Login
In part one of this issue of our Black Hat Asia NOC blog, you will find:
Cisco Meraki was asked by Black Hat Events to be the Official Wired and Wireless Network Equipment, for Black Hat Asia 2022, in Singapore, 10-13 May 2022; in addition to providing the Mobile Device Management (since Black Hat USA 2021), Malware Analysis (since Black Hat USA 2016), & DNS (since Black Hat USA 2017) for the Network Operations Center. We were proud to collaborate with NOC partners Gigamon, IronNet, MyRepublic, NetWitness and Palo Alto Networks.
To accomplish this undertaking in a few weeks’ time, after the conference had a green light with the new COVID protocols, Cisco Meraki and Cisco Secure leadership gave their full support to send the necessary hardware, software licenses and staff to Singapore. Thirteen Cisco engineers deployed to the Marina Bay Sands Convention Center, from Singapore, Australia, United States and United Kingdom; with two additional remote Cisco engineers from the United States.
From attendee to press to volunteer – coming back to Black Hat as NOC volunteer by Humphrey Cheung
Loops in the networking world are usually considered a bad thing. Spanning tree loops and routing loops happen in an instant and can ruin your whole day, but over the 2nd week in May, I made a different kind of loop. Twenty years ago, I first attended the Black Hat and Defcon conventions – yay Caesars Palace and Alexis Park – a wide-eyed tech newbie who barely knew what WEP hacking, Driftnet image stealing and session hijacking meant. The community was amazing and the friendships and knowledge I gained, springboarded my IT career.
In 2005, I was lucky enough to become a Senior Editor at Tom’s Hardware Guide and attended Black Hat as accredited press from 2005 to 2008. From writing about the latest hardware zero-days to learning how to steal cookies from the master himself, Robert Graham, I can say, without any doubt, Black Hat and Defcon were my favorite events of the year.
Since 2016, I have been a Technical Solutions Architect at Cisco Meraki and have worked on insanely large Meraki installations – some with twenty thousand branches and more than a hundred thousand access points, so setting up the Black Hat network should be a piece of cake right? Heck no, this is unlike any network you’ve experienced!
As an attendee and press, I took the Black Hat network for granted. To take a phrase that we often hear about Cisco Meraki equipment, “it just works”. Back then, while I did see access points and switches around the show, I never really dived into how everything was set up.
A serious challenge was to secure the needed hardware and ship it in time for the conference, given the global supply chain issues. Special recognition to Jeffry Handal for locating the hardware and obtaining the approvals to donate to Black Hat Events. For Black Hat Asia, Cisco Meraki shipped:
Let’s start with availability. iPads and iPhones are scanning QR codes to register attendees. Badge printers need access to the registration system. Training rooms all have their separate wireless networks – after all, Black Hat attendees get a baptism by fire on network defense and attack. To top it all off, hundreds of attendees gulped down terabytes of data through the main conference wireless network.
All this connectivity was provided by Cisco Meraki access points, switches, security appliances, along with integrations into SecureX, Umbrella and other products. We fielded a literal army of engineers to stand up the network in less than two days… just in time for the training sessions on May 10 to 13th and throughout the Black Hat Briefings and Business Hall on May 12 and 13.
Let’s talk security and visibility. For a few days, the Black Hat network is probably one of the most hostile in the world. Attendees learn new exploits, download new tools and are encouraged to test them out. Being able to drill down on attendee connection details and traffic was instrumental on ensuring attendees didn’t get too crazy.
On the wireless front, we made extensive use of our Radio Profiles to reduce interference by tuning power and channel settings. We enabled band steering to get more clients on the 5GHz bands versus 2.4GHz and watched the Location Heatmap like a hawk looking for hotspots and dead areas. Handling the barrage of wireless change requests – enable or disabling this SSID, moving VLANs (Virtual Local Area Networks), enabling tunneling or NAT mode, – was a snap with the Meraki Dashboard.
While the Cisco Meraki Dashboard is extremely powerful, we happily supported exporting of logs and integration in major event collectors, such as the NetWitness SIEM and even the Palo Alto firewall. On Thursday morning, the NOC team found a potentially malicious Macbook Pro performing vulnerability scans against the Black Hat management network. It is a balance, as we must allow trainings and demos connect to malicious websites, download malware and execute. However, there is a Code of Conduct to which all attendees are expected to follow and is posted at Registration with a QR code.
The Cisco Meraki network was exporting syslog and other information to the Palo Alto firewall, and after correlating the data between the Palo Alto Dashboard and Cisco Meraki client details page, we tracked down the laptop to the Business Hall.
We briefed the NOC management, who confirmed the scanning was violation of the Code of Conduct, and the device was blocked in the Meraki Dashboard, with the instruction to come to the NOC.
The device name and location made it very easy to determine to whom it belonged in the conference attendees.
A delegation from the NOC went to the Business Hall, politely waited for the demo to finish at the booth and had a thoughtful conversation with the person about scanning the network.
Coming back to Black Hat as a NOC volunteer was an amazing experience. While it made for long days with little sleep, I really can’t think of a better way to give back to the conference that helped jumpstart my professional career.
Meraki MR, MS, MX and Systems Manager by Paul Fidler
With the invitation extended to Cisco Meraki to provide network access, both from a wired and wireless perspective, there was an opportunity to show the value of the Meraki platform integration capabilities of Access Points (AP), switches, security appliances and mobile device management.
The first amongst this was the use of the Meraki API. We were able to import the list of MAC addresses of the Meraki MRs, to ensure that the APs were named appropriately and tagged, using a single source of truth document shared with the NOC management and partners, with the ability to update en masse at any time.
On the first day of NOC setup, the Cisco team walked around the venue to discuss AP placements with the staff of the Marina Bay Sands. Whilst we had a simple Powerpoint showing approximate AP placements for the conference, it was noted that the venue team had an incredibly detailed floor plan of the venue. This was acquired in PDF and uploaded into the Meraki Dashboard; and with a little fine tuning, aligned perfectly with the Google Map.
Meraki APs were then placed physically in the venue meeting and training rooms, and very roughly on the floor plan. One of the team members then used a printout of the floor plan to mark accurately the placement of the APs. Having the APs named, as mentioned above, made this an easy task (walking around the venue notwithstanding!). This enabled accurate heatmap capability.
The Location Heatmap was a new capability for Black Hat NOC, and the client data visualized in NOC continued to be of great interest to the Black Hat management team, such as which training, briefing and sponsor booths drew the most interest.
