Cisco Blogs


Cisco Blog > Security

NCSAM Tip #10: Cloud Security for Everyone

Cloud services. You may or may not think about them, but they are no longer a talk of the future. Some of you probably listen to Rhapsody and Rdio, which are cloud-based streaming music services. Others perhaps use a cloud-based compression service Onavo to shrink your smartphone data and your monthly bill. Storage (Dropbox), email, social media, banking, location-based services (GPS), just to name some, all at your fingertips. For small and mid-size businesses, there’s a wide range of cloud services including productivity, finance, and accounting. For many companies and organizations, cloud adoption is on top of their priority list.

Before we continue to ride the cloud at lightning speed, shall we pause a moment to reflect on the risks? After all, there are many things that can threaten our data and services. To learn more about the current threat landscape, watch a rich and compelling on-demand webcast by Patrick Gray, principal security strategist at Cisco. Here are some specific concerns and action to take.

Read More »

Tags: , , , ,

NCSAM Tip #9: Anonymity Online — Profile Management for Personal Safety

Social networking sites like Facebook are great tools for connecting with friends and keeping up-to-date with the good and bad things that are going on in your social circles. Unfortunately, the kind and amount of personal information that makes for great social networking can be used by people with bad intentions to cause real, physical harm. Sound far-fetched? After a referee made a controversial call in a baseball game, someone with his same name received threats meant for the ref. Today’s security awareness tip is about profile management: developing habits that help you to stay in control of the information that’s available about you online, to keep you safe in the real world.

Read More »

Tags: ,

NCSAM Tip #8: Patch Verification with MBSA and Cisco IOS Software Checker

For Cyber Security Awareness Month I’d like to address patching; more specifically, verifying patches in your environment. Patching is a big part of any security policy. It’s also very important to verify that the patches and updates deployed have actually been installed. Whether you have one host or thousands, using a tool to scan your environment to verify those patches can save a lot of time and serve as a check on your patch processes.

There are some very good vulnerability scanners out there that can help locate and identify vulnerabilities and missing patches, but many are complex and expensive. I’d like to talk about two free and simple tools you can use to check that systems in your environments have secure configurations and are running up-to-date software.
Read More »

Tags: ,

NCSAM Tip #7: Surfing in Different Oceans

Web-based threats have never been higher and are expected to keep growing. Remember the days when viruses were spread via floppy disks, then email, then USB flash drives, and then instant messenger applications? While most of those risks still exist today, they are overshadowed by the enormous risk that casual web browsing has become. Some of the most common threats include technical problems like “cross-site scripting” and “cross-site request forgery” that cause browsers to behave in unexpected ways, often without any indication of a problem. “Phishing” and silent unintended downloads called “drive-by downloads” are also serious threats that can leave an unsuspecting user with malware that steals banking and personal information.

It’s also true that many of us have multiple web browsers installed on our computers. If not, they are easy to install. The most common choices seem to be Internet Explorer, Firefox, Safari, Chrome, and Opera. We can take advantage of this fact to create a very simple but effective security advantage.

Read More »

Tags: ,

NCSAM Tip #6: Three Tasks to Make Your Network Significantly More Secure

Securing a large complicated network can be a daunting task with so many technologies and devices. You may be asking yourself where to start. What could I do to get the most out of the time I spend securing my network? There are three areas that you can start with that will significantly reduce your attack surface and make your network more secure in the process. It is such a simple list yet overlooked by many: patching, maintain passwords, and disable unnecessary services.

Read More »

Tags: ,