Categories
security

IT Simplified: Data Loss prevention

Data loss prevention (DLP), as per Gartner, may be defined as technologies which perform both content inspection and contextual analysis of data sent via messaging applications such as email and instant messaging, in motion over the network, in use on a managed endpoint device, and at rest in on-premises file servers or in cloud applications and cloud storage. These solutions execute responses based on policy and rules defined to address the risk of inadvertent or accidental leaks or exposure of sensitive data outside authorized channels.

Categories
Emails security

IT Simplified: Email Authentication

Email authentication helps validate who is sending emails. Email authentication methods can help protect your domain, your brand, your reputation, as well as help improve deliverability overall. Here we understand what and how’s of email authentication and what happens after you hit the button send.

Email authentication isn’t just about security – it’s also about deliverability. By putting records in place and authenticating your emails, you can protect your brand and help your emails successfully reach the inbox. It helps in preventing email fraud, improve your email deliverability, and ensure continued delivery.

Categories
security

IT Simplified: Distributed denial of service

Hack vector created by freepik – www.freepik.com

Distributed denial- of- service attacks, or  DDoS attacks are a variant of denial-of-service attacks in which an attacker or a group of attackers employs multiple machines to simultaneously carry out a Denial of service(DoS) attack, thereby increasing its effectiveness and strength. The “army” carrying out the attacks are mostly often composed of innocent infected zombie computers such as an home router manipulated to be bots and being part of a botnet. These bots are cleverly controlled by the attacker via a Command and Control Server . It also insures the anonymity of the original attack since the distributed denial of service attack traffic originates from the bots’ IPs rather than the attacker’s. They may still be short, but may persist as powerful and sudden “punctuated” attacks that will last for several hours or several days. 

Categories
security

Honeypot

In computer terminology, a honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems. A honeypot can be modelled after any digital asset, including software applications, servers or the network itself. It is intentionally and purposefully designed to look like a legitimate target, resembling the model in terms of structure, components and content. In computer terminology, a honeypot is a computer security mechanism set to detect, deflect, or, in some manner, counteract attempts at unauthorized use of information systems. A honeypot can be modelled after any digital asset, including software applications, servers or the network itself. It is intentionally and purposefully designed to look like a legitimate target, resembling the model in terms of structure, components and content. 

Categories
cloud computing security

Rushed digital transformation is creating security risks

The pandemic provided the kick in the pants that many enterprises needed to finally get long-gestating digital transformation efforts underway. But for many organizations, such transformations turned into rush jobs, with many digital transformation projects being hatched far earlier than expected.

While some of these transformations came out in one piece, many weren’t so fortunate, carrying with them a virulent case of cybersecurity vulnerabilities. These vulnerabilities have in turn led directly to a surprising number of breaches.

Categories
security

The fundamentals of security incident response—during a pandemic and beyond

Information security is a nonstop race between you and cybercriminals—and COVID-19 means more challenges for your organization and more opportunities for attackers.

We spoke with cybersecurity experts about the challenges a new remote workforce creates for organizations, how to respond to a cyber threat, and how the threats themselves are changing.

Categories
security

Firewall Best practices to block ransomware

Ransomware continues to plague organizations, with over a third of companies surveyed across 30 countries revealing that they were hit by ransomware in the last year. 

Such attacks are ever-increasing in complexity and adversaries are getting more efficient at exploiting network and system vulnerabilities, leaving organizations with a significant clean-up bill: a global average of an eye-watering US$1.85M – more than double the cost reported last year.

Modern firewalls are highly effective at defending against these types of attacks, but they need to be given the chance to do their job. 

Let’s discuss how these attacks work, how they can be stopped, and best practices for configuring your firewall and network to give you the best protection possible.

Categories
security

Web Application Firewalls

Web application firewalls help monitor, filter and protect web applications from malicious attacks and unwanted internet traffic, including bots, injection and application-layer denial of service (DoS).

The WAF will help you establish and manage rules for avoiding internet threats, includin  cross-site scripting (XSS), SQL injection file inclusions, SQL injection, brute force attacks etc.

Web application firewall are deployed to protect web-facing applications and collect access logs for compliance, and analytics.

Categories
security

DMZ Demilitarized Zone

In computer security, a DMZ (sometimes referred to as a perimeter networking) is a physical or logical subnetwork that contains and exposes an organization’s external-facing services to a larger untrusted network, usually the Internet.

The purpose of a DMZ is to add an additional layer of security to an organization’s local area network (LAN); an external attacker only has access to equipment in the DMZ, rather than any other part of the network. The name is derived from the term “demilitarized zone”, an area between nation states in which military action is not permitted.

Most firewalls are network-level security devices, usually an appliance or an appliance in combination with network equipment. They are intended to provide a granular means of access control at a key point in a business network.

Categories
security

Privileged Access Management

Privileged access management (PAM) consists of the cybersecurity strategies and
technologies for exerting control over the elevated (“privileged”) access and permissions
for users, accounts, processes, and systems across an IT environment. By dialing in the
appropriate level of privileged access controls, PAM helps organizations condense their
organization’s attack surface, and prevent, or at least mitigate, the damage arising from
external attacks as well as from insider malfeasance or negligence.