When plan B needs a plan C

Just a few days ago, news began circulating on the internet of a strange problem with Cisco routers which was easy to identify as it caused complete failure. Shortly afterwards, Cisco issued a warning for specific products which may still be functioning normally but could fail after approximately 18 months of operation without warning. Meanwhile, a list of affected devices has now been published online. But that’s far from the full story.

read more

Simple steps to a secure public hotspot connection

In recent years, the way we work has transformed. The rise of ever more powerful mobile devices has freed us from our desks. Our Internet-enabled smartphones and tablets allow us to remain constantly connected even while we are on the move. Sensing a business opportunity, carriers have responded by providing Wi-Fi hotspots for our convenience in public spaces everywhere – from coffee shops, restaurants, shopping malls, hotels and exhibition halls to trains, airports and even airplanes. Tempting as it may be to use them to reduce any idle time, public Wi-Fi hot spots are not without risks. There are over 100,000 unsecured public Wi-Fi hotspots around the world. Furthermore, employees often fail to follow best practices. It only takes one mistake for sensitive company data to be jeopardized. However, by deploying VPNs and following some simple guidelines it is possible for organizations to overcome these risks and ensure all employees are equipped to secure their mobile client connections.

read more

IIoT, Mobile and Cloud Security Take Center Stage at RSAC 2017

The RSA Conference (RSAC) is always a major highlight in the IT security professional calendar and this year’s show was no exception. In this blog, NCP engineering reviews some of the standout enterprise machine-to-machine (M2M), mobile client and cloud security trends to emerge from RSAC 2017. The show is also a win-win for NCP. Our strong track record with US technology partners means that NCP is well-known to US-base customers and prospects. At the same time, our experience in fulfilling Industrial Internet of Things (IIoT) or Industry 4.0 projects in Germany means we had a great deal of knowledge and insight to share with prospects in this security segment, one that is in its early stages in the United States.

read more

A priority on today’s to do list: Please secure remote access once and for all!

Most IT devices have some form of remote access, whether via web browser or app. As long as devices are accessed by an authorized user from within an internal network, this isn’t a problem. Unfortunately, many devices, especially routers and smart home gateways are also accessible from the internet. And that’s where the problems begin. In fact, they have never stopped. Open remote access is among the greatest yet unfortunately inevitable threats of IT devices. Anybody who can access the management interface can control the device and usually the owner will not notice. Devices that are connected to the internet are constantly scanned and scrutinized for vulnerabilities. Open remote management interfaces should be treated as the digital equivalent of a loaded gun. It can be used but you need to know exactly what you are doing and take every possible precaution.

read more

Careful Connections are Key to Mitigating Cyber-Attacks on IIoT Systems

Energy plants and factories have always been prime targets for delivering a devastating setback and psychological blow against an enemy. Today, successful attacks against critical infrastructure can be launched in cyberspace. In 2015, a cyber-attack on a Ukrainian power station caused a loss of power affecting 225,000 customers and the world took note. In the U.S., the Department of Homeland Security (DHS) has raised concerns over the growing number of cyber attacks on industrial control networks. In response, they recently published guidelines to “provide a strategic focus on security and enhance the trust framework that underpins the IoT ecosystem.” The document calls for a combined approach. Among the measures discussed are considered connectivity and defense in depth. Managed Virtual Private Network (VPN) connections and two-factor authentication can help secure critical connections to give IIoT data traffic the in-depth protection it needs.

read more

Top 5 security vulnerabilities are always the same

The research and analyst firm techconsult issued a summary of the five major security vulnerabilities in SMEs and public organizations in Germany at the start of 2017. Their annual study Security-Bilanz Deutschland reviews IT and information security based on a representative survey of more than 500 interviews in companies and non-profit organizations. The results are sadly not that surprising each year. Although the organizations surveyed are aware of the problems and have the resources to deal with them, unfortunately they either approach issues through the wrong channels, inconsistently or too late.

read more

Mitigating Retail Vulnerabilities

The threat of cybercrime against retailers is ever present. According to the 2016 Global Threat Intelligence Report, retailers are the top targets and receive up to three times the number of attacks as second placed financial institutions. Around 70% of retailers in Europe admit to being targeted while 45% of the attacks are known to have been successful. In the past 12 months, the US retail sector has also seen repeated attacks on electronic point-of-sale (POS) systems as well as consistently high volumes of phishing emails aimed at tricking insiders into giving access to corporate networks. With online takings expected to account for 21% of overall sales in 2017, cybercriminals will continue to try and profit from any vulnerabilities they can find in retail systems. To counter this, retailers have a variety of mitigation techniques available to them including VPNs. The best security remains multi-layered since no single technology can nullify all threats at all times.

read more

The IoT gateway next door

Internet of things products are small, networked and unfortunately have almost always little or no security. Sometimes this is down to a lack of willingness by the manufacturer but it is also partly due to the nature of the product – small and light also means that these devices have few resources for complex security features such as encryption and packet inspection. This leads to vulnerabilities, numerous attack vectors and ultimately to a bot device which can be abused by almost anyone. Following the latest large-scale attacks that primarily use IoT devices as a digital army there is a loud demand from those who want more legislation and governments to get involved. In a hearing before the Committee on Energy and Commerce of the US House of Representatives, the security guru Bruce Schneier stated that “catastrophic risks” would arise through the proliferation of insecure technology on the Internet.

read more

Stay up to date

Subscribe for email updates

Connect With Us

Contributing Member

Want to contribute?

Want to contribute? Drop us a line at editor@vpnhaus.com