security

switch to modern authentication – sms as second factor is insecure

not only since twitter ceo jack dorsey was a victim with activated additional sms authentication for it’s account – now twitter disabled “temporarily” the ability to tweet via sms

…that phone numbers and sms’s were not designed to be used as two-factor authentication systems, as they are insecure.

Fabio Assolini, Senior Security Researcher at Kaspersky Lab, TechRadar Middle East

sim swapping is a technique of porting the same number to a new sim card of someone else, instead use features like oauth (already developed in 2006) – modern uem solutions ot casb take care about this with checking additional properties, like manged apps or encrypted devices > further secure alternatives below

multi-factor authentication
technology

cookbook: have I been breached or leaked?

… again 620 million accounts were stolen – it is all about your data – in the digitalisation it defines who you are – who do you trust – the following assist you to check if you got pwned and should raise the awareness


leaked

accounts monitored and collected in this database
=>> https://hacked-emails.com/


check

if you got pwned, enter your email address

=>> https://haveibeenpwned.com/

dns

leak is atransparent way to intimidate your traffic =>>https://www.dnsleaktest.com/

tracking

of your browser analyse your behavior, quick test of your browser is safe against tracking
=>> https://panopticlick.eff.org/

bad passwords

still common in 2019, if your password is listeted here? change it!
=>> https://www.prweb.com

read more about secure authentication and multi factor

tips

to being completely anonymous online
=>> https://www.csoonline.com

innovation, technology

virtual smart card

… for desktop/laptop a physical smartcard inserted in the device provides additional security, user just need to unlock the smartcard with a pin, without the need to know their password – in times of mobile devices it is possible to attach those smartcard with adapters, but with bad user experience

derived credentials ensure compliance with HSPD12 / FIPS 201 personal identity verification (piv) requirements


derived credentials provider, e.g. entrust, provides an overview about the integration in the infrastructure and enrollment of trusted certificate with modern emm system


citrix provides an easy way to secure authenticate at workspace app for emm trusted devices, better usability and higher security

download NCCoE released second draft version of NIST cybersecurity practice guide SP 1800-12, derived piv credentials attached:

technology

everything you need to know about malware and how to protect

 

rootkit, control your device and get your data – mining-software, steal your power to mine crypto currency – trojan, install other malware, to send spam from your device or steal information like passwords

 

only 14% of businesses have implemented even the most basic cybersecurity practices

 

 

the signs are clear that mobile threats can no longer be ignored

 

 

a combination of vulnerability management, anomaly detection, behavioral profiling, intrusion prevention and transport security technologies to protect mobile devices and applications from advanced threats