security Archives - Page 26 of 29

Tech Terminology: Authentication

Authentication isn’t an unfamiliar aspect in everyday life. Driver’s licenses, library cards, and PIN numbers are all forms of identity authentication. However, as computers have become a cornerstone of everyday life, the most commonly-used way to confirm one’s identity has almost assuredly become the username/password login combination. Today, we’ll take a deeper dive into what authentication is.

How Authentication Differs from Authorization

As we briefly mentioned above, authentication is simply the process of confirming that yes, someone is in fact who they claim to be. While the two are often correlated, this process is different than that of authorization, which is the process of using that confirmed identity to grant access to information or materials. This access is the real difference between the two, yet without authentication, access cannot be authorized.

How Authentication Works

When a user provides their credentials, they are compared to the credentials that are already in a database. If these credentials match, the user is then given the authorization that their identity has been assigned.

Two-Factor Authentication

In the interest of boosting security, many organizations have implemented two-factor authentication, often referred to by the shorthand 2FA. 2FA incorporates an additional factor into the authentication process beyond the typical username and password.

This process commonly involves an additional code being provided to the user via email or text message when they attempt to access the account protected by 2FA. This one-time code is required for them to get in, meaning that someone attempting to access an account also needs access to the user’s email or phone in order to successfully do so. This is why 2FA has been so widely adopted by security-minded businesses.

If you’re interested in adding another layer of protection to the business accounts that you and your users leverage, reach out by calling (877) 771-2384.

WheelHouse IT has the experience needed to improve your security through two-factor authentication and many other means.

security tech term

The IoT Keeps Growing

The Internet of Things has grown considerably over the past few years, and it’s not slowing down anytime soon.

It grew as expected in 2018, but where will 2019 take the Internet of Things?

We’ve put together some predictions.

Endpoint Security

The Internet of Things has gained a lot of notoriety in regard to its lack of security options. Of course, this could all change in 2019, and we expect at least a few big names to introduce measures to keep this growing body of connected devices from creating security issues. Already there have been measures by Dell, Cisco, and HPE to improve security on their endpoints, and if they are, others will certainly follow in their steps.

Furthermore, security vendors will pay more attention to endpoints. With solutions that are specifically designed to protect devices from data loss, as well as check a network’s overall security, threats from IoT devices could potentially be few and far between.

Smart Neighborhoods

Smart cities have recently popped up in conversation, and while they aren’t quite here yet, there is reason to suspect they may be in the near future. The Internet of Things can be used to provide sensors to chart walking routes, the occupancy of buildings, and even details of the sewage flow, all to track living conditions of the area’s inhabitants. Google has taken the first steps toward these neighborhoods becoming a reality by creating them around Toronto.

Connected Cars

The Internet of Things is driving a lot of innovation, and in the case of cars it’s building a better driving experience for users. Cars these days are filled to the brim with all sorts of applications that were nothing but a dream in the past, and it’s all thanks to IoT technology.

Minute-to-minute traffic updates, connected apps, and so much more all combine to help transform vehicles from a tool to get from point A to point B into a truly wonderful device that can help the average user stay connected, even while in transit. This trend will increase even further as we move toward the future.

IoT Growth

While we have discussed several ways the IoT will change in the future, the fact of the matter is that it will likely continue to grow and exceed even our wildest expectations. Sources claim that 3.6 billion devices with an Internet connection have been used this year, but that’s not even considering devices that are used occasionally (i.e. not daily).

Basically, the IoT is so large that it is becoming difficult to measure it accurately but securing devices will continue to be paramount. It’s likely that some IoT devices will need priority access to networks and information, which will lead to more changes being made as a whole.

Since technology grows with demand, it can be difficult to scale your business’ needs with changes in the industry. WheelHouse IT can help with that.

