Connect with us
CCW 2024

Cyber Security

Data Security As a Discipline–What Organisations Must Do

Published

on

Privacy has always been important for business, but in the last decade, it has gained far greater importance, especially after the increased accessibility of personal data via social media apps. To avoid legal and ethical implications, organisations must adhere to standard data privacy regulations (legal or otherwise).

Moreover, organisations that handle personal data must understand the basic requisites of privacy before being able to uphold ethical values and draft policies.

Here are some best practices that can help your organisation regulate and secure its data flow.

Know Your Data
You cannot protect what you don’t know. Each organisation must have a record of every piece of data it collects, stores, and processes (both digitally as well as hard copies). Additionally, organizations should keep a record of the source of the data collected, its usage, and its storage time before it is disposed of.

Develop a Data Privacy Strategy
Every organisation must develop, enforce, and implement an organization-wide data privacy policy. Security policies for each category of data should be clearly defined and consist of clear-cut procedures to organize the data flow. These include customer consent, retention of records, secure data disposal, and international data transfer.

A data privacy strategy should have a comprehensive plan on:

  • Control and prevention of data breaches.

  • Documentation of data breaches for remedial and evidentiary purposes.

  • Responses to data requests and data demands made by government authorities.

Legal Adherence
Legal requirements vary depending on the category of data your organization is processing and the jurisdictions within which your business operates. For instance, the GDPR is mandatory for all organizations that offer goods and services to EU citizens (including for organizations that are located outside of the EU).

Amidst rising data privacy concerns, several countries are drafting their own data privacy laws. So an effective way to ensure your organization complies with all legal privacy laws is to get help from your legal team to identify all the jurisdictions within which your organization operates and draft privacy policies in accordance with them.

Conduct Data Privacy Awareness Training
It is not possible to effectively secure an organization without educating the employees who work for it. Therefore, it is imperative for every employee to have a basic understanding of data privacy, its significance, and the consequences of a data leak.

Monitoring and Compliance
Securing data is not a project but an ongoing process. Incorporate powerful IT management solutions to monitor and comply with global privacy laws. Know what sensitive data is stored where, assess the risk associated with it, and implement policy-based data protection measures with DataSecurity Plus, ManageEngine’s data protection software.

ManageEngine is the enterprise IT management division of Zoho Corporation. Established and emerging enterprises—including 9 of every 10 Fortune 100 organizations—rely on ManageEngine’s real-time IT management tools to ensure optimal performance of their IT infrastructure, including networks, servers, applications, endpoints, and more.

ManageEngine has offices worldwide, including the United States, the United Arab Emirates, the Netherlands, India, Colombia, Mexico, Brazil, Singapore, Japan, China, and Australia, as well as 200+ global partners to help organizations tightly align their business and IT. For more information, please visit manageengine.com, follow the company blog, and get connected on LinkedIn, Facebook, and Twitter.

Cyber Security

Kaspersky Warns of Android Malware Exhibiting Diverse Features

Published

on

Three new dangerous Android malware variants have been analyzed by Kaspersky researchers. The Tambir, Dwphon, and Gigabud malicious programs exhibit diverse features, ranging from downloading other programs and credential theft to bypassing two-factor authentication and screen recording, jeopardizing user privacy and security.

In 2023, Kaspersky Solutions blocked nearly 33.8 million attacks on mobile devices from malware, adware, and riskware, highlighting a 50% global increase in such attacks from the previous year’s figures. Android malware and riskware activity surged in 2023 after two years of relative calm, returning to early 2021 levels by the end of the year. That said, the number of unique installation packages dropped from 2022, suggesting that malicious actors were more frequently using the same packages to infect different victims: last year Kaspersky detected more than 1.3 million unique malicious installation packages targeting the Android platform and distributed in various ways. Among these were Tambir, Dwphon and Gigabud malicious programs with the diverse features below described.

Tambir is a spyware application disguised as an IPTV app. It collects sensitive user information, such as SMS messages and keystrokes, after obtaining the appropriate permissions. The malware supports over 30 commands retrieved from its Command and Control server and has been compared to the GodFather malware, both targeting users mainly in Turkey, though several other countries were also affected.

Gigabud, active since mid-2022, was initially focused on stealing banking credentials from users in Southeast Asia, but later crossed borders into other countries and regions. It has since evolved into fake loan malware and is capable of screen recording and mimicking tapping by users to bypass two-factor authentication.

Dwphon, discovered in November 2023, targets cell phones from Chinese OEM manufacturers, primarily targeting the Russian market. The same malware earlier had been found in the firmware of a kids’ smartwatch by an Israeli manufacturer distributed mainly in Europe and the Middle East. Dwphon is distributed as a component of a system update application and collects information about the device as well as personal data. It also gathers information regarding installed third-party applications and is capable of downloading, installing and deleting other applications on the device. One of the analyzed samples also included the Triada trojan, one of the most widespread mobile trojans of 2023, which suggests that Dwphon modules are Triada-related.

“As Kaspersky’s mobile threats report shows, Android malware and riskware activity surged in 2023 after two years of relative calm, returning to levels seen in 2021 by the end of the year. Users should exercise caution and should avoid downloading apps from unofficial sources, meticulously reviewing app permissions. Frequently, these apps lack exploitation functionality and depend solely on permissions granted by the user. Furthermore, using anti-malware tools can help preserve the integrity of your Android device,” comments Jornt van der Wiel, senior security researcher at Kaspersky’s GReAT.

Continue Reading

Cyber Security

Intercede Intros MyID MFA v5

Published

on

Intercede has announced the launch of MyID MFA (Multi-Factor Authentication) 5.0. The latest addition to the MyID product family raises the security bar, by enabling organizations to protect on-premise and cloud-based applications, as well as the Windows desktop logon (on and off-line) with a range of phishing-resistant MFA options including OTP (one-time passwords), mobile apps, syncable FIDO passkeys and biometric protected hardware devices.

