You are viewing 'security'
Google Pixel and Apple iPhone security
As we begin the New Year, many of us are still enjoying the new toys received during the holiday season — toys such as a new iPhone 7 or maybe even the new Google Pixel. Cell phones, like anything else, come with a variety of choices based on size, OS, manufacturer, storage space, screen clarity, etc. But do most people consider which devices are the most secure?
In our industry, people tend to make this the focal point of research before purchasing a new phone. But most of the time, others outside IT security do not. In this blog, I’m going to review some of the security features that the iPhone7 and Google Pixel offer, as well as a few of the areas where they are lacking in security or have vulnerabilities.Google Pixel Security Features
First, let’s take a look at the Google Pixel and some of its security features. Unlike other smartphones, the Pixel uses file-based encryption rather than full disk encryption. This allows files... read more >
‘Twas 12 Days Before Theft Season
‘Twas 12 days before Theft Season, when all through the smart house,
Not a device was active, not even an IoT mouse.
The device that you bought from a random seller online,
That shipped from far-far away, had arrived in due time.
It was the gift that she begged for, pleaded and wined,
The one that she pined for, for six months’ time.
Not finding the original, this knock-off will do,
She must be happy, she is my princess; what would you do?
Being the perfect Dad, and wanting things right,
You plugged it in and charged it forthright.
Manuals read, it was ready to go,
But little did you know, this was only the beginning of the show.
As visions of your princess’ happiness lead you to a sound slumber,
The process was the first day of 12 days of havoc, 12 days of plunder.
The fiendish, deceitful, treacherous crew,
Of malicious actors, cleverly deceived you.
Their... read more >
Working from a strong foundation is the key to a successful security program
When a major security vulnerability is disclosed, everyone stops what they are doing and takes notice, especially when that vulnerability comes with its own logo. Now don’t get me wrong, newly disclosed vulnerabilities are important. They provide exciting opportunities for researchers and they do, if only temporarily, focus management’s attention on the often overlooked information security.
Don’t worry, this isn’t another blog about the pros and cons of vulnerability hype. Instead, I’d like to focus on the importance of keeping one eye on the basics, while the other is scrolling through the Twitter feed for the next upcoming disclosure. Because all too often, it is not the latest security vulnerability, but a failure to properly secure and deploy systems that is the root cause of a costly network breach.
Below are several recommendations to help keep your network more secure, and your company safe from new vulnerabilities (or old... read more >
Why problem management is important to security
Well, it is now official; I am writing my first blog post. As the Regional Chief Information Security Officer for the Americas here at NTT Security, I felt it important to share with you a perspective that I have gained from my extensive experience with information and physical security, combined with my recent experience with the Information Technology Infrastructure Library (ITIL), and more specifically problem management. ITIL defines problem management as “The process responsible for managing the lifecycle of all problems. Problem management proactively prevents incidents from happening and minimizes the impact of incidents that cannot be prevented” (Steinberg, Rudd, Lacy, and Hanna, 2011). Well, then, what is a problem defined as? ITIL would tell us that a problem is “a cause of one or more incidents. The cause is not usually known at the time a problem record is created, and the problem management process is responsible for further investigation”... read more >
When “catch them all” isn’t just Pokémon Go’s catch phrase
Let me start off by saying that I have not played a Pokémon game since Pokémon Snap back in ‘99. When I heard there was going to be an augmented reality Pokémon game for mobile, my inner child fanboyed. I made sure to download it as soon as it hit the app store, and had the fever to “catch them all.” I quickly found out, however, that Pokémon were not the only thing people were catching.
The best way to catch a Pokémon is to go out to a public area. The game shows you a virtual map of the area (it’s connected to Google maps, so is a real map). As you explore, Pokémon “spawn,” or show up, on the app for you to catch. The first place that popped into my mind as a good place to catch Pokémon was the park. So I packed up my stuff, got my daughter ready to go, and off we went.
I started to catch Pokémon, and even gave my daughter a few tries. With both of us using the app, we... read more >