Forrester Research recently released its report naming Sungard AS, Bluelock, IBM and iland as the top disaster recovery-as-a-service companies.With enterprises expecting their network up at all times, backup and recovery are key to keeping things running smoothly with no downtime. With ransomware waiting to pounce the minute a user clicks on a link, companies rely on network recovery in a matter of minutes not days.To read this article in full or to leave a comment, please click here
A recently released draft of the National Institute of Standards and Technology’s (NIST's) digital identity guidelines has met with approval by vendors. The draft guidelines revise password security recommendations and altering many of the standards and best practices security professionals use when forming policies for their companies.The new framework recommends, among other things:
Remove periodic password change requirements
There have been multiple studies that have shown requiring frequent password changes to actually be counterproductive to good password security, said Mike Wilson, founder of PasswordPing. NIST said this guideline was suggested because passwords should be changed when a user wants to change it or if there is indication of breach.To read this article in full or to leave a comment, please click here
A recently released draft of the National Institute of Standards and Technology’s (NIST's) digital identity guidelines has met with approval by vendors. The draft guidelines revise password security recommendations and altering many of the standards and best practices security professionals use when forming policies for their companies.The new framework recommends, among other things:
Remove periodic password change requirements
There have been multiple studies that have shown requiring frequent password changes to actually be counterproductive to good password security, said Mike Wilson, founder of PasswordPing. NIST said this guideline was suggested because passwords should be changed when a user wants to change it or if there is indication of breach.To read this article in full or to leave a comment, please click here
Security, trust and data integrityImage by ThinkstockThe emergence of IoT is altering our personal technology security paradigm and is a game-changer in customer/business interaction, in part due to the wide scope of available data and sheer number of devices collecting this data. McKinsey & Company estimates the IoT ecosystem will generate $6 trillion in value by 2025. Successful IoT offerings rely on the perception of benefit they can deliver to businesses and consumers while creating a proportionate foundation of security, trust, and data integrity. There are important ways that IoT technology can reduce data security risk while improving customer experience in a connected world.To read this article in full or to leave a comment, please click here
Security, trust and data integrityImage by ThinkstockThe emergence of IoT is altering our personal technology security paradigm and is a game-changer in customer/business interaction, in part due to the wide scope of available data and sheer number of devices collecting this data. McKinsey & Company estimates the IoT ecosystem will generate $6 trillion in value by 2025. Successful IoT offerings rely on the perception of benefit they can deliver to businesses and consumers while creating a proportionate foundation of security, trust, and data integrity. There are important ways that IoT technology can reduce data security risk while improving customer experience in a connected world.To read this article in full or to leave a comment, please click here
Security, trust and data integrityImage by ThinkstockThe emergence of IoT is altering our personal technology security paradigm and is a game-changer in customer/business interaction, in part due to the wide scope of available data and sheer number of devices collecting this data. McKinsey & Company estimates the IoT ecosystem will generate $6 trillion in value by 2025. Successful IoT offerings rely on the perception of benefit they can deliver to businesses and consumers while creating a proportionate foundation of security, trust, and data integrity. There are important ways that IoT technology can reduce data security risk while improving customer experience in a connected world.To read this article in full or to leave a comment, please click here
The boss gets tipped off that an employee might be leaving the company and in so doing is trying to grab as many clients as possible to take with him to his new job. The company brings in computer forensic specialists to look through the employee’s actions online to find the evidence before confronting the employee.Alfred Demirjian, president and CEO of computer forensic company TechFusion, has seen that and many other scenarios in the 30 years he has been in the business--anything from an employee sabotaging a former company through hijacking an email account to misusing the internet on company time. Commercial software allows his company to dig deep into an employee’s social media postings and texts, or to track them by GPS if they have a company-owned smartphone.To read this article in full or to leave a comment, please click here
The boss gets tipped off that an employee might be leaving the company and in so doing is trying to grab as many clients as possible to take with him to his new job. The company brings in computer forensic specialists to look through the employee’s actions online to find the evidence before confronting the employee.Alfred Demirjian, president and CEO of computer forensic company TechFusion, has seen that and many other scenarios in the 30 years he has been in the business--anything from an employee sabotaging a former company through hijacking an email account to misusing the internet on company time. Commercial software allows his company to dig deep into an employee’s social media postings and texts, or to track them by GPS if they have a company-owned smartphone.To read this article in full or to leave a comment, please click here
New products of the weekImage by Aspect SoftwareOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.To read this article in full or to leave a comment, please click here
New products of the weekImage by Aspect SoftwareOur roundup of intriguing new products. Read how to submit an entry to Network World's products of the week slideshow.Browser Stored Password Discovery ToolImage by thycoticTo read this article in full or to leave a comment, please click here
