Tag: mobile security

What Is a VPN?

VPN: A Closer Look

VPN. If you hadn’t heard these three letters together before March 2020, you’ve surely heard them now. With businesses and their employees the world over exposed to work from home scenarios – many for the first time – any conversation about secure remote access involves the term. So what is a VPN? The very basic definition is – it’s a virtual private network. But that phrase is just begging for further explanation. So gather ‘round – virtually of course – as we unpack VPNs and why they’re so important for telework.

Virtual

The virtual part of VPN means just that – it requires no physical connection. Instead, a virtual tunneling protocol establishes the connection. Gophers would be jealous of the number of these tunnels out there, but of course, they don’t damage any golf courses or yards. The tunneling is achieved by a process known as encapsulation. Basically, while your remote user’s data still does have to travel through the public internet to get to the other side (i.e. your network), the virtual tunnel covers it. That means, it’s private.

Private

So the tunnel itself offers privacy to a degree, but to achieve the full security benefits of a VPN, it must be encrypted. The public internet can see that a tunnel exists, but encryption – either via SSL (secure sockets layer) or IPSec (internet protocol security) prevents anyone from seeing what’s inside. The user and the network the user connects to are the only ones who can decrypt it, with passwords (multifactor authentication recommended) and certificates.

Getting back to the types, while both SSL and IPSec provide the encryption needed to keep that virtual tunnel private, there are a couple key differences. SSL VPN allows secure remote access through a web browser – without requiring specialized client software – making it simple to deploy. Unlike SSL, IPSec VPN functions at the network layer, and it does typically require a separate hardware or software solution. We compared SonicWall’s VPN service offerings (one SSL and one IPSec) in a recent post, and in a handy chart that could offer some assistance as to which is best for your scenario.

Oh and one more note on privacy, when a user connects via VPN, it also obscures the device’s IP address. That means someone trying to track its location will only get the IP address of the network the user is connected to – a feature many non-business users find handy.

Network

So in our quest to answer the question “what is a VPN?” we’ve explored the virtual and private aspects, now let’s examine the network component. Network in this case means a user’s remote device is connected to your organization’s network. Depending on the connection type, they may have access to all of it, or just specified apps, services, and files. Either way, the VPN connection allows users access to what they need to get work done – all while protected by your existing network security. A VPN in essence extends your network’s reach to wherever your employees need to access it. And in the age of the teleworker, this secure remote access is a must.

Is your VPN connection a little slow?

Check out our video for some tips on how to speed up your VPN connection:

For more talk about all things network security, take a listen to our Ping Podcast, available wherever you listen. And for all your cybersecurity research needs in one place, visit our Knowledge Hub.

Don’t Give Me Them Digits: Cyber criminals target mobile phone numbers

You’ve got a chip in your credit card. Your social security card’s locked away in a safe. Now cyber criminals are turning their attention to another number: your mobile phone number. Next time that creep at the bar asks for your digits, you may have more to worry over than turning down a date.

Why criminals are targeting mobile phones

As security around financial data tightens, hackers have set their sights on mobile numbers, which tick many of the same boxes as your social security or credit card combos:

  • It’s unique to you
  • It’s one of the most common pieces of info stored in databases
  • It’s a crucial step in identifying yourself to financial authorities

Criminals are using this information to take over accounts using a patchwork of personally identifying information gleaned from multiple databases. In 2016, over 160,000 mobile accounts were usurped according to studies conducted by Javelin Strategy & Research–a record high for fraudsters.

And the kicker? Losing control of your phone number creates logistical nightmares when it comes time to prove ownership in the aftermath of an attack. Many companies request to verify account ownership either over VoiP or SMS and if you are no longer in control of the phone line, proving your identity becomes a challenge outside the norms of account recovery.

How to prevent a mobile phone takeover

  • Distribute your number judiciously
  • Use a secondary or virtual phone number for account signups
  • Do not reuse passwords over multiple accounts
  • Avoid using public WiFi when accessing sensitive information
  • Use two-factor authentication where possible
  • Take advantage of mobile security platforms like Sophos Central Mobile Security

Learn about more cyber threats

Hungry for more insight into Internet threats? Check out the Firewalls.com Threat Dictionary to learn about all of the latest network security threats.

Prefer to listen and learn? Check out Episode 5 of Ping: A Firewalls.com Podcast where we talk cyber threats with SonicWall’s Daniel Kremers and Fortinet’s Douglas Santos.

Secrets of the Mysterious & Ubiquitous Internet of Things

Without peeking, tell me the number of Internet-connected devices in the room with you. How about in the whole building? In 2017, it’s likely that the building itself is connected to the Internet. Whether it be through mobile-controlled thermostats, security cameras, or the traffic lights right outside your window, you live in a reality in which an Internet-capable device is likely within a few steps of you at any given time. This is the Internet of Things. And while the name doesn’t seem all that inspired (the term was coined by Kevin Ashton of MIT’s Auto-ID Center in 1999), it describes a nebulous world of Wi-Fi, RFID, and microcode that affects just about every transaction and interaction throughout your day.

As years pass, the Internet of Things grows. When an app is launched allowing you to refill your dog’s food bowl while you’re at the office, the Internet of Things grows. When cutting-edge garden tech allows you to water your herbs from halfway around the globe, the Internet of Things grows.

It is important to understand, though, that the IoT is not Skynet biding time to build its cyberspace army. The IoT is used to automate inventory and improve communications between people. It assists in search and rescue operations and monitor heart implants. Nonetheless, for all of the good that the IoT is capable of, it nurtures growing security risks as well.

