New Security Challenges for Organizations Having Larger Remote Workforces

Tripwire | August 18, 2020

At the outset of the global coronavirus 2019 (COVID-19) pandemic, many organizations decided to enforce social distancing by requiring that their employees begin working from home. This decision changed the fundamental way in which many employees were accustomed to working. It also created new security challenges for organizations that had larger remote workforces.

Tripwire wanted to learn the specifics of these challenges, so it commissioned Dimensional Research to 345 IT security professionals about them in mid-April 2020. As reported by Business Wire, a majority of respondents (58%) indicated that employee home network security was one of their areas of higher concern followed by increased attacks (45%), difficulties in keeping remote systems configured securely (41%) and obstacles with keeping remote systems compliant (38%). Reflecting on the difficulties of keeping remote workers safe, 89% of survey participants said their job was harder as a result of the new work-from-home policy. Nearly half (49%) blatantly said they couldn’t effectively secure employees’ home offices, leading 65% of respondents to admit their belief that their security was worse because of COVID-19.

Spotlight

Hybrid work changes the way people use applications. In this video, learn about how Netskope Cloud Firewall delivers the protection you need everywhere your business operates.

Spotlight

Hybrid work changes the way people use applications. In this video, learn about how Netskope Cloud Firewall delivers the protection you need everywhere your business operates.

Related News

DATA SECURITY, ENTERPRISE SECURITY, PLATFORM SECURITY

Keeper Security Introduces 24-Word Recovery Phrases to Enhance Account Security

Prnewswire | April 28, 2023

Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, privileged access, secrets and remote connections, is excited to announce the launch of its latest feature, the 24-word recovery phrase. This new and more secure method of account recovery is designed to provide Keeper users with the highest level of protection against emerging threats. The 24-word recovery phrase replaces the current user-customizable security question and answer recovery method. It serves as a break-glass method of recovering a Keeper Vault in the event that a user forgets their master password. The recovery phrase generates a unique 256-bit AES key that decrypts a copy of the user's 256-bit AES data key. The data key then decrypts each individual record key, which in turn decrypts each vault record. Keeper has implemented recovery phrases using the same BIP39 word list used to protect crypto wallets. The word list used in BIP39 is a set of 2,048 words used to generate an encryption key with 256 bits of entropy. This method of recovery is commonly used in popular bitcoin and cryptocurrency wallets. Each word in the BIP39 list is carefully selected to improve visibility and make the recovery process less error-prone. "We are thrilled to introduce this revolutionary new feature to our users," said Darren Guccione, CEO and co-founder of Keeper Security. "At Keeper, we are committed to providing our customers with the most advanced and secure password management solutions available. The 24-word recovery phrase is just one example of our ongoing investment in new and more robust technologies to counter emerging cyber threats." Users who have security questions enabled on their vaults will be prompted to replace their security answer with a strong 24-word recovery phrase. It is important for users to store this recovery phrase in a safe place such as a physical safe, and not on a computer, phone or other device. To recover the account and reset the master password, users must have the recovery phrase and also provide an email verification code. For users with 2FA enforced, they must additionally pass the two-factor authentication step. Keeper administrators for business and enterprise accounts have the option of disabling account recovery for their users in the role enforcement policy section of the Keeper Admin Console. Account recovery can be used with SSO-enabled accounts, if enforced by the Keeper administrator. It is important to note that if a user forgets their master password and loses their recovery phrase, they will not be able to access their Keeper vault. Due to Keeper's zero-knowledge architecture, the Keeper team cannot help recover a lost recovery phrase. To utilize this new capability, users are encouraged to ensure that all of their Keeper applications are up to date. For more information about Keeper's password management platform and the 24-word recovery phrase, please visit Keeper's Documentation Portal and Release Notes. About Keeper Security Keeper Security is transforming the way people and organizations around the world secure their passwords, secrets and confidential information. Keeper's easy-to-use cybersecurity platform is built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance. Trusted by millions of individuals and thousands of organizations globally, Keeper is the leader for best-in-class password management, secrets management, privileged access, secure remote access and encrypted messaging. Protect what matters at KeeperSecurity.com.