Most businesses hire third-party providers to fill in when they lack in-house resources. It is often necessary to allow third-party vendors access to their network. But after Target’s network was breached a few years ago because of an HVAC vendor’s lack of security, the focus continues to be on how to allow third parties access to the network without creating a security hole.The use of third-party providers is widespread, as are breaches associated with them. Identity risk and lifestyle solution provider SecZetta claims that on average, 40 percent of the workforce make up third parties. A recent survey done by Soha Systems notes that 63 percent of all data breaches can be attributed to a third party. “The increased reliance on third-party employees, coupled with the growing sophistication of hackers, has led to the current identity and access management crisis that most businesses are faced with today — whether they realize it or not,” a SecZetta blog post stated. To read this article in full or to leave a comment, please click here
Most businesses hire third-party providers to fill in when they lack in-house resources. It is often necessary to allow third-party vendors access to their network. But after Target’s network was breached a few years ago because of an HVAC vendor’s lack of security, the focus continues to be on how to allow third parties access to the network without creating a security hole.The use of third-party providers is widespread, as are breaches associated with them. Identity risk and lifestyle solution provider SecZetta claims that on average, 40 percent of the workforce make up third parties. A recent survey done by Soha Systems notes that 63 percent of all data breaches can be attributed to a third party. “The increased reliance on third-party employees, coupled with the growing sophistication of hackers, has led to the current identity and access management crisis that most businesses are faced with today — whether they realize it or not,” a SecZetta blog post stated. To read this article in full or to leave a comment, please click here
TrackingImage by ThinkstockIt is easy to overlook identity access management as static infrastructure in the background, and that's the chief problem: Too few organizations treat IAM as the crucial, secure connective tissue between businesses' multiplying employees, contractors, apps, business partners and service providers. Aaron Perry, president at Focal Point Data Risk, runs through some of IAM’s pitfalls.To read this article in full or to leave a comment, please click here
TrackingImage by ThinkstockIt is easy to overlook identity access management as static infrastructure in the background, and that's the chief problem: Too few organizations treat IAM as the crucial, secure connective tissue between businesses' multiplying employees, contractors, apps, business partners and service providers. Aaron Perry, president at Focal Point Data Risk, runs through some of IAM’s pitfalls.To read this article in full or to leave a comment, please click here
TrackingImage by ThinkstockIt is easy to overlook identity access management as static infrastructure in the background, and that's the chief problem: Too few organizations treat IAM as the crucial, secure connective tissue between businesses' multiplying employees, contractors, apps, business partners and service providers. Aaron Perry, president at Focal Point Data Risk, runs through some of IAM’s pitfalls.To read this article in full or to leave a comment, please click here
Swing and a missImage by Victor GrigasMost businesses are ill prepared to handle a ransomware attack. In fact, according to a new study released by Carbonite, 68 percent of survey respondents believe their company is “very vulnerable” or “vulnerable” to a ransomware attack. Respondents stated that if their company didn’t pay ransom, it was because they had a full and accurate backup. Without backup, they have no other way to get their most valuable asset back.To read this article in full or to leave a comment, please click here
Swing and a missImage by Victor GrigasMost businesses are ill prepared to handle a ransomware attack. In fact, according to a new study released by Carbonite, 68 percent of survey respondents believe their company is “very vulnerable” or “vulnerable” to a ransomware attack. Respondents stated that if their company didn’t pay ransom, it was because they had a full and accurate backup. Without backup, they have no other way to get their most valuable asset back.To read this article in full or to leave a comment, please click here
Swing and a missImage by Victor GrigasMost businesses are ill prepared to handle a ransomware attack. In fact, according to a new study released by Carbonite, 68 percent of survey respondents believe their company is “very vulnerable” or “vulnerable” to a ransomware attack. Respondents stated that if their company didn’t pay ransom, it was because they had a full and accurate backup. Without backup, they have no other way to get their most valuable asset back.To read this article in full or to leave a comment, please click here
It is commonly referred to as information overload. An infosec professional throws out a wide net in hopes of stopping malware before it gets too deep into the network, but like a motion-sensor light, sometimes the alert catches a squirrel instead of a burglar.Rob Kerr, chief technology officer at Haystax Technology, cited the 2013 breach at Target, as an example in which thieves stole some 40 million Target credit cards by accessing data on point of sale (POS) systems. Target later revised that number to include theft of private data for 70 million customers.To read this article in full or to leave a comment, please click here
It is commonly referred to as information overload. An infosec professional throws out a wide net in hopes of stopping malware before it gets too deep into the network, but like a motion-sensor light, sometimes the alert catches a squirrel instead of a burglar.Rob Kerr, chief technology officer at Haystax Technology, cited the 2013 breach at Target, as an example in which thieves stole some 40 million Target credit cards by accessing data on point of sale (POS) systems. Target later revised that number to include theft of private data for 70 million customers.To read this article in full or to leave a comment, please click here
Ryan Francis