Mobile Device Security Tips

Nine Tips For Your Holiday Gifts

Chad Kahl

November 25, 2014 - Posted by Chad Kahl to Security Insight

mobile device security

Welcome! Welcome, one and all!

With Black Friday just around the corner, there is no doubt the holiday shopping season is upon us. For many, myself included, new phone FTW! This means a myriad of new electronic gadgets and gizmos.

Considering you are reading the Solutionary Minds blog, it stands to reason that you care about security. And because I've started setting up my new phone, it seems like a good time to discuss mobile device security.

The tips below apply primarily to phones, tablets and phablets (phones that are too big to be a normal phone and too small to be a true tablet), but many of these tips can help you protect laptops and other devices as well. The list certainly should not be considered all-inclusive, but applying it is a strong step in the right direction.

Nine Tips for Mobile Device Security

1. Enable Total-Device Encryption

Despite the ... read more >

Solutionary Recognized as an MSSP Leader

Jon-Louis Heimerl

November 20, 2014 - Posted by Jon-Louis Heimerl to Security Insight

In in a recently-released report, a leading technology research and advisory firm recognized Solutionary as a Managed Security Services Provider (MSSP) leader in North America.

Analyst reports like this are extremely useful for enterprises that are considering vendors to provide a service, giving them advice and perspective on a range of potential vendors.

For this research, the firm chose participants based on their ability to deliver enterprise managed security services to clients in North America. Participating companies were evaluated based on 26 criteria grouped into the following three categories:

  • Current offering
  • Strategy
  • Market presence 

To learn more about the MSSP market and how Solutionary was evaluated, download the full report... read more >

Protecting your Website from SQL Injection Attacks

Why Your Website May be Hacked Once Google Indexes It

Jacob Faires

November 18, 2014 - Posted by Jacob Faires to Security Insight

SQL Injection

SQL injection (SQLi) vulnerability on a website is a big fear for a web developer, a bigger fear for a business and one of the biggest fears for anyone involved with finance or point-of-sale (POS).

The attack methodology usually follows these lines:

  1. Identify SQL input locations.
  2. Determine capability of injection.
  3. Use SQLi to exfiltrate data/install backdoor.

How do attackers identify vulnerable targets?

Tools with SQL scanning capabilities, like Burp Suite, Havij and Acunetix, are able to discover vulnerabilities in websites, but they are not the most common way to... read more >

PCI DSS 3.0

Top 5 FAQs for Transitioning From PCI DSS 2.0 to 3.0

Chris Gida

November 13, 2014 - Posted by Chris Gida to Security Insight

PCI Compliance

As the January 1, 2015 submission date for moving from Payment Card Industry Data Security Standard (PCI DSS) 2.0 to 3.0 quickly approaches, organizations and security assessors have been diving into the details of assessments and new requirements. Many organizations are faced with challenges during this conversion phase.

As a security assessor, I am frequently asked questions about PCI DSS 3.0. Here are my top five FAQs:

When should I officially begin a PCI DSS 3.0 assessment?

There has been a lot of confusion about when to move to a PCI DSS 3.0 assessment, especially as assessments are kicking off in 2014. If an assessment begins in 2014, but the submission date is in 2015, then... read more >

Veterans and IT Security

Why Veterans are a Good Fit for IT Security Careers

Joseph (JB) Blankenship

November 11, 2014 - Posted by Joseph (JB) Blankenship to Security Insight

Veterans Day

Happy Veteran’s Day to all of you who are currently serving or have served previously in the U.S. military. Veteran’s Day gives all of us who didn’t serve an opportunity to honor those who did. Thank you for your service!

Honoring Those Who Serve

In his 1954 proclamation to commemorate November 11 as Veteran’s Day (known before as Armistice Day), President Eisenhower said,

I, DWIGHT D. EISENHOWER, President of the United States of America, do hereby call upon all of our citizens to observe Thursday, November 11, 1954, as Veterans Day.  On that day let us solemnly remember the sacrifices of all those who fought so valiantly, on the seas, in the air, and on foreign shores, to preserve our heritage of freedom, and let us reconsecrate ourselves to the task of promoting and enduring peace so that their efforts shall not have been in... read more >

Apple Pay - Google Wallet - Softcard

Will tap to pay actually be used by the public?

Melinda Reinicker

November 06, 2014 - Posted by Melinda Reinicker to Security Insight

tap to pay

This blog series was co-written by Solutionary Minds bloggers Melinda Reinicker and Court Little. Melinda’s shopping expertise was expertly augmented by the payments prowess of Court.

As described in my previous blog, "Apple Pay vs. Other Tap to Pay Providers," Google and Apple are essentially equal when it comes to security, with both of them outpacing SoftCard by a good bit. It’s important to note that they are all better and safer than traditional magnetic strip plastic cards, making the use of credit cards more secure. For more information on the different platforms, please see the first part of the Apply Pay series blogs, posted on Tuesday, October 28.

With the industry reeling from... read more >

Social Engineering Techniques with Covert Gear

Tim Roberts

November 04, 2014 - Posted by Tim Roberts to Security Insight

social engineering

This blog was co-written by Solutionary Security Consulting Services consultants Brent White and Tim Roberts.

With a rogue access-point (AP) in place, the attackers exited the building and made their way to a vehicle parked adjacent the location. Once inside, one attacker surveys the area while the other pivots a high-gain antenna toward the location of the malicious device. Connecting to the device and establishing a foothold into the internal network, he cracks a wicked smile and announces, “I’m in.”

There are several tools available for penetration testers that aid in a successful physical security assessment. These tools are widely available, and if used properly with solid social engineering tactics, can... read more >

1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | 37 | 38 | 39 | 40 | 41 | 42 | 43 | 44 | 45 | 46 | 47 | 48 | 49 | 50 | 51 | 52 | 53 | 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | Older Entries >>

Voted Best Corporate Security Blog 2014
Solutionary is a leading managed security services provider. The Solutionary Minds blog is a place to learn about and discuss IT security and compliance topics.

Click here for the entire RSS feed.

Get the Solutionary Minds blog delivered to your inbox!

Enter your Email:

(We will not share your email or use it for anything else.)

 

LATEST TWEETS