Daily Archives: October 19, 2020

What DoH Can Really Do

Reading Time: ~ 3 min.

Fine-tuning privacy for any preference

A DNS filtering service that accommodates DNS over HTTPS (DoH) can strengthen an organization’s ability to control network traffic and turn away threats. DoH can offer businesses far greater control and flexibility over their privacy than the old system.

The most visible use of DNS is typically the browser, which is why all the usual suspects are leading the charge in terms of DoH adoption. This movement has considerable steam behind it and has extended beyond just applications as Microsoft, Apple and Google have all announced their intent to support DoH.

Encrypting DNS requests is an indisputable win for privacy-minded consumers looking to prevent their ISPs from snooping on and monetizing their browsing habits. Businesses, on the other hand, should not easily surrender this visibility since managing these requests adds value, helping to keep users from navigating to sites known to host malware and other threats.

Here are three examples of how.

1.  By enhancing DNS logging control

Businesses have varying motivations for tracking online behavior. For persistently troublesome users—those who continuously navigate to risky sites—it’s beneficial to exert some control over their network use or even provide some training on what it takes to stay safe online. It can also be useful in times of problematic productivity dips by helping to tell if users are spending inordinate amounts of time on social media, say.

On the other hand, for CEOs and other strategic business units, tracking online activity can be cause for privacy concerns. Too much detail into the network traffic of a unit tasked with investigating mergers and acquisitions may be unwanted, for example.

“If I’m the CEO of a company, I don’t want people paying attention to where I go on the internet,” says Webroot DNS expert Jonathan Barnett. “I don’t want people to know of potential deals I’m investigating before they become public.”

Logging too much user information can also be problematic from a data privacy perspective. Collecting or storing this information in areas with stricter laws, as in the European Union, can unnecessarily burden organizations with red tape.

“Essentially it exposes businesses to requirements concerning how they’re going to use that data, who has access to it and how long that data is preserved” says Barnett.

By optionally never logging user information and backing off DNS logging except when a request is deemed a security threat, companies maintain both privacy and security.

2. By allowing devices to echo locally

With DoH, visibility of DNS requests is challenging. The cumulative DNS requests made on a network help to enhance its security as tools such as SIEMs and firewalls leverage these requests by controlling access as well as corelating the requests with other logs and occurrences on the network. 

“Let’s say I’m on my network at the office and I make a DNS request,” explains Barnett. “I may want my DNS request to be seen by the network as well as fielded by my DNS filtering service. The network gets value out of DNS. If I see inappropriate DNS requests I can go and address the user or fix the device.”

Continuing to expose these DNS requests through an echo to the local network provides this, while the actual requests are secure and encrypted by the DNS protection agent using DoH. This option achieves the best of both worlds by adding the security of DoH to the security of the local network.

3. By allowing agents to fail open

DNS is instrumental to the functionality of the internet. So, the question is, what do we do when a filtered answer is not available? By failing over to the local network, it’s assured that the internet continues to function. However, there are times when filtering and privacy are more important than connectivity. Being able to choose if DNS requests can leak out to the local network helps you stay in control by choosing which is a priority.

 “Fail open functionality essentially allows admins to make a tradeoff between the protection offered by DNS filtering and the productivity hit that inevitably accompanies a lack of internet access,” says Barnett.

Privacy your way

The encryption of DoH enables options for fine-tuning privacy preferences while preserving the security benefits of DNS filtering. Those that must comply with the needs of privacy-centric users now have control over what is revealed and what is logged, while maintaining the benefits of communicating using DoH.

Click here to read related blogs covering the transition to DNS over HTTPS.

The post What DoH Can Really Do appeared first on Webroot Blog.

Webcast: Infosec Mentoring | How to Find and Be a Mentor & Mentee

They say it “takes a village” to help raise a child… well, it also takes a village to help raise an infosec professional. With so many technologies, techniques, and tools and the need for soft-skills and the ability to navigate different types of relationships, we all need help. That’s where a formal mentor can be […]

The post Webcast: Infosec Mentoring | How to Find and Be a Mentor & Mentee appeared first on Black Hills Information Security.

Seven Tips for Protecting Your Internet-Connected Healthcare Devices

Healthcare from Smartphone

Seven Tips for Protecting Your Internet-Connected Healthcare Devices: Cybersecurity Awareness Month

October is Cybersecurity Awareness Month, which is led by the U.S. government’s Cybersecurity and Infrastructure Security Agency (CISA) in conjunction with the National Cyber Security Alliance (NCSA)—a national non-profit focused on cybersecurity education & awareness. McAfee is pleased to announce that we’re a proud participant.

