Articles In Security

By Eduardo Blanco, CISSP, Posted in Security

The EU General Data Protection Regulation (GDPR) goes into effect May 25, 2018, and much like in the months approaching Y2K nearly two decades ago, many organizations are still scrambling to fully understand its impact, relevance, and scope. GDPR is a unified set of laws that create stricter regulations for EU Subject data along with steeper penalties for non-compliance than the previous EU Data Privacy Directive it replaces. Some organizations may have to make sweeping changes to how they process and... read more.

  • February 08, 2018

By Nancy Rand, Posted in Security

From Dark Reading on 1/24/18: Intel provided another update on advice for patching: https://newsroom.intel.com/news/root-cause-of-reboot-issue-identified-updated-guidance-for-customers-and-partners/ From Dark Reading on 1/23/18: Intel Says to Stop Applying Problematic Spectre, Meltdown Patch Cause of reboot problems with its Broadwell and Haswell microprocessor patching now identified, the chipmaker said. Intel is now advising its customers and partners to halt the installation of patches for its Bro... read more.

  • January 24, 2018

By Nancy Rand, Posted in Security

The National Institute of Standards and Technology (NIST) finalized its Digital Identity Guidelines in December 2017 and published the following four documents: NIST Special Publication 800-63-3, Digital Identity Guidelines Presents an executive summary of the series along with a glossary. NIST Special Publication 800-63A, Digital Identity Guidelines, Enrollment and Identity Proofing Provides requirements for enrollment and identity proofing of applicants for access to resources at each Identity Assuran... read more.

  • January 12, 2018

By Nancy Rand, Posted in Security

Earlier this week, the public was apprised of a major hardware vulnerability in Intel, AMD and ARM. This vulnerability affects practically every computer and mobile device in use today.   First and foremost, you should patch all devices up to the current releases to ensure you receive the latest protection combined with Endpoint Detection and Response software. The articles linked below present the information in detail.   The following Common Vulnerabilities and Exposures (CVE) are associate... read more.

  • January 05, 2018

By Hank Smith, Posted in Infrastructure, Security, Support

Throughout my years of IT consulting, patching servers and desktops has been a sore subject with customers. It’s always been something that is required, but in many cases not performed. The benefits of patching in a timely manner include feature enhancements, bug fixes, and of course security updates. But for many of our customers, patching is time-consuming and resource-intensive, and gets in the way of IT teams focusing on more strategic and tactical matters. As a result, patches aren’t maint... read more.

  • December 21, 2017

By Ken Phelan, Posted in AppDev, Infrastructure, Security, Storage, Virtualization

Recently back from AWS:ReInvent, I’m still processing all the data. AWS is Amazon’s Web Services. Amazon is currently hosting 3 times more cloud services than their closest competitor (Azure), making them the 800 pound gorilla of cloud computing. AWS:ReInvent is the trade event they recently held in Las Vegas. Writing a blog helps me process, so here’s my blog about the show. Thanks for helping me process. First of all, ReInvent is huge. Content was being delivered in three different hote... read more.

  • December 05, 2017

By Nancy Rand, Posted in Security

This year was once again filled with major security breaches. In fact, these breaches have impacted so many of us that they are becoming a routine fact of life for companies and individuals alike. The Equifax breach in particular affects practically every person or entity that has had a credit check done in recent years.  Protection of our personally identifiable information (PII) and financial information should have been a priority with a credit bureau. As we've seen, it was not. And of course... read more.

  • November 30, 2017

By Tom Stanley, Posted in AppDev, Infrastructure, Security, Virtualization

The tech news has been abuzz recently with stories about how machine learning is making impressive strides in areas like autonomous vehicles, face recognition, and language translation. You can now be automatically tagged in Facebook photos of events you don’t even remember attending. But, while these are impressive achievements that may enhance some of your personal experiences, they have little bearing on your business. You might be surprised to find out these are just some of the more exciting appl... read more.

  • November 10, 2017

By Stephen Kilcoyne, Posted in Security

Gotham Technology Group and BUFFERZONE Partner to Provide Prevention-Based Container Security Technology to Enterprises  Leading InfoSec Solutions Provider Augments Existing Isolation Security Tech Offering with BUFFERZONE New York City, NY--November 2, 2017- BUFFERZONE Security, a provider of next-generation endpoint security solutions protecting organizations from advanced threats including ransomware, zero-days and phishing scams, and Gotham Technology Group, a leading technology solutions provide... read more.

  • November 02, 2017

By Eduardo Blanco, CISSP, Posted in Security

A critical weakness has been discovered in WPA2, the ubiquitous protocol that secures Wi-Fi networks worldwide. The attack known as “KRACKS” which is short for Key Reinstallation Attacks, enables attackers within range of the target Wi-Fi network to see data that is presumed to be safely encrypted. This effectively renders organizations that leverage WPA2 vulnerable to theft of critical data such as credit card numbers, passwords, emails, photos, etc. It also makes it possible for a man-in-the-m... read more.

  • October 17, 2017