Progress through partnership

A VPN needs both a client and remote gateway. While NCP offers a complete solution with Secure Enterprise Client and Secure Enterprise VPN Server, some manufacturers only develop their own gateways. Client software is then purchased from another company such as NCP. This type of cooperation is rare in the security sector, as the compatibility of the products is very important and may not meet all the requirements of a given scenario. This is not the case at NCP which shows that partnerships without compromise can be achieved in the security sector. NCP has been working with Juniper Networks for many years and this partnership recently reached a new level of cooperation.

The ten most serious cyber crimes and data breaches to date

People are often quick to adapt – now we don’t seem to blink an eyelid when we read news about another hacked server and the loss of a few million records of personal data. Only the most spectacular cases often attract our attention such as an attack on a high profile target like the German parliament or incidents where vast amounts of data were stolen, for example the Yahoo breach. And the bar is constantly being raised of what needs to happen to catch our attention. News which used to grab headlines throughout the media is now limited to specialist magazines or blogs. Nevertheless, companies are paying attention to such threats as a high priority. A study by PriceWaterhouseCoopers lists cybercrime as the second most reported economic crime. In the study, 32 percent of companies said they had already been victims of cybercrime and 34 percent expected an incident in their company over the next two years. Analysing the development of cybercrime in the last few years reveals interesting trends. A infographic on Bestvpn.com lists the 10 most serious incidents according to the impact or the quantity of stolen data. Although the list is based on incidents in America, the findings are impressive. Even the last place begins at 50 million data records stolen from the retailer Home Depot in 2014.

IIoT, Mobile and Cloud Security Take Center Stage at RSAC 2017

The RSA Conference (RSAC) is always a major highlight in the IT security professional calendar and this year’s show was no exception. In this blog, NCP engineering reviews some of the standout enterprise machine-to-machine (M2M), mobile client and cloud security trends to emerge from RSAC 2017. The show is also a win-win for NCP. Our strong track record with US technology partners means that NCP is well-known to US-base customers and prospects. At the same time, our experience in fulfilling Industrial Internet of Things (IIoT) or Industry 4.0 projects in Germany means we had a great deal of knowledge and insight to share with prospects in this security segment, one that is in its early stages in the United States.

A priority on today’s to do list: Please secure remote access once and for all!

Most IT devices have some form of remote access, whether via web browser or app. As long as devices are accessed by an authorized user from within an internal network, this isn’t a problem. Unfortunately, many devices, especially routers and smart home gateways are also accessible from the internet. And that’s where the problems begin. In fact, they have never stopped. Open remote access is among the greatest yet unfortunately inevitable threats of IT devices. Anybody who can access the management interface can control the device and usually the owner will not notice. Devices that are connected to the internet are constantly scanned and scrutinized for vulnerabilities. Open remote management interfaces should be treated as the digital equivalent of a loaded gun. It can be used but you need to know exactly what you are doing and take every possible precaution.

The IoT gateway next door

Internet of things products are small, networked and unfortunately have almost always little or no security. Sometimes this is down to a lack of willingness by the manufacturer but it is also partly due to the nature of the product – small and light also means that these devices have few resources for complex security features such as encryption and packet inspection. This leads to vulnerabilities, numerous attack vectors and ultimately to a bot device which can be abused by almost anyone. Following the latest large-scale attacks that primarily use IoT devices as a digital army there is a loud demand from those who want more legislation and governments to get involved. In a hearing before the Committee on Energy and Commerce of the US House of Representatives, the security guru Bruce Schneier stated that “catastrophic risks” would arise through the proliferation of insecure technology on the Internet.