The ability to use SSID Availability was incredibly useful. It allowed ALL of the access points to be placed within a single Meraki Network. Not only that, because of the training events happening during the week, as well as TWO dedicated SSIDs for the Registration and lead tracking iOS devices (more of which later), one for initial provisioning (which was later turned off), and one for certificated based authentication, for a very secure connection.
We were able to monitor the number of connected clients, network usage, the persons passing by the network and location analytics, throughout the conference days. We provided visibility access to the Black Hat NOC management and the technology partners (along with full API access), so they could integrate with the network platform.
Meraki alerts are exactly that: the ability to be alerted to something that happens in the Dashboard. Default behavior is to be emailed when something happens. Obviously, emails got lost in the noise, so a web hook was created in SecureX orchestration to be able to consume Meraki alerts and send it to Slack (the messaging platform within the Black Hat NOC), using the native template in the Meraki Dashboard. The first alert to be created was to be alerted if an AP went down. We were to be alerted after five minutes of an AP going down, which is the smallest amount of time available before being alerted.
The bot was ready; however, the APs stayed up the entire time!
Applying the lessons learned at Black Hat Europe 2021, for the initial configuration of the conference iOS devices, we set up the Registration iPads and lead retrieval iPhones with Umbrella, Secure Endpoint and WiFi config. Devices were, as in London, initially configured using Apple Configurator, to both supervise and enroll the devices into a new Meraki Systems Manager instance in the Dashboard.
However, Black Hat Asia 2022 offered us a unique opportunity to show off some of the more integrated functionality.
System Apps were hidden and various restrictions (disallow joining of unknown networks, disallow tethering to computers, etc.) were applied, as well as a standard WPA2 SSID for the devices that the device vendor had set up (we gave them the name of the SSID and Password).
We also stood up a new SSID and turned-on Sentry, which allows you to provision managed devices with, not only the SSID information, but also a dynamically generated certificate. The certificate authority and radius server needed to do this 802.1x is included in the Meraki Dashboard automatically! When the device attempts to authenticate to the network, if it doesn’t have the certificate, it doesn’t get access. This SSID, using SSID availability, was only available to the access points in the Registration area.
Using the Sentry allowed us to easily identify devices in the client list.
One of the alerts generated with SysLog by Meraki, and then viewable and correlated in the NetWitness SIEM, was a ‘De Auth’ event that came from an access point. Whilst we had the IP address of the device, making it easy to find, because the event was a de auth, meaning 802.1x, it narrowed down the devices to JUST the iPads and iPhones used for registration (as all other access points were using WPA2). This was further enhanced by seeing the certificate name used in the de-auth:
Along with the certificate name was the name of the AP: R**
One of the inherent problems with iOS device location is when devices are used indoors, as GPS signals just aren’t strong enough to penetrate modern buildings. However, because the accurate location of the Meraki access points was placed on the floor plan in the Dashboard, and because the Meraki Systems Manager iOS devices were in the same Dashboard organization as the access points, we got to see a much more accurate map of devices compared to Black Hat Europe 2021 in London.
When the conference Registration closed on the last day and the Business Hall Sponsors all returned their iPhones, we were able to remotely wipe all of the devices, removing all attendee data, prior to returning to the device contractor.
Meraki Scanning API Receiver by Christian Clasen
Leveraging the ubiquity of both WiFi and Bluetooth radios in mobile devices and laptops, Cisco Meraki’s wireless access points can detect and provide location analytics to report on user foot traffic behavior. This can be useful in retail scenarios where customers desire location and movement data to better understand the trends of engagement in their physical stores.
Meraki can aggregate real-time data of detected WiFi and Bluetooth devices and triangulate their location rather precisely when the floorplan and AP placement has been diligently designed and documented. At the Black Hat Asia conference, we made sure to properly map the AP locations carefully to ensure the highest accuracy possible.
This scanning data is available for clients whether they are associated with the access points or not. At the conference, we were able to get very detailed heatmaps and time-lapse animations representing the movement of attendees throughout the day. This data is valuable to conference organizers in determining the popularity of certain talks, and the attendance at things like keynote presentations and foot traffic at booths.
This was great for monitoring during the event, but the Dashboard would only provide 24-hours of scanning data, limiting what we could do when it came to long-term data analysis. Fortunately for us, Meraki offers an API service we can use to capture this treasure trove offline for further analysis. We only needed to build a receiver for it.
The Scanning API requires that the customer stand up infrastructure to store the data, and then register with the Meraki cloud using a verification code and secret. It is composed of two endpoints:
Returns the validator string in the response body
[GET] https://yourserver/
This endpoint is called by Meraki to validate the receiving server. It expects to receive a string that matches the validator defined in the Meraki Dashboard for the respective network.
Accepts an observation payload from the Meraki cloud
[POST] https://yourserver/
This endpoint is responsible for receiving the observation data provided by Meraki. The URL path should match that of the [GET] request, used for validation.
The response body will consist of an array of JSON objects containing the observations at an aggregate per network level. The JSON will be determined based on WiFi or BLE device observations as indicated in the type parameter.
What we needed was a simple technology stack that would contain (at minimum) a publicly accessible web server capable of TLS. In the end, the simplest implementation was a web server written using Python Flask, in a Docker container, deployed in AWS, connected through ngrok.
In fewer than 50 lines of Python, we could accept the inbound connection from Meraki and reply with the chosen verification code. We would then listen for the incoming POST data and dump it into a local data store for future analysis. Since this was to be a temporary solution (the duration of the four-day conference), the thought of registering a public domain and configuring TLS certificates wasn’t particularly appealing. An excellent solution for these types of API integrations is ngrok (https://ngrok.com/). And a handy Python wrapper was available for simple integration into the script (https://pyngrok.readthedocs.io/en/latest/index.html).
We wanted to easily re-use this stack next time around, so it only made sense to containerize it in Docker. This way, the whole thing could be stood up at the next conference, with one simple command. The image we ended up with would mount a local volume, so that the ingested data would remain persistent across container restarts.
Ngrok allowed us to create a secure tunnel from the container that could be connected in the cloud to a publicly resolvable domain with a trusted TLS certificate generated for us. Adding that URL to the Meraki Dashboard is all we needed to do start ingesting the massive treasure trove of location data from the Aps – nearly 1GB of JSON over 24 hours.
This “quick and dirty” solution illustrated the importance of interoperability and openness in the technology space when enabling security operations to gather and analyze the data they require to monitor and secure events like Black Hat, and their enterprise networks as well. It served us well during the conference and will certainly be used again going forward.
