Articles In Security

By Timothy Karl, Posted in Infrastructure, Security

With anti-malware scanning software it is very important to have the proper malware exclusions in place. A misconfiguration of these settings may lead to performance issues which can may cause outages of critical applications and services due to file contention and locking. IT administrators need to find a balance between a malware-free environment and affecting the reliability and performance of any applications or services. Anti-malware exclusions can come from a variety of sources. Each anti-malwar... read more.

• July 02, 2021

By Michael Hawkins, Posted in Security

This is part two of our two-part Ransomware Readiness series. Click here to read part one. Ransomware has recently had several high profile cases, including attacks on Fujifilm, JBS, and the Colonial Pipeline. These attacks continue to highlight the importance of the security controls that help to stave off or limit the damage. Gotham Technology Group has developed a ransomware remediation assessment service that analyzes your current technology state and staff training while making recommendati... read more.

• June 23, 2021

By Ken Phelan, Posted in Security

In response to a growing number of serious cyber threats and incidents, President Biden has issued an Executive Order (EO) regarding improving the nation’s cybersecurity. I don’t personally read a lot of EOs, but I read this one, and if you’re part of the cyber industry, you probably should too. Given that you probably won’t, I’ll do some summarizing for you. There’s stuff about cooperation and standards, but I’d like to draw your attention to the EO’s requir... read more.

• May 24, 2021

By Nancy Rand, Posted in Infrastructure, Security

The Cloud Security Alliance released two new research documents to provide guidance on Cloud Incident Response and Consuming and Providing APIs. https://cloudsecurityalliance.org/artifacts/cloud-incident-response-framework/?utm_source=email https://cloudsecurityalliance.org/artifacts/security-guidelines-for-providing-and-consuming-apis/?utm_source=email Cloud Incident Response provides a framework for handling the lifecycle of a security incident in the cloud and discusses what information is shared inte... read more.

• May 18, 2021

By Nancy Rand, Posted in Security

The PCI Security Standards Council, PCI SSC, published a new version of the Secure Software Standard and its supporting program documentation on 4/29/2021. https://www.pcisecuritystandards.org/about_us/press_releases/pr_04292021 This version includes a new Terminal Software Module that contains requirements for software used on PCI-approved PIN Transaction Security (PTS) Point-of-Interaction (POI) devices. There are currently two other modules in this Standard: The “Core” module that contai... read more.

• May 18, 2021

By Michael Hawkins, Posted in Security

The SolarWinds hack provides an interesting insight into how the supply chain can be used as part of a multi-pronged attack. The ingenuity of the bad actors was on full display as they successfully infiltrated, compromised, and manipulated the SolarWinds software update service. With that manipulation in place, the bad actors had the perfect attack vector for bypassing traditional security controls. Inbound firewall rules provided no protection, since the SolarWinds servers reached outward to reach the upda... read more.

• March 15, 2021

By Monica Jimenez, Posted in Infrastructure, Security

The combinations of authentication apps and thin clients are endless nowadays. With the many different types of technologies out there though, not every combination has been documented. At a recent customer engagement, there was a combination of products that isn’t very common, at least not yet, being implemented in an IGEL environment.  Customer Environment: IGEL devices on firmware 11.04.250.01 using the built-in default Citrix Workspace client are deployed within an environment configured fo... read more.

• March 02, 2021

By Nancy Rand, Posted in Security

The Cloud Security Alliance released their latest version of the Cloud Control Matrix (CCM) on 1/20/21. It is available from their website after answering a few questions. The mappings to Scope Applicability, Architectural Relevance, Corporate Governance Relevance, Cloud Service Delivery Model Applicability, Supplier Relationship, are not yet available, but the CSA has released the matrix to assist organizations to prepare to upgrade to version 4. https://cloudsecurityalliance.org/research/cloud-controls-m... read more.

• January 22, 2021

By Michael Hawkins, Posted in Security

  Organizations continue to suffer significant financial losses and reputational damage as a result of ransomware attacks that invade their networks and encrypt valuable data. These attacks continue to occur for several reasons, including that organizations are simply ill prepared, they do not understand their security posture in the first place, or they fail to allocate sufficient funds for the needed protections. Compounding this is the scarcity of seasoned cybersecurity professionals. There simply... read more.

• December 07, 2020

By Nancy Rand, Posted in Security

When preparing to securely work from anywhere, it is tantamount that a zero trust policy be adopted. Locations and assets are not to be inherently trusted. A system of policies and software are needed to protect from malicious intent.  In August 2020, NIST published SP 800-207, the final version of their Zero Trust Architecture. It is available for download from: https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf The tenets of zero trust are presented in section 2.1. They are... read more.

• October 05, 2020