How and why you need HomeKit-secured smart homes

Credit to Author: Jonny Evans| Date: Thu, 27 Feb 2020 04:40:00 -0800

Once upon a time the Internet was amazing, enabling niche interests and connecting people. Apple’s iMac was the epitome of the era, while the iPhone became the prophet of change.

What is HomeKit-secured and why should you use it?

These days hackers break into home networks using our routers and smart home devices, which is why everyone must learn how to use HomeKit-secured routers to keep their connected homes safe.

Apple announced HomeKit-secured routers at WWDC 2019. The first few devices to support the tech recently began to reach market, including options from Linksys and (now) Amazon’s Eero routers.

To read this article in full, please click here

Read more

Apple joins industry effort to eliminate passwords

Credit to Author: Lucas Mearian| Date: Fri, 21 Feb 2020 03:00:00 -0800

In a somewhat unusual move for Apple, the company has joined the Fast IDentity Online (FIDO) Alliance, an authentication standards group dedicated to replacing passwords with another, faster and more secure method for logging into online services and apps.

Apple is among the last tech bigwigs to join FIDO, whose members now include Amazon, Facebook, Google, Intel, Microsoft, RSA, Samsung, Qualcomm and VMware. The group also boasts more than a dozen financial service firms such as American Express, ING, Mastercard, PayPal, Visa and Wells Fargo.

“Apple is not usually up front in joining new organizations and often waits to see if they gain enough traction before joining in. This is fairly atypical for them,” said Jack Gold, president and principal analyst at J. Gold Associates. “Apple is often trying to present [its] own proposed industry standards for wide adoption, but is generally not an early adopter of true multi-vendor industry standards.

To read this article in full, please click here

Read more

Mobile security: Worse than you thought

Credit to Author: Evan Schuman| Date: Tue, 18 Feb 2020 03:00:00 -0800

Many security professionals have long held that the words “mobile security” are an oxymoron. True or not, with today’s mobile usage soaring in enterprises, that viewpoint may become irrelevant. It’s a reasonable estimate that 2020 knowledge workers use mobile devices to either supplement or handle much of their work 98% of the time. Laptops still have a role (OK, if you want to get literal, I suppose a laptop can be considered mobile), but that’s only because of their larger screens and keyboards. I’d give mobile players maybe three more years before that becomes moot.

That means that security on mobile needs to become a top priority. To date, that usually has been addressed with enterprise-grade mobile VPNs, antivirus and more secure communication methods (such as Signal). But in the latest Verizon Data Breach Investigations Report — always a worthwhile read — Verizon eloquently argues that aside from wireless, the form factor of mobile in and of itself poses security risks.

To read this article in full, please click here

Read more

MIT researchers say mobile voting app piloted in U.S. is rife with vulnerabilities

Credit to Author: Lucas Mearian| Date: Thu, 13 Feb 2020 13:30:00 -0800

Elections officials in numerous states have piloted various mobile voting applications as a method of expanding access to the polls, but MIT researchers say one of the more popular apps has security vulnerabilities that could open it up to tampering by bad actors.

The MIT analysis of the application, called Voatz, highlighted a number of weaknesses that could allow hackers to “alter, stop, or expose how an individual user has voted.”

Additionally, the researchers found that Voatz’s use of Palo Alto-based vendor Jumio for voter identification and verification poses potential privacy issues for users.

To read this article in full, please click here

Read more

BlackBerry says its new Digital Workplace eliminates need for VPN, VDI

Credit to Author: Lucas Mearian| Date: Wed, 12 Feb 2020 13:18:00 -0800

BlackBerry has unveiled its Digital Workplace platform, a web portal and workspace for secure online and offline access to corporate on-premise or cloud content,  including Microsoft Office 365 resources.

Digital Workplace, announced last week, integrates a secure browser-based workspace sold by Awingu, a Belgium company that penned a partnership with BlackBerry in 2018. Businesses can access their legacy Windows, Linux, SaaS or internal web apps, desktops and files inside of Awingu’s secure managed browser. Awingu’s unified workspace runs Windows, Linux, web and intranet apps.

To read this article in full, please click here

Read more

Why the Fed is considering a cash-backed cryptocurrency

Credit to Author: Lucas Mearian| Date: Tue, 11 Feb 2020 03:00:00 -0800

The Federal Reserve is investigating the potential of a central bank digital currency (CBDC) as the backbone for a new, secure real-time payments and settlements system.

The move toward a form of government-backed digital currency is being driven by Fintech firms and a banking industry already piloting or planning to pilot cash-backed digital tokens, according to Lael Brainard, a member of the U.S. Federal Reserve’s Board of Governors.

“Today, it can take a few days to get access to your funds. A real-time retail payments infrastructure would ensure the funds are available immediately – to pay utility bills or split the rent with roommates, or for small business owners to pay their suppliers,” said Brainard, who serves as chair of the committees overseeing Financial Stability and Payments, Clearing and Settlements.

To read this article in full, please click here

Read more

UEM to marry security — finally — after long courtship

Credit to Author: Lucas Mearian| Date: Mon, 10 Feb 2020 03:00:00 -0800

The days of enterprise security being a separate entity from mobile and desktop endpoint management are coming to an end, which should delight infrastructure and security teams who’ll eventually have more powerful machine learning-enabled tools at their disposal — and a single console through which to control them.

Security around mobile and desktop infrastructures has traditionally depended on what’s being managed; you purchase one for mobile devices and another for the rest of your endpoints, whether laptop or desktop.

While security threats are growing, particularly phishing attacks via email, SMS or hyperlinks, the amount of money companies spend on mobile security appears to be shrinking. And yet, the percentage of organizations that admit to having suffered a mobile compromise grew in 2019, according to a Verizon survey.

To read this article in full, please click here

Read more

UEM to marry security – finally – after long courtship

Credit to Author: Lucas Mearian| Date: Mon, 10 Feb 2020 03:00:00 -0800

The days of enterprise security being a separate entity from mobile and desktop endpoint management are coming to an end, which should delight infrastructure and security teams who’ll eventually have more powerful machine learning-enabled tools at their disposal – and a single console through which to control them.

Security around mobile and desktop infrastructures has traditionally depended on what’s being managed; you purchase one for mobile devices and another for the rest of your endpoints, whether laptop or desktop.

While security threats are growing, particularly phishing attacks via email, SMS or hyperlinks, the amount of money companies spend on mobile security appears to be shrinking. And yet, the percentage of organizations that admit to having suffered a mobile compromise grew in 2019, according to a Verizon survey.

To read this article in full, please click here

Read more