Accessing the email accounts of former employees, especially those terminated under contentious circumstances, is fraught with legal and security risks. By adopting best practices such as delegated access and adhering to clear policies, organizations can mitigate these risks
Quick references to standards covering cybersecurity governance, risk, and compliance
When it comes to security, using only a password to protect your personal or financial information is no longer enough. Many critical services like banks, wireless providers, and cable companies add another layer to that security by posing a security question to validate that the person logging into an account is really that person. As an example, some of these questions can include:
In what city did you meet your spouse/significant other?
Recently, I’ve been on a mission to tighten my company’s security presence, such as disabling SSL 3.0 and TLS 1.0 on all systems that don’t rely on the protocols and replacing self-signed certificates on management consoles with CA trusted certificates.
During this mission, I’ve come to our wireless lan controller. Now this WLC doesn’t have the standard Cisco IOS like all of their switches and security devices. Instead, it uses an IOS that provides a usable web management interface that doesn’t rely on a Java program like ASDM.
In a previous article, I mentioned storing important backups in the cloud. I’m generally cautious when it comes to storing private information on other people’s infrastructure. Although cloud providers can have pretty good standards in terms of security and privacy, I need a way to encrypt my data to feel secure that no one, other than myself, can view my documents.
That’s where Cryptomator comes into play. It can create a secure vault within your cloud folder that’s fully encrypted.