Check out part two of the blog, Black Hat Asia 2022 Continued: Cisco Secure Integrations, where we will discuss integrating NOC operations and making your Cisco Secure deployment more effective:
Acknowledgements: Special thanks to the Cisco Meraki and Cisco Secure Black Hat NOC team: Aditya Sankar, Aldous Yeung, Alejo Calaoagan, Ben Greenbaum, Christian Clasen, Felix H Y Lam, George Dorsey, Humphrey Cheung, Ian Redden, Jeffrey Chua, Jeffry Handal, Jonny Noble, Matt Vander Horst, Paul Fidler and Steven Fan.
Also, to our NOC partners NetWitness (especially David Glover), Palo Alto Networks (especially James Holland), Gigamon, IronNet (especially Bill Swearington), and the entire Black Hat / Informa Tech staff (especially Grifter ‘Neil Wyler’, Bart Stump, James Pope, Steve Fink and Steve Oldenbourg).
For more than 20 years, Black Hat has provided attendees with the very latest in information security research, development, and trends. These high-profile global events and trainings are driven by the needs of the security community, striving to bring together the best minds in the industry. Black Hat inspires professionals at all career levels, encouraging growth and collaboration among academia, world-class researchers, and leaders in the public and private sectors. Black Hat Briefings and Trainings are held annually in the United States, Europe and Asia. More information is available at: blackhat.com. Black Hat is brought to you by Informa Tech.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
At Cisco Duo, we continually strive to enhance our products to make it easy for security practitioners to apply access policies based on the principles of zero trust. This blog highlights how Duo is achieving that goal by simplifying user and administrator experience and supporting data sovereignty requirements for customers around the world. Read on to get an overview of what we have been delivering to our customers in those areas in the past few months.
Duo strives to make secure access frictionless for employees while reducing the administrative burden on IT (Information Technology) and helpdesk teams. This is made possible thanks to the strong relationship between our customers and our user research team. The insights we gained helped us implement some exciting enhancements to Duo Single Sign-On (SSO) and Device Trust capabilities.
Duo SSO unifies identities across systems and reduces the number of credentials a user must remember and enter to gain access to resources. Active Directory (AD) is the most popular authentication source connected to Duo SSO, accounting for almost 80% of all setups. To make Duo’s integration with AD even easier to implement, we have introduced Duo SSO support for multiple Active Directory forests for organizations that have users in multiple domains. Additionally, we added the Expired Password Resets feature in Duo SSO. It provides an easy experience for users to quickly reset their expired Active Directory password, log into their application, and carry on with their day. Continuing the theme of self service, we introduced a hosted device management portal – a highly requested feature from customers. Now administrators no longer need to host and manage the portal, and end users can login with Duo SSO to manage their authentication devices (e.g.: TouchID, security keys, mobile phone etc.) without needing to open IT helpdesk tickets.
We are also simplifying the administrator experience. We have made it easy for administrators to configure Duo SSO with Microsoft 365 using an out of the box integration. Duo SSO layers Duo’s strong authentication and flexible policy engine on top of Microsoft 365 logins. Further, we have heard from many customers that they want to deliver a seamless on-brand login experience for their workforce. To support this, we have made custom branding so simple that administrators can quickly customize their end-user authentication experience from the settings page in the Duo Admin Panel.
Device Trust is a critical capability required to enable secure access for the modern workforce from any location. We have made it easy for organizations to adopt device trust and distinguish between managed and unmanaged devices. Organizations can enforce a Trusted Endpoint policy to allow access only from managed devices for critical applications. We have eliminated the requirement to deploy and manage device certificates to enforce this policy. Device Health application now checks the managed status of a device. This lowers administrative overhead while enabling organizations to achieve a better balance between security and usability. We have also added out-of-box integrations with unified endpoint management solutions such as Active Directory domain-joined devices, Microsoft Intune, Jamf Pro and VMware Workspace ONE. For organizations that have deployed a solution that is not listed above, Duo provides a Device API that works with any enterprise device management system.
To support our growing customer base around the world, Duo expanded its data center presence to Australia, Singapore, and Japan in September last year. And now Duo is thrilled to announce the launch of the two new data centers in the UK and India. Both the new and existing data centers will allow customers to meet all local requirements, all while maintaining ISO27001 and SOC2 compliance and a 99.999% service availability goal.
The launch of the new data centers is the backbone of Duo’s international expansion strategy. In the last two years, Duo has met key international growth milestones and completed the C5 attestation (Germany), AgID certification (Italy) and IRAP assessment (Australia) – all of which demonstrate that Duo meets the mandatory baseline standards for use by the public sector in the countries listed above. Check out this Privacy Data Sheet to learn more about Cisco Duo’s commitment to our customer’s data privacy and data sovereignty.
That is a summary of what we have been up to here at Cisco Duo in the past few months. But we are not done yet! Stay tuned for more exciting announcements at RSA Conference 2022 next week. Visit us at our booth at RSAC 2022 and World of solutions at Cisco Live 2022.
In the meanwhile, check out this on-demand #CiscoChat panel discussion with real-world security practitioners on how they have implemented secure access best practices for hybrid work using Duo. And if you do not want to wait, sign-up for a 30 day trial and experience how Duo can simplify secure access for your workforce.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Sometimes in order to move forward effectively, it’s good to take stock of where we’ve been. In this blog, we’ll review a concept that has been foundational to networking and cybersecurity from the beginning: the session. Why focus on the session? As the philosophy of Zero Trust is adopted more broadly in the security industry, it’s important to understand the building blocks of access. The session is a fundamental component of access to any resource.
To get things started, let’s start with a definition. A simple definition of a session might be: “a period of time devoted to a particular activity.” Not so bad, but the complexity for internet and network security springs from scoping the “particular activity.”
The internet exists on top of a standardized suite of protocols that govern how data can be transmitted or exchanged between different entities. This suite, now generally referred to as the TCP/IP stack, is comprised of four distinct layers that delineate how data flows between networked resources. This is where the scoping of a session becomes obscure. The “particular activity” could refer to the network layer, which is responsible for establishing communications between the actual physical networks. Or, perhaps the activity refers to the Internet layer, which ensures the packets of data reach their destinations across network boundaries. The activity could also be the transport layer, responsible for the reliability of end-to-end communication across the network. It could also be referencing the application layer, the highest layer of the TCP/IP stack, which is responsible for the interface and protocols used by applications and users. For the familiar, these layers were originally defined in the OSI model.
This layering framework works well for establishing the distinct session types and how we can begin to protect them. However, the rise of cloud-based services means we must now also look at how sessions are defined in relation to the cloud — especially as we look to provide security and access controls. At the application layer, we now have client devices with web browsers and applications that communicate to a cloud service. Additionally, cloud services can be one or a combination of SaaS, PaaS and IaaS, each defining their own session and thus access.
