Location- and Device-agnostic Security for the Mobile Workforce

I’ve spent my entire career in technology and can still recall the time when a desktop PC was the only way to work. (Truth be told, I’m also old enough to remember dumb terminals.) I also remember my first company laptop — a beast of a thing with a mo… Continue reading Location- and Device-agnostic Security for the Mobile Workforce

Location- and Device-agnostic Security for the Mobile Workforce

I’ve spent my entire career in technology and can still recall the time when a desktop PC was the only way to work. (Truth be told, I’m also old enough to remember dumb terminals.) I also remember my first company laptop — a beast of a thing with a monochrome display so thick it came with an integrated 2.5" floppy drive and a battery life that made it barely usable. My first mobile phone was a Motorola Timeport, the first tri-band mobile phone that could work in Europe and North America. Continue reading Location- and Device-agnostic Security for the Mobile Workforce

SolarWinds Hack and the Case of DNS Security

It’s not news that some of the top government agencies and companies in the world were victims of the SolarWinds attack. At this point, I can say it’s the reason I didn’t have a smoother transition back into work-life following a long vacation. As I understand it, the breaches happened after malicious code was inserted into a software patch that was downloaded by the companies and agencies. The installation of the patch executed malicious code, called SUNBURST, which created an entry point for other malicious codes (TEARDROP/RAINDROP). These additional codes were used to allow attackers to move laterally within the network and exfiltrate sensitive customer information to a public command and control server. Continue reading SolarWinds Hack and the Case of DNS Security

SolarWinds Hack and the Case of DNS Security

It’s not news that some of the top government agencies and companies in the world were victims of the SolarWinds attack. At this point, I can say it’s the reason I didn’t have a smoother transition back into work-life following a long vacation. As I un… Continue reading SolarWinds Hack and the Case of DNS Security

Tale of the Tape: Top 5 Reasons Phishing Attacks Haven’t Dried Up

One of my favourite websites is archive.org (OK, so I’m a nerd). For anyone not familiar with this website, it’s essentially a time machine that allows you to go back and look at pretty much any site from a point in time over the past 20-odd years.
The… Continue reading Tale of the Tape: Top 5 Reasons Phishing Attacks Haven’t Dried Up

DNS Protection: A "Must" in Security Solutions for any Company

DNS is a critical element for all companies because it turns domain names into internet protocol (IP) addresses. Cyber criminals have been digging into DNS in order to create new threats. DNS exfiltration is a typical attack that can become a terrible problem for a company; especially because these attacks (if used to encrypt traffic or use DNS tunneling), are very difficult to detect, and can permeate a network for long time, causing information theft that can compromise the company. Due to this exfiltration of data, a company can run into legal problems or acquire a bad reputation in the sector. Thus, the resulting issues can be very serious. If a DNS exfiltration or any other DNS attack is not detected properly, or at the beginning of the infection vector, consequences can be dire. Continue reading DNS Protection: A "Must" in Security Solutions for any Company

Securing Your Direct Internet Access Connections

But now, with more traffic destined for SaaS applications and the public web, enterprises are increasingly adopting the Internet as the corporate network. Instead of sending SaaS or web traffic over the WAN, Direct Internet Access (DIA) simply sends that traffic out over a standard broadband connection. An alternative approach is for the enterprise to deploy an SD-WAN. Continue reading Securing Your Direct Internet Access Connections