Fitness trackers worn on the wrist, glucose monitors that test blood sugar without a prick, and connected toothbrushes that let you know when you’ve missed a spot—welcome to internet-connected healthcare. It’s new realm of care with breakthroughs big and small. Some you’ll find in your home, some you’ll find inside your doctor’s office, yet all of them are connected. Which means they all need to be protected. After all, they’re not tracking any old data. They’re tracking our health data, one of the most precious things we own.

What is internet-connected healthcare?

Internet-connected healthcare, also known as connected medicine, is a broad topic. On the consumer side, it covers everything from smart watches that track health data to wireless blood pressure monitors that you can use at home. On the practitioner side, it accounts for technologies ranging from electronic patient records, network-enabled diagnostic devices, remote patient monitoring in the form of wearable devices, apps for therapy, and even small cameras that can be swallowed in the form of a pill to get a view of a patient’s digestive system.

Additionally, it also includes telemedicine visits, where you can get a medical issue diagnosed and treated remotely via your smartphone or computer by way of a video conference or a healthcare provider’s portal—which you can read about more in one of my blogs from earlier this year. In all, big digital changes are taking place in healthcare—a transformation that’s rapidly taking shape to the tune of a global market expected to top USD 534.3 billion by 2025.

Privacy and security in internet-connected healthcare

Advances in digital healthcare have come more slowly compared to other aspects of our lives, such as consumer devices like phones and tablets. Security is a top reason why. Not only must a healthcare device go through a rigorous design and approval process to ensure it’s safe, sound, and effective, it also held to similar rigorous degrees of regulation when it comes to medical data privacy. For example, in the U.S., we have the Health Insurance Portability and Accountability Act of 1996 (HIPAA), which sets privacy and security standards for certain health information.

Taken together, this requires additional development time for any connected medical device or solution, in addition to the time it takes to develop one with the proper efficacy. Healthcare device manufacturers cannot simply move as quickly as, say, a smartphone manufacturer can. And rightfully so.

Seven tips for protecting your internet-connected healthcare devices

However, for this blog, we’ll focus on the home and personal side of the equation, with devices like fitness trackers, glucose monitors, smart watches, and wearable devices in general—connected healthcare devices that more and more of us are purchasing on our own. To be clear, while these devices may not always be categorized as healthcare devices in the strictest (and regulatory) sense, they are gathering your health data, which you should absolutely protect. Here are some straightforward steps you can take:

1) First up, protect your phone

Many medical IoT devices use a smartphone as an interface, and as a means of gathering, storing, and sharing health data. So whether you’re an Android owner or iOS owner, get security software installed on your phone so you can protect all the things it accesses and controls. Additionally, installing it will protect you and your phone in general as well.

2) Set strong, unique passwords for your medical IoT devices

Some IoT devices have found themselves open to attack because they come with a default username and password—which are often published on the internet. When you purchase any IoT device, set a fresh password using a strong method of password creation.  And keep those passwords safe. Instead of keeping them on a notebook or on sticky notes, consider using a password manager.

3) Use two-factor authentication

You’ve probably come across two-factor authentication while banking, shopping, or logging into any other number of accounts. Using a combination of your username, password, and a security code sent to another device you own (typically a mobile phone) makes it tougher for hackers to crack your device. If your IoT device supports two-factor authentication, use it for extra security.

4) Update your devices regularly

This is vital. Make sure you have the latest updates so that you get the latest functionality from your device. Equally important is that updates often contain security upgrades. If you can set your device to receive automatic updates, do so.

5) Secure your internet router

Your medical IoT device will invariably use your home Wi-Fi network to connect to the internet, just like your other devices. All the data that travels on there is personal and private use already, and that goes double for any health data that passes along it. Make sure you use a strong and unique password. Also change the name of your router so it doesn’t give away your address or identity. One more step is to check that your router is using an encryption method, like WPA2, which will keep your signal secure. You may also want to consider investing in an advanced internet router that has built-in protection, which can secure and monitor any device that connects to your network.