With all the different classes of sessions, there are different mechanisms and protocols by which authentication and authorization are employed to eventually provide that access. All sessions use some type of account or credential to authenticate and evaluate a set of variables to determine authorization or access. Some of these variables may also be similar across different sessions. For example, an enterprise may evaluate the device’s security posture (e.g. it is running the latest OS patches) as a variable to grant access at both the network and application layer. Similarly, the same username and password may be used across different session layers.
However, each layer might also use distinct and specific variables to evaluate the appropriate access level. For instance, the network interface layer may want to ensure cryptographic compliance of the network interfaces. A cloud service may evaluate geographical or regional compliance. The common practice today is to have every session layer act alone to make its own access decision.
Let’s take a step back and review.
Now, let’s explore something new: what if the variables and access evaluation outcomes were shared seamlessly across session layers?
What if recent network context and activity were used to inform cloud access decisions? Or, recent user access decisions across the network layers be used to inform cloud application controls? Think about the enhanced resilience provided if network-based risk signal like packet information could be appropriately mapped and shared with the cloud application layer. Sharing information across session boundaries provides more robust fulfillment of Zero Trust principles by striving to evaluate security context as holistically as possible at the time of access.
In order to build a future where security decisions are informed by broader and continuous context, we’ll need tools and protocols that help us bridge tools and map data across them. To provide improved access and security, both the bridge and the correct mapping must be in place. It’s one thing to get the data transferred to another tool, it’s quite another to map that data into relevance for the new tool. For example, how do we map a privileged application credential to a device? And, then how do we map relevant context across systems?
The good news is that work is starting to enable a future where regardless of session definition, security context can be mapped and shared. Protocols such as the Shared Signals and Events and the Open Policy Agent are evolving to enable timely and dynamic signal sharing between tools, but they are nascent and broader adoption is required. Cisco has already contributed a technical reference architecture as a guide for Shared Signals and Events. We hope that by accelerating the adoption of these standards the industry gets one step closer to actively sharing relevant security context across OSI layers. While the road ahead won’t be easy, we think the sharing signals will make for a more resilient and robust security future.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
Find out how you can stretch your organization’s security budget amidst inflation and its economic impacts.
No one could have predicted the lasting effects of the pandemic on our economy. A strain has been put on the overall supply chain, causing the value of the dollar, or any other local currency, to not go as far as it once did. Consumers are experiencing skyrocketing energy, gas, and food prices, and businesses are facing delays in deliveries of goods and services to their customers.
According to the Consumer Price Index (CPI), the U.S. economy has seen an uptick as high as 8.5% over the past twelve months, which is the largest spike since the early 1980s. Ideally, the economy should be in a balance of about 2% inflation.
When inflation rates go up, there is a steady rise in costs, putting a heavy burden on individuals and businesses.
Even with the rise in inflation, the need for products and services are still there to keep organizations operational. Cybersecurity attacks do not fall under the radar with inflation. If anything, cost increases mean you might get less protection for the same amount of spend, making cyber threats against your organization riskier. Businesses are forced to make budget adjustments, but cybersecurity spend is crucial to maintain the integrity of customer data and finances. Many businesses will be forced to have to raise prices for goods and services, passing the higher cost on to their customers. The solutions needed to maintain security should be simple and flexible to buy in a complex world. Cisco believes in price protection, not passing on the burdens of inflation to our customer.
Cisco can help you with instant savings, avoiding inflation hikes with our price protection guarantee when it comes to buying security solutions to meet the security needs of your organization. With the significant shift in the way we work – remote work, office only, or hybrid, there are more devices on and off the network, leading to an increase in cybersecurity risks. Threats are not slowing down any time soon. Security needs to work together in a simple way to help you stay ahead of these threats to protect users everywhere, working from anywhere. Cisco Secure takes an integrated platform approach to radically simplify your security, applying intelligence to anticipate the changing needs of your business and provide the robust protection you need.
Whatever your organizational security needs may be, buying through the Cisco Secure Choice Enterprise Agreement allows you the flexibility to access two or more security products. Choose from network security, user & endpoint protection, cloud edge, or app security line of products.
Secure Choice Enterprise Agreements lets budgets go further and offers predictable billing over time so you can move faster in responding to security needs. Get a built-in security platform, SecureX, at no extra cost!
Cisco Secure products have never been simpler to buy. Add products, based on your specific security business goals, and receive additional discounts, up to 20% savings off list price. Start saving now with a Cisco Secure Enterprise Agreement.
We’d love to hear what you think. Ask a Question, Comment Below, and Stay Connected with Cisco Secure on social!
Cisco Secure Social Channels
The convenience of tapping your phone at the cash register instead of fumbling for loose change in your physical wallet is undeniable. Nearly 40% of Canadians used their mobile wallets more often in 2020 because of the perceived safety of contactless payment, according to one report.1 While digital wallets and tap to pay is becoming more widespread, you may wonder: what exactly is a digital wallet? Are they safe?
A digital wallet, also known as a mobile wallet, is a smartphone app that stores your payment information and enables tap to pay at most point-of-sale terminals. A digital wallet is perfectly safe, as long as you guard your smartphone just as closely as you would your physical wallet.
Here’s why you should secure your digital wallet and three tips to help you do so.
Think about what you store in your physical wallet: credit cards, debit cards, driver’s license, library cards, gift cards, cash. Now, imagine (or if you’ve been unlucky enough to lose your wallet in the past, think back to) the hassle that would ensue if someone stole your wallet or you misplaced it. Not only do you have to cancel your cards, notify your various banks, and wait for replacements, but the niggling worry that a stranger has access to your personally identifiable information (PII) will likely keep you up at night.
Just like you store your wallet in your front pocket when about town and check your seat before leaving a taxi or a plane, look after your smartphone just as closely. Unlike a physical wallet, whose absence is noticed quickly, a digital wallet may be compromised by a cyber pickpocket without you knowing for a while. For example, the BBC reported that researchers found a potential shortcoming in Apple Pay’s Express Transit mode where cyber pickpockets could remotely access mobile wallets.2 Luckily, the researchers’ experiment is unlikely to occur in the real world, but it’s a reminder to everyone to check their monthly bank statements for suspicious transactions. Cybercriminals get smarter and bolder by the day, so it’s not unlikely that they’ll find and exploit a digital wallet shortcoming in the future.
Follow these tips to help you use your digital wallet more confidently.
Always protect your digital wallet with a passcode! This is the best and easiest way to deter cybercriminals. It’s best if this combination of numbers is different than the passcode to your phone. Also, make sure the numbers are random. Birthdays, anniversaries, house addresses, and the last digits of your phone number are all popular combinations and are crackable codes to a resourceful criminal.
