Skip to content

Posts from the ‘Security’ Category

Forbes – Taking Stock Of Tor: Top 5 Tips For Using The Onion Router


October 22, 2013

By Raj Sabhlok, ManageEngine

300px-Tor_project_logo_hq1The Silk Road and NSA spying may be old news, but The Onion Router (Tor) continues to generate interest among Internet users seeking online anonymity. Tor isn’t all upside, though. As I found out, you pay a price for privacy.

To put things in context, Tor hides your online activity, plain and simple. It covers your tracks, including your browsing history, identity and physical location. Tor also anonymizes the websites you visit and their operators.

While such activity might sound inherently nefarious, remember that Tor technology also grants anonymity to people fighting tyranny, oppression and other injustices. And for the record, the Tor Project was initially funded by the U.S. government.

Given the many legitimate, compelling use cases, it may be time to ask if Tor is right for you. Well, I’ve put Tor through its paces and come up with my top five tips to help you decide.

(Photo credit: Wikipedia)

See Full Article:


Silicon Angle – 3 Biggest Security Mistakes You’re Making – Without Even Knowing


October 21, 2013

By Erich Diener, Echopass Corp. Posted by John Casaretto

62374You know where your most valuable data is stored. Your data is locked safely in a fortress of layered defenses. You’ve protected those treasures with well-configured edge devices, a lean fully-patched DMZ, a tightly woven net of firewall ACLs and an intentional architecture that separates your servers’ functions. Your logs are continually examined and anomalous behavior is analyzed. Your privileged identities are well defined by role and rigorously managed.

Overall, you’re able to sleep well at night knowing that you have a well-oiled machine protecting your company’s — and your customers’ — most valuable data. Right?

There’s Not an App for That

Alas, enterprise-level security is not so simple. There are some incredible apps and hardware available today to support networks and protect sensitive data. But technology is not the silver bullet to solving security concerns. And simply buying more technology won’t make you any safer.

In this age of ever-increasing industry and government enforced compliance and regulations, the cost of a breach or loss of sensitive information can sound the death knell for all but the largest businesses. Ironically your best security assets are three things you’re probably overlooking.

See Full Article:

Forbes – Silk Road Raising Questions About Government Spying (Again)


October 14, 2013

By Raj Sabhlok, president of Zoho Corp.

300px-Silk_Road_LogoIt’s a case that’s captured everyone’s attention — pirates, drug trafficking, hit men, government intrigue. By now, few people haven’t heard about Silk Road, run by the now notorious Dread Pirate Roberts, a pseudonym from the film “The Princess Bride.” It’s an interesting next chapter to perhaps the biggest news story of 2013 — Edward Snowden’s revelations about NSA cyber snooping. Although there is new speculation about whether the FBI had help from the agency, it certainly showed the NSA that it too can flex its technology muscles, as it shut down purportedly a billion dollar illegal drugs website and nabbed its operator last week.

See Full Article:

Internet Retailer – Echopass wins a top security rating for its web-hosted contact center

internet retailer

September 12, 2013
By Amy Dusto

shutterstock_83421748_jpg_280x280_crop_q95Increasing numbers of technology providers offer their products via the “cloud”—or hosted on the Internet rather than as software a retailer licenses and installs on its own machines. But keeping consumer data secure while it moves around the web, rather than between a merchant’s own servers, presents new challenges for merchants and vendors alike, according to the PCI Security Standards Council.

The council is a global forum founded in 2006 by payment card companies American Express, Discover Financial Services, JCB International, MasterCard Worldwide and Visa Inc. Its mission is to develop and maintain rules for protecting consumers’ payment card data. In February, it released a new set of guidelines for data security in cloud computing, which outlines the responsibilities of both a vendor and a merchant sharing data over the web, among other things.

This month, Echopass Corp., a cloud-hosted contact center, announced it has updated its technology to meet the new standards. Although the vendor is not a payments processor, it works to comply with PCI standards because customer service agents sometimes handle sensitive customer data, says Dennis Empey, chief information security officer at Echopass. For instance, agents may take Social Security or credit card numbers by phone, he says.

See Full Article:

Venture Beat – 6 ways to act like a Black Hat attendee all year long

Logo - VentureBeat

By Erich Diener

August 12, 2013

Ever since Black Hat USA wrapped up last week, I’ve been thinking about the irony of attendees going into heightened security mode during the conference itself – like never connecting to open Wi-Fi or encrypting all information stored on your laptop – then likely slipping back into a more lax mode throughout the rest of the year.

You see we’re on guard at events like Black Hat and DEF CON, ready to be pwned at any moment by mischievous hackers. So while these conferences do a great job reminding us of the many emerging methods of hacking – and counteractively, securing – computers, electronics and connected devices, they only come once a year.

But, what if we all acted like Black Hat attendees year-round? Or perhaps more crucially, what if your company acted like a Black Hat attendee every single day, always remaining hyper-vigilant about the latest risks and prepared to mitigate criminal hacks?

Fresh from this year’s Black Hat briefings, here are six ways to make every day a Black Hat day…


See Full Article: