Identity and Access Management for Social Engineering Attacks

When in action, a social engineering attack could look like an email received from a government organization or your own organization asking your employees to divulge their credentials. The basis of social engineering attacks is to induce fear or urgency in unsuspecting users and employees into handing over sensitive information. Over the years, these attacks have become more sophisticated –  even if you open a mail or message from a possible attacker, malware is immediately installed on your system.  Continue reading Identity and Access Management for Social Engineering Attacks

Security vs. Usability

Security vs. usability – the debate has been around for quite a while now. Which one would you prioritize? Would you consider convenience more important than security when it comes to the identity management of consumers? What are your users more inclined to? Is there a way to find a balance between the two? Continue reading Security vs. Usability

Is Social Login a Secure Login?

Social login is a form of single sign-on, where users are allowed to log into an application or website using one of their existing social media account credentials. A social login, therefore, eliminates the need for users to register on yet another online platform – saving them the need to remember yet another set of credentials.

If you are a business, you may have noticed that a social login option on your online platform has had a positive effect on the number of registrations you receive. If you are an individual user, you may have found the option to either “Sign up” or “Login with Facebook/Google” and felt relieved that you were able to access the platform in just a few seconds by choosing the latter. But have you ever thought of how secure this method of login really is? Continue reading Is Social Login a Secure Login?

Beware of Credential Stuffing

In recent times, you might have noticed user accounts being compromised by the millions, and yet companies refute these claims saying that their systems are secure and have not been attacked. In these cases, the companies are right – instead of a direct attack, the hackers may have performed an attack called ‘credential stuffing’. In this type of attack, hackers get their hands on usernames and passwords of one application or service and stuff the same credentials on another login for another digital provider.

Continue reading Beware of Credential Stuffing

DNS Filters for a Safe, Compliant, Productive Workplace

 

Domain Name System (DNS) is an addressing system used by the internet through which domain names are located and translated into internet protocol (IP) addresses. When a user attempts to access a website through an internet browser, a DNS query is performed. The DNS server matches the request to the respective IP address of the domain and responds to the query by loading the requested web page on the user’s browser.

So what is DNS Filtering? It is a technique by which access to specific websites, web pages, or IP addresses, can be blocked or permitted. If a DNS filter is in place, the IP address being returned from the DNS server will be checked before it is permitted to load on the user’s browser. Therefore, DNS filtering ensures that the user is protected from online threats like viruses, malware, ransomware, and so on. DNS web filtering can also be used to block inappropriate websites and web pages that the user may be searching for, especially at the workplace.

Continue reading DNS Filters for a Safe, Compliant, Productive Workplace

Prevent Cybercrime with the Zero Trust Model of Cybersecurity

Would you trust just anyone to enter your home? Or would you first confirm that you know them and they have the right to be there?

The Zero Trust Model (ZTM) of security follows a similar principle. The ZTM approach is to be aware of anything entering the company, whether from inside or outside the company’s perimeter.

ZTM simply verifies everything that requires access to the system. The approach does not necessarily decree that every request should be denied. Instead, it asks: Why is access needed? How far? How long?

Continue reading Prevent Cybercrime with the Zero Trust Model of Cybersecurity

Working Online? Watch out for Identity Theft!

Identity theft is as real as your identity and as dangerous as the one who steals it. It occurs when an unauthorized person or entity uses your personal information to assume your identity and commit fraud and other criminal activities including stealing from you, or from others in your name.

What does an identity thief steal?

Your name, address, credit card or bank account information, and even information that might otherwise seem harmless, such as photographs, information about your family members or your date of birth could be used in harmful ways in the wrong hands.

Continue reading Working Online? Watch out for Identity Theft!

Cloud Security Solutions – Why do you need them?

Migration to the cloud is no longer an emerging trend. It is now a well-established method of running the operations of a business. With the cloud, you can manage data and applications in a secure environment and ensure that your users face virtually no latency while using your applications. But although the cloud comes with a basic framework for security, it still has its inherent security risks which need highly specific cloud security solutions to reliably protect your data. To understand the need for implementing an effective cloud security solution, a deeper understanding of what causes and constitutes a cloud security threat is important. Continue reading Cloud Security Solutions – Why do you need them?