This blog post is part three of a three-part series discussing how organizations can address mobile security concerns through an architectural approach to mobility. The first post discusses how next-gen Wi-Fi models will pave the way for secure mobility. The second post highlights the risks versus the rewards of mobility.
Providing corporate network access via mobile devices is nothing new to today’s IT administrators. However, the future of BYOD and mobility will change as rising generations expect and demand more seamless and secure connectivity. Recently Tab Times editor Doug Drinkwater shared a similar idea: BYOD is still in an early phase with plenty of new challenges and opportunities ahead.
In this last installment of this security and mobility series, I’ll discuss why BYOD policies will change and outline how C-level executives can leverage employees as solution drivers in order to solidify the future of mobility within their organization. Read More »
Tags: 2014 annual security report, architecture, Cisco, future of mobility, infrastructure, mobile, mobile device, mobile security, mobile workspace, mobility, network, security, wi-fi, wifi, wireless
This blog is part two of a three-part blog series discussing how organizations can address mobile security concerns through an architectural approach to mobility.
In my first post of this three-part series, I discussed how next-gen Wi-Fi models will pave the way for secure mobility and the value of secure Wi-Fi. In this post I’d like to take the mobility conversation a bit further and outline potential risks and rewards that IT departments face when deciding to deploy mobility solutions in our Internet of Everything (IoE) landscape.
A big factor for IT to adopt a mobility strategy with new technology and solutions is weighing the practical risks versus the rewards they stand to gain. A recent ISACA survey of IT professionals offered insight into how employed consumers think and act in terms of security and mobility. The study and ISACA’s 2013 IT Risk/Reward Barometer reveal:
- Only 4% of those surveyed named the makers of their mobile phone apps as the entity they most trust with their personal data
- 90% don’t always read privacy policies before downloading apps to their devices
Most of us are familiar with the rewards of mobility, but the belief and behavior gap illustrated by the ISACA survey proves we need to better understand risks of mobility. Read More »
Tags: 2014 annual security report, architecture, Cisco, future of mobility, infrastructure, mobile device, mobile workspace, mobility, mobility security, security, wi-fi, wifi, wireless
A few months ago we discussed the various ways that consumer PII is compromised. The recent attacks against Target and Neiman Marcus illustrate the constant threat that payment card accepting retailers of all sizes face. Yesterday Reuters reported that similar breaches over the holidays affected “at least three other well-known U.S. retailers”. Given the current onslaught, it’s a good time for retailers to examine their detection capabilities before a payment card data attack, while creating new goals for shortening remediation windows during and after an attack.
Read More »
Tags: Alina, Breach, Card, data, detection, Dexter, encryption, hardware, Lancope, malware, NSM, Payment, PII, POS, remediation, terminal, TRAC, Trackr
In October 2013, Cisco TRAC discussed Network Time Protocol (NTP) as a possible vector for amplified distributed denial of service (DDoS) attacks. Litnet CERT has since revealed that their NTP servers were used in a denial of service (DoS) attack. Symantec also published information regarding an NTP amplification-based DDoS attack that occurred in December 2013. On December 7, 2013, a hackforums.net user posted an NTP amplification DDoS script to Pastebin. The NTP DDoS script is heavily obfuscated Perl, though the plain text at the top credits the “leaking” of the script to an individual who goes by the handle Starfall. Brian Krebs also mentioned someone going by the name Starfall as a paying user of booter.tw. They may be the same person.
Decoding the obfuscated Perl yields some interesting insights. For example, this code near the top of the script has nothing to do with the NTP DDoS functionality:
The code above downloads a program called spoof.pl from IP 188.8.131.52, then runs and erases that program while writing the text “j00 g0t 0wn3d s0n” into a hidden file. Unfortunately, we were unable to obtain a copy of the spoof.pl script, but the ominous “j00 g0t 0wn3d s0n” text indicates the purpose of the program was likely to compromise the machine of anyone who was running the obfuscated NTP DDoS script. Is there no honor among hackers?
Read More »
Tags: DDoS, distributed denial of service, dos, NTP, security
Are you back from holiday break all refreshed and ready to embrace 2014 with confidence?
Many organizations will see new devices on their networks given the recent massive holiday gift giving. In particular, educational organizations will be morst likely to be impacted. It seems there was no new hot toy (must-have gift) noted this year because kids want electronics. A recent survey indicated that 88% of kids ages 12 to 17 said that they most wanted a gadget as a holiday gift, with the majority (69%) requesting some kind of Apple device.
Students are returning to school with their shiny new electronic mobile devices and no hesitation to access the resources at school. Educational institutions continue to strive to enable users, while minimizing potential risk, and security continues to be the top concern.
Secure Mobility in Higher Education
Secure Mobility in K-12 Education
The challenge of secure mobility will persist as the device storm continues. 2014 opens with the Consumer Electronics Show in Las Vegas, January 7-10. The last couple years the show highlighted latest smart phones and tablets. It seems this year a heavy focus on the Internet of Things—with sensor-based devices that feed information to a computer over the Internet, further emphasizing the Any to Any problem, which changes the security paradigm. Any user on any device increasingly going over any type of connection, to any application, that could be running in any data center and on any cloud. Regardless of how or where our users are connecting, we have to provide the right levels of inspection and protection against malicious intruders who may steal sensitive data or disrupt business. Let’s start to think and be prepared for what organizations may see coming on their networks and what the security implications may be for next year.
Tags: byod, ISE, mobility, secure access, security