Tag: Ecosystem | Page 2

The need to protect data and secure your mobile device ecosystem

November 15, 2022/in Mobile Security

All Australian organisations are aware of the need to secure critical sensitive information. As seen from the recent Optus customer data breach, the impact on a business’s reputation and bottom line is real. Data leaks cost businesses in a number of ways. Not only the cost of paying fines and compensation to those individuals affected, but also loss in consumer confidence due to an organisation’s inability to protect sensitive information.

While organisations today take steps to prepare IT infrastructure against cyber-attacks, less attention is given to another area of organisational IT vulnerability – its mobile device ecosystem. The rapid growth of mobile technologies and the rise of the Internet of Things (IoT) across a range of industries has brought numerous risks and challenges.

Billions of new devices and endpoints are constantly in use, containing a diverse range of features, connections, standards and protocols. Some of these devices may be simple, such as a smart thermometer in a healthcare setting where the security risks are low.

However, for some devices like a mobile computer in a retail environment that carries sensitive customer data, organisations need to take steps to ensure they have the necessary security protocols and systems in place. After all, if these devices are improperly managed and left unsecure, that leaves multiple open endpoints that can be exploited by a cyber-attack.

Protect sensitive patient data in healthcare settings

Adopting mobile technologies that enable workers to create efficiencies and support enhanced levels of patient care provide tangible benefits in the healthcare sector. However, the growth in the number of devices handling private patient information also presents data security risks.

There are more lifesaving tools and technologies available today than at any other point in history, but the instance of lost, stolen or unprotected devices in healthcare settings can expose the private information of many Australians.

For 12 consecutive years, healthcare paid more for data breaches than any other industry. This is a result of the sheer volume of devices and endpoints in healthcare environments which present…

Source…

ECS Research Team Receives Grant to Advance the Ethereum Blockchain Ecosystem

September 6, 2022/in Computer Security

STEM

Yuzhe Tang headshot Yuzhe Tang, assistant professor of electrical engineering and computer science in the College of Engineering and Computer Science (ECS) and his research team received a grant from the non-profit Ethereum Foundation for research to advance the Ethereum blockchain ecosystem.

The grant is part of the peer-to-peer (P2P) network grants from the Ethereum Foundation’s recent Academic Grants Round.

A blockchain network is an open-membership peer-to-peer network that stores the information of crypto-asset ownership. Thus, the security and availability of the blockchain network are essential to maintaining asset safety. For instance, if the blockchain network is down, crypto-asset owners cannot withdraw their assets and traders cannot trade.

Tang’s proposed research aims to secure Ethereum’s P2P network against existing and emerging attacks. Ethereum is the second largest blockchain after Bitcoin and holds assets worth more than $190 billion as of August 2022. His research will involve systematic vulnerability discovery, online attack detection and mitigation tailored to leading Ethereum client software.

Tang’s research will result in automatic software tools and retrofittable mitigation subsystems. In addition, he and his team are interested in collaborating with the Ethereum developer community to integrate the software artifacts for Ethereum clients.

Source…

TECNO establishes Security Response Center to improve the security ecosystem

September 27, 2021/in Mobile Security

TECNO Mobile recently established official security response center (SRC), a platform for cooperation and exchanges between TECNO and security industry experts, researchers and organizations. This remarks a strategic move that reiterates TECNO’s consistent commitment on security and help upgrade TECNO’s security ecosystem to a higher level.

TECNO SRC has launched a bug bounty program to encourage external security researchers to submit vulnerabilities detected to the security team, and reporters are entitled to get an up to $7,000 reward based on the evaluation of the impact of vulnerabilities. More than 45 models under TECNO Mobile’s four smartphone lines -PHANTOM, CAMON, SPARK and POVA are listed for the bug bounty program.

Stephen Ha, general manager of TECNO said: “ At TECNO, our first priority is offering the most secure mobile experience to our users. SRC is of strategic significance for TECNO to create a comprehensive upgrade of TECNO’s security ecology. Through SRC, we have gone one solid step further on mobile security protection for our users in over 70 global emerging markets.”

John Peng, head of security department said: “We understand that under current social circumstance, users’ privacy and information security are vital. TECNO has been continuously executing diversified plans in terms of enhancing our product security. By cooperating with international security professionals through the establishment of SRC, we are sure that we can provide users more secure mobile using experience.”

Starting from coding, application and firmware, the security department carries out security management and audits at each stage of product design, development, testing and release. This is to ensure that all software installed on each device can pass a series of rigorous security checks, including the tests of TECNO security scanning platform, Google Play Protect, GMS BTS and VirusTotal. In addition, TECNO has been regularly sending 90-day security patch updates to users to ensure product safety and protect user equipment from malicious software.

Moving forward, TECNO plans to reach cooperation with the international vulnerability public testing platform…

Source…