The Convenience of a Smartphone as a Security Device

Striking a balance between ease of use and providing a high level of protection against threats is at the forefront of any information security expert.  Mobile phones have become an integral part of most people’s lives.  While other forms of hard tokens have not offered the level of convenience that can be found in using ones own cell phone.  Why not leverage technology that people have become so comfortable using to advance security in your enterprise?  Read more…

###

The PortalGuard software is an authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing, and compliance for your web and desktop authentication requirements. PortalGuard provides capabilities including multi-factor authentication, self-service password reset, password synchronization and single sign-on which can be seamlessly configured by user, group, or application.

http://www.PortalGuard.com

Subscribe to our newsletter: http://portalguard.com/contact_us.php

https://twitter.com/portalguard

http://pinterest.com/pistolstar/portalguard

http://www.facebook.com/pistolstar.authentication

http://www.facebook.com/pages/PortalGuard/240761992635169

The Seven Deadly Sins of Information Security

The 7 Deadly Sins of Information SecurityBusinesses of all sizes spend time and effort on putting technologies in place to increase and enforce information security.  Having the technology in place is only part of the security puzzle.  Educating your employees on the benefits and necessity of the technologies is key to adoption.

According to research, based on 300 security breaches worldwide, as many as 87% of businesses that had been breached had not developed specific security policies – including security awareness education.

Does your enterprise have policies and education in place to ward off these seven deadly sins?

1. Passwords even my mom could guess – How many passwords are on sticky notes stuck to the keyboard?

2. Oh! Looky here – screen snoopers and creepers – 1 in 3 workers leave their workstations logged in and unlocked when they leave their desks.

3. I found a USB stick – lets see whats on it! – 60% of people that find a USB stick look to see whats on the drive.  Add a logo on to that stick and the percentage jumps to 90!

4. Phising! – Even the best of us can miss the telltale signs of a phishing scam.  Have you trained your team on these signs?

5. Anyone see my phone around? – 70% of users do not password protect their smartphone

6. I just found wifi! – only 18% of users log in to a VPN over public wifi

7. Yeah, I FaceBook at work – expect your social media policies to be violated

Read more…

###

The PortalGuard software is an authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing, and compliance for your web and desktop authentication requirements. PortalGuard provides capabilities including multi-factor authentication, self-service password reset, password synchronization and single sign-on which can be seamlessly configured by user, group, or application.

http://www.PortalGuard.com

Subscribe to our newsletter: http://portalguard.com/contact_us.php

https://twitter.com/portalguard

http://pinterest.com/pistolstar/portalguard

http://www.facebook.com/pistolstar.authentication

http://www.facebook.com/pages/PortalGuard/240761992635169

FTC General Guidelines for Mobile App Security

8 Steps to Promote Secure Mobile AppsWhen creating a mobile app, especially in the banking industry, it is important to keep security in mind. There is a new publication out from the FTC called “Marketing Your Mobile App: Get it Right from the Start” which highlights eight guidelines that all app developers should follow. This guide was meant to help the ever increasing number of app developers who consist of many small organizations or individuals. The article goes on to mention that this is the responsibility of the app developer as they are the only ones who know how secure and private their app really is.

Suggested Guidelines:

1. Tell the truth about what the app can do.

2. Disclose key information clearly and conspicuously.

3. Build privacy considerations in from the start.

4. Offer choices that are easy to find and easy to use.

5. Honor privacy promises.

6. Protect children’s privacy.

7. Collect sensitive information only with consent.

8. Keep user data secure.

Read More

###

The PortalGuard software is an authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing, and compliance for your web and desktop authentication requirements. PortalGuard provides capabilities including multi-factor authentication, self-service password reset, password synchronization and single sign-on which can be seamlessly configured by user, group, or application.

http://www.PortalGuard.com

Subscribe to our newsletter: http://portalguard.com/contact_us.php

https://twitter.com/portalguard

http://pinterest.com/pistolstar/portalguard

http://www.facebook.com/pistolstar.authentication

http://www.facebook.com/pages/PortalGuard/240761992635169

UK Data Breaches are up 1000% in Five Years

Found this brief article on the UK and its 1000% increase in data breaches. It has been obvious that the numbers have been climbing, especially in 2012, but this is an exceptionally dramatic increase and only over a 5 year period. Interestingly enough the main culprit is the local government with over a 1000% increase. Read More...