Better yet, if your mobile wallet app allows you to protect your account with facial recognition or a fingerprint scan, set it up! If your digital wallet proves difficult or impossible to enter, a cybercriminal may leave it for an easier target, keeping your PII safe.
Another way to secure your digital wallet is to make sure you always download the latest software updates. Developers are constantly finding and patching security holes, so the most up-to-date software is often the most secure. Turn on automatic updates to ensure you never miss a new release.
Before you swap your plastic cards for digital payment methods, make sure you research the digital banking app before downloading. Make sure that any app you download is through the official Apple or Android store or the financial institution’s official website. Then, check out how many downloads and reviews the app has to make sure you’re downloading an official app and not an imposter. While most of the apps on official stores are legitimate, it’s always best practice to check for typos, blurry logos, and unprofessional app descriptions to make sure.
The digital era is an exciting time to make the most of the conveniences technology affords; however, constant vigilance is key to keeping your finances and PII private. Whether you’re looking for additional peace of mind or have lost your wallet, consider signing up for an identity monitoring service like McAfee identity protection. McAfee will monitor your email addresses and bank accounts and alert you to suspicious activities up to 10 months sooner than similar services. Are you curious about how secure your current online habits are? Check your Security Protection Score today and see what steps you can take to live more confidently online.
1Canadian Payment Methods and Trends Report 2021
The post How to Secure Your Digital Wallet appeared first on McAfee Blog.
The holidays are almost here! That means it’s time to start making your list and checking it twice. To help prepare you for this year’s holiday shopping spree, McAfee is providing you with the ultimate holiday shopping list for every Tech lover in your family. Here are the devices to keep on your radar this holiday shopping season and what you should use to protect them.
Know someone who enjoys vanquishing aliens, building virtual amusement parks, and online battle royale? There’s a good chance that you do, as online gaming traffic increased 30% from the first to the second quarter of 2020. For the gaming guru in your life, consider gifting them a top-of-the-line gaming laptop so, they don’t have to compromise portability for playability. If they prefer to play in the comfort of their own home, consider giving the gamer in your life a snazzy new gaming monitor. This will allow them to enjoy a crystal-clear resolution, rapid refresh rate, and size to bring their virtual world to life. And to truly immerse your gamer in a new realm, gift them a new gaming console so they can enjoy optimal speed and stellar game lineups.
When shopping for your gamer, consider how you can empower them to stay secure while they play. A security solution like McAfee Gamer Security not only delivers a faster, quieter, and safer experience, but it can also boost a rig’s performance. This antivirus software detects threats through the cloud and optimizes resources to minimize frame drops. Gamers can even customize which games to boost (or even add other apps they’d like to boost), which background services to pause, and more. This improves your gamer’s experience and also keeps them safe while they play.
Does your tech-savvy teen love to browse on the go? Or perhaps you have a college student who likes to bring their online studying and video streaming with them beyond the home. For the mobile mastermind in your family, gift them a new smartphone or tablet this holiday season. These devices will allow your loved ones to access all their favorite apps and surf the web anytime, anywhere.
With the World Wide Web constantly at their fingertips, enable your family members to surf the internet with confidence by employing the help of a safe browsing solution like McAfee WebAdvisor. This trusty companion, available for free and included in the McAfee Total Protection app for iOS and Android, helps keep users safe from threats like malware and phishing attempts. Web Advisor blocks malicious sites, scans downloads, and alerts the user if a known threat is detected. With comprehensive security on their side, your mobile user will be free to search, stream, and download on the go.
The number of smart households (households that contain connected technology and can interact with other IoT devices) in the U.S. is expected to grow to 77.05 million by 2025. That may not come as a surprise, since IoT devices have upped the convenience of tech users’ lives everywhere. Perhaps your spouse or parents love filling their home with the latest and greatest smart home gadgets. This holiday season, give them the gift of convenience with a smart TV, speaker, thermostat, kitchen appliances, a personal home assistant – the list of smart home devices goes on!
While these devices can provide greater efficiency to anyone’s life, it’s important to be aware of the potential risks that come with this level of interconnectivity. Many product designers treat security as an afterthought, rushing to get their smart devices to market and consequentially creating an easy access point for criminals to exploit. But fear not! A solution like McAfee Secure Home Platform can automatically secure connected devices through a router with McAfee protection. It can hide your IoT devices from hackers, giving you the confidence that you have a solid line of defense against online threats.
For the Fitness Fanatic
At the onset of the pandemic, people adjusted their workout routines to accommodate for gym closures and began to rely on other solutions to stay fit. In fact, many turned to IoT devices used for virtual fitness, including wearable fitness trackers and stationary machines equipped with digital interfaces. Sound like someone you know? Consider giving them a stylish new or upgraded smartwatch that allows them to track their daily step count, heart rate, and sleep patterns.
While these devices can be instrumental in tracking users’ activity levels, it’s important to remember that wearable gadgets collect valuable health and location data a criminal could exploit. To keep your fitness fanatic happy and healthy without sweating their security, encourage them to install software updates immediately. This will protect your loved one’s device from reported bugs, enhance functionality, and seal up any security loopholes.
As you plan your holiday shopping list this year, don’t forget about the gift that keeps on giving: the peace of mind that comes with having the right online security! With comprehensive solutions built to safeguard your loved one’s devices, personal data, and everything they do online, they can continue to live their digital lives with confidence.
The post The Ultimate Holiday Shopping Guide appeared first on McAfee Blog.
Take a roll call of all your devices that connect to the internet. These include the obvious ones – laptops, tablets, and your smartphone. But they also include the ones you may not immediately think about, such as routers, smart TVs and thermostats, virtual assistant technology, and connected fitness watches and equipment.
Each of these devices is known as an endpoint to you. To a cybercriminal, they’re an entry point into your online information. It’s important to secure every endpoint so that you can confidently go about your day-to-day without worrying about your security. Here’s the definitive device security checklist to get you on your way confidently and safely.
Laptops and desktops are prime entryways into your online life. Think of all the payment information, passwords, and maybe even tax documents you store on it. The best way to protect the contents of your laptops and desktops is to password-protect your computer with strong passwords or passphrases. Here are a few password and passphrase best practices:
Especially if you work at common spaces like coffee shops, the library, or even your kitchen table, get in the habit of putting your computer to sleep when you step away. Commit the sleep command shortcut to memory to make it less of a hassle. For example, on Mac computers, the keyboard command is command + option + eject, and for Windows, it’s alt + F4.
