Posts

Elastic Announces the Launch and General Availability of Limitless XDR in Elastic Security, General Availability of Elastic Agent, and Centralized Management of Elastic Enterprise Search | Business

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


MOUNTAIN VIEW, Calif.–(BUSINESS WIRE)–Aug 3, 2021–

Elastic (NYSE: ESTC) (“Elastic”), the company behind Elasticsearch and the Elastic Stack, today announced new capabilities and enhancements across its Elastic Enterprise Search, Observability, and Security solutions, which are built in a single platform – the Elastic Stack.

New capabilities include the general availability of Elastic Agent, a single, unified agent that simplifies the management and monitoring of data from a growing volume of diverse sources, centrally managed in Fleet to give users broad visibility and control over their environments.

With Elastic Agent, Elastic Security users benefit from integrated ransomware and malware prevention, as well as remediation capabilities directly from the endpoint. Elastic Observability users gain better visibility across their applications and infrastructure, as well as secure, centralized agent management.

Elastic announces the launch and general availability of the industry’s first free and open Limitless Extended Detection and Response (XDR). Part of Elastic Security, Elastic Limitless XDR modernizes security operations by unifying the capabilities of security information and event management (SIEM), security analytics, and endpoint security on one platform.

Additionally, Elastic Enterprise Search can now be centrally managed in Kibana, the single management interface across all Elastic solutions.

Other key updates across the Elastic Stack, Elastic Cloud, and solutions include:

Elastic Stack and Elastic Cloud

Elastic announces the general availability of Elastic Agent with centralized management in Elastic Fleet. First released in beta in 7.9 and now generally available in 7.14, Elastic Agent serves as a single unified agent to make it simple for customers and users to onboard and manage new data sources fast, while also protecting their endpoints from cyber security threats. Elastic Agent is an Elastic Stack capability that delivers value to users across Elastic Security and Elastic Observability solutions.

Elastic also announces that support for Microsoft Azure Private Link is now generally available. Customers can now privately and…

Source…

The Perfect Storm – How Mobile Reliance Has Forced Financial Services Beyond Device Management

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


Tablets and smartphones have become a primary tool to manage work and life as digital transformation accelerated last year. This trend is especially evident in the finance sector, where both workers and customers have become dependent on mobile devices to do everything from shopping, playing bills and managing finances. Similarly, financial employees are using the very same devices to stay productive as they continue to work away from the office.

The increased usage of mobile devices in the financial sector means both organisations and customers are exposed to new risks. These devices now have as much access to corporate infrastructure as traditional endpoints and hold more sensitive financial information than ever. Therefore, it is no surprise that the financial sector was the most targeted industry in 2020 by cybercriminals. To ensure that they tap into the productivity that comes from mobility, financial organisations need to embrace modern security technologies and strategies to secure the mobile devices and apps their employees and customers use the most. 

The need for dedicated endpoint security solutions

In an attempt to secure their mobile devices, the financial industry increased their use of mobile device management (MDM) solutions by 50 percent during the pandemic. Despite these efforts, cyberattacks did not decrease during the same period. Phishing remained one of the most common forms of cyberattacks while malware exposure rose by over five times. These trends illustrate that financial services organisations need to think beyond MDM when it comes to securing their mobile devices and their corporate data. 

We’re more susceptible to phishing attacks

There’s a reason that we saw a 125 percent increase in the average quarterly mobile phishing exposure rate for financial organisations. With everyone working from home, or continuing to do so under a hybrid-work environment, security teams have lost the visibility they had inside their perimeter. It also doesn’t help that people are using personal mobile devices and using networks organisations don’t control. In addition, consumers are using mobile devices to access sensitive data…

Source…

Internet of Things in desperate need of more robust identity and access management

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


The future of identity and access management in the Internet of Things will escape the confines of user-focused identity and transition toward a more inclusive model, according to a new analysis research report by ABI Research.

The new multi-faced approach will include machine and system identity along with IoT device and platform management operations.

“IAM is yet another identity and security framework that poses significant challenges when crossing from the IT realm onto the IoT,” says Dimitrios Pavlakis, senior cyber security and IoT analyst at ABI Research.

“Most cloud providers regard IAM as a purely user-focused term while other IoT device management and platform providers make references to IAM in device access control,” he says.

“IAM in traditional IT environment is used to streamline user digital identities and to enhance the security of user-facing front-end operations using a variety of management tools, privilege management software and automated workflows to create a user-focused authorisation framework.”

Pavlakis says the explosion of IoT technologies has significantly increased the sheer volume and complexity or interconnected devices, users, systems, and platforms making traditional IT IAM insufficient, if not problematic in some cases. 

“Insufficient access control options, legacy infrastructure and proprietary protocol dependencies, traditionally closed networks, the fervent increase in digitisation, albeit with lackluster security operations, are some of the most prominent challenges for IAM in IoT,” he explains. 

“Regardless of which IAM terminology is used, these challenges along with the highly complex IoT identity value chain point toward a more competent model of IAM, which touches upon various technologies and security protocols to be considered under the IAM umbrella including: user privilege management and on-prem access control, edge-to-cloud integration, cloud directory-as-a-service, system and machine ID, data security and governance, API management, IoT device identity, authentication and access control.”

Pavlakis says the justifiable lack of a unified IoT security standardisation framework, the fact that organisations are always on a…

Source…

Identity management and zero trust: Where to get started

T-Mobile is Warning that a data breach has exposed the names, date of birth, Social Security number and driver’s license/ID information of more than 40 million current, former or prospective customers who applied for credit with the company. Get Secured Now with Norton 360


The past year has taught us all a few things, from how much we value our health to what we take for granted regarding IT.

OPIS

The impact of the last year should be obvious, but the Verizon 2021 Data Breach Investigations Report laid it out clearly. During the past year, privilege abuse was the biggest cause of data breaches by far, and phishing, ransomware and use of stolen credentials all went up.

David Smith and Bernard Wilson, the US Secret Service agents quoted in the report appendix also pointed to lack of identity management as an ingredient for data breaches in more companies: “Organizations that neglected to implement multi-factor authentication, along with virtual private networks (VPN), represented a significant percentage of victims targeted during the pandemic. The zero-trust model for access quickly became a fundamental security requirement rather than a future ideal.”

So, after a tough year where security teams moved heaven and earth to keep their companies both productive and secure, it’s time to take stock. While some new identity management program implementations will be effective for the longer term, others will find gaps and assumptions that could lead to unnecessary risk. Reviewing your approach now should help you spot any areas where you can continue to improve and move toward a zero-trust security model.

Core identity and authentication

Zero trust starts with who you are authenticating and what they should have access to – otherwise called identity trust. Based on the directory which is your single source of truth and core identity provider, or IdP, this is what stores and authenticates the identities your users use to log in to their devices, applications, files servers, and more (depending on your configuration).

Traditionally, many organizations use a directory as their single source of truth, such as Microsoft Active Directory (AD) or an implementation of OpenLDAP. However, these approaches tend to be aimed towards larger organizations and require on-premises servers, networks, and hardware.

Today, the move to remote working has put more emphasis on cloud directory services that can support both cloud applications and the range of…

Source…