###

The PortalGuard software is an authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing, and compliance for your web and desktop authentication requirements. PortalGuard provides capabilities including multi-factor authentication, self-service password reset, password synchronization and single sign-on which can be seamlessly configured by user, group, or application.

http://www.PortalGuard.com

Subscribe to our newsletter: http://portalguard.com/contact_us.php

https://twitter.com/portalguard

http://pinterest.com/pistolstar/portalguard

http://www.facebook.com/pistolstar.authentication

http://www.facebook.com/pages/PortalGuard/240761992635169

5 Assumptions You Have to Make to Understand Data Breaches

Focused around the ever looming threat of BYOD these assumptions are ones which are recommended to make to handle data breaches. By assuming these things you are making yourself aware and accept the most recognizable facts. Many states are even getting on the defensive with laws being established around BYOD and keeping up to compliance standards. The article lists the 5 assumptions and makes a point to remind you that your employees are the key:

1. Assume the worst.

2. Assume your employees will use their personal devices on the corporate network, even if they are told not to.

3. Assume that your employees value convenience more than security.

4. Assume that flash drives will be lost and IT will never know.

5. Assume that an organization’s first and last defense against a security breach is its own employees.

Read More

###

The PortalGuard software is an authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing, and compliance for your web and desktop authentication requirements. PortalGuard provides capabilities including multi-factor authentication, self-service password reset, password synchronization and single sign-on which can be seamlessly configured by user, group, or application.

http://www.PortalGuard.com

Subscribe to our newsletter: http://portalguard.com/contact_us.php

https://twitter.com/portalguard

http://pinterest.com/pistolstar/portalguard

http://www.facebook.com/pistolstar.authentication

http://www.facebook.com/pages/PortalGuard/240761992635169

Federal Trade Commission Filed a Complaint against Wyndham

Federal Trade Commission has filed a complaint against Wyndham Worldwide Corp. (WYN) and three  subsidiaries (Ramada, Days Inn and Super 8 hotels) for alleged data security failures and data breaches.  Attackers obtained 600,000 credit card numbers and committing $10.6 million in fraudulent credit card charges. Wyndham and its subsidiaries failed to take security measures (complex user IDs and passwords, firewalls and network segmentation between the hotels and the corporate network). Improper software configurations resulted in the storage of sensitive payment card information in clear readable text. Each Wyndham hotel has its own property management computer system that handles payment card transactions and stores information (payment card account numbers, expiration dates and security codes).

In the first breach in April 2008, intruders gained access to a Phoenix Wyndham-branded hotel’s local computer network that was connected to the Internet and the corporate network of Wyndham Hotels and Resorts. The intruders had access to the corporate network of Wyndham’s Hotels and Resorts subsidiary, and the property management system servers of 41 Wyndham-branded hotels. Wyndham has more than 7,000 hotels in the United States, UK, China, Mexico, Puerto Rico, Australia and more.

###

The PortalGuard software is an authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing, and compliance for your web and desktop authentication requirements. PortalGuard provides capabilities including multi-factor authentication, self-service password reset, password synchronization and single sign-on which can be seamlessly configured by user, group, or application.

http://www.PortalGuard.com

Subscribe to our newsletter: http://portalguard.com/contact_us.php

https://twitter.com/portalguard

http://pinterest.com/pistolstar/portalguard

http://www.facebook.com/pistolstar.authentication

http://www.facebook.com/pages/PortalGuard/240761992635169

5 Stages of Two-factor Grief

MEMO: The IT Security team has come up with another new policy to increase security.