6) Use a VPN and a comprehensive security solution

Similar to the above, another way you can further protect the health data you send over the internet is to use a virtual private network, or VPN. A VPN uses an encrypted connection to send and receive data, which shields it from prying eyes. A hacker attempting to eavesdrop on your session will effectively see a mish-mash of garbage data, which helps keep your health data secure.

7) When purchasing, do your research

One recent study found that 25% of U.S. homeowners with broadband internet expect to purchase a new connected consumer health or fitness device within the next year. Just be sure yours is secure. Read up on reviews and comments about the devices you’re interested in, along with news articles about their manufacturers. See what their track record is on security, such as if they’ve exposed data or otherwise left their users open to attack.

Take care of your health, and your health data

Bottom line, when we speak of connected healthcare, we’re ultimately speaking about one of the most personal things you own: your health data. That’s what’s being collected. And that’s what’s being transmitted by your home network. Take these extra measures to protect your devices, data, and yourself as you enjoy the benefits of the connected care you bring into your life and home.

Stay Updated 

To stay updated on all things McAfee and for more resources on staying secure from home, follow @McAfee_Home on Twitter, listen to our podcast Hackable?, and ‘Like’ us on Facebook.

 

The post Seven Tips for Protecting Your Internet-Connected Healthcare Devices appeared first on McAfee Blogs.

The Best Anti-Malware Software in 2020

With the rising digital insecurity in 2020, it is necessary to use the best anti-malware software or seek an alternative. Here’s the reason:

The onset of the fourth industrial revolution has seen work and other business activities switch operations to the online market. Sadly, most of these tech consumers have little knowledge of ‘staying safe online’.

Hackers and other malware developers are taking this advantage to promote cyberbullying, online scams, and other sorts of crimes. You need enlightenment to evade such threats. A typical solution is to use an anti-malware. However, there’s a catch:

As anti-malware companies seek to secure their customers, developers of malware up their game to override the security systems.

Does this mean anti-malware technology is dead or alive? Are you helpless? No. Here are options of anti-malware to give a try. Check which one anti-malware software is the best, and to make it simpler to settle for a particular anti-malware, read on to find out the ranking parameters.

Norton is the best anti-malware software in 2020 because it has the most updated security and best user experience. What are its features? What are its alternatives? Let’s take a deep dive below.

Parameters for Ranking the Best Anti-Malware Software in 2020

Due to the demand for a better user experience, 2020 demands extra features besides security. These include:

Detection Time

As a consumer of the gig economy, your computer usage revolves around browsing the internet, downloading, and sharing files. This calls for real-time malware detection. Real-time detection simply means ‘detect and malware and react immediately’.

The anti-malware tracks the websites and links you visit. It scans the links before you click them. Whenever it detects ‘danger’, it stops your browser from communicating with the threats.

The simultaneous reaction is a huge boost from the former culture of waiting for the malware to access the sensitive files of your computer, then notify or try to fight the malware that is already interfering with your sensitive documents.

Password Management

Since every hacker attacks your files for some gain, most malware strives to grab your passwords for two reasons. First, the password is a gateway to sensitive files. Secondly, the password unlocks your bank accounts and credit cards.

To boost storage and browsing confidence, Norton 360 and other world-class anti-malware take the responsibility of managing your passwords.

Cloud Backups

To improve security, the best anti-malware ensures everything occurs at lightning speeds. Instead of using local storage, companies utilize the efficiency and security of cloud storage.

They are, then, faster in the identification of malware and feeding the data onto cloud servers. The data retrieve process also happens at the speed of light.

They proceed to back up your internal files with the cloud databases. In case of a severe malware attack, you can retrieve your sensitive files from the cloud version. 

Works in Various Environments

The best anti-malware software for 2020 works on many types of devices and operating systems. Examples of the typical operating software are macOS, Windows, iOS, and Android.

Again, it does deep scanning of the system for a variety of malware. Examples of malware are trojan horses, spyware, worms, and viruses.

Lightweight

2020 demands an anti-malware software that allows your computer to load sites faster. This calls for consuming less of your computer’s memory. Reason?

With the fast-paced gig economy, product consumers, employers, and most clients need immediate feedback. Consequently, it is useless to have an anti-malware that is ruthless with malware but slows your computer speed.

To speed up the machine, anti-malware software like Avira has in-system acceleration tools to propel your computer’s speed.

Other Services?

Norton 360, as the best anti-malware software in the market, has the best user experience and VPN technology. It has one the easiest to navigate user interfaces.