Speaking of common spaces, whenever you log in from a public Wi-Fi network, always log in with a virtual private network (VPN). A VPN scrambles your data, making it indecipherable to any malicious characters who may be lurking on public networks.
Multifactor authentication is another way to protect your valuable devices and accounts. This means that anyone trying to log in on your device needs to provide at least two forms of identification. Forms of ID could include a text message with a one-time code or a fingerprint or face scan in addition to a correct password.
These two devices are grouped because the security features on them are similar. Just like with computers, put your device to sleep every time you walk away from it. It’s much easier and may already be in your routine to hit the sleep button when you put down your cellphone or tablet.
Always put a passcode on your smartphones and tablets. Choose a collection of numbers that do not have an obvious connection to you, such as important birthdays or parts of your phone number. Even if they’re a random assortment, you’ll get the hang of them quickly. Or to make sure only you can enter your phone, set up a facial or fingerprint ID scan. People have several passwords and account combinations they have to remember. To take the guesswork and trial and error of logging in, consider trusting your passwords to a password manager that can remember them for you!
A great mobile phone and tablet habit you should adopt is backing up your files regularly to the cloud. In the event that you lose your device or if someone steals it, at least it’s valuable — and in some cases, priceless — content is safe. You may be able to remotely “brick” your device to keep a stranger from breaking into your accounts. Bricking a device means remotely wiping a connected device and rendering it unusable.
Your router is the gateway to all the connected devices in your home; thus, it’s key to beef up its security. The best way to do so is to make sure that you customize the router name and password to make it different from the factory settings. Always password-protect your home router! Employing password best practices you use for your online accounts and your devices will prevent strangers from hopping onto your network. Another way to keep your Wi-Fi network out of the hands of strangers is to toggle on the setting to not appear to non-users. While it’s fun seeing the quirky names your neighbors choose for their home networks, it’s best to keep yours completely private.
There have been some unsettling reports about cybercriminals commandeering smart home devices and virtual assistant technology. For example, a cybercriminal hacked a homeowner’s virtual assistant and blasted music through the home’s speakers, and turn the heat up to 90 degrees. The key to securing the connected devices that are responsible for your heating and cooling, shopping lists, and even your home security system is to ensure it is connected to a secure router and protected by a strong password.
Also, keep an eye on software updates, which include security upgrades. If you don’t think you have time to manually update software, set up your devices to automatically update. This will give you peace of mind knowing that you have the latest security patches and bug fixes as soon as they are available.
IoT fitness watches and machines are fun additions to your workout routines. In the case of Peloton bikes, they track your heartbeat and location and offer a huge library of classes. However, cybercriminals may be able to track your workouts if they break their way into your fitness devices. The best way to keep your workouts private is to turn off geolocation and make sure you are up to date with all software releases and protect your accounts with strong passwords.
If you’re looking for a tool to put your mind at ease, consider McAfee Total Protection. It includes antivirus and safe browsing software plus a secure VPN. You can be confident that your personal information is safe, thus allowing you to enjoy the full potential of all your devices.
The post How to Secure All Your Everyday Connected Devices appeared first on McAfee Blog.
We’ve all been there. It’s the middle of the night and you wake up to a sad and sniffly kiddo shuffling into your room. Yup, looks like someone has a temperature. You phone the on-call doctor to make sure it’s nothing serious and then set an alarm so you can make an appointment when the office opens. Yet this time that doctor’s visit could go a little differently. It may not take place in the office at all. You may be offered a chance to see the doctor with a telemedicine visit.
Telemedicine has been in use for some time. For several years now, it’s connected patients to health care services using live video and sometimes special diagnostic tools that pass along information via the internet. Overall, it’s a way of going to the doctor without actually going to the doctor’s office. Historically, it’s done a great job of caring for people who live in remote locations and for people with ongoing conditions that need long-term monitoring.
That all changed last year. Telemedicine visits saw a big spike during the early days of the pandemic, partly to help keep the spread of the virus in check and to protect vulnerable patients. Even though that spike has since tapered off, one study found that about 40 percent of consumers in the U.S. say they’ll use telemedicine moving forward—and our own research from earlier this year put that worldwide figure at nearly 30 percent. Telemedicine seems to be taking root.
While telemedicine leaves many families with more healthcare options, it may leave them with a few more questions about their security as well. After all, our health data is a precious thing. In the U.S., HIPPA privacy standards protect our information and consultations with healthcare professionals. However, online visits add an entirely new dimension to that.
If your health care provider recommends a telemedicine visit for you or your child, it can be both a convenient and safe experience with a little prep on your part. With a few straightforward security measures lined up (some of which you may already have in place), you can make sure that everyone’s private health information will be safe and secure during your virtual visit.
A great first step for a safer telemedicine visit is to protect your devices with comprehensive security software. Like security software protecting you while you manage your finances, file your taxes online, and so forth, it will help protect you while sharing your private health information. Plus, it will give you plenty of other features that can help you manage your passwords, protect your identity, safeguard your privacy in general, and more.
Be sure to protect your tablets and smartphones while you’re at it, even if you’re not using them for telemedicine. With all the shopping and banking we do on those devices, it’s a smart move to protect them in addition to laptops and computers.
Your telemedicine visit may require setting up a new account and password, one that will add to your growing list considering all the banking, social media, and payment apps you probably use. Plus, there are the umpteen other passwords you have for your online shopping accounts, your children’s school records, your taxes, and so on. Don’t give into the temptation of re-using an old password or making a simple one. Hackers count on that, where stealing one password means stealing several—and gaining access to multiple accounts in one blow.
When you set up your account, use a strong, unique password. This may also be a good time to get a handle on all your passwords with a password manager. Also found in comprehensive security software, a password manager can create and securely store strong and unique passwords for you, which can keep you safe and make your day a little easier too.
A VPN, or virtual private network, offers a strong layer of additional protection when you’re transmitting health data or simply having a private conversation about your health with a professional. A VPN creates an encrypted tunnel to keep you and your activity anonymous. In effect, your data is scrambled and hidden to anyone outside your VPN tunnel, thus making your private information difficult to collect.
Like many of the security steps, we’re talking about here, using a VPN offers benefits beyond telemedicine. A VPN is a must when using public Wi-Fi, like at airports and cafes, because it makes a public connection private (and safe from prying eyes). Additionally, it’s also great for use at home when taking care of sensitive business like your banking or finances.
If you’re searching for a telemedicine provider online, keep an eye out for sketchy links and scams. The sad thing with the increased use of telemedicine is that hackers have clued in and are looking for targets. One way you can stay safer is to use a web advisor with your browser that can identify potentially hazardous links and sites. Anti-phishing technologies in your security software can help as well by preventing email-based scams from reaching your inbox in the first place.
