Tag Archives: businesses

Bye Bye BlackBerry. There’s a new kind of smartphone security.

BlackBerry

BlackBerry used to define the Smartphone sphere. Once popular for its physical keyboard and exclusive-for-users IM service, now BlackBerry has been left out in the cold. The Canadian company recently announced that they will no longer make the devices. However, they will continue to market the phones that will be manufactured by other companies. So, why buy a BlackBerry in 2016?

Because they’ve got an incredible reputation for security (as a matter of fact, many government officials use BlackBerry devices for that reason). In 2000 the brand was known as Research In Motion (RIM) and offered Subscription-based emailing. At this time, all emails sent and received by BlackBerry phones had to pass through highly-protected servers. This means that an attacker wouldn’t be able to intercept the phone’s messages. This encryption measure is pretty common in today’s phones, but it wasn’t 16 years ago.

User security remains a priority for BlackBerry. They have hardened security in their newest model, the DTEK50– a Smartphone manufactured by Alcatel that’s running on Android.

The phone is also named “the smartest smartphone in the world” and has a number of security-related features. This super secure Smartphone encrypts its users’ photographs, bank information and also uses the software necessary to store passwords safely. It also notifies its owners if someone uses the camera remotely to take photos or videos, or if the microphone is being used to record conversations.  

Most businesses think about security when building their IT infrastructure. By focusing exclusively on the corporate environment, BlackBerry is going back to its roots, and for good reason: it doesn’t matter who continues to make BlackBerry phones, the company still promises to enforce the strongest security possible.

 

The post Bye Bye BlackBerry. There’s a new kind of smartphone security. appeared first on Panda Security Mediacenter.

Almost half of companies save employee passwords in Word documents

passwordsThere is a growing awareness of cybersecurity within companies, but are these companies taking action to improve their security? As seen in a recent study, 750 IT security decision-makers worldwide were surveyed to see whether they are “learning and applying lessons from high-profile cyber-attacks”, and if it influences their security priorities and decisions.

The study examined the contradictory situation that is currently present in a number of global businesses. On a positive note, 79% of those surveyed said that they learned their lesson after seeing cyberattacks jeopardize the IT security in other companies, and 55% confirmed that they have changed the way they manage corporate accounts in order to adapt to the current cybersecurity climate and avoid unnecessary risks.

Nevertheless, the survey also exposes a very different reality. Far different from those who are complying with security procedures, 40% of the survey’s participants stated that they just use a Word document or worksheet to manage their company’s credentials and 28% stated that they use a shared server or a USB stick, for the same purpose. What is obvious is that IT security is absent in almost half of the 750 businesses in the survey.

Of course the previously mentioned storage methods are all susceptible of suffering a cyberattack, especially if they fall into the hands of someone with the right know-how, but they can also be leaked by the company’s own employees. A Word document makes private information accessible for any employee in the company.

To ensure that employees only use their own password, companies should use a password manager that will also protect their company’s devices. This will also help keep documents and devices, like a Word document or USB memory stick that stores passwords, safe from a cyberattack or infection.

In terms of cybersecurity, there is still a long way to go in the business environment. IT security should be a priority. Although, 95% of these organizations have a plan in place in case of IT emergencies, only 45% of them periodically check that they are functioning properly.

Despite their carelessness, 68 % of those surveyed claim that their greatest concern and challenge is the data theft of their customers (but this percentage does not correspond with the cybersecurity mechanisms implemented by IT security heads).

The post Almost half of companies save employee passwords in Word documents appeared first on Panda Security Mediacenter.

This is why you should “tether” your work phone

3g-4g

The tablets or smartphones at your office connect to either 3G or 4G (which is better than WiFi). When tablets and other connected devices (like smartphones or smartwatches) become essential to an employee’s work, then it is essential these employees are properly trained on using them safely. Surely, workers think that connecting an office device to their data is much safer than using a WiFi Network.

Whether you connect with 3G or 4G, Regardless of how you connect to the net, your tablets and phones will all connect to the internet in the same way, whether you use 3G or 4G: the internet provider has the power in giving us access to the internet. What’s interesting about this? Well, in the case of WiFi connection, the provider always sends encrypted data.

Although there is no confirmation that the internet you connect to on your mobile devices is 100% secure, what we do know is that the possibility of a cyberattack through a 3G or 4G connection is much lower than through a WiFi network. However, Spanish cybersecurity experts recently demonstrated how it is possible to attack a 3G or 4G connected device, but its still in the proof of concept phase.

Fortunately, in order for cybercriminals to perform these 3G attacks, the resources are excessive. This makes it the safer option. Especially if the device in question is protected by a solution consistent with the company and its private information.

In fact, this is your better option, even for a laptop. It is safer to use your Smartphone or Tablet as a sharing point than connect to an unsecure public network—this is called “tethering”. With tethering, you can connect your computer to your mobile device’s data. Here’s another great option that’s a little easier and does the same thing: a 3G USB Flash Drive.