To take the lead in anti-malware ranking, it has boosted its customer support system. You get timely and detailed email replies when you seek help. To better user experience, they offer VPN services— enabling you to access censored networks.

Other Anti-Malwares to Consider

You can as well dedicate the third eye to Malwarebytes. Its premium version gives you an ocean of benefits, typical for protection in 2020. Alternatively, check Kaspersky and Avira anti-malware.

Conclusion

For all-in-one malware protection, check out Norton 360 anti-malware software. Alternatively, consider Malwarebytes, Kaspersky, and Avira anti-malware software.

The software gives you the best security, usability, and a world-class support system. More importantly, Norton 360 adjusts quickly to the changing malware forms.

The post The Best Anti-Malware Software in 2020 appeared first on CyberDB.

What is the ISO 27000 series of standards?

The ISO/IEC 270001 family of standards, also known as the ISO 27000 series, is a series of best practices to help organisations improve their information security.

Published by ISO (the International Organization for Standardization) and the IEC (International Electrotechnical Commission), the series explains how to implement best-practice information security practices.

an.

It does this by setting out ISMS (information security management system) requirements.

An ISMS is a systematic approach to risk management, containing measures that address the three pillars of information security: people, processes and technology.

The series consists of 46 individual standards, including ISO 27000, which provides an introduction to the family as well as clarifying key terms and definitions.

You don’t need a comprehensive understanding of ISO standards to see how the series works, and some won’t be relevant to your organisation, but there are a few core ones that you should be familiar with.

ISO 27001

This is the central standard in the ISO 27000 series, containing the implementation requirements for an ISMS.

This is important to remember, as ISO IEC 27001: 2013 is the only standard in the series that organisations can be audited and certified against.

That’s because it contains an overview of everything you must do to achieve compliance, which is expanded upon in each of the following standards.

ISO 27002

This is a supplementary standard that provides an overview of information security controls that organisations might choose to implement.

Organisations are only required to adopt controls that they deem relevant – something that will become apparent during a risk assessment.

The controls are outlined in Annex A of ISO 27001, but whereas this is essentially a quick rundown, ISO 27002 contains a more comprehensive overview, explaining how each control works, what its objective is and how you can implement it.

ISO 27017 and ISO 27018

These supplementary ISO standards were introduced in 2015, explaining how organisations should protect sensitive information in the Cloud.

This has become especially important recently as organisations migrate much of their sensitive information on to online servers.

ISO 27017 is a code of practice for information security, providing extra information about how to apply the Annex A controls to information stored in the Cloud.

Under ISO 27001, you have the choice to treat these as a separate set of controls. So, you’d pick a set of controls from Annex A for your ‘normal’ data and a set of controls from ISO 27017 for data in the Cloud.

ISO 27018 works in essentially the same way but with extra consideration for personal data.

ISO 27701

This is the newest standard in the ISO 27000 series, covering what organisations must do when implementing a PIMS (privacy information management system).

It was created in response to the GDPR (General Data Protection Regulation), which instructs organisations to adopt “appropriate technical and organisational measures” to protect personal data but doesn’t state how they should do that.

ISO 27701 fills that gap, essentially bolting privacy processing controls onto ISO 27001.

Why use an ISO 27000-series standard?

Data breaches are one of the biggest information security risks that organisations face. Sensitive data is used across all areas of businesses these days, increasing its value for legitimate and illegitimate use.

Countless incidents occur every month, whether it’s cyber criminals hacking into a database or employees losing or misappropriating information. Wherever the data goes, the financial and reputational damage caused by a breach can be devastating.

That’s why organisations are increasingly investing heavily in their defences, using ISO 27001 as a guideline for effective security.

ISO 27001 can be applied to organisations of any size and in any sector, and the framework’s broadness means its implementation will always be appropriate to the size of the business.

You can find out how to get started with the Standard by reading Information Security & ISO 27001: An introduction.

This free green paper explains:

  • What ISO 27001 is, how an ISMS works and how it relates to ISO 9001, ISO 27002 and other standards;
  • The importance of risk assessments and risk treatment plans;
  • How the Standard helps you meet your legal and regulatory obligations; and
  • Your audit and certification requirements.

Subscribe to our Weekly Round-up

A version of this blog was originally published on 10 October 2019.

The post What is the ISO 27000 series of standards? appeared first on IT Governance UK Blog.