With the hustle and bustle of day-to-day life a personal assistant surely would come in handy, right? While this may not be fiscally responsible, maybe a voice assistant would be. In our last article, The Ping: Voice Assistants, we discussed how a voice assistant can manage a lot of your needs. Things such as the weather for the day, the traffic to work and your grocery list. However, sometimes just managing your house is what you need the most help with. Are you aware that they can do that too and what they are really managing?
We have all seen those commercials with an actor speaking to a voice assistant and making jokes. They seem pretty catchy and entertaining and elude to ultimately resolving all of their day-to-day issues. While that seems like it would be life changing, do we really know how these devices work? What can they do?
Active Directory seems to be one of those common buzzwords that gets thrown around like “the cloud” or “cybersecurity” but what is Active Directory and why does your organization need it?
So you might have heard the buzzwords “2FA” or “Multi-factor Authentication” thrown around a lot lately. The use of 2FA has become increasingly popular over the last few years. Apple has started prompting their users to activate this more advanced form of security. Your child’s Xbox Live account is now also prompting them to activate and use 2FA. Software you use at work, particularly credit card processing software, may also require card access or a 6 digit code. So that begs the question: what is multi-factor authentication?
How Does Email Work?
Creating and sending an email may seem like a magical process that happens all on its own, but it’s actually a little more complicated than that. So how does it work? To get an email to your intended recipient, you send an email from your server to their server via the internet. This is done using SMTP (Simple Mail Transfer Protocol). Seems simple, right? It doesn’t stop there. In order to ensure the safety of that email’s contents, your everyday applications use TLS (Transport Layer Security) to send that email securely across the network.
2019 is here, and it is a special year for all concerned due to many Microsoft products going End of Life (EOL) in January of 2020. We’ve covered the whys of EOL in previous pings, so in this edition we would like to remind you of the importance of keeping your servers updated and workstations rebooted when prompted. We discussed this necessity in The Ping: Updates and Upgrades, and we encourage you to review it. Staying ahead of the game will help prevent down time from malware and slow systems or hardware crashes. This edition of “The Ping!” should answer any lingering questions about Microsoft’s EOL policy and dates.
As the year draws to a close, we want to remind you of how important it is to stay diligent with your cybersecurity awareness training and security updates. This year, like years past, cybersecurity breaches have topped headline news and may have affected you personally. Let’s review some of the larger breaches and malware risks this year. These are security breaches that allowed someone or some group to access personal information, and they could even access some examples of how that information was used.
For each area of concern with sensitive data, there are published guidelines to follow in order to achieve compliance. Reading and digesting the guidelines in whole can be a difficult task. There are decision making tools, technical requirement write-ups, security policies, and security procedures to pour through. So, without getting into the nitty gritty, we want to answer some of the frequently asked questions that come our way.
Criminal Justice Information Services (CJIS)
Criminal Justice Information Services, or CJIS, is a division of the FBI that provides criminal justice information needed to perform law enforcement duties. It “serve[s] as the focal point and central repository for criminal justice information services in the FBI.” – FBI. In Texas this information is disseminated via the DPS and includes details such as vehicle registration, criminal history, driver’s license, license plate, firearm, etc. Because this information is highly sensitive and needs to be protected, CJIS provides security compliance requirements and performs audits to ensure these requirements are being met. Below are just a few example requirements of the Security Policy…
- Security Awareness Training
- Perimeter Intrusion Detection
- Advanced Authentication
- Maintain Log History
- Change Management
- Device Encryption
Failing a single audit flags an agency as non-compliant. If compliance is not achieved, the agency can lose access to the information and tools needed to perform their duties.