Tag Archive for: Approach

VinCSS Applauded by Frost & Sullivan for Enabling the Protection of Users, Devices, and Data from Password-related Attacks with Its Robust IAM Security Approach

/in


The simple, flexible, and secure IAM approach mitigates data breach risks and damages, enhances the user experience, optimizes operations, saves on operational costs, and strengthens security.

SAN ANTONIO, Nov. 24, 2022 /PRNewswire/ — Recently, Frost & Sullivan researched the Southeast Asian (SEA) passwordless authentication industry and, based on its assessment results, recognizes VinCSS with the 2022 SEA Enabling Technology Leadership Award for passwordless authentication. The company develops passwordless authentication solutions that use the FIDO2 protocol to make them true passwordless solutions, with no primary password needed. The company offers reliable passwordless identity and access management (IAM) solutions that help customers minimize the need for passwords; reduce the friction, complexity, and risks associated with passwords and their related requirements; and increase the operational efficiency of IAM strategies.

VinCSS developed a comprehensive FIDO2 ecosystem to ensure strong or passwordless authentication using seven solutions, encompassing servers, Internet of Things (IoT) and cloud services, transformation services, and software development kits (SDKs). To cater to the rising demand for IoT security, VinCSS’s new IoT FIDO Device Onboarding (FDO) solution securely sets up and configures IoT devices automatically. FDO, developed by FIDO Alliance, is an automated onboarding protocol that addresses IoT device security concerns and leverages asymmetric public key cryptography to provide industrial IoT with a fast and secure way to onboard devices to any device management system. This capability makes devices more resistant to attacks by substituting highly secure cryptographic keys for generic password credentials.

According to Anh Tien Vu, Frost & Sullivan Best Practices Research Industry Principal, “The FIDO2 ecosystem enables businesses to address multiple use cases, including eliminating credential replay attacks with user presence checks to prevent malware hacking, providing authentication standard enforcement to ensure supply chain security and addressing authentication redundancy to fast-track and support better compliance and audit requirements.”

The…

Source…

A City’s Journey to Smart Solutions: A Bottoms-Up Approach to Balancing Privacy, Security and Public Safety

/in


This article is the fifth in a series that follows the City of Oakland’s journey to balance privacy and security in the aftermath of a public safety crisis – from the formation of the first citizen-led privacy commission in the nation that was created in response to planned expansion of surveillance throughout the city, to a bottoms-up, citizen-led initiative from one district to deploy smart surveillance technology throughout all districts of the city. Read the first installment here, the second installment here, the third installment here, and the fourth installment here.

As the article preceding this Oakland series quoted The Dark Knight, this article will wrap up the series with another: “The night is darkest before the dawn…I promise you, the dawn is coming.” These words vowed by the character Harvey Dent/Two-Face were meant to assure citizens of the crime-ridden city of Gotham. But when will the dawn come for Oakland, a city in the midst of a long-lasting public-safety crisis?

The drones that took flight in Oakland in March 2022 came from a community left reeling in the aftermath of a dual pandemic of COVID-19 and anti-Asian hate, amid a tsunami of violent crimes that tore through all districts of the city. While crimes rose throughout the nation during the pandemic, Oakland scores No. 1 as the most dangerous on a crime index with a scale of 1 to 100. Oakland residents have a 1 in 77 chance of being a victim of violent crime – a rate that is almost three times higher compared to the state of California with a rate of 1 in 227.[1]

It was citizens from Oakland Chinatown who made the surveillance technology possible. A private donation of $80K enabled the launch of the drone program with the Oakland Police Department (OPD), after the use of Unmanned Aerial Vehicles (UAVs) was finally approved by the Privacy Advisory Commission (PAC) and City Council, although the source of the donated funds for the drones is under an open and ongoing investigation with the City of Oakland. It was the latest effort by the residents of Oakland Chinatown in response to the rise in violent crimes and targeted hate-crime attacks against Asian American Pacific Islanders (AAPI)….

Source…

“A privacy-first engineering approach is central to organizations’ cyber resilience”

/in


Many enterprises have started realizing the benefits of adopting confidential computing in today’s distributed work environment. In an interaction with Express Computer,  Ivar Wiersma, Head of Conclave, R3 outlines how organizations can leverage confidential computing to  securely aggregate their datasets to solve shared business problems for their customers and across markets. 

What are the current cyber security challenges, especially in the new normal post the pandemic? 

The new normal definitely poses new challenges for cyber security given the fact that many businesses have found ways to operate virtually. There has been a 17% increase in the number of data breaches now compared to 2020 which underlines the importance of ensuring the security of user data for many businesses in this day and age. 

Coupled with the projection that 75% of the world’s population will have their personal data online by 2023, user data security will not only become a responsibility of businesses but a priority for businesses who wish to thrive in a post-pandemic world. To cater to the demands of a growing digital citizenry, businesses have ramped up their partnerships with other businesses to collaborate digitally in a distributed environment.  

When doing so, this gives rise to the need to ensure that the data shared is kept secure, confidential and tamper proof. To prevent any tampering of confidential data, many businesses simply do not share their confidential data with partners. This is a key challenge for businesses in the post-pandemic world. Information sharing offers great opportunities for businesses in which customer data can inform actionable insights, enhance customer experience and build a more resilient, pandemic-proof organization. However, many businesses are still hesitant to share their data as the space remains difficult to control from a technological standpoint once the data is made available. 

In the light of these challenges, what are the changes that cyber security practitioners need to adopt? 

One possible solution for companies who wish to enhance the security of their complex enterprise structure could be to adopt confidential computing. With this type of…

Source…

A new approach to security

/in


As mobile devices have become increasingly ubiquitous in the workplace, the need for a new security architecture has arisen. The traditional security model no longer applies in a mobile environment, where users can easily access corporate data from any location. Zero Trust for mobile endpoints is the key to keeping your organization safe in today’s climate. The Lookout team has released a whitepaper on Zero Trust for mobiles and we discuss its advantages over traditional approaches in this post. 

Why is Zero Trust becoming important? 

With cloud adoption on the rise, data is everywhere, and it can be accessed from any device. Security teams who rely on traditional perimeter provisions such as firewalls and secure web gateways will find this as a challenge because enterprise information no longer resides there -it’s fluid, moving around within global networks where employees have easy access to data through their smartphones or laptops. 

This trend has resulted in new security necessities. With perimeters disappearing, key security functions will have to be moved to the mobile endpoints so that the security is there where the data is accessed by the employees. By implementing the Zero Trust access model for mobile, the device health can be continuously checked in order to allow access to corporate data. 

How Zero Trust architecture ensures security 

The Zero Trust security strategy is a new approach to mobile endpoint protection and access that takes into account the dynamic nature of connections between an employee’s device, and corporate data stored in cloud-based servers. This continuous conditional access security model encompasses endpoint protection, access to the cloud and identity. 

The crucial aspect of Zero Trust architecture is to assess the device risk using endpoint protection.  By continuously checking threats or risks on the device, an organization can decide whether an employee device is healthy enough to be authenticated and provided access to corporate resources. Every endpoint security model should include mobile endpoints.  

Providing protected access to corporate cloud data without the help of traditional perimeters is another crucial aspect of…

Source…