Need Assistance? Call us at (512) 814-8044, or submit a ticket

How Businesses Can Protect Their Wireless Access Points

Image of Wireless Access Points The current high rate of mobile users warrants that wireless access users, especially business users, should know how to protect their wireless access points.

First of all, regular business travelers, high-tech adventurers, or those who just love traveling are increasingly vulnerable to unique cyber security threats. This is even more dire in the case of busness travelers because they often carry sensitive data that may be personal or business related.

And most noteworthy, this sensitive data reside on a variety of devices from laptops, tablets, and smartphones to other smart devices such as wearables and home appliances.

A recent survey of financial districts found a high percentage of Wi-Fi clients actively probing for “Free Public WiFi”, and cyber criminals create fake wireless access points (SSIDs), hoping that unsuspecting users will log into one of these.

Fraudulent SSIDs Can Lead To Wireless Access Points Attack

It can be tough to convince users — especially those challenged by shrinking travel budgets — to avoid the temptation and draw of free wireless Internet access. When employers can’t or won’t pay for unlimited wireless Internet, employees get creative. Why should they waste thankless hours waiting for planes and trains when they could be using Free Public WiFi to catch up on mail, download iTunes, or watch a little Slingbox? (more…)

Share

Comments Off on How Businesses Can Protect Their Wireless Access Points

Credential Management Vulnerabilities Exposed By Breaches

Credential Management BreachThe recent breach of OneLogin is once again shining the spotlight on the safety and sanity of entrusting sensitive data to cloud-based credential management services. OneLogin provides single sign-on for cloud-based applications.

What Is A Credential Management Service?

Credential management services that offer Single Sign-On or SSO are great, but as we are beginning to find out, it could also be a single point of entry to a treasure trove of sensitive data for cyber criminals.

How Does A Credential Management Service Work?

The way credential management services work is that after a user of these Identity and credential management services sign into their account, the service takes care of remembering and supplying the customer’s usernames and passwords for all of their other applications. It pretty much attempts to save the user the pain and stress of trying to remember numerous passwords, security questions and other hoops people normally have to jump through just to access some online services.

What Is The Problem With Credential Management Services?

While a lot of these services promise secure access to, and a simplified Identity and Access Management (IAM), the recent spate of multiple breaches of LastPass and now OneLogin makes us wonder just how efficient and  secure these credential management services really are. And here is why: a single compromise exposes the credentials of all users, especially if that data theft includes the ability to decrypt encrypted data [thanks to Mark Maunder of Wordfence for that emphasis].

A breach that allows intruders to decrypt customer data could be extremely damaging for affected customers.

The vulnerabilities in credential management services like LastPass were so bad that Tavis Ormandy, a security researcher at Google’s Project Zero wondered if people were “really using this lastpass thing” because he took a quick look and could see “a bunch of obvious critical problems”. (more…)

Share

Comments Off on Credential Management Vulnerabilities Exposed By Breaches

Is The Desktop Really (Pretty Much) Dead?

I read an article recently claiming that “The desktop is (pretty much) dead” and I could not help but wonder if this was just an attempt at riling people up, drawing readership (they got me to read it), or just plain fantasy that “cloud” providers cook up to justify their continued push for ever increasing budgets with limited returns.

Sure, they bombard us with International Data Corporation (IDC) statistics and charts to bolster their arguments. But like sports analysts who glowingly call U.S. MLB, NBA & NFL champions “World” champions, one is forced to ask “what “World” are they referring to?” (more…)

Share

Comments Off on Is The Desktop Really (Pretty Much) Dead?

How To Cut Costs With Hosted Digital Phones

This is the Internet Age. Broadband and high-speed connections in the small to midsize business environment is now the norm as opposed to the exception it was a few years ago. What does that mean for the small and midsize business owner? Huge cost savings for one, in the area of communication. With the many offerings available today, it is not uncommon for businesses to reduce telephone costs by as much as eighty (80) percent. Here’s the rundown.

VoIP is a term that refers to Voice over Internet Protocol. It is a technology that allows phone calls to be made using high-speed Internet connections like cable, T1 or high-end DSL. Other common names for VoIP are IP, digital and Internet phones. The unique thing about digital phone technology is that it works with regular analog phones and this is important because since not everyone may have this technology in place, your calls will still be received whether the party you are calling has VoIP in place or not. (more…)

Share

Comments Off on How To Cut Costs With Hosted Digital Phones

Drive-by Trojan Download: CNET Embraces the Dark Side

It appears that the draw of the almighty dollar has pulled CNET to the dark side. CNET is a popular technology news site with a download portal called Download.com where many users go to download software that are free, shareware and open source. The site built a reputation a while back as a dependable location for hosting software that was devoid of malicious content – trojan horses, adware, virus etc. (more…)

Share

Comments Off on Drive-by Trojan Download: CNET Embraces the Dark Side

The DigiNotar Breach: Another Exposure of Negligence

In case you have not heard, another SSL Certificate provider, Dutch certificate authority DigiNotar, a subsidiary of Vasco Data Security, was breached recently and from the preliminary report coming from the company that did an audit, it looks pretty bad.

Some of the names in the list of bogus certificates generated by the attackers include Comodo, Google, Thawte, Microsoft, Mozilla, WindoswUpdate, WordPress’ MI6, the CIA, Facebook and Twitter. (more…)

Share

1 Comment
Close Menu
Share
Share