OneLogin and Password Managers

An interesting incident this last week brings password managers back to the front of the pile—

OneLogin, an online service that lets users manage logins to sites and apps from a single platform, says it has suffered a security breach in which customer data was compromised, including the ability to decrypt encrypted data. —Krebs on Security

I used to use LastPass, but moved off of their product/service when LogMeIn bought them—my previous encounters with LogMeIn have all been negative, and I have no intention of using their service again in any form. During that move, I decided it was important to make another decision about the tradeoff between an online (cloud based) password manager, or one that keeps information in a local file. The key problem with cloud based services of this kind are they paint a huge target onto your passwords. The counter argument is that such cloud based services are more likely to protect your passwords than you are, because they focus their time and energy on doing so.

First lesson: moving to a cloud based application does not mean moving to a situation where the cloud provider actually knows what you are storing, nor how to access Continue reading

HPE Looks Ahead To Composable Infrastructure, Persistent Memory

Over the past several years, the server market has been roiled by the rise of cloud computing that run the applications created by companies and by services offered by hyperscalers that augment or replace such applications. This is a tougher and lumpier market, to be sure.

The top tier cloud providers like Amazon, Microsoft, and Google not only have become key drivers in server sales but also have turned to original design manufacturers (ODMs) from Taiwan and China for lower cost systems to help populate their massive datacenters. Overall, global server shipments have slowed, and top-tier OEMs are working to

HPE Looks Ahead To Composable Infrastructure, Persistent Memory was written by Jeffrey Burt at The Next Platform.

Researchers find gaps in IoT security

Researchers from the University of Michigan and Stony Brook University published a paper explaining a novel approach to IoT security challenges (pdf). The researchers pose the question:  “What are the new intellectual challenges in the science of security when we talk about the Internet of Things, and what problems can we solve using currently known security techniques?” This research approach is very accessible because it uses existing categories and concepts by comparing security methods developed for smartphones, PCs and the cloud to identify the gaps and challenges to IoT security. The IoT stack is defined with the familiar layers:To read this article in full or to leave a comment, please click here

Researchers find gaps in IoT security

Researchers from the University of Michigan and Stony Brook University published a paper explaining a novel approach to IoT security challenges (pdf). The researchers pose the question:  “What are the new intellectual challenges in the science of security when we talk about the Internet of Things, and what problems can we solve using currently known security techniques?” This research approach is very accessible because it uses existing categories and concepts by comparing security methods developed for smartphones, PCs and the cloud to identify the gaps and challenges to IoT security. The IoT stack is defined with the familiar layers:To read this article in full or to leave a comment, please click here

IDG Contributor Network: The rise of SD-WAN: what does it mean for your company?

It’s hard to come by any enterprise that operates offline these days. Enterprise connectivity is now central to any digital workplace strategy. A tech-savvy workforce also demands robust, stable, and fast infrastructure that would enable them to be at their most productive. However, keeping pace with all the changes technology can be a real challenge for enterprises.Workplaces are also increasingly becoming collaborative. Projects are now utilizing remote teams where members can be geographically distributed all over the world. As such, the infrastructure must be able to accommodate remote access not just but cross-border as well. Mobile enterprise is also on the rise.To read this article in full or to leave a comment, please click here

Open Networking for Large-Scale Networks

Shawn Zandi and I recently recorded a new webinar for Ivan over at ipspace.net around open source and disaggregated networking. If you have ever wanted to find out about these topics, this webinar is a great place to start in understanding what options are available, and how easy/hard it is to get this kind of thing running.

The webinar is available here.

The post Open Networking for Large-Scale Networks appeared first on rule 11 reader.

IDG Contributor Network: Learn What NIST’s Cybersecurity Framework Can Do For You

The meteoric rise of cybercrime has caught many organizations unawares. Malware has spread from PCs to smartphones, phishing scams have grown more sophisticated, and ransomware is running rampant.You can hire hackers and botnets, or buy cybercrime software, complete with technical support, all too easily. The rapidly expanding Internet of Things is woefully insecure, creating many more access points that can be exploited by hackers.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Learn What NIST’s Cybersecurity Framework Can Do For You

The meteoric rise of cybercrime has caught many organizations unawares. Malware has spread from PCs to smartphones, phishing scams have grown more sophisticated, and ransomware is running rampant.You can hire hackers and botnets, or buy cybercrime software, complete with technical support, all too easily. The rapidly expanding Internet of Things is woefully insecure, creating many more access points that can be exploited by hackers.To read this article in full or to leave a comment, please click here

Worth Reading: WannaCry and Vulnerabilities

All software contains bugs or errors in the code. Some of these bugs have security implications, granting an attacker unauthorized access to or control of a computer. These vulnerabilities are rampant in the software we all use. A piece of software as large and complex as Microsoft Windows will contain hundreds of them, maybe more. These vulnerabilities have obvious criminal uses that can be neutralized if patched. Modern software is patched all the time — either on a fixed schedule, such as once a month with Microsoft, or whenever required, as with the Chrome browser. —Schneier on Security

The post Worth Reading: WannaCry and Vulnerabilities appeared first on rule 11 reader.

IDG Contributor Network: Sumo Logic wants to make machine data analysis available to companies of all sizes

Kalyan Ramanathan, VP of Product Marketing for Sumo Logic, dropped by to discuss the company's machine data analytics platform and a new pricing/licensing model for large enterprises that the company is calling "Cloud Flex."Ramanathan stressed that Sumo Logic understands that all operational and machine data cannot be treated the same. Some data is highly important while other data is of less importance. Some must be watched over the long term and other data has a very short life expectancy. Some data must be accessible at high speed and with low levels of latency while other data can be accessed at slower speeds.Unified Machine Data Analytics The challenges all organizations face is that their IT infrastructure is increasingly complex and has many moving parts. Each of these parts is generating large amounts of operational and machine data. Analysis of this data can be very challenging because it is stored in many places and kept in many different formats. Sumo Logic's idea is to unify both the storage and to provide equal access to make predictive analysis much easier.To read this article in full or to leave a comment, please click here

Experts: The future of IoT will be fascinating and also potentially catastrophic

The Internet of Things is going to be inescapable, pervasive, and riddled with insecurity, but it’s at least going to be interesting, according to a raft of prominent technologists surveyed by the Pew Research Center.Unsurprisingly, IoT security was the name of the game, the experts agreed, but it’s the effect of the present insecurity in IoT and the possible future effects that have them fascinated. The security breaches that have happened already were clearly on the minds of the respondents. Not only has IoT contributed to general online chaos via the Mirai botnet and other incidents, the trend of integrating connected devices ever more deeply into vital infrastructure reveals the potential for even more destructive attacks.To read this article in full or to leave a comment, please click here

1 1,983 1,984 1,985 1,986 1,987 3,794