You are viewing 'security best practices'
Working from a strong foundation is the key to a successful security program
When a major security vulnerability is disclosed, everyone stops what they are doing and takes notice, especially when that vulnerability comes with its own logo. Now don’t get me wrong, newly disclosed vulnerabilities are important. They provide exciting opportunities for researchers and they do, if only temporarily, focus management’s attention on the often overlooked information security.
Don’t worry, this isn’t another blog about the pros and cons of vulnerability hype. Instead, I’d like to focus on the importance of keeping one eye on the basics, while the other is scrolling through the Twitter feed for the next upcoming disclosure. Because all too often, it is not the latest security vulnerability, but a failure to properly secure and deploy systems that is the root cause of a costly network breach.
Below are several recommendations to help keep your network more secure, and your company safe from new vulnerabilities (or old... read more >
You’re a Mean One, Mr. Grinch
It’s that time of year again where the days grow shorter, the wind starts picking up, and the temperatures start dropping (and if you’re one of my neighbors, it also means swapping your Halloween decorations for Christmas lights. But I digress). The holiday season is just around the corner, and so are opportunities to ruin your holiday cheer. With a little caution, you can save yourself from a big headache. Below are my top tips on how to stay safe this holiday season:
Virtual credit cards – If you’re tech-savvy enough to be reading this blog, there’s a good chance you’re familiar with online shopping. Many credit cards come with an option to generate a short-term virtual credit card number associated with your main account. While we would all like to believe our information is safe with big name companies,...
The age old problem of determining how to identify and mitigate risk has certainly been something organizations have struggled with for many years.
How do you protect your organization? What tools are the best in the marketplace? What tools are good enough and work with my budget? What is my long term plan and how do I get there?
All the above questions are something we deal with every day, but there is also another constant that we often overlook, our people — education about threats and how to address them on the front line.
Let’s face it, people are vulnerable and will always be. So much so, that the National Cyber Security Alliance dedicated a whole week to educating everyone on the culture of cyber security in the workplace during National Cyber Security Awareness Month (NCSAM).
We need to invest in technologies to help overcome our compulsive... read more >
With consulting work comes travel. Over the years, I have traveled extensively and stayed in a variety of hotels and suites. Through this experience, I have noticed several issues with hotel (specifically room) security. In this blog, I am going to walk you through some of the consistent issues that I notice in hotel room security, due diligence and awareness.
As many of you probably know, you never want to leave your valuables laying around your hotel room when you aren’t in it. This is one of the reasons hotels provide a safe, a lock on the door and hotel staff. At least one of these should stop a criminal, as well as keep me, my valuables and my room safe, right?Replacement Room Keys
I cannot tell you how many times I have observed people casually walk up to the front desk and ask for a replacement room key. Depending on how you deliver this request will probably land you a room key without having to say anything but the room number. Just... read more >
Secure Your Network: A Second Step in Security
This blog is a continuation of the Prevention blog series. The first blog, "Four Tips to Secure Your Network," discussed prevention and four tips to immediately help secure your network. The second blog, "Scan Your Network: A First Step in Security," is the first of four steps to assist with security, and discussed ways to scan your network. This blog will cover the second step with ways to secure your network. Links to the other blogs will be provided as they are posted!
Security groups are ultimately responsible for securing our network. If it fails, it’s our fault. Blame is not our friend and casting it will not make you a good fisherman. People in general are hoping to find a mistake to justify their positions or to... read more >