Infosec Cloud
Solutions. Services. Training.

May 2015 Update

We aim to provide you with a round-up of our latest offers and essential info to help increase your productivity and keep you secure.

The End of the Password?

A pin. A tap. And you’re in.  It’s that simple. 

The way we access our digital lives is on the cusp of radical change. Passwords will finally become a thing of the past, as a revolutionary new way of two factor authentication (2FA) dispenses with the password altogether.

SecurEnvoy has announced the prototype of their latest OneSwipe authentication tool, built upon Windows 10’s new near field communication (NFC) capability to securely authenticate a user’s identity via a simple tap of their phone against a master device.

Since the dawn of the digital age, we have signed up to the password, trusting in its ability to keep our digital lives safe from thieves and those who would mean us harm. As cybercrime reaches endemic proportions and computing power doubles every two years, the humble password, however elaborate, is now alarmingly susceptible to a brute force attack. We’ve recognised that whilst 2FA as it currently exists eliminates the flaws of the traditional password, without simplicity it will never truly replace it.

That’s why SecurEnvoy has created OneSwipe with NFC capability.

SecurEnvoy OneSwipe provides a simple and intuitive user experience, whilst boasting the same strength as the company’s popular two factor authentication suite.

Removing the need to remember lengthy URL’s, passwords and user IDs, a user simply has to choose the account they want to activate, enter a four digit pin and tap their phone against any Windows 10 enabled PC or tablet device. This then automatically launches the chosen URL in the browser and automatically logs in. SecurEnvoy plans to bring the one tap technology to Android and iOS later this year.

The current OneSwipe technology uses a onetime QR code generated every thirty seconds on a user’s device, which is then held up to a forward facing camera on a computer instead of an NFC tap. All current OneSwipe users will be upgraded to include NFC as the technology rolls-out to different platforms in the coming months; device permitting.

The Windows 10 developer tooling preview was made available to Windows Insiders on 23rd March 2015, whilst Microsoft continues to work on finishing Windows 10.

The prototype was demonstrated at this year’s RSA conference in San Francisco.


Are You Protected From Ransomware?

The 4 stages of Crypto-Ransomware:

 1. Installation
User receives an email with attachment (usually a zip file). When the user opens the file it installs itself and sets keys in the registry so it auto runs whenever the infected PC starts.

2. Contacts Server
Before crypto-ransomware can attack the PC it has to first contact the cybercriminals server. The two computers do a carefully constructed handshake where the server generates a key to be used to encrypt the files.

3. Encryption
The ransomware starts copying all targeted files on the computer using the key to encrypt the copies. The original file is then deleted.

4. Extortion
The ransomware displays a page with a timer giving them a deadline to pay the ransom before the cybercriminals destroy the key. The amount ranges between $50 and $500 which must be paid in untraceable bitcoins.

Staying Safe:

Use Email Security — Set anti-spam controls to sensitive. Set email security to block unwanted attachments such as EXE files. Enable checking of content within ZIP files. Educate your users to not open attachments that are not expected.

Use Web Security —  Typically the cybercriminals constantly change the IP’s of their server to avoid being traced. By blocking Malware and uncategorized sites the ransomware cannot connect to the server and therefore cannot get a key to encrypt the PC.

Use Endpoint Security — Good Endpoint Security will detect and quarantine the majority of Malware. Restrict write permissions to servers wherever possible. Make regular offline backups and test them.

Summary:
Whilst an advanced Endpoint Security is vital, it is not enough to protect users. Endpoint security should be integrated with Email and Web security. Web Security should not be restricted to the network to protect mobile users, protection should be cloud-based.

Click here to Download your Free Infographic  >>


For more information or impartial advice, please email: [email protected] or call 01256 379970


Take an Aerohive Test Flight:

Are you considering a Wireless project at any time over the next year? If so, do you fancy getting your hands on a free Wireless Access Point from Aerohive?**

And having thorough technical instruction to configure the network settings?

Test Flight is a tailored technical program to allow you to meet with Aerohive technical experts and get hands on with Aerohive to configure, integrate and roll it out into any typical network scenario.

Date: Thursday 28th May
Time: 9-1pm

Location:
Exclusive Networks (see map)
Mill Lane
Alton, Hampshire
GU34 2QJ

What will be covered?
During this half day workshop, you will configure network settings yourself and experience how easy and simple it is to operate and deploy Aerohive’s Management Platform. You will learn the business benefits of a controller-less Wi-Fi solution and have the opportunity to discuss your specific business challenges direct with our specialists during the networking session at the end of the workshop.

You will learn how to:
* Complete a typical Wi-Fi network planning scenario
* Integrate Aerohive APs in the central management tool (HMOL)
* Create network policies that enable employees and guests on your network
* Configure auto provisioning – an easy roll out of APs without any pre-configuration

Click here to register >>

** Qualified attendees will receive a no obligation free Aerohive AP with a HiveManager Online account valid for 3 years. Click here for details.


Microsoft Office 365: How to Strengthen Security, Compliance and Control.

An Osterman Research White Paper

Osterman Research has identified the areas that enterprise organisations should focus on in order to maximize the benefits of Office 365.  Read the report to find out how third party solutions can play a vital role in helping you to get more from Office 365:

*  Archiving and compliance considerations
*  Enhanced security
*  Email continuity
*  Total control.

Plus some helpful questions that you can consider as you embark on this journey.

Email [email protected] to request your free copy of the report.


 Best Cloud Computing Security Winner – Blue Coat

Blue Coat Award SC Magazine 2015 Image

The Blue Coat Cloud Security Solution was recognised as the “Best Cloud Computing Security Solution” in the Reader Trust Award category at the 2015 SC Awards.

The awards recognise the best solutions, services and professionals that work around the clock to defend against the constantly shifting threat landscape in today’s marketplace.

Blue Coat Cloud Security Solution is an enterprise-class cloud solution that extends an organization’s security perimeter to provide consistent security and policy, on and off the corporate network. The fully meshed global network delivers high performance and availability, with over 40 data centres in 24 countries.

To read more about Blue Coat click here >>


Byte Night 2015

Byte Night is Action for Children’s biggest annual fundraiser; a national ‘sleep-out’ event. Each year, hundreds of like minded people from the technology and business arena give up their beds for one night to help change the lives of vulnerable young people.

It all began in 1998 when 30 individuals slept out in London and raised £35,000. Since then Byte Night has grown to 8 UK locations and over 1300 people slept out in 2014 and have raised over £1.1 million. Byte Night is one of the UK’s top 20 mass participation charity events and is the largest charity sleep-out having raised over £7.2m since the first event.

We’re supporting Thames Valley Byte Night  this year on 2nd Oct – if you’d like to get involved, please email [email protected] to find out about participation, sponsorship and donation opportunities.


 

  • Employee GDPR Awareness Training

  •  Identity-as-a-Service (IDaaS) solution

  • Tokenless Strong Authentication (MFA)

  • Next Gen Endpoint Security

  • Enquiry LinkedIn Spiceworks