Near field communication (NFC) is a type of contactless, wireless technology used for sending information or making payments. By embedding an NFC chip inside a smartphone, a company can create a virtual wallet where users store credit card information and can pay at a store simply by waving their smartphone over a credit card reader.
Microsoft has advised customers using its MS-CHAP v2 authentication protocol for Point-to-Point Tunnelling Protocol (PPTP) VPNs to implement additional protections nearly a month after researchers released an exploit tool to quickly crack credentials handled in the process.
The default settings for Apple’s new iPhone 4S personal assistant Siri allows anyone to give it commands when it’s password-locked.
Even apart from the serious security flaw in HTC Sense and malware that talks to an encrypted blog, to name just two recent issues, a consensus seems to be emerging. Android has serious security problems.
Researchers at Russian security company Kaspersky Lab say they've discovered the first malicious software program to target Google's Android mobile operating system.
Here we go again. Another BlackBerry security scare, in which some "noble" researcher explains to all of us blissfully-unaware BlackBerry users that our precious devices aren't nearly as safe as we think they are.
What kind of information do you have on your business card? Company name? Check. Your name and title? Check. Business address? Check. Mobile work phone number? Wait a minute.
The BlackBerry platform is known for its impressive security safeguards; Research In Motion's (RIM) BlackBerry Enterprise Server (BES) is literally designed from the ground up to meet enterprise security needs, and its various international security certifications attest to its effectiveness. However, there's one component of the BlackBerry ecosystem that's largely unguarded from potential threats: phone calls, i.e., voice traffic.
For the past few years, organizations have gone full-force in deploying a combination of wired and wireless enterprise networks. But now, as wireless technology matures, they are left asking: Where are the tools to unify management of these disparate networks?
Carnegie Mellon University has launched a massive upgrade of its campus-wide wireless LAN and chosen two WLAN vendors to supply the 802.11n infrastructure for it.
The head of security hastily leaves the meeting without excusing herself. Her body language indicates that it is an important call. As she walks back in, all eyes in the room subliminally pose the same question. Without further prompting, the head of security says: “The CEO wants to know why she can’t watch a YouTube video on her iPad. It’s against policy, but we have to make it happen. While we’re at it, she also wants to be able to access her email and calendar on her iPhone”. This actually happened at a large financial institution.
When it comes to mobile devices, IT security practitioners prefer employees use a BlackBerry because it's easier to control the data users share on them than, say, an Android or iPhone. But as consumer-based devices like the Apple brands get more sophisticated with each release, it's getting harder to keep them out of the workplace. Proliferation of the iPad has only heightened enterprise hunger.
Everything I've learned about mobile security tells me it's bad to use the consumer-based technology for work. That's where all the bad stuff comes from. That includes devices like the iPhone and iPad.
When security vendors used to pitch articles on smart phone malware, my blood ran cold.
Sign up now »
Ultimate protection for your small or medium-sized business
- FTTest Analyst (MS Environment) .netNSW
- FTSenior Python DeveloperNSW
- FTR&D EngineerSA
- FT.NET - Sitecore Developer - Melbourne - PermNSW
- FTQuality ManagerSA
- FTFlash / ActionScript Developer - ContractNSW
- FTOS Web Applications DeveloperNSW
- FTTest EngineerVIC
- FTJob Title: Mac Systems/ Enterprise Systems EngineerNZ
- FTTest Analyst (MS Environment) .netNSW
- FTLead Software EngineerSA
Incident handling is a vast topic, but here are a few tips for you to consider in your incident response. I hope you never have to use them, but the odds are at some point you will and I hope being ready saves you pain (or your job!).
- Have an incident response plan.
- Pre-define your incident response team
- Define your approach: watch and learn or contain and recover.
- Pre-distribute call cards.
- Forensic and incident response data capture.
- Get your users on-side.
- Know how to report crimes and engage law enforcement.
- Practice makes perfect.
I’m dating myself, but I remember when holiday shopping involved pouring through ads in the Sunday paper, placing actual phone calls from tethered land lines to research product stock and availability, and actually driving places to pick things up. Now, holiday shoppers can do all of that from a smartphone or tablet in a few seconds, but there are some security pitfalls to be aware of.