Security News

The process of constructing a holistic policy-based identity management solution can be difficult and overly complex, especially in the sensitive hospital environment with myriad identities. An integrated identity ecosystem provides a unified view across both cyber and physical security system; improving the overall hospital experience.

Automated tools exist to ensure that your Windows servers stay as secure and trouble-free as the day they were set up. Here is a simple set of management principles that are easy to implement at any budget and skill level to help your IT department take hold of its Windows servers and make sure they are managed efficiently and securely, while being optimized to deliver the best performance possible.

Infoblox, the leader in Secure Cloud-Managed Network Services, announced Enterprise best practices on DNS over TLS and DNS over HTTPS. These DoT/DoH guidelines are based on Infoblox's longtime commitment to providing customers with DDI services that enable them to easily and effectively secure their own DNS communications. "Developments like DoT and DoH are valuable efforts to address this problem, but when they are used to bypass a company's internal DNS infrastructure or evade their security controls, a host of new challenges emerge for IT managers."

Cisco's CISO Benchmark Study for 2020 offers some perspective on the dynamic nature of security work as well as some best practices to make life a little easier and data somewhat more secure. Threats from mobile devices are now the biggest security threat with more than half of the respondents said mobile devices are now very or extremely challenging to defend.

Based on the results of these testbed proofs-of-concept, today the IIC released a white paper, A Compilation of Testbed Results: Toward Best Practices for Developing and Deploying IIoT Solutions, detailing the best practices companies should adopt to ensure successful IIoT deployments. What isn't different are the best practices organizations can adopt to ensure that the early stages of IIoT development and deployment go as smoothly and successfully as possible.

ProcessUnity, a leading provider of cloud-based applications for risk and compliance management, today announced a new pre-built configuration of its award-winning Vendor Risk Management solution. Best Practices Configuration for ProcessUnity Vendor Risk Management is a pre-configured Third-Party Risk Management program with turn-key workflows, assessments, calculations, risk analysis and reporting, allowing small to midsize organizations to successfully launch and maintain a third-party risk program from day one.

Deceptive Phishing - The most common type of phishing attacks, whereby threat actors impersonate a legitimate company to steal users' personal data and access credentials. Spear Phishing - These types of attacks are more sophisticated, whereby the threat actor customizes the attack email with the target's name, job title, company, and other personal information to make the recipient believe they have a connection to the sender.

If you don't follow these Kubernetes deployments security best practices from Portshift, your containers, their underlying technologies, and your data could be at risk. Portshift recently released a best practices list for tackling the security issues surrounding the K8s platform.

IT security product manufacturers are required to achieve government mandated, standards-based certifications to get their product in market. When it comes to cybersecurity product development, the industry is agile by design, but security product certification methods haven't kept pace with modern development methods and release cycles.

Here’s an overview of some of last week’s most interesting news and articles: DNS over HTTPS’ threat to enterprise security DNS over HTTPS (DoH) is here, regardless who likes it or not....