LOL. Now I not only have to enter a password but ALSO an OTP… (rolls eyes and sighs)…

5 Stages of Two-factor Grief:

  • Denial: I’m lost, how will I go on, that’s not really another field I have to fill in, is it?
  • Anger: This is ridiculous. Who put these requirements in place? What’s the point?
  • Bargaining: Okay fine, I will never write down my password again if you just let me use it by itself.
  • Depression: What’s the point of even logging on? There is no overcoming this challenge.
  • Acceptance: Okay, okay…..alright…..I’ll use the OTP….
Or alternative, (a shameless pitch) check out PortalGuard’s Transparent Tokenless Add-on!

###

The PortalGuard software is an authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing, and compliance for your web and desktop authentication requirements. PortalGuard provides capabilities including multi-factor authentication, self-service password reset, password synchronization and single sign-on which can be seamlessly configured by user, group, or application.

http://www.PortalGuard.com

Subscribe to our newsletter: http://portalguard.com/contact_us.php

https://twitter.com/portalguard

http://pinterest.com/pistolstar/portalguard

http://www.facebook.com/pistolstar.authentication

http://www.facebook.com/pages/PortalGuard/240761992635169

6 Ways to Strengthen Web App Security

It is essential to protect your web applications but it is just as important to develop them with security in mind. It is proven that web applications pose as one of the biggest security holes to an organization. HP conducted a study which showed exactly that and when scanning web applications found that 69% contained a SQL injection error. Along with other reasons mentioned in the article this poses a good case as to why organization’s should be concerned with web application security more than ever. The 6 ways to strengthen web application security are:

1. User inputs are not your friend

2. Know which vulnerabilities will compromise you

3. Understand security controls in your languages

4. Never write your own security controls

5. Create a security community emissary

6. Apply security controls consistently

Read More

###

The PortalGuard software is an authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing, and compliance for your web and desktop authentication requirements. PortalGuard provides capabilities including multi-factor authentication, self-service password reset, password synchronization and single sign-on which can be seamlessly configured by user, group, or application.

http://www.PortalGuard.com

Subscribe to our newsletter: http://portalguard.com/contact_us.php

https://twitter.com/portalguard

http://pinterest.com/pistolstar/portalguard

http://www.facebook.com/pistolstar.authentication

http://www.facebook.com/pages/PortalGuard/240761992635169

Recent Study Shows Companies Aren't Prepared for BYOD

A recent study conducted by KnowBe4, a security awareness firm, showed that 71% of companies who allow BYOD have no policies or procedures to implement it and for that matter secure it. They looked at 500 companies between July and August and determined that many were allowing employees to use multiple devices with no plan in place. This of course is convenient for the employee but makes the company very vulnerable. How do you secure a permitter which is global? BYOD creates new hurdles for the IT Security staff. Read More

###

The PortalGuard software is an authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing, and compliance for your web and desktop authentication requirements. PortalGuard provides capabilities including multi-factor authentication, self-service password reset, password synchronization and single sign-on which can be seamlessly configured by user, group, or application.

http://www.PortalGuard.com

Subscribe to our newsletter: http://portalguard.com/contact_us.php

https://twitter.com/portalguard

http://pinterest.com/pistolstar/portalguard

http://www.facebook.com/pistolstar.authentication

http://www.facebook.com/pages/PortalGuard/240761992635169

Are You Secure Online Checklist

How Secure Are You Online: The ChecklistThe idea of using a checklist for your online security forces you to see if you are really following best practices. Looking at each of the checklists, password security, browser security, home network security, and public wi-fi security, will help you prove that you are secure. Each checklist is broken down into levels of security practices from the bare minimum to the higher levels. If you are finding yourself checking off most of these items you might just be able to sleep better at night. Read More

###

The PortalGuard software is an authentication platform which is focused on enhancing usability, while maintaining a balance between security, auditing, and compliance for your web and desktop authentication requirements. PortalGuard provides capabilities including multi-factor authentication, self-service password reset, password synchronization and single sign-on which can be seamlessly configured by user, group, or application.

http://www.PortalGuard.com

Subscribe to our newsletter: http://portalguard.com/contact_us.php

https://twitter.com/portalguard

http://pinterest.com/pistolstar/portalguard

http://www.facebook.com/pistolstar.authentication

http://www.facebook.com/pages/PortalGuard/240761992635169