Business and Enterprise Security Concerns with Remote Users/Workers

In this new modern age remote users are be becoming more and more popular.  It now only takes a few short clicks and you can be logged into a system anywhere in the world. But with new access and convince for employees comes new access and accessibility for attackers.  Having remote users effectively increases the “attack radius” and probability of being attacked as employees, information, and devices are spread across the globe requiring an increase in security policies, training and reviews to ensure maximum protection against threats.

Full Article:

http://smallbusiness.yahoo.com/advisor/addressing-enterprise-security-concerns-remote-workers-193011960.html

The Cloud: Is it good or bad?

Is the Cloud good or is it bad? In order to answer this question we need to ask ourselves, what exactly is the cloud? What the cloud really is just a network of servers…or in other words, the internet. When you are at home surfing the internet you are on the cloud and the cloud can be used to do a great many things. You can play games on the cloud, watch movies, listen to music, and now everyone is starting to store personal data in the cloud, on the internet.

There are good and bad things about using the cloud. Some of the good things about the cloud are things like access to your personal or work files, even if you forget to bring them around with you. The game distribution program Steam has started using the cloud to sync video game save files so that if you are using more than one computer you still can pick up where you left off. I personally think that game saves are one of the best uses for the cloud so far, mostly because who is going to want to steal you game saves?

Some of the bad things about the cloud is that your files are simply on the internet, whether companies say they are secure or not and as one of the oldest sayings go “Once it is on the internet it is there forever.” Now this is not always the case, because if the files are being shared privately they can just be deleted, but if they get leaked into the public part of the internet they will likely stay there forever.

The article I read referred to the cloud as an “addiction” and I believe this is the right term to use considering all the companies suddenly trying to switch everything over to the cloud. The problem is what you gain from accessibility and reduced cost, you lose in security. This all depends on how each company works, but is also where the article states that the addiction of the cloud kicks in. “This is the slippery slope, data that might inadvertently go to the cloud or fall under the grip of the cloud addiction: ‘The last bit of data we sent to the cloud seems safe enough, so let’s move up the sensitivity pyramid and save even more money.’ “

In the end, there really is no full security on the internet, or the cloud, what could help with the security would be to encrypt any important files that a company puts on the cloud. This would ensure that even if some files were taken that at least they wont be easily accessed, if at all. Is the Cloud good or bad might not be the right question then. It ,instead, might be better to ask how far are you willing to go to protect your files and how much security are you willing to compromise for the sake of accessibility and cost.

Reference:

http://www.scmagazine.com/cloud-addiction-at-what-point-does-the-elastic-snap/article/317413/

Yahoo plans to pay “researchers” to find bugs

Yahoo is currently looking to start rewarding people who find and report bugs and vulnerabilities up to $15,000. This is primarily due to being heavily  criticized  for only paying someone $12.50 for finding and reporting a vulnerability.  Researchers who find a bug must  receive at least $150 for reporting it. Ramses Martinez, the director of Yahoo’s security team, has said that there was no formal process to reward people who reported vulnerabilities and that he would buy and send people t-shirts with his own money.

The article, from SC Magazine, states that he also began buying gift cards as well. Something like this could help the company a lot in security by providing incentives to actively search for bugs. Word about this could also redirect hacking efforts for the good of the company, rather than hacking it for personal information. I know that if I could get $15,000 for finding a big issue, I definitely would try.  What do you think?

Resource:

http://www.scmagazine.com/yahoos-new-bug-bounty-policy-rewards-researchers-up-to-15k-for-high-risk-discoveries/article/314596/

Still Feel Safe Online?

Do you feel safe while surfing the web? Well this article might make you rethink about your safety as you are asked to give away personal information online.

According to authorities a hacker from Pennsylvania has pleaded guilty to selling access to supercomputers for $50,000. He also sold access to RNKTel a telephone company as well as log-in credentials for a company called Tech of Texas and domain access to Domino’s Pizza. They said in the article that:

“According to court documents, the defendant bragged to FBI agents online that he had broken into the corporate servers of American Express, Yahoo, Google, Adobe, WordPress and other companies and universities.”

This was just one man, although he is a member of a group of hackers called Underground Intelligence Agency, and it makes me think about how many people could possibly have my personal information. There really is no guarantee when you talk about internet security, because there will always be some way to get the information.  It will definitely make me more weary when giving away personal information online.

Resources:

http://www.wired.com/threatlevel/2013/08/hacker-super-computer-access/

Security Risks of Smartphones

                             

In today’s society, having an iPhone, a Droid, or any other smartphone is nowhere near as uncommon as it was in previous years. Popular with preteens, college students, and even retirees, smartphones are taking over social media and are beginning to control our lives. All you have to do is look around to realize how mainstream smartphones are today, and due to the huge increase in smartphone usage, along with the amount of personal information on them, smartphones are major targets for security breaches, that many people are unaware of.

Smartphones are becoming more and more popular because they are easy to use and let you have everything you can possibly imagine at your fingertips. Smartphones are commonly used for mobile banking and for checking other online accounts and, although these examples sound like they would be extremely beneficial, are in fact very harmful to your personal security.

Unlike desktop computers, smartphones do not have the advantage of antivirus software, which makes them much more vulnerable to be targeted by hackers. With so much valuable information laying around, it would be stupid for a hacker looking to make money, to completely overlook the smartphone revolution. Everyone’s information is just laying around, waiting to be stolen. If a hacker really wants to, they can easily steal your banking information and any other information that you have accessed on your mobile device, sometimes without the user even knowing.

Steps to make your smartphone safer:

- using a PIN on your phone

- stay away from sketchy wireless networks

- be careful when using Bluetooth

- only use trusted applications

A CNN article about Cyberattacks on smartphones, September 17, 2012 http://money.cnn.com/2012/09/17/technology/smartphone-cyberattack/index.html

8 Steps to make your smartphone safer

http://www.bullguard.com/bullguard-security-center/mobile-security/mobile-protection-resources/8-ways-to-keep-your-smartphone-safe.aspx