In the end, protecting your business’s private information is the most important, and most of it is managed using these same tablets or smartphones. It is recommended that businesses choose an internet connection with a powerful data plan: any WiFi network (even some private ones) are less secure than the 3G or 4G one we enjoy on our smartphones. Encrypted business information is worth the price of a great data plan with GBs and GBs of internet.

The post This is why you should “tether” your work phone appeared first on Panda Security Mediacenter.

Advanced Reporting Tool, an Intelligent Control Platform

art-main

A platform that can detect a company’s internal threats? Many organizations and companies could have avoided major scandals if they acted in time: there’s the case of Snowden and the stolen NSA files, Bradley Manning and the US diplomatic cables, and Hervé Falciani and top-secret information from the HSBC private bank. These are all clear examples that, with cybersecurity, you can’t just cross your fingers and think “this won’t happen to me”. Any business could be threatened by an insider.

That’s why Panda Security has introduced the latest version of its Advanced Reporting Tool. This efficient and easy-to-use tool satisfies business needs; it is capable of maximizing Big Data performance to control the corporate resources.

Threats in the Workplace

PandaLabs detects 200,000 samples of new malware daily. It is imperative for businesses to control all security issues, especially those that stem from the misuse and abuse of corporate resources, leading to attacks, threats, vulnerabilities, or data leaks.

art-2

 

While Adaptive Defense collects all information on processes running on the endpoint, the Advanced Reporting Tool automatically stores and correlates this information. The platform automatically generates security intelligence that allow users to identify strange behaviors or problems.

 

 

The Advanced Reporting Tool enables the IT administrator to:

  • Focus on relevant information, increasing efficiency in the IT department by finding security risks or misappropriation in the corporate infrastructure.
  • Pinpoint problems by extracting behavior patterns from resources and users, identifying its impact on the business.
  • Alert in real-time about all events that could be a potential data breach.
  • Generate configurable reports showing the status of key security indicators and how they are evolving.

What does the latest version offer?

art-1In addition to the existing Big Data Cloud Service and its real-time alerts, the latest version includes predefined and adaptable analysis with three different action areas:

  • Information about IT security incidents: generates security intelligence then processes and associates those events as intrusion attempts.
  • Controls network applications and resources: detects user patterns of IT resources.
  • Controls access to business data: shows any access to confidential information and its online traffic.

 

Feedback from SIEM system

For organizations already using a SIEM, the Advanced Reporting Tool compliments it providing a SIEMFeeder which feeds your SIEM relevant data and associates it with the information you already have.  The SIEMFeeder gathers information from all endpoints that are protected by Adaptive Defense.

The feedback provided by the SIEMFeeder enables you to detect insiders before they become the biggest threat to your business.  The SIEMFeeder creates behavioral logics and locates all anomalies existing in your technological system.

The post Advanced Reporting Tool, an Intelligent Control Platform appeared first on Panda Security Mediacenter.

Got something to hide? Don’t pixelate it.

pixelate Many businesses share documents that are pixelated in order to protect private information, whether they be bank account numbers, photographs or other private information. Although pixelation used to be a simple and sufficient way to hide confidential information, now computers are smart enough to read these distorted images—even when your eye cannot. Pixelated documents are no longer safe!

Researchers from the University of Texas and Cornell Tech have developed software based on artificial intelligence that is capable of reading standard content-masking techniques (like blurring or pixelation) in order to read what was originally covered up.

One of the authors, Vitaly Shmatikov, warned that, aside from the complex technical developments, “the techniques we’re using in this paper are very standard in image recognition, which is a disturbing thought.”

But these researchers aren’t the only ones developing this type of software. More powerful object and facial recognition techniques already exist for those who want to use them. This means cybercriminals may already have the tools to unveil private information you thought was hidden.

pixelate

To carry out their research, the team fed neural networks images with faces, words and objects. The more times the neural networks “see” these images, the easier they can recognize them. After successfully memorizing the photos, the neural networks were able to successful defeat three privacy protection technologies including YouTube blurring technology, pixelation and Privacy Preserving Photo Sharing (P3).

In conclusion, pixelating or blurring information is no longer the best way to share confidential documents. After this research, the software was able to recognize 80% of the distorted images.

According to Lawrence Saul, a machine learning researcher at the University of California, San Diego, “For the purposes of defeating privacy, you don’t really need to show that 99.9 percent of the time you can reconstruct. If 40 or 50 percent of the time you can guess the face or figure out what the text is then that’s enough to render that privacy method as something that should be obsolete.”

To keep you corporate information safe, the best you can do is avoid sharing it (if you can) and above all, protect it with the appropriate protection for your company.

The post Got something to hide? Don’t pixelate it. appeared first on Panda Security Mediacenter.

Are you willing to gamble your company’s security with the new iPhone 7?

iphone panda security

Apple has taken the world by storm once again with the release of the latest version of its top-of-the-range smartphone. Two new iPhones, the 7 and the 7 Plus, are on the Smartphone market with some standout novelties: the absence of the classic headphone Jack and the addition of two new and improved cameras. Unfortunately, the topic of cybersecurity was absent from the keynote presentation, in fact, Tim Cook and his team did not devote a single minute to this important issue.

