technology

everything you need to know about malware and how to protect

 

rootkit, control your device and get your data – mining-software, steal your power to mine crypto currency – trojan, install other malware, to send spam from your device or steal information like passwords

 

only 14% of businesses have implemented even the most basic cybersecurity practices

 

 

the signs are clear that mobile threats can no longer be ignored

 

 

a combination of vulnerability management, anomaly detection, behavioral profiling, intrusion prevention and transport security technologies to protect mobile devices and applications from advanced threats

 

 

innovation, technology

multi-factor authentication

most used passwords still “12345” and “password”, keep you private data as save as enterpises

secure authentification needs to be smart

smssim

short message service is the most convinat second factor, but sms is insecure and can be intercepted – major us carriers working together on next-gen ‘mobile authentication platform’ to replace weak sms system

mobile id

is a more secure service, based on certificates and secured with a seperat pin – special sim needs to be provided form the carrier @mobileid

id cardLogo_nPA

electronic id function of the german passport to secure authenticate at public services, insurances or banks – registred to you secured with a pin – you need a card reader or app @personalausweisportal

oath

is an open standard that allow strong authentication of all users on all devices – no need to send or her intercepted with man in the middle (mitm) attack, code ist calculated in an app – get code right at your smartwatch or backup you accounts with andotp

pointsharp

d2ff31ae74196b94cdbdf4dd812ea5bb.png

provides secure login with multi-factor authentication to enterprise alliances or cloud services – use pointsharp passwort for mobile services, instead of windows accounts – login with scratch cards, hardware token smartwatch, biometrics or one-time pin

fido

71G5MIq2OPL._SL1500_
review here

an alliance to provide passwordless experience and a secure second factor – a hardware device ensure the trust of identity @fidoalliance.org

microsoft announced “password-less sign-in to windows 10 & azure ad using fido2” @blog.microsoft

cloud

casb (cloud access security broker) check access based on security policy infront a a cloud service

iam (identity access management) manage user identities centralised, provide role-based access

emm alone can’t prevent users from accessing cloud services via unmanaged apps or browsers. neither iam nor casb have the visibility or ability to allow or deny access to a cloud service based on the state of the mobile device or application. @mobileiron

access.png

arrow be safe – review here for list of websites and whether or not they support 2fa

no excuses anymore

technology

everything just cloud

from bad weather to increase productivity – pamphlet for the cloud

  • flexibility – easy to setup, scalable according to your requirements, highavailable
  • technology – hosted private or public, a mix of both as hybrid or as community cloud
  • security – encryption, access control, access rights, identity management

a service could be as secure or reliable as possible – it is all about trust

pictured from faz

cloud access security broker (casb) is state ot the art technology to utilize security where trust is missing, e.g. mobileiron access ensure secure access of trusted devices from mobile to cloud services

mobileIron access