Bringing enterprise-managed FIDO passkeys into MyID MFA makes it easy to FIDO-enable multiple applications and deploy passkeys to end users, enhancing security and improving the user experience. MyID MFA acts as both a FIDO authentication server and a passkey issuance solution. End users authenticate to MyID MFA with their passkey, and by support for standard federated identity protocols, MyID MFA provides authentication services to multiple applications including cloud, on-premise and Windows desktop logon.

Organizations can choose from syncable passkeys, that use the FIDO protocol built into mobile devices and web browsers, to deliver a simple, secure and passwordless authentication process, via fingerprint, face ID or PIN. For organizations requiring higher levels of security and control, MyID MFA supports device-bound passkeys, such as Yubikey and the innovative YubiKey Bio device, which delivers a similarly seamless authentication experience while ensuring the highest level of security.

MyID MFA also enables the federation of applications (the ability to share identity and authentication information between systems in a managed way), be they cloud-based or on-premise, with support for standards-based protocols such as OpenID Connect and SAML. With federated identity provider (IDP) capabilities built into MyID MFA, it is a natural successor to Microsoft ADFS (Active Directory Federation Services). In addition to acting as an IDP, MyID MFA enables federations with an organisation’s existing credentials and identity providers, including Google and Microsoft Authenticator apps. This allows users to use the apps they are already familiar with and enables organisations to use credentials that are already deployed, reducing operational costs and speeding up the time to deployment.

MyID MFA supports the delivery of a unified authentication experience across the entire application suite, including authentication to applications, accessing self-service portals (to reset credentials), as well as logging on to the Windows desktop. The Windows Desktop Agent has been enhanced in v5.0 with added support for federation, the inclusion of third-party authenticators and FIDO passkeys, meaning organizations have a wider choice than ever on how to protect the primary gateway to their data, networks and applications, regardless of whether they are on Windows 11 or Windows 10 devices.

Allen Storey, Chief Product Officer at Intercede, states: “It is our mission to help organizations protect themselves against data breach by deploying stronger authentication simply, securely and at scale, whether they are SMBs with hundreds of users, larger enterprises, or federal authorities with thousands of users. MyID MFA is the simplest way for any organization to protect their applications, data and networks against cyber-attacks, with phishing-resistant authentication that is easy to deploy, manage and use.”

MyID MFA is part of the MyID product family that includes MyID PSM (Password Security Management) and MyID CMS (Credential Management System), which enables organisations to choose the level of security that best fits their needs, from passwords to one-time codes, mobile apps, FIDO passkeys and public key infrastructure (PKI).

Continue Reading

Artificial Intelligence

Check Point to Secure AI Cloud Infrastructure with NVIDIA

Published

on

Check Point Software Technologies has announced it is collaborating with NVIDIA to enhance the security of AI cloud infrastructure. Integrating with NVIDIA DPUs, the new Check Point AI Cloud Protect solution will help prevent threats at both the network and host levels.

“AI provides great benefits across healthcare, education, finance and more. At the same time, the rate and sophistication of cyber attacks are increasing, with threat actors increasingly looking at ways to disrupt AI workloads in the cloud,” said Gera Dorfman, Vice President of Network Security at Check Point Software Technologies. “We are working with NVIDIA to deliver a new secure AI cloud solution with Check Point AI Cloud Protect that guards even the most sensitive and private AI workloads against cyber threats.”

The rapid proliferation of AI has brought about a revolution in workplace efficiency and innovation. However, this growth also creates additional attack vectors specifically targeting AI, such as backdooring AI models to control a model’s output or to gain unauthorized access to the environment, data exfiltration to expose intellectual property, and denial of service to degrade performance and reduce capacity.

These threats compromise the integrity and security of AI systems and pose risks to business outcomes. They can also erode the foundational trust in AI operations, while potentially affecting other aspects of the data center. There is a critical need for a revamped security approach to protect not only the data in its traditional form but also the AI models themselves, which are central to innovation and competitive edge.

Check Point aims to address these challenges with NVIDIA by integrating network and host-level security insights, offering a comprehensive solution that protects AI infrastructures from both conventional and novel cyber threats. This integrated approach helps ensure the security system is cognizant of network activities and host-level processes, which is crucial for safeguarding AI’s future.

As AI becomes more pervasive, securing AI clouds becomes paramount,” said Yael Shenhav, Vice President of Networking Products at NVIDIA. “NVIDIA BlueField 3 enables innovators such as Check Point to offer robust cyber defence measures to secure AI cloud data centres, while also ensuring peak AI performance.”

In response to these emerging challenges, AI Cloud Protect emerges as a strategic solution, addressing the dynamic security requirements of the AI era. Designed for easy deployment and adaptability, it offers out-of-the-box security without impacting AI performance. Designed for effortless integration and scalability, the AI Cloud Protect provides a robust shield against sophisticated cyber threats.

Engineered with the NVIDIA BlueField 3 DPU, which powers a new class of AI cloud data centres, and the NVIDIA DOCA software framework, AI Cloud Protect is designed to seamlessly integrate into NVIDIA’s AI ecosystems, providing:

  • Robust Defense Against AI-Specific Threats: Empowers organizations to efficiently shield against model inversion, model theft and other attack vectors with unprecedented efficiency.
  • Scalable, Seamless Integration: Facilitates easy deployment across diverse AI environments, ensuring security measures grow in tandem with organizational needs.
  • Optimized Performance with Zero Compromise: Ensures AI operations continue unhindered, with security processes running discreetly, leveraging NVIDIA’s technological infrastructure without impacting AI performance.
Continue Reading
Advertisement CCW 2024

Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.