This isn’t to say that the lack of conversation regarding security in the brand new iPhones makes them a danger to your business or your employees. In fact, if businesses decide to use it as a corporate phone, users could actually benefit in regards to security thanks to some of its new standout characteristics and changes.

Novelties in Apple Mobile Security

The new Home button, for example, is not a button at all.  On the new version the Home button is actually a touchpad with a Haptic system that permits users to perform various functions—from exiting applications to using the multitasking function—while some of the other features were designed specifically for user convenience, security and privacy such as the Apple Pay or Touch ID.

Unlike the original iPhone button, the new Haptic button is designed to last over time.

iphone panda securityIn addition to the physical iPhones, a new operating system is also added to the new 7. The iOS 10 is presumed to be more robust in terms of cybersecurity (this is great news, especially after discovering various faults in the beta operating system).

It also permits users to respond to messages without introducing a security code or having to use Touch ID to unblock the device.

In conclusion, although Apple has given little or no attention to cybersecurity in their keynote, the combination of the iPhone 7 with the new operating system continues to be an excellent option for preventing IT risks in the corporate mobile sphere. If these devices become a growing danger for your company, make sure to combine them with the best advanced security solution.

The post Are you willing to gamble your company’s security with the new iPhone 7? appeared first on Panda Security Mediacenter.

Post-vacation Security Tips for your Business

password panda securityExcept for the few of us who choose to visit faraway places at other times of the year, for the majority of us, our vacation time is coming to end. Whether we are refreshed or nostalgic for our summertime getaway, let’s make sure to take into account our IT security while we get back on track.

Memory, Oh Memory

Recent research has proven that the last weeks of summer are an especially sensitive time of the year for some vacation side effects. Many of us are so relaxed we can’t even remember our passwords!

In that case, it’s easy to restore passwords, but we also have to be very careful while doing so. 77% of people who forget their passwords deliberately choose easier ones to replace their former passwords. Of course they do this to avoid another memory lapse, but they must also remember that this makes their password much less effective and lowers their security—in addition to the IT security at their workplace.

Check Out Your Well-Traveled Devices

When a laptop or mobile device leaves their usual space, they can be exposed to a higher number of threats because cybercriminals can connect to these devices (with or without your knowledge) while you’re accessing Wi-Fi networks at hotels, cafeterias and other public spots.

If you have been careful while using these access points it doesn’t mean something will happen. However, during the times of BYOD (Bring Your Own Device), all you have to do is review the devices that access the company network (laptops, mobile phones, tablets etc.) at the end of the summer. We hope you don’t have an unpleasant surprise waiting for you.

Recycling and Good Practices

The best time to revise routines or implement better practices is right after vacation time. This is also an ideal time to conduct an employee training, if your business permits it, in order to update workers on the latest threats. With proper training, your workers will be less likely of biting the “phishing” hook that comes after them.

September Novelties

While the weather is cooling down in the month of September, the technology sector is also getting ready for the hottest presentations of the year. Tech giants like Apple and Google always announce their newest updates and innovations. Companies await security developments regarding the new terminals and operating systems and as soon as the new versions are released, they are reviewed and updated. If your devices are obsolete and no longer support the upgrades, this is a great time to renew them.

Keep these tips in mind without forgetting to take precautions that we must bear in mind throughout the year, as is to have a good  cybersecurity solution that allows us to enjoy a  safe surfing on our corporate network.

The post Post-vacation Security Tips for your Business appeared first on Panda Security Mediacenter.

What you should know about Windows 10

windows 10 panda securityIt is reaching the end of its first year and now companies are asking, is it the right moment to update to Windows 10?Now that it’s becoming somewhat mature, should businesses take the plunge and invest time and money to upgrade their software? The general opinion is that yes, companies should upgrade. After all, it takes far less time and resources to plan the transition than to deal with it after problems emerge due to outdated software.

January 2020 may be far away, but that is when Windows 7 will be discontinued, and businesses need a lot of time—months or even years—to complete this type of transition. There are also some companies that have chosen to continue using Windows 8, an operating system which has brought more sorrow than glory to the corporate sector.

In addition to the added benefits offered in Windows 10, the tech company has also tried to fix the Windows 8 problems and has also introduced new elements that are designed to attract more businesses which is a huge market that Microsoft can’t afford to lose to its competitors: Apple Mac and Google Chromebook.

The main focus for Windows 10 is to reinforce security. Some of the improvements include biometric identification support (Hello), improvements for mobile device management (MDM) and a centralized verification center through Azure Active Directory (this prevents unnecessary password duplication).

Panda Security’s antivirus solutions work perfectly with Windows 10

But perhaps the most talked about and significant aspect for businesses is the new update cycle. With the 10th version of their operating system, Microsoft has gotten rid of something that is typical in other companies: constant updates. Until now, security patches were published once a month (the famous “Patch Tuesday”) and most of the improvements were concentrated in large blocks called “Service packs”.

The wait until 2020 is long and not in-rhythm with the current digital economy, but with this new system, Windows 10 will be able to install updates immediately (as long as the people in charge decide so).

The post What you should know about Windows 10 appeared first on Panda Security Mediacenter.