How to stay safe while using Airport WiFi

The more people you share an internet connection with, the more vulnerable you are to data theft. That is why it is always safe to browse the internet from home or at the workplace where the networks are uncongested and secure. But you cannot hide in this comfort zone forever; you will occasionally need to use public internet such as a coffee shop or airport Wi-Fi. When that happens, how do you secure your data? Please read on to discover 5 tips on how to stay safe while using airport Wi-Fi.

Details

Drastic Cloud Security Mistakes No One Should Make

In our modern age, it is natural to want to modernize your business in order to keep up with the times and keep customers interested, so investing in the cloud can often seem like a natural pathway for changing businesses, but it does come with some risks. Not paying attention to the very real risks of compromising cloud security – which can seem like a faraway, non-important issue – can cost you greatly, and, at worst, could ruin your business. Customers put their trust in you to keep them and their data safe, so compromising that can be the absolute faux par, which will destroy your business’ reputation and ensure that no future success can be enjoyed. But enough with the fear-mongering: how can you stop these security slips ever happening in the first place? Knowledge is your best tool, so knowing about the dangers often prevents them from becoming issues.

Details

10 Tips for Defending Against the OWASP Top 10

Open-source software is a great way to add proven functionality to your application, but it comes with risks in the form of software vulnerabilities. If you are using open-source components (and with all likelihood you are), it is important to keep track of new vulnerabilities as they are discovered, so you can upgrade to the latest, patched-up version of the software. 

One tool you can use to keep track of open-source vulnerabilities is the list provided by the Open Web Application Security Project (OWASP), which was last updated in 2017. The OWASP Top 10 covers the most critical security risks for web applications.

The following tips should help you protect your software against the OWASP Top 10 vulnerabilities.

Details

Expert Opinion on Avoiding Common Cloud Protection Pitfalls

Running a business these days often means managing a series of online accounts and figures, with a little shipping and perhaps some calling. Of course, this lacks the physical security of physical businesses. Many turn to other monitoring and management packages that can be accessed by clients, while algorithms and other features keep access to where it’s necessary. Cloud security can be tricky and without at least some education in the field, users can make simple mistakes that could ruin businesses.

Details

Steps to make your website GDPR Compliant

Does your business continuous traffic from European countries? If your answer is yes then you should be fully aware of Europe’s new data privacy law – GDPR. It will definitely affect you if you don’t know it.

In this article, we are going to discuss everything about what GDPR is, how it is going to affect your approaches of data collection and how to make your site GDPR compliant.

Details

7 Current Mobile Security Threats To Watch Out For

In terms of IT security, mobile is top of the agenda in 2019 for businesses, especially as now workers access the majority of the required data through mobile devices, with smartphones top of the list. With information often the most valuable asset that a company possesses, mobile breaches are a huge threat to businesses of all sizes. These are the specific threats to look for now and in the near future.

Details

Second Annual Long Island CISO Roundtable

We recently held our second annual CISO roundtable that brought in the attendance of fifteen CISO’s for a candid conversation regarding their concerns, challenges and advice on protecting their organization. Last year’s roundtable showed that Long Island has a security community that’s hungry to learn and grow from each other. This was also evident from the attendance at the first BSides Long Island, which was held in January. It was no surprise that our second roundtable was just as lively and informative as these two events. Throughout the agenda for the night the topics covered ranged from continued challenges, improvement, and future considerations. We’ll briefly touch on a few throughout this blog so the extended community can learn from their wisdom and insights.

Details

Moving to the Cloud, as easy as 1, 2, 3 … 4, 5, 6

Moving to the cloud takes you out of the data center business and enables you to focus your company’s efforts on what it does best. Cloud providers have a massive advantage over in-house and on-premises solutions in that they are backed by millions of dollars of research and development, as well as an international network of hardware dedicated to providing the best possible IT solution for their clients.

Details

Pen Test vs. Vulnerability Assessment: Which is Right for my Organization?

Often, when speaking to many organizations, I often hear confusion about Pen Testing, ie: what it is, how it differs from vulnerability assessments and what are the best use cases. I’ve decided to write this blog in the hopes of helping my customers better understand these differences and use cases of each.

The cyber threat environment is dynamic and constantly evolving. There are new vulnerabilities discovered on a daily basis. Attacks are getting more sophisticated – they’re getting more complex and flying under the radar of traditional detection technologies.

Details

The essential checklist for Cloud security

The ripping benefits of cloud computing have been widely touted – business agility, scalability, efficiencies and cost savings among the top. Fortunately, more and more companies are seen migrating and building mission-critical Java applications specifically for cloud environments showing no signs of slowing down. At the same time, such technology has exposed us to threats and risks previously unheard of.

Details

5 Use Cases for Amazon WorkSpaces You Should Know

Agile development has been increasingly evolving since the creation of the Manifesto for Agile Software Development in 2001. The desire to create better development methods has introduced a methodology that promotes efficiency, collaboration, flexibility, and fast turnaround. Now, eighteen years later, agile development is rising in popularity and might soon replace the traditional waterful approach.…

Details

When Should Your Company Think About Migrating to the Cloud?

There are multitude of reasons many companies are migrating to the cloud. Some are migrating to the cloud to aid in increasing the productivity of their IT staff, as well as the overall workforce. Others are looking to scale down data centers, help to lessen infrastructure sprawl, and modernize legacy applications. Additionally, some organizations are re-thinking…

Details

Training Wheels are Off – NYS DFS Transitional Period Finished

The two-year transitional period implemented by the New York State Department of Financial Services (NYS DFS) regarding their Cybersecurity framework, 23 NYCRR 500, finished this past March 1, 2019. This doesn’t mean the work ends here, but essentially it’s just getting started. The state of New York allowed institutions, or covered entities, a 24 month break in period before having to adhere to all phases per year. The training wheels are off and all phases will have to be obtained yearly moving forward.

Details

Cloud Services for K-12 School Districts

Natural disasters such as hurricane’s, earthquakes, and fire can put a school district’s data out of reach. These are obvious reasons to have a solid disaster recovery strategy in place. In the aftermath of Superstorm Sandy that hit the East Coast (NJ, NYC, and Long Island), there were several school districts that were unable to gain access to their systems for days or weeks after the storm had passed. This made it impossible to generate transcripts, pay bills, and in some cases, process payroll.

Details