Filtering By Tag 'Security'x clear filter
Over the past 2 years, organizations have seen a huge uptick in the number of email compromise attacks. This increase has come mainly in the form of non-signature based attacks, such as name impersonations and domain lookalikes. The social engineering behind name and domain impersonations has become so sophisticated and well-targeted, that phishing attempts can be nearly indistinguishable from the real thing.
In today’s world, business interconnectedness continues to grow as companies depend on multiple types of third-party vendors in order to conduct day-to-day operations. One of the toughest things about working with a third-party vendor is ensuring that their business practices are as safe and secure as your own. The current methods used to measure a vendor’s security posture tend to fall short. Using spreadsheet and Word document questionnaires sent back and forth through email is time consuming, static, and subjective. They give a “Point-in-Time” view of an organization’s security practices, rather than a full picture of their security posture.
Everyone knows you need a firewall, but installing one isn’t the final step in keeping your computer network safe. Hackers are continually refining their techniques, and the proof is in the numbers; the number of data breaches in the United States has been steadily rising since 2008. That’s an unfortunate truth; however, the trend doesn’t have to continue.
Almost all security breaches originate at the endpoint for several reasons: they are the most mobile, and they utilize the most applications. Not surprisingly, the human element of the endpoint also makes it the most vulnerable point of entry for an assault. Adversaries continue to invent novel ways to combat new security protocols, and in today's environment, the attack cadence is off the charts. That is to say; there are constant attacks – both file-based and non-file-based – hitting networks from every possible direction.
Payment Card Industry (PCI) compliance is an imperative aspect of business security, and it is essential to understand if Amazon Web Services (AWS) is PCI compliant if you are operating your organization in the cloud. If your business accepts payment through credit cards or retains credit card information, no matter the size or frequency of transactions, it is imperative that your business ensures cardholder data is secure and protected.
Are you looking for ways to ensure continuous security compliance on Amazon Web Service (AWS)? At Vandis’ latest event, the Cloud Conference in New York City, top industry partners shared tips and solutions for keeping attacks at bay, and maintaining the safety of your infrastructure and data; however, it’s not too late to learn a bit by downloading the event's presentations.
Networks used to be much more straightforward, consisting of a few devices with rules manually written by a few individuals. As such, systems were relatively stable. Technologies such as Cloud Computing, Virtualization, and the Internet of Things created complex and dynamic networks comprised of countless devices. Now, our partner, Firemon, shows us how to better manage firewall rulesets in the latest Vandis Insight's Blog webinar recap.
Nathan J. Lichtenstein is a Senior Network Engineer at Vandis; he is a critical player in ensuring that our clients' network infrastructure needs are met, whether on-premise or in the cloud. Recently, Nathan headed out on vacation to Las Vegas, but taking an engineer out of the office doesn't quell curiosity; he quickly discovered that the Casino's network security was less than ideal.
Phishing schemes have been top attack vectors for the past several years; they are 'tried and true' methods that generally result in a high level of success for attackers, granting them access username and password details, bank accounts, social security numbers, email addresses, other sensitive information. As such, it is expected that the number of phishing attacks will soon surpass that of web-based application attacks.
While the definition and scope of risk management are wide-ranging, effective risk management is a product of taking a very specific set of measures. Without tailoring risk management efforts to meet our precise needs, we are left with generic “best practices” that may or may not be effective in a given scenario. These nonspecific practices are what lead to the gaps between risk management theory and risk management practice.