Michelle Drolet
How can you make sure the mobile apps you access are secure? A security profile should be at the top of the developer’s list when compiling a mobile app but that’s hardly the case. That’s a pity, because building a profile is easier to do during the dev phase. Are most mobile apps putting your
2 Minute 41 Second Read
Michelle Drolet
Vendors and other third parties should be treated with the same level of intense scrutiny as your own in-house risk compliance mandates. How seriously is your company treating the risk of a data breach? Have you done due diligence on all of your vendors and third-party partners? Cyberattacks can have a devastating impact in terms
4 Minute 8 Second Read
Michelle Drolet
by Sarah Kuranda Sophos is launching a new technology Monday that synchronizes threat intelligence and automation across endpoint and network levels. Sophos Security Heartbeat, part of the Oxford, England-based company’s new XG firewall series, links together the company’s next-generation firewall and UTM solutions with its next-generation endpoint technologies. In doing that, the company said, it is
3 Minute 12 Second Read
Michelle Drolet
When it comes to infosec, many of the most core basics are being overlooked. Many of the most obvious areas where security can be tightened up with little effort are being blatantly ignored. Are you doing your level best by covering the basics? Below are seven potential vulnerabilities. Most of these can be tackled without
3 Minute 25 Second Read
Michelle Drolet
Critical Security Controls is a set of best practices devised by the Center for Internet Security, a nonprofit dedicated to improving cybersecurity in the public and private sectors. Cyberattacks are costing businesses between $400 billion and $500 billion per year, depending on which analysts you listen to. Cybersecurity has never been a hotter topic. The
3 Minute 49 Second Read
Michelle Drolet
The Enterprise is at risk from malware and vulnerabilities hiding within mobile apps. You have to test your mobile apps to preserve your security. Mobile apps are ubiquitous now, and they offer a range of business benefits, but they also represent one of the most serious security risks ever to face the enterprise. The mixing
3 Minute 44 Second Read
Michelle Drolet
Encryption has a bad rap and far too often protection schemes are deployed foolishly without encryption in hopes of protecting data. t’s a heartache, nothing but a heartache. Hits you when it’s too late, hits you when you’re down. It’s a fools’ game, nothing but a fool’s game. Standing in the cold rain, feeling like
3 Minute 44 Second Read
Michelle Drolet
Encrypting data on your own might be the smartest move. For those of you old enough to remember the TV comedy series “Get Smart” featuring a spy that used his shoe for a phone, the good guys belonged to an agency called “Control,” and the bad guys were affiliated with “Chaos.” This month “Get Smart”
3 Minute 14 Second Read
Michelle Drolet
10. You need a WISP. A written information security policy, or WISP, is vital. Make sure there’s a person in charge of enforcing it. 9. Always encrypt data. Sensitive data, especially personally identifiable information, must be encrypted at all times, from the server, to the cloud, to a laptop or USB drive. 8. Check your
1 Minute 20 Second Read
Michelle Drolet
Non-compliance is a risk, and the Attorney General’s office carries a big stick for those who don’t follow the rules. If you don’t have a written information security program (WISP) in place for your business, then you could be risking data theft, legal action, and punitive fines. The law in many states now dictates that
3 Minute 55 Second Read