Even better than searching online, consider contacting your pediatrician or doctor’s office for a recommendation, as they can point out the best healthcare options for you and your concerns—and let you know if a telemedicine visit is the best course of action for you in the first place. This way, you can get comfortable with what your visit will look like, find out what special apps (if any) are used, and how your care provider will protect your privacy. Also, you can decide which device you will use and where you’ll use it so that you feel at ease during your virtual visit.
A reputable care provider will likely put all this pre-appointment information together for you on their website or “frequently asked questions” (FAQ) page, which will include helpful links and numbers to call if you need help or have questions. For an example of what that could look like, check out the telemedicine page that Virginia Mason/Franciscan Health designed for its patients.
We’ve talked plenty about digital security, yet there’s the old-fashioned issue of physical eavesdropping to think about too. When it’s time for your actual appointment, pick a place in your home where you can assure yourself some privacy. (Of course, don’t go online for your virtual appointment in a public place.) Look for a space where you can’t be overheard by neighbors and passers-by—preferably someplace like your bedroom where you can be comfortable as well. If your child has an appointment, let them know that this is like any other doctor’s visit and help them keep their voice down so they can keep their info private.
With telemedicine becoming more and more of an option for families, it’s just one of the many tools your doctor or pediatrician can use to keep you and your family well. So as always, if you have a health concern, call your doctor or pediatrician’s office for guidance. They’ll know the best path forward.
In the meantime, there are some great resources out there that can help you make the best decision about telehealth if the time comes. One really helpful article from the American Academy of Pediatrics helps parents get up to speed on telemedicine and outlines a few cases where a telemedicine visit might be right for your child.
With the sniffles, fevers, and plenty of, “Mom, I don’t feel so good …” comments that come along with parenthood, it’s nice to know that telemedicine gives us another tool we can use to keep our families well—one that’s ultimately up to you and your doctor to choose if it’s right for your child.
The post 6 Tips for a Safer and Easier Telemedicine Visit appeared first on McAfee Blog.
How many rooms in your home contain a smart device? From Peloton bikes to showerheads with Bluetooth speakers, smart home technology is rapidly making its way into every room in every household. In fact, the number of smart households (those that contain smart home technology) in the U.S. is expected to grow to 77.05 million by 2025. But with new technology comes new challenges.
Many product designers rush to get their smart devices to market, treating security as an afterthought and consequentially creating an easy access point for criminals to exploit. Once a hacker taps in to a user’s home network, they could potentially gain access to all the devices connected to the network. And many consumers, amazed by the appliances’ efficiency, are unaware of the risks of interconnectivity. So, how can families prevent criminals from taking peeks into their home?
Let’s take a tour through an average smart home and uncover the security implications of the various devices in each room.
Believe it or not, the security risks of a smart home often apply before you even step foot inside the house. Approximately 21 million U.S. homes have professionally monitored security systems. However, these systems are not immune to hacks. One popular security camera system experienced a series of intrusions where hackers were able to communicate with residents, making inappropriate comments, taunting children, and even demanding a ransom payment for the hacker to leave the system. Some users of another security camera system experienced similar intrusions, with hackers playing vulgar music and cranking the homeowners’ heat up to 90 degrees.
Security cameras are just the beginning. Users control mowers, smart sprinklers, and other outdoor devices remotely with smartphone apps. Although they are meant to make consumers’ lives more convenient, outdoor devices with embedded computers could be at the greatest risk of attack, according to professor of computer science and cybersecurity expert, Dr. Zahid Anwar.
Outdoor devices like garage door openers, wireless doorbells, and smart sprinklers are more vulnerable because they may be easily accessible to someone driving down the street with a computer or other Wi-Fi transmitter. Outdoor smart devices can be used as entry points, allowing hackers to access the entire smart home network. To prevent a stranger from spying on your network, it’s important to check how these products store your data. If the device’s system stores your personal information and is connected to the main home network, there is a possibility that a breach of one device on the network could reveal your data to a hacker.
Once you step foot into a smart home, you’ll likely find a variety of devices adopted by residents for added convenience, including smart TVs, Wi-Fi routers, smart speakers, thermostats, lightbulbs, and personal home assistants — the list goes on! But the fact that these devices are connected to the internet opens the door for cybercriminals to make themselves at home. For example, the FBI issued warnings about the risks of smart TVs, noting that hackers could potentially gain access to an unsecured television and take control by changing channels, adjusting volume levels, and even showing inappropriate content to children.
Additionally, a recent study outlined multiple privacy concerns with a popular virtual assistant, ranging from misleading privacy policies to allowing third parties to change the code of their programs after receiving approval from the device’s parent company. Anupam Das, assistant professor of computer science at North Carolina State University, stated that third party software developers created many of the applications consumers interact with while using the virtual assistant. However, Das and their fellow researchers identified several flaws in the current vetting process that could allow those third parties to gain access to users’ personal information. The virtual assistant’s parent company does not verify the developer responsible for publishing the third-party program, so a cybercriminal could easily register under the name of a trusted developer and create a program that spreads malicious code. For these reasons, it is critical that consumers stay informed on potentially vulnerable entry points left open by device manufacturers so they can take action to better protect their smart home technology and their personal privacy.
Today, it is not so weird to talk to your refrigerator (well, maybe a little). Smart appliances are quickly making their way into consumers’ kitchens. You can control your blender or Instant Pot from your phone and use voice activation with various appliances, further blurring the lines between the physical and the digital. And while smart kitchen appliances empower you to do things like controlling your air fryer from an app and use voice activation to brew your coffee in the morning, living like a Jetson does come with potential security risks. In 2019, McAfee researchers discovered a vulnerability within a Mr. Coffee brand coffee maker that could allow a hacker to access the user’s home network. To prevent criminals from brewing up trouble in your home, ensure that you take measures to secure each of your devices and keep criminals from spying on your network.
For many people, the bedroom is more than just the place where they sleep at night — it is a relaxing sanctuary where they can unwind. It is no wonder that many people have adopted various gadgets to turn their sanctuaries into high-tech hubs for relaxation. Take a smart bed, for example. These mattresses incorporate biometric sensors to help you snooze better, and they connect to a smartphone app that tracks your sleep trends and health metrics. While this technology may provide insight on how you can sleep better, it is important to realize that these devices are collecting data and sending it back to the manufacturer. Often, consumers do not stop to research what specific data is being collected and how it is being used, placing a lot of trust in the device manufacturer to safeguard their private information. But what happens if the company suffers a data breach or ransomware attack? There is a chance that your data might fall into the hands of a hacker. To better protect your online security, understand that enjoying the convenience of connected IoT requires an assessment of where your information is being stored.
