The Last Watchdog

JULY 1, 2022

This raises the concerns of corporate data security in remote working that still stand as a key challenge that organizations are trying to navigate, workforce productivity being the second. Managing endpoints securely . Tools and best practices.

Mobile 258

Mobile Education Phishing Technology 258

Centraleyes

FEBRUARY 25, 2024

However, critical security risks and threats inherent in cloud environments come alongside the myriad benefits. This blog aims to dissect the nuances of cloud security risks , shedding light on the challenges commonly faced when securing digital assets in the cloud. Who’s Responsible for Security in the Cloud?

Risk 52

Risk Encryption Social Engineering Authentication 52

Duo's Security Blog

OCTOBER 24, 2023

Much like Captain Monica Rambeau’s own journey, MFA is evolving to help security teams protect against a new kind of threat: MFA bypass attacks. In this blog, we’ll discuss some of the ways you can use MFA and features like Duo’s Trusted Endpoints to protect against MFA bypass attacks. What is an MFA bypass attack?

Social Engineering 77

Social Engineering Education Authentication Engineering 77

Duo's Security Blog

MAY 11, 2022

This is the problem that many security practitioners are trying to solve. And certain VPN clients or remote access agents perform posture checks to enforce device-based access policies. Administrators can set access policies based on device health. This API is available to all paying Duo Beyond customers.

VPN 55

VPN Firewall System Administration Encryption 55

McAfee

MARCH 30, 2020

With remote working, BYOD, employees using their own devices and shared access to collaborative cloud apps from business partners – we need to include device control when allowing access to our cloud services. One that is often ignored is setting policies by device. Implement specific DLP policy. Redirect traffic.

Authentication 52

Authentication Malware 52

Security Boulevard

NOVEMBER 18, 2022

It is a part of the public key infrastructure (PKI) and makes it possible to transfer data securely across the internet by converting plaintext into ciphertext that is unrecognizable. Asymmetric encryption , or public key encryption, increases security by using two different encryption keys at once; a private and a public key.

Encryption 120

Encryption Digital transformation Insurance IoT 120

Duo's Security Blog

MARCH 25, 2022

While organizations could benefit from giving employees this added flexibility, IT and security teams have had their hands full. The massive influx of remote work has complicated this, as security vulnerabilities could be exposed through a traditional VPN. They, too, have experienced the benefits over a VPN-only model.

VPN 76

VPN Architecture Authentication Software 76

Duo's Security Blog

JUNE 14, 2021

It is important for companies to ensure their information is secure regardless of where their employees are working. With this change many made the mistake of expanding their cloud network without also growing their security, leaving their information vulnerable. Security needs to be intentional, not left as an afterthought.

Passwords 98

Passwords Authentication Phishing Threat Reports 98

Notice Bored

OCTOBER 22, 2021

The final topic-specific policy example from ISO/IEC 27002:2022 is another potential nightmare for the naïve and inexperienced policy author. Despite the context, the title of the standard's policy example ("secure development") doesn't explicitly refer to software or IT. Yes, even security policies get developed!

Risk 80

Risk Firmware Software Information Security 80

Duo's Security Blog

FEBRUARY 17, 2021

Apple issued a security update release for iOS 14.4 This is an example of many vulnerabilities that can be mitigated with an available patch. .” — Richard Archdeacon, Advisory CISO, Duo Security But there was a limited time frame to make patches work. recently, as a patch for three actively exploited Zero Days in iOS 14.2,

CISO 101

CISO Risk Backups Security Awareness 101

Duo's Security Blog

APRIL 25, 2022

In this blog we explore how small and medium-sized enterprises (SMEs) in particular can mitigate these risks to get a manageable insurance cover, so they can focus on making their business thrive in today’s uncertain times. However, this is simply not feasible for SMEs who need to rely on a ‘bring your own device’ (BYOD) policy.

Insurance 74

Insurance Risk Marketing Authentication 74

Duo's Security Blog

SEPTEMBER 7, 2022

There are corporate-owned devices, personal devices (BYOD), even shared devices. Establish device trust with health checks Verifying user identity before granting access to a network application is the first step in a well-designed security strategy. Is the device running an endpoint security agent? But it’s no longer enough.

Malware 53

Malware Firewall Data breaches Encryption 53

Thales Cloud Protection & Licensing

DECEMBER 17, 2020

In one of my previous blog posts, Zero Trust 2.0: These security approaches need to be supported through foundational components and functions, and should be based on key overarching principles to ensure the implemented architecture effectively meets new requirements. Policy Enforcement Point. Policy Administrator.

