Ransomware attacks are still very much a threat, and the ease of perpetuating them is a big reason why. All it takes for a ransom attack to begin is for a single employee to click on a phishing email. Sadly, these attacks aren’t going away anytime soon. Your organization doesn’t have to be such a tempting target for ransomware attacks. There are a few simple ways to minimize your exposure and make it more difficult for attackers to gain a foothold.

You can read my post for Network Solutions blog here and review several practical suggestions on how to prepare your network for the eventual attack.

As we approach the November general U.S. elections, things are heating up, with both candidates now making actual campaign appearances. We have also seen an increase in cyberattacks and other threats to our elections. This includes efforts to hack into campaign staff’s accounts by foreign governments, physical threats during these campaign stops, and changes to how votes will be recorded.

You can read my full post on Avast’s blog here,where I review the latest in election interference news.

As college students try to return to campus, some are being asked to allow the college unprecedented access to their whereabouts and health information, as we posted last week. Many are learning about the personal implications of their data security for the first time, let alone dealing with being quarantined. I’ve previously explored the wide ranging methods colleges are using to try to bring students back to campus safely and how they are planning to track their students (and staff). In this post, I talk about some of the infosec issues with tracking the college crowd. It all comes down to having solid IT leadership and necessary skills on staff to do proper security vetting.

You can read more on my blog for Avast today.

IT security has evolved from being a completely binary operation to taking a more nuanced approach. Back in the days when R, S, and A first got together, it was sufficient to do security on this pass/fail basis – meaning a large part of security was letting someone in or not to your network. Or, it could mean allowing them to use a particular application or not, or allowing them access to a particular network resource (e.g. printer, server) or not.

One example is over-protective endpoint security. While it is great to plug as many holes as possible across your endpoint collection, if you lock down your endpoints too much, employees will shift their work to the cloud and their personal devices. That is also self-defeating.

You can read more of my examples of nuanced security here on RSA’s blog.

Passwords are known as the bane of every IT security manager, but often it’s the way they’re used that creates the most problems. Passwords are shared and reused across numerous logins and can frequently be easily guessed by using pet and children’s names. In other cases, passwords are compromised by users who stick with the default manufacturer settings years after their hardware is installed. This has given rise to a number of solutions that are labeled ‘passwordless,’ even though they technically still use some form of authentication.

You can read more with my post for Network Solutions blog here.

The news is filled regularly with attacks on misconfigured cloud servers and the leaked data that criminals obtain from them. The errors happen because we are all human. We might set up a cloud server with loose (or no) credentials and forget to tighten them when the server is placed into production. Or we fail to keep software up to date when exploits are discovered or get IT involved to audit the finished production app to ensure that it is as secure as possible.

You can read my post for CSOonline here on the 10 most common cloud configuration mistakes.

As more remote work from home happens, your collaboration tools need more scrutiny. A popular choice for instant messaging and video conferencing is Microsoft’s Teams, and securing this application will be a challenge. There have been Teams-specific exploits observed, for example. And even if Teams isn’t targeted, it could fall victim to general DDoS or ransomware attacks, which would be an issue if you depend on Teams for internal communications post-attack. And while Microsoft has published numerous suggestions on how to better secure Teams, the process is vexing and error-prone.

You can read my published analysis for CSOonline here. I also compare how Teams security stacks up with Slack. Avanan, pictured above, has versions for both.

Last month, a massive data leak exposed more than 300 million different accounts from social media platforms. The collection included 192 million records scraped from two different Instagram collections, along with 42 million records scraped from TikTok and an additional 4 million records scraped from YouTube.

The records include usernames, profile photos, emails, phone numbers, age and gender along with specifics about followers and other engagement for each account. The leak involved a set of three open data shares from the company Social Data: a few hours after being notified, the shares were properly secured.

There are several things that are interesting about this leak: its source, how the data was obtained, and what this means for your own social media consumption. You can read more on the Avast blog. 

One of the best ways to manage your password collection is to use a single sign-on (SSO) tool. These tools centralize the administration of user authentication services by having one login credential that can be used for multiple applications. 

You might think this creates a security loophole. We all have been drilled into not sharing the same login across multiple apps, right? The way that SSO works is somewhat different. Yes, you have a single login to gain overall access to an SSO tool. But once that is accomplished, the tool then automatically sends out separate credentials to sign in so you can use each of your apps. In many cases, you don’t even know what the details of each credential is — they could be using very complex passwords that are created at random by the tool. The good news is that you don’t need to remember each one, because the SSO does it for you. The bad news is that implementing SSO can be confounding, costly and complex.

You can read more on this topic on my blog post for Network Solutions here.