and Part Two: A Secure DNS (http://ow.ly/kSuT307SCnY). Then, download an infographic displaying the benefits of Taking an Umbrella Approach to Security and one displaying the benefits of Transforming Internet Security with Big Data.

Taking a Threat-Centric Approach to Security

By Ron Temske, Vice President of Security Solutions, Logicalis US

In an earlier article, Back to Basics: Risk-Centric Security Strategy  we discussed a Risk-Centric approach to enterprise security. Briefly, a Risk-Centric Approach to Security is very process-oriented. We discussed the steps used in identifying assets to protect and the level of risk assigned to these assets. Today, I want to take a look at a Threat-Centric Approach to Security.

Read more

Page 1 of 1712345...10...Last »