Most people develop opinions and philosophies based on their experiences and observations. This process occurs over time, leading to perspectives that can make it difficult to adapt to changing risks. It's easy to get stuck in the mindset of “we’ve never had a problem before” and that can limit willingness and ability to accept new information. Having witnessed (and rescued) a wide variety of technology projects over the past fifteen years, we would argue that most organizations don’t … [Read more...]
What to expect when you’re not expecting (a security breach)
2015 was another difficult year for Cybersecurity practitioners and organizations working to defend themselves against an increasingly innovative, aggressive, and situationally aware set of adversaries. Large breaches made headlines, while many individuals and smaller organizations were victimized by well monetized crimeware[1] (especially ransomware[2]) and various email and other online account compromises. We see susceptibility to social engineering, unpatched (vulnerable) software, and a … [Read more...]
Comjacking Threats
ContinuityFocus has been warning clients and prospective clients regarding the risks of traffic tampering and interception over unsecured WiFi networks for many years. Our concerns have been based on the fact that many wireless attacks are trivial to execute and would likely go undetected by most users. One of the difficulties in conveying this risk has been the lack of empirical evidence describing the prevalence and impact. Many security organizations prefer to consider less quantified … [Read more...]
Heartbleed Overview and Next Steps
Heartbleed Overview In the last few days, news of the OpenSSL Vulnerability known as Heartbleed has been picked up by the mainstream media which is prompting a lot of questions. Here’s a brief explanation of the issue, its context, and some suggestions on how to mitigate your risks. What is Heartbleed? This was a name given to recently publicized vulnerability in OpenSSL that is tracked as CVE-2014-0160 in the National Vulnerability Database. OpenSSL is an open … [Read more...]
MobileED – Device Security and Content Filtering
With ever expanding mobility usage in the workplace and K-12, the need for real device security is more pressing than ever. Mobile Device Management (MDM) solutions are being touted as a security solution, when really they are an asset management tool. For real device security, you need a multi-layered tool which addresses both the security of the device, so users cannot remove your settings, as well as the content those users are allowed to access. MobileED provides both, with fine … [Read more...]
Content Filtering Best Practices
Content Filtering Best Practices Traditional web content filtering solutions are inadequate for today's needs. Many solutions provide general web filtering with a few extra features, but not as granular as administrators need, while still leaving gaps in coverage. These gaps can make your organization or institution vulnerable to threats as well as jeopardize compliance with federal law. With internet threats and vulnerabilities like viruses and malware, social media, proxy and SSL … [Read more...]
Offsite Backup and Disaster Recovery Video
Continuity Focus is pleased to offer a new video detailing our offsite backup and disaster recovery service. Check it out below! Enter your information for a chance to qualify for a Free Recovery Assessment! Click Here! Enter your information for a chance to qualify for a Free Recovery Assessment! Click Here! … [Read more...]
Java Security
Most software security vulnerabilities are quietly patched by vendors and don’t make front page news. The recently publicized Java 7 vulnerability made headlines after being announced by US-CERT (Vulnerability Alert #625617) on January 10. (US-CERT stands for US Computer Emergency Readiness Team and is a part of the Department of Homeland Security.) Mainstream news outlets such as CNN and NBC began carrying the story on Friday, January 11, 2013 reporting that the Department of … [Read more...]