To learn more about how we can help your business succeed, reach out to us at (877) 771-2384.

internet of things security

Artificial Intelligence May Give Hackers Their Greatest Weapon Yet

Artificial intelligence has been making waves in the world of cyber security, as machine learning could potentially make the solutions we have today smarter and better at their intended jobs.

However, artificial intelligence has also appeared on the other side of cyber security, as cyber criminals have begun to leverage A.I. as well.

This only makes sense. After all, a computer can work a lot faster than a hacker can, with a lot less of a chance of human error. Hackers have discovered this, and have put A.I. to work deploying phishing attacks.

A study conducted by the security firm ZeroFOX in 2016 found that an AI that they programmed, called SNAP_R, was able to send simulated spear-phishing tweets at a rate of 6.75 per minute, successfully tripping up 275 victims out of 800 targeted users.

On the other hand, a staff writer from Forbes who participated in the study could only produce these tweets at a rate of 1.075 each minute, only fooling 49 out of a total of 129 attempts.

More recently, a team from IBM was able to create programs that use machine learning to create programs capable of making it past some of the best defenses out there.

This only shows that we’ll soon see malware that is powered by A.I., assuming it isn’t out there already and it just hasn’t been discovered yet.

IBM’s project, nicknamed DeepLocker, was able to demonstrate how a hacked videoconferencing software was able to activate itself when a target’s face was detected in a photograph. The lead researcher for the IBM team, Marc Ph. Stoecklin, called this kind of attack the next big thing, going on to say, “This may have happened already, and we will see it two or three years from now.”

Other researchers have also demonstrated how A.I. can be leveraged in an attack, going so far as to only use open-source tools intended for training purposes to do it.

What do you think? Are there already artificially intelligent attacks being played out, or do you think the big reveal is yet to come?

Let us know what you think in the comments!

hacking security

Cyber Security Tip of the Day: Secure Your Public WiFi Access

Using a VPN to secure the connection to your sensitive data, emails, and company services can provide you the peace of mind by providing a safe link to the internet while giving you the freedom to use public WiFi hotspots.

Using Public WiFi

Using public WiFi is a convenient, easy, and fast way to connect to the internet while at your favorite spots around town. You can enjoy a latte while following up with your clients or eat a hamburger while listening to your highest sales earner’s phone calls.

The freedom to work where you please is vastly easier given this technology. However, the ease of use and openness of public WiFi comes with a risk.

Concerns Using Public WiFi

While most of the time you may be safe while browsing non-critical websites on a public hotspot (social media, video streaming services, etc.), it would be a bad idea to use services and websites that have sensitive information such as banking or company emails.

Most large-scale companies and websites have a safety net called HTTPS that secures your internet traffic with encryption. This is not enough to prevent a well-known cyber attack called the man-in-the-middle attack. This hack can intercept your private data before sending it to the secure site with HTTPS. This leaves the attacker with your private information.

VPN for Public WiFi

A VPN connects your computer to an online VPN server, which in turn access the website or service you requested. In short, a VPN can be visualized as a tunnel. Your computer and the online VPN server communicate with specific files and settings that are only known to your computer and the VPN server.

This closed circuit communication is the bread and butter of VPN. This prevents man-in-the-middle attacks, because only your computer and the VPN know the secret key. This is different than HTTPS because HTTPS follows certain guidelines and rules for communication. However, attackers know these rules and guidelines.

Although there may be weaknesses and vulnerabilities with a VPN, it will still greatly increase your security when you are connected to a public hotspot. A VPN in conjunction with the HTTPS protocols can provide a safe network environment for you to work untethered.

Interested in a VPN? Already familiar with a VPN? Let us know what more you want to know or what some of your favorite VPN services are?

security tips wifi

End Users Are Your Last Line of Defense Against Cyber Criminals

a hand touching the word cyber security on a screen

If your business needs help with its cyber security, you’ve come to the right place for help.

cyber security phishing security

Services

Solutions

Microsoft 365

Microsoft Azure

Industries

Security

Compliance

Company

Contact

Locations