Architecture 62

Architecture Authentication Accountability Engineering 62

Duo's Security Blog

SEPTEMBER 30, 2022

If you are not sure what the new security requirements are or if they affect your business or organization, don’t worry – we put together a webinar to help answer those questions. These institutions must take steps to secure that data. Does the FTC Safeguards Rule affect you?

Cybersecurity 61

Cybersecurity Authentication CISO Healthcare 61

Notice Bored

OCTOBER 19, 2021

This is an interesting policy example to have been selected for inclusion in ISO/IEC 27002:2022 , spanning the divide between 'cybersecurity' and 'the business'. when I read the recommendation for a topic-specific policy on backup. when I read the recommendation for a topic-specific policy on backup. What's the purpose?

Backups 56

Backups Risk Internet Internet 56

Duo's Security Blog

JUNE 22, 2023

Increasingly, it’s being used to differentiate managed devices from unmanaged BYOD (Bring Your Own Device). Stop the spoof The enhancements to the Device Health application address two security challenges. Now, we’re moving forward with enhancements that will further increase confidence in the truth of the data the DHA reports.

Authentication 79

Authentication Accountability Engineering 79

Duo's Security Blog

JUNE 27, 2023

Twenty-nine per cent of incidents reported to the Office of the Australian Information Commissioner (OAIC) were attributed to ransomware between July and December of 2022, making it the most reported type of security breach of the year. In the final instalment of this series, we cover the rise of ransomware 3.0 of tomorrow. In the last.

Ransomware 73

Ransomware Healthcare Phishing Authentication 73

Thales Cloud Protection & Licensing

OCTOBER 29, 2019

Unlike alternative solutions that can leave sensitive data exposed or compromised, the joint solution will enable organizations to automatically find and classify sensitive data across heterogeneous environments, understand the risks, and mitigate them through policy-based remediation…all through a single pane of glass.

Risk 86

Risk Big data Technology Data privacy 86

SiteLock

AUGUST 27, 2021

Several days after a major breach of the personal information of federal employees, the Senate rejected a cyber security measure on Thursday. Moscow-based cyber security company Kaspersky Lab announced on Wednesday that its systems had been attacked, most likely by hackers working on behalf of a country.

Cybersecurity 40

Cybersecurity Data breaches Hacking Mobile 40

McAfee

OCTOBER 30, 2019

The rise of cloud computing and bring-your-own device (BYOD) trends have expanded the traditional network perimeter to the point that business-critical information lives in places outside of the corporate-managed domains and devices. The post The Fastest Way to Extend DLP from Device to Cloud appeared first on McAfee Blogs.

Banking 40

Banking Risk Healthcare Data breaches 40

Duo's Security Blog

APRIL 4, 2023

The Security Operations Center (SOC): A wonderful place where all an organization’s telemetry is fed into robust tools that display, record, and alert to anomalous behavior detected within the network. However, does your Security Incident and Event Management (SIEM) platform know about Duo?

Authentication 53

Authentication Engineering Threat Detection Mobile 53

Heimadal Security

SEPTEMBER 27, 2021

The post What Is a Data Breach and How to Prevent It appeared first on Heimdal Security Blog. Phases of a Data Breach In order to be able to successfully perform a data breach, the attackers usually work in phases. Reconnaissance In this stage, the adversary […].

Data breaches 91

Data breaches Cybersecurity 91

Duo's Security Blog

MARCH 3, 2021

Although zero trust as a concept has been around for over 10 years, it is only recently that it has been recognized and accepted as a leading strategy for securing modern enterprise. In this blog, we set out how we approach zero trust from a practical perspective with particular emphasis on how it will impact on our end user colleagues.

Architecture 52

Architecture Authentication CISO Risk 52

Duo's Security Blog

OCTOBER 12, 2021

Meet your users where they are, securely. Remote work has led to a rise in the usage of bring your own device (BYOD) and unmanaged devices, which increases the risk of compromised devices. These limitations impact business resiliency and often lead to users bypassing any security controls that get in the way of their work.

Authentication 52

Authentication Risk Marketing Phishing 52

McAfee

APRIL 20, 2020

Introduction – Choosing the Right Security Controls Framework. Organizations are increasingly finding themselves caught in the “ security war of more ” where Governance, Risk and Compliance regimes, compounded by vendor solution fragmentation, have resulted in tick-box security.

Architecture 54

Architecture Risk Data breaches Cyber threats 54