Read More

ENTERPRISE SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

NordLocker introduces easier secure sharing option

Globenewswire | May 26, 2023

NordLocker has launched a new feature that allows users to securely share a password-protected locker, otherwise known as a folder, of files. In order to receive the sent files, the recipient doesn’t even need to be a NordLocker user. This convenient sharing feature is incredibly easy to use. The files are shared via a link, and the recipient needs a password to access the files. For security purposes, once the set expiration date passes, the link becomes inaccessible. Thanks to NordLocker’s end-to-end encryption, files are fully protected throughout their journey. “Whether it’s holiday videos or a client contract – here at NordLocker we believe that all files should be shared securely. With this new feature, we make secure sharing that much easier,” says Aivaras Vencevicius, head of product at NordLocker. Currently, this feature is available on NordLocker’s web application. Other improvements In addition, NordLocker has introduced biometrics on iOS, which allows a more convenient and quicker login. iOS users are now also able to download NordLocker application logs for more information on their app. As privacy is at NordLocker’s core, it’s worth noting that these activity logs are encrypted and stored on the customer’s side. NordLocker’s customer support can only see it if the user decides to share it with the NordLocker team. “With cybercrime rising every year, file encryption is becoming essential. We see that threats are becoming more sophisticated – phishing emails are becoming harder to detect, and malware is becoming more dangerous and advanced. Therefore I strongly recommend to treat your digital belongings just like you’d treat your physical assets – keep them locked up and secure,” says Aivaras Vencevicius, head of product at NordLocker. ABOUT NORDLOCKER NordLocker is the world’s first end-to-end file encryption tool with a private cloud. It was created by the cybersecurity experts behind NordVPN – one of the most advanced VPN service providers in the world. NordLocker is available for Windows, macOS, Android, iOS, supports all file types, offers a fast and intuitive interface, and guarantees secure sync between devices. With NordLocker, files are protected from hacking, surveillance, and data collection. For more information: nordlocker.com.

Read More

ENTERPRISE IDENTITY, SOFTWARE SECURITY, CLOUD SECURITY

Lookout Announces the Successful Divestiture of Its Consumer Mobile Security Business Segment

Businesswire | June 05, 2023

Lookout, Inc., the endpoint-to-cloud security company, today announced it has closed the previously announced sale of its consumer mobile security business to F-Secure, a global provider of consumer security products and services. With this strategic divestiture Lookout will focus on expanding its core enterprise business, built around the Lookout Cloud Security Platform. The sale of Lookout’s consumer mobile security business represents a deliberate and strategic decision to optimize its enterprise product portfolio and concentrate its product innovation and go-to-market on the expansion of these core competencies. The divestiture sets Lookout up for long-term growth and further positions the Company to address the security transformation impacting organizations today, including the increase in remote work, the shift to cloud-based delivery models and the transition to zero trust architectures. “We are pleased to announce the successful divestiture of our mobile consumer security business, which represents a significant milestone in our strategic transformation to become a pure-play enterprise cybersecurity company,” Jim Dolce, CEO at Lookout. “With this refined focus, we will continue to drive innovation, invest in the development of cutting-edge solutions and drive greater value for our customers.” Lookout’s core enterprise business includes Lookout Mobile Endpoint Security and its security services edge (SSE) cloud-native solution, the Lookout Cloud Security Platform. The Company entered the cloud security market through its acquisition of CipherCloud in March 2021. Its Cloud Security Platform was recently scored among the highest three vendors in the 2023 Gartner Critical Capabilities for Security Service Edge (SSE)1 report in each of the four use cases. The Gartner Critical Capabilities for SSE – an essential companion to the Gartner Magic Quadrant™ for SSE2 in which Lookout was named a Visionary for the second year in a row – is a comparative analysis that scores products or services against a set of critical differentiators that every business needs, as identified by Gartner. These four use cases include Secure Web and Cloud Usage, Detect and Mitigate Threats, Connect and Secure Remote Workers and Identify and Protect Sensitive Information. As part of the sale agreement, F-Secure acquires all of the Lookout consumer mobile security products and technology and assumes all responsibility for ongoing operations and customer relationships. Additionally, the Company’s consumer employees will become part of F-Secure. About Lookout Lookout, Inc. is the endpoint-to-cloud cybersecurity company that delivers zero trust security by reducing risk and protecting data wherever it goes, without boundaries or limits. Our unified, cloud-native platform safeguards digital information across devices, apps, networks and clouds and is as fluid and flexible as the modern digital world. Lookout is trusted by enterprises and government agencies of all sizes to protect the sensitive data they care about most, enabling them to work and connect freely and safely. To learn more about the Lookout Cloud Security Platform, visit www.lookout.com and follow Lookout on our blog, LinkedIn and Twitter. © 2023 Lookout, Inc. LOOKOUT®, the Lookout Shield Design®, LOOKOUT with Shield Design®, and SIGNAL FLARE® are registered trademarks of Lookout, Inc. in the United States and other countries. DAY OF SHECURITY®, LOOKOUT MOBILE SECURITY®, and POWERED BY LOOKOUT® are registered trademarks of Lookout, Inc. in the United States. Lookout, Inc. maintains common law trademark rights in EVERYTHING IS OK, PROTECTED BY LOOKOUT, CIPHERCLOUD, SCREAM, the 4 Bar Shield Design, and the Lookout multi-color/multi-shaded Wingspan design.

Read More