VPNHaus – Page 4 – WindowsTechs.com

A priority on today’s to do list: Please secure remote access once and for all!

Posted on February 23, 2017 by VPNHaus

Most IT devices have some form of remote access, whether via web browser or app. As long as devices are accessed by an authorized user from within an internal network, this isn’t a problem. Unfortunately, many devices, especially routers and smart home gateways are also accessible from the internet. And that’s where the problems begin. In fact, they have never stopped. Open remote access is among the greatest yet unfortunately inevitable threats of IT devices. Anybody who can access the management interface can control the device and usually the owner will not notice. Devices that are connected to the internet are constantly scanned and scrutinized for vulnerabilities. Open remote management interfaces should be treated as the digital equivalent of a loaded gun. It can be used but you need to know exactly what you are doing and take every possible precaution. Continue reading A priority on today’s to do list: Please secure remote access once and for all!→

Careful Connections are Key to Mitigating Cyber Attacks on IIoT Systems

Posted on February 16, 2017 by VPNHaus

Energy plants and factories have always been prime targets for delivering a devastating setback and psychological blow against an enemy. Today, successful attacks against critical infrastructure can be launched in cyberspace. In 2015, a cyber-attack on a Ukrainian power station caused a loss of power affecting 225,000 customers and the world took note. In the U.S., the Department of Homeland Security (DHS) has raised concerns over the growing number of cyber attacks on industrial control networks. In response, they recently published guidelines to “provide a strategic focus on security and enhance the trust framework that underpins the IoT ecosystem.” The document calls for a combined approach. Among the measures discussed are considered connectivity and defense in depth. Managed Virtual Private Network (VPN) connections and two-factor authentication can help secure critical connections to give IIoT data traffic the in-depth protection it needs. Continue reading Careful Connections are Key to Mitigating Cyber Attacks on IIoT Systems→

Top 5 security vulnerabilities are always the same

Posted on February 9, 2017 by VPNHaus

The research and analyst firm techconsult issued a summary of the five major security vulnerabilities in SMEs and public organizations in Germany at the start of 2017. Their annual study Security-Bilanz Deutschland reviews IT and information security b… Continue reading Top 5 security vulnerabilities are always the same→

Mitigating Retail Vulnerabilities

Posted on February 2, 2017 by VPNHaus

The threat of cybercrime against retailers is ever present. According to the 2016 Global Threat Intelligence Report, retailers are the top targets and receive up to three times the number of attacks as second placed financial institutions. Around 70% o… Continue reading Mitigating Retail Vulnerabilities→

The IoT gateway next door

Posted on January 26, 2017 by VPNHaus

Internet of things products are small, networked and unfortunately have almost always little or no security. Sometimes this is down to a lack of willingness by the manufacturer but it is also partly due to the nature of the product – small and light also means that these devices have few resources for complex security features such as encryption and packet inspection. This leads to vulnerabilities, numerous attack vectors and ultimately to a bot device which can be abused by almost anyone. Following the latest large-scale attacks that primarily use IoT devices as a digital army there is a loud demand from those who want more legislation and governments to get involved. In a hearing before the Committee on Energy and Commerce of the US House of Representatives, the security guru Bruce Schneier stated that “catastrophic risks” would arise through the proliferation of insecure technology on the Internet. Continue reading The IoT gateway next door→

Protecting virtual worlds of data in motion

Posted on January 19, 2017 by VPNHaus

In 2017, 69% of all applications will reside in the cloud according to Cisco. As we rely increasingly on benefits made possible by further advances in Industrial Internet of Things (IIoT) and mobile devices, it’s a statistic that will continue to rise. The challenge for enterprises today is how to protect data as it streams constantly between physical mobile/IIoT devices to virtual repositories in the cloud and back again. Until corporate IT departments fully manage and stay on top of security, large breaches will continue to make the headlines. Statistics revealed in the Ponemon Institute 2016 Global Cloud Data Security Study show there is still much to do. The study found that nearly half (49%) of cloud services in the enterprise are outside corporate IT’s domain, while around 47% of corporate data stored in cloud environments are not managed by the IT department. Continue reading Protecting virtual worlds of data in motion→

Does more surveillance offer more protection?

Posted on January 12, 2017 by VPNHaus

The trend towards greater state surveillance has become even more obvious since Edward Snowden’s revelations. Governments frequently justify such invasions of their citizens’ privacy as counterterrorism or anti-pedophile measures. In recent weeks, two unmissable examples of state interference have been hurried through including an amendment to Rule 41 of the Federal Rules of Criminal Procedure in America and the Investigatory Powers Bill by Theresa May. Both laws permit or legalize massive invasions of privacy. Nobody is questioning the presence of a criminal threat – whatever it may be motivated by. However changes to legislation will weaken the security of many IT products which is already under heavy fire as demonstrated by current events such as the Google hack or attack on Telekom routers in Germany. Continue reading Does more surveillance offer more protection?→

Lack of encryption is putting customer data at risk

Posted on January 5, 2017 by VPNHaus

Security researchers investigating the Yahoo data breach believe that a failure to use proper encryption is one of the prime reasons behind the hack. If this is right, then many more organizations may be putting customer data at risk. A report by Gemal… Continue reading Lack of encryption is putting customer data at risk→

BSI drafts Internet of Things security recommendations

Posted on December 14, 2016 by VPNHaus

At last, influential policymakers are slowly becoming aware of the damages unsecured IoT devices can cause. Recent attacks on high profile targets, exploiting cameras and routers, have attracted a lot of attention. Some of the issues will not likely be… Continue reading BSI drafts Internet of Things security recommendations→

The dark side of remote maintenance

Posted on December 7, 2016 by VPNHaus

Another first for 2016: at the weekend, another unprecedented event occurred which left significant numbers of Deutsche Telekom customers with difficulties accessing the internet or no internet access at all. As is now widely known, the outage was caused by a malicious attack – which was not entirely successful − rather than a technical fault. The attackers attempted to exploit the TR-069 protocol used on customer routers and add them to a bot net. 900,000 users are reported to have been affected. Continue reading The dark side of remote maintenance→