Browsing Posts in Security

If you don’t follow us on LinkedIn, Twitter or Facebook, you missed all of these items we thought were interesting.

Ok, you didn’t exactly miss all of these items (after all, we’re listing them here).  But you had to wait an entire month.  Wow.

Bits Blog: Police, Pedestrians and the Social Ballet of Merging: The Real Challenges for Self-Driving Cars: http://goo.gl/n995NB

Google, Europe told you to remove my wicked past…A Legal Right to Be Forgotten? It’s Easier Ruled Then Done: http://goo.gl/QaHFp1

Why did #Microsoft buy #Skype? How about Real-Time Translation during a call: http://goo.gl/LU9bGs

The Garage Series for Office 365: Achieving the ‘impossible’ to extend SharePoint using the new app model: http://goo.gl/QPtHzx

Oh, goody. iPads and iPhones are vulnerable to Ransomware too: http://goo.gl/4diwAo

5 tips to make your Facebook account safer [UPDATED]: http://goo.gl/vH4gLh

Google’s vision: ads on cars, refrigerators, watches, thermostats, and yes, glasses. Anyone surprised?: http://goo.gl/aY5UC8

The Apple-ization of Microsoft’s New Surface Pro 3: http://goo.gl/MGNgle

New take on Smart Fashion: My T-Shirt Told Me to Take a Chill Pill: http://goo.gl/j76FWl

Microsoft’s 15 minute Office webinar next Tuesday: 5 steps to a better PowerPoint: http://goo.gl/sKRISt

10 reasons businesses need a strategy for the Internet of Things now: http://goo.gl/glfDQ6

The Garage Series for #Office365: Under the Hood with Information Security and Compliance: http://goo.gl/Gaczlk

eBay’s turn to confess having suffered a password breach: http://goo.gl/63k2pQ

Another excuse not to work out: Fitness apps are a “privacy nightmare”, shedding personal data to the world: http://goo.gl/lMMZ6v

Some chest beating (somewhat deserved) from Microsoft about #Office365 progress: http://goo.gl/1rqJaV

Yup, ransomware for your #Android. “police warning” ransomware – how to avoid it, and what to do if you get caught: http://goo.gl/FW5jhz

Finally! #Lync App Arrives for Android Tablets. #Office365 http://goo.gl/ScwvbO

Google opens up Glass to the US masses for $1,500 a pair…Oh, goody…or not? http://goo.gl/SaL0ti

The Garage Series for #Office365: Updates for admins and first look at upcoming shared computer support: http://goo.gl/AkUekU

Simplex-IT’s Bob Coppedge quoted in CRN article about Sophos Phasing Out UTM Appliances For New Platform http://goo.gl/zlNxxQ

Ransomware. It’s not just for unprotected PC’s. Android’s can share the love, too. http://goo.gl/E6pUWE

Microsoft is serious about expanding #Lync functionality for #Android Devices #Office365: http://goo.gl/TtPZrD

Is Apple finally getting real about security? 60 Sec Security [VIDEO] from #Sophos: http://goo.gl/YFEaXW

#Microsoft cybersecurity report: 70% decline in severe security vulnerabilities, but it’s not all good news: http://goo.gl/SJMpv8

“Office for Android Beats Google Drive Hands Down” – and It’s Free! http://goo.gl/IXRwTk

Device Security: “The Internet of (unsecure) Things” http://goo.gl/JdjYif

The unsung hero of #Office365: Microsoft #Lync: 10 Ways To Do More http://goo.gl/sXf29x

Tech support scammers replacing Nigerian Princes: http://goo.gl/7pNRYd

The Garage Series for #Office365: Enhancing online file sharing and storage with OneDrive for Business http://goo.gl/hPdexh

 

Bob here, at the annual Sophos Americas Partner Connections conference.

For those of you not familiar with Sophos, a quick explanation.  We’ve been a partner with Sophos for about 5 or so years, relying on their AV software and other tools for endpoint (workstation/laptop) protection, web controls, encryption, etc.  Here’s a quick video that fairly well defines their approach:

There’s a whole new world opening up in terms of network connectivity.  If you’ve heard me talk about upcoming IT trends you’ve heard me talk about it in terms of security (hackable toilets, for example).

Last night brought some of the issues home.  James Lyne, Global Head of Security Research and apparently founder of the “Seriously I like Tweed Jackets Society” spoke last night, and brought the issue to a new level (from my perspective, anyway).

By now you’ve probably heard Cisco’s “The Internet of Things” marketing pitches.  Good ads, and they talk about all of the devices that are now communicating across the network and internet.  From refrigerators to surge protectors, big and small.

The manufacturers of these devices, of course, are driven by traditional market forces.  Get the product out quickly, make it easy to use, and keep production costs low (both in terms of cost and development time).

Adding security to a device will only add development time and cost, by the way.  And we’re in a market where time and $ both are costly attributes, especially when you’re in a race to get out in front.

So, here’s the bottom line. 

  • If there’s a device that can be “seen” from another device (web site, mobile device app), it’s hackable.
  • If this device didn’t require for you to enter an account name/password, it’s probably wide open and very hackable.
  • If this device did require for you to enter an account name/password, but you didn’t change the default, it’s probably wide open and very hackable.

And in some cases, the results aren’t pretty.  As an example, James demonstrated a surge protector that allowed users to remotely turn off the attached devices (think turning off the lights at home from work).  Pretty cool, eh?

Well, a couple lines of code pushed to the device, and he had it turning off and on up to 100 times per second.  And he discovered (not during his speech, but earlier in the day) that some items (light bulbs) will actually explode when you do this.

Some other example of this new “The Internet of Unsecured Things”

  • There are web sites that will actually help you find unsecured web cameras
  • Some of these web cameras are security cameras that are used to watch stores as the clerks handle credit cards and enter information into the registers that, thanks to high-def, are completely recordable and retrievable.
  • Mobile devices (more the Android than the iPhones) can be exploited so that the camera, microphone and stored files are all at risk.
  • Tools are now available that will gather information about all wireless devices (think phones) that are simply in a room.  To demonstrate this, Mike flew a quadcopter over the room packed with about 500 of us and then revealed a workable list of all the devices.

Sound familiar?  It should.  We went through a similar time back in the 90’s through early 2000’s, when it was more important to add the connectivity to our computers than it was to secure that connectivity.

But the stakes are higher.  Back then the amount of money that was dependent on the proper flow was chicken feed compared to now.

But also the risk was all digital.  We didn’t have the connections to the real world.  Think about it.  Refrigerators.  Cars.  Surge Protectors.  Home Security.  Cameras.  The value of connecting and controlling those devices?  Yes, but also the risk of giving connectivity and control of those devices to a bad guy.

It’s going to be an interesting next couple of years folks.

But we’ll be there with you!

Want to hear more?  Check our our free lunchinar next week.  Click here for more info.