Mobile mitigations for Meltdown and Spectre: A guide

Meltdown and Spectre are two critical vulnerabilities recently identified in modern processors. These vulnerabilities can allow unprivileged users to access memory belonging to other processes, including the kernel.

Much of the initial coverage of these vulnerabilities centred on desktop, server, and cloud systems, but they affect mobile devices as well. Apple, Google, Linux distributions, and Microsoft are now releasing patches to mitigate these issues.

How the exploits work

Meltdown and Spectre are hardware...

By Ojas Rege, 22 January 2018, 0 comments. Categories: App Platforms, Data Loss, Enterprise Mobility, Security.

How to combat the risks of shadow IT with secure messaging

With the increasingly frequent and damaging security breaches in the news today, the natural tendency for IT professionals is to run back to the data centre and patch, upgrade, test and make sure that all business data and, therefore, the corporate reputation, is safe. While corporations continue to lock down the enterprise and its users, they often forget one important factor – employees have their own powerful computing devices, their mobile phone.  

Generally, employees will stop at nothing to...

By Galina Datskovsky, 24 October 2017, 0 comments. Categories: CIO, Cloud , Collaboration, Data Loss, Employees, Enterprise Mobility.

WhatsApp and WinZip among most blacklisted enterprise iOS apps, says Appthority

WhatsApp, WinZip, and Pokémon GO were the top iOS apps blacklisted by mobile security teams, according to a new report from enterprise mobile threat protection provider Appthority.

The study, the company’s latest quarterly Enterprise Mobile Security Pulse Report, found iOS apps were most likely to be given the boot due to data leakage for sending SMS messages, tracking location, and sending data unencrypted.

For Android – whose biggest casualties were Where’s My Droid Pro and an...

By James Bourne, 03 October 2017, 0 comments. Categories: Applications, Data Loss, Enterprise Mobility, Malware, Security, Social.

WebEx most popular enterprise app says MobileIron – yet organisational bad practices remain

(c)iStock.com/allvisionn

WebEx is the most popular enterprise app installed by MobileIron customers, with Dropbox, Facebook and WhatsApp among the most frequently blacklisted, according to a new report.

The study, the enterprise mobility management (EMM) provider’s third Mobile Security and Risk Review report, also found that almost 80% of firms are using more than 10 apps for business, with almost one in five (18%) using Apple’s Volume Purchase Program (VPP) – a number which goes up in...

By James Bourne, 13 February 2017, 0 comments. Categories: Applications, Data Loss, Enterprise Mobility, Security.

CISO research advocates ’30 day sprint’ to get privileged credentials up to date

(c)iStock.com/erhui1979

If you had a panel of Global 1000 chief information security officers (CISO) at your disposal, what would you ask them? A new report issued by CyberArk argues organisations can improve their security fitness and protect privileged credentials in a ’30 day sprint’.

The report outlines a ‘proven framework’ to implement a set of key controls around privileged credentials, noting that organisations can make gains ‘with a sufficient sense of urgency’. In...

By James Bourne, 08 February 2017, 0 comments. Categories: Data Loss, Employees, Security.

US hospital pays $3.2m fine after lost device and HIPAA non-compliance

(c)iStock.com/wasja

The Children’s Medical Center of Dallas has paid $3.2 million (£2.58m) to the US government after a lost device in 2009 was found to have breached HIPAA protocol.

The investigation came about after Children’s Health filed a breach report with the Office for Civil Rights (OCR) in January 2010 which indicated the loss of an unencrypted, non-password protected BlackBerry device at the Dallas/Fort Worth International Airport two months earlier. In July 2013, the hospital...

By James Bourne, 07 February 2017, 0 comments. Categories: Data & Analytics, Data Loss, Enterprise Mobility.

DDoS attacks grew at CAGR of 68% over past five years, says Arbor Networks

(c)iStock.com/daoleduc

Here’s news we already suspected: DDoS attacks are getting larger and becoming more frequent and complex with it, according to a report released by Arbor Networks. 

The company, the security division of application and performance management firm NetScout, has released its 12th annual worldwide infrastructure security report, and of the 356 respondents, from a mix of service providers, hosting, mobile, enterprise, and network operators, the threat landscape has been...

By Enterprise CIO, 30 January 2017, 0 comments. Categories: Data & Analytics, Data Loss, Malware, Security.

Why healthcare is a vulnerable sector for cyber attack – and what can be done about it

(c)iStock.com/jackaldu

2017 is set to feature greater attacks on internet security; the broad adoption of IoT seen to be easily compromised coupled with data often held on legacy systems is likely to capture attention.

Healthcare represents one of the sectors vulnerable to IoT attacks. As more and more people adopt smart wearables and mobile apps tracking fitness the bank of hackable data for cyber criminals is growing and the value of the information is increasing which makes attacking more rewarding....

By Duncan Hughes, 17 January 2017, 0 comments. Categories: Data & Analytics, Data Loss, IoT, Security.

NIST report encourages “wider view” of mobile security ecosystem

(c)iStock.com/zeljkosantrac

The National Institute of Standards and Technology (NIST) has released a new resource which aims to help organisations protect their systems from mobile threats.

The paper, which is currently at a draft stage and is requesting feedback, lists potential threats in a variety of areas, from authentication to supply chains, physical access to payments, as well as network protocols and infrastructure.

“Mobile devices pose a unique set of threats, yet typical enterprise protections...

By James Bourne, 15 September 2016, 0 comments. Categories: Authentication, Data & Analytics, Data Loss, Enterprise Mobility, Security.

Four in 10 firms admit suffering crucial data loss from a mobile device

(c)iStock.com/Chunumunu

Four in 10 companies have suffered a loss of key corporate data from a mobile device, according to new research from industrial IT services provider NetEnrich.

The study, which polled 150 North America-based IT professionals, argues corporate IT is “hounded” by concerns over mobile security. More than half (54%) of respondents say getting employees to review the company’s policy on mobile devices is the most difficult part of managing employee use, while a similar...

By James Bourne, 14 September 2016, 0 comments. Categories: Data & Analytics, Data Loss, Employees, Enterprise Mobility, Security.