Cryptography is critical to secure, trustworthy communications. Recent questions within the tech industry have created entirely new discussions about the cryptography underpinning our communications infrastructure. While some in the media have focused on the algorithm chosen for Deterministic Random Bit Generation (DRBG), we’ve seen many more look to have a broader crypto conversation. With this backdrop, I’d like to take the opportunity to talk about how we select algorithms (not just the DRBGs) for our products.
Before we go further, I’ll go ahead and get it out there: we don’t use the DUAL_EC_DRBG in our products. While it is true that some of the libraries in our products can support the DUAL_EC_DRBG, it is not invoked in our products. For our developers, the DRBG selection is driven by an internal standard and delivered to those developers from an internal team of crypto experts through a standard crypto library. The DRBG algorithm choice cannot be changed by the customer. Our Product Security Incident Response Team (PSIRT) confirmed this in a Security Response published on October 16.
Read More »
Tags: cryptography, DUAL_EC_DRBG, security, Security Response
Now when I’m talking about safekeeping a mobile device, I’m not saying don’t use your Kindle by the pool or let your toddler play on the iPad while eating ice cream. These are dangerous things to be doing with a gadget, but today I want to focus more on the data within that device, rather than the device itself.
No matter what you do, your device may be stolen. It only takes a moment of inattention for someone to swipe your phone or tablet. Before that unfortunate event occurs, there are several things that you can do to mitigate the damage that occurs from the loss of a mobile device.
Read More »
Tags: data retention, encryption, mobile, ncsam-2013, passwords, phone, security, Storage, tablet
April first falls on a Tuesday next year. The following Tuesday is Microsoft’s monthly security update. It will be the last monthly security update for the Windows XP operating system. About one third of the computers with Windows operating systems on the Internet today are still running Windows XP, an operating system almost 15 years old. After the April 2014 update, issues with Windows XP will no longer be patched; Windows XP users should have already migrated to a more current Windows version. So with that we present, David Netterman’s Top Ten Security Related Reasons Why You Should Upgrade Your Computer’s Old Operating System:
Read More »
Tags: EoL, MAPP, ncsam-2013, security, update, Windows XP
As our team has prepared for Educause 2013 this week, we have been talking a lot about technology in higher education and how it’s impacting colleges, universities, students and staff. Of course, robot soccer was not the first thing that came to mind, but it’s a great example of how different technologies are changing education forever.
Bowdoin College, which you may remember from last year’s #1 Most Connected College, is one of my favorite case studies because it points out that people have to TRUST technology for it to really be effective. Trust is a big word, really – I know I’m not the only person who is a little gun shy when I think about updating my phone to a new software version. So, when a professor has a class full of students and says “let’s all stream this video right now”, it’s important that it actually works – or professors risk losing student attention, losing time and facing maximum frustration levels.
Read More »
Tags: byod, campus network, cleanair, cloud, edu13, educause, ISE, NCSAM, robocup, secure access, security, wireless
Risk. It’s not just a strategic board game; in business it’s the analysis that determines the potential for loss.
In today’s organization, the consumerization of IT has led to groundbreaking developments in the mobility space. The broad deployment of BYOD, coupled with the availability of corporate data and applications, have challenged how we define security. And with recent news reports citing the rise of mobile hacking and network threats, the security of mobile technology and the data it carries seems to be at risk.
Fortunately, all is not lost.
Mobility gives employees and providers options for the workplace and creating a mobile experience that is efficient and innovative. It is also helping businesses save and make money. Today, employees in any place on any device can access any application across any network in any cloud. As a result, there are challenges associated with implementing a comprehensive BYOD policy that encompasses a proliferation of devices connecting to a network.
Even though mobility can cut costs and increase productivity, 60 percent of IT professionals recently surveyed believe mobile devices in 2013 present more of a risk to their organization than they did in 2012. And even with the growing concerns over mobile security, it still appears that only 60 percent of organizations require security technology for mobility plans. Why isn’t that number higher? After all Android Malware grew 2,577 percent in 2012 alone.
Read More »
Tags: byod, Cisco, Cisco Security, Cisco Security Intelligence Operations, Internet of Everything, IoE, malware, mobile, mobile malware, mobility, security