There is no denying that IoT devices have upped the convenience of tech users’ lives everywhere. But with these technological rewards comes added risk — cybersecurity risk, that is. The more connected devices you have in your home, the more opportunities criminals have to infiltrate your network and reach other data-rich devices. This can potentially put your private and financial information at risk, not to mention your privacy.
As our reliance on IoT and smart home technology grows, so will the need for users to step up their cybersecurity practices. Follow these tips to help protect your personal data and privacy while still enjoying all that your smart home gadgets have to offer:
1. Secure your Wi-Fi network
Out of the box, most Wi-Fi routers are either not secured or use a default password such as “admin,” making it easy for hackers to poke around and access devices that are connected to your router. To prevent cybercriminals from snooping on your network and the gadgets that are attached to it, secure your Wi-Fi network with a strong password.
A password or passphrase that is long, complex, and unique will discourage attempts to break into your accounts. Try creating a string that is at least 12 characters long, contains a combination of uppercase letters, lowercase letters, symbols, and numbers, and that is unique to each account.
Do your research before investing in a smart device. Ask yourself if the gadget is from a reputable manufacturer. Has the company had previous data breaches, or do they have an excellent reputation for providing secure products? Also, take note of the information your IoT device collects, how vendors use this information and what they release to other users or third parties.
Above all, understand what control you have over your privacy and information usage. It is a good sign if an IoT device allows you to opt-out of having your information collected or lets you access and delete the data it does collect.
In addition to the password/username combo, multi-factor authentication requires that users confirm a collection of things to verify their identity — usually something they have, and a factor unique to their physical being — such as a retina or fingerprint scan. This can prevent a cybercriminal from using credential-stuffing tactics (where they will use email and password combinations to hack into online profiles) to access your network or account if your login details were ever exposed during a data breach.
Stay on top of software updates from your device manufacturer. Available updates are not always advertised, so visit the manufacturer’s website regularly. Additionally, make sure to update mobile apps that pair with your IoT device. Adjust your settings to turn on automatic software updates, so you always have the latest security patches.
Your router is the central hub that connects all the devices in your home, so make sure that it’s secure. After you change the default password and name of your router, ensure that your network name does not give away your address, so hackers can’t locate it. Then check that your router is using an encryption method, like WPA2, which will keep your communications secure.
Additionally, consider setting up a “guest network” for your IoT devices. This is a second network on your router that allows you to keep your computers and smartphones separate from IoT devices. So, if a device is compromised, a hacker still cannot get all the valuable information that is saved on your computers. Check your router’s manual for instructions on how to set up a guest network.
You do not need to go it alone — employ the help of a security solution like McAfee Secure Home Platform, which provides smart security for your home network. By automatically protecting your connected devices through the router, you can feel confident that you have a solid line of defense against online threats.
McAfee Total Protection also includes a robust password management system that creates and saves strong passwords across all your accounts in one centralized location. It also includes home network security to protect your firewall and block hackers from accessing your home network. McAfee Total Protection includes a home network map that allows you to easily identify trusted devices on your network and flag potential intruders.
Recognize that every Wi-Fi connection, every Bluetooth connection, and every connection you make using a wireless connection is subject to hacking. This will help you better understand the risks associated with your smart home devices, and therefore will help you be more equipped to combat them. Remember: a secure home is the smartest home you can have!
The post How to Secure Your Smart Home: A Step-by-Step Guide appeared first on McAfee Blogs.
The global public cloud services market is on track to grow 17% this year, topping $266 billion. These are impressive figures, and whatever Covid-19 may do short-term to the macro-economy, they’re a sign of where the world is heading. But while many organizations may describe themselves as “cloud-first”, they’re certainly not “cloud-only.” That is, hybrid cloud is the name of the game today: a blend of multiple cloud providers and multiple datacenters.
Whilst helping to drive agility, differentiation and growth, this new reality also creates cyber risk. As IT leaders try to chart a course for success, they’re crying out for a more holistic, simpler way to manage hybrid cloud security.
Cloud for everyone
Organizations are understandably keen to embrace cloud platforms. Who wouldn’t want to empower employees to be more productive and DevOps to deliver agile, customer-centric services? But digital transformation comes with its own set of challenges. Migration often happens at different rates throughout an organization. That makes it hard to gain unified visibility across the enterprise and manage security policies in a consistent manner — especially when different business units and departments are making siloed decisions. An estimated 85% of organizations are now using multiple clouds, and 76% are using between two and 15 hybrid clouds.
To help manage this complexity, organisations are embracing containers and serverless architectures to develop new applications more efficiently. However, the DevOps teams using these technologies are focused primarily on time-to-market, sometimes at the expense of security. Their use of third-party code is a classic example: potentially exposing the organization to buggy or even malware-laden code.
A shared responsibility
The question is, how to mitigate these risks in a way that respects the Shared Responsibility model of cloud security, but in a consistent manner across the organization? It’s a problem exacerbated by two further concerns.
First, security needs to be embedded in the DevOps process to ensure that the applications delivered are secure, but not in a way that threatens the productivity of teams. They need to be able to use the tools and platforms they want to, but in a way that doesn’t expose the organization to unnecessary extra risk. Second, cloud complexity can often lead to human error: misconfigurations of cloud services that threaten to expose highly regulated customer and corporate data to possible attacks. The Capital One data breach, which affected an estimated 100 million consumers, was caused partly by a misconfigured Web Application Firewall.
Simplifying security
Fortunately, organizations are becoming more mature in their cloud security efforts. We see customers that started off tackling cyber risk with multiple security tools across the enterprise, but in time developed an operational excellence model. By launching what amount to cloud centers of excellence, they’re showing that security policies and processes can be standardized and rolled out in a repeatable way across the organization to good effect.
But what of the tools security teams are using to achieve this? Unfortunately, in too many cases they’re relying on fragmented, point products which add cost, further complexity and dangerous security gaps to the mix. It doesn’t have to be like this.
Cloud One from Trend Micro brings together workload security, container security, application security, network security, file storage security and cloud security posture management (CSPM). The latter, Cloud One – Conformity offers a simple, automated way to spot and fix misconfigurations and enhance security compliance and governance in the cloud.
Whatever stage of maturity you are at with your cloud journey, Cloud One offers simple, automated protection from a single console. It’s simply the way cloud security needs to be.
The post Cloud-First but Not Cloud-Only: Why Organizations Need to Simplify Cybersecurity appeared first on .
FreshRSS 