So What is the Internet of Things?

The Internet of Things is an umbrella term describing the vast array of Internet-accessing devices that we interact with on a daily basis. This includes mobile devices, vehicles, buildings, thermostats, home appliances, street cameras, air purifiers, refrigerators, childrens’ toys, and much more. Objects that possess sensors, software, or microchips are known as cyber-physical systems and likely to fall under the IoT umbrella. The concept is hard to wrap your head around because it reaches across every industry and every channel one could imagine.

The great fear in the cyber security world in regards to the IoT is a potential for hackers to remotely access and control devices over networks shared by the IoT.

Welcome Aboard: An IoT Metaphor

Let’s picture the Internet of Things as a cruise liner. The klaxons sound in response to an engine room breach–in the case of the IoT, a hacker; in the case of our cruise liner, a hole in the haul—and seamen begin to combat the leak.

Water-tight hatches are sealed between various compartments of the ship, ensuring that water coming in through the engine room is unable to spread into neighboring compartments. However, in our IoT analogy, there’s an open pipe running from the engine room to the officers’ quarters because the sailors requested soda fountains. Another pipe runs from the engine room to the storage compartments because water is needed to humidify the air. A third set of pipes runs between the engine room and the ballast compartments for regulating buoyancy. Even though the maintenance team has sealed off all the main hatches between compartments, the leak continues to spread through the innumerable channels made possible by the demands of the crew.

Issues of IoT Vulnerability in the Real World

 

 

 

 

  • FBI Announcement for IoT Toys – On Monday the 17th, the Federal Bureau of Investigation issued a consumer notice to parents warning them of the threats associated with Internet-connected toys. As interactive toys grow in popularity, toys are being made with sensors, microchips, data storage, microphones, cameras, and more. The FBI warns that these types of toys may be used to compromise the privacy of children. The Public Service Announcement can be found here.
  • IoT Security is Expensive – The costs associated with IoT security are rapidly growing to keep pace with the sheer size of the Internet of Things and the ripe potential for bad guys to exploit it. According to a white paper published by Altman Vilandrie & Co., the IoT is projected to encompass 18,000,000,000 devices by 2022. That’s more than double the number of human beings on the planet. Altman Vilandrie also estimated that spending on IoT security will outgrow spending on “traditional” cyber security at a rate of nearly two and a half times.
  • Passenger Drones Over Dubai – And the award for “Most Terrifying Place to Learn About IoT Breaches” goes to… the inside of a passenger drone hovering hundreds of feet above the ground. Dubai has announced its intention to implement passenger-carrying quadcopters as exasperatingly luxurious taxis in the summer of 2018. Passengers will have no manual controls, relying instead on Internet-connected GPS to deliver them at their destination. Keep an eye out for this new cyber security threat to become a special effects whirlwind shoehorned into the next James Bond film!

 

 

 

 

Optimizing Security for the IoT

  • Disable UPnP – Many firewalls and routers possess a feature known as Universal Plug and Play (UPnP). This setting allows a device to plug into a network and configure itself, making it more convenient and mobile. However, this extra versatility comes at a price: security experts believe that UPnP may allow exploits to automatically jump from the IoT to the network during configuration. Once your appliance is positioned, it is a great idea to disable UPnP. Learn more about UPnP from our friends at Sophos.
  • Strengthen Your Passwords – Yes, this is the same advice we give to those seeking to optimize their more traditional cyber security. However, the IoT carries with it further complications in this arena: in many cases when one wants to set a password, they are presented with a numpad and asked to enter a 4-digit PIN. This can make it difficult to secure your devices with strong enough passwords. We suggest that you create a unique password for each device. Yes, it will mean that you have a lot more passwords to keep track of, but it does protect your data in case of a breach.
  • Patch Your Firmware – Wow, I think we’ve heard this one before too! Again we cannot stress enough the importance of keeping your security patches and firmware up to date. If you dissect most major cyber attacks, you will discover over and over and over that the affected demographics tends to gravitate around those who shrug and ignore the latest updates. In the IoT world, firmware may also sometimes be referred to as “microcode.”
  • Segregate IoT Devices to Your Guest Network – Many businesses now provide guest networks that remain overtly separate from their private network. Doing so provides the peace of mind that some schmuck on the street isn’t going to walk into your lobby, connect to your wireless network, and spread his nasty bugs around your system. If possible, try to quarantine as many IoT devices onto this guest network as possible. This way if a breach does occur, your most precious data is sheltered.

The cyber security industry absolutely buzzes with excitement, anxiety, and doubt when the discussion turns to the Internet of Things. It is an explosive matter. The IoT will continue to grow. Its ability to make our lives more convenient and connected will continue to grow. So too will the threats and vulnerabilities that it represents. Expect to see high-profile news stories revolving around Internet-connected objects and expect to see your budget in this area balloon as the IoT expands. From cars to toys to cameras, every industry and interest contributes to the ever-expanding galaxy that is the Internet of Things.

Firewalls.com is a value-added reseller of firewall appliances & a vendor of managed security and Firewall-as-a-Service support. Our engineers are rigorously trained and certified by all of the major manufacturers that we partner with. Whether you’re looking to add an appliance to your security set-up or seek ongoing support from seasoned experts, we can provide the security solutions necessary to get you secure and keep you secure. Contact one of our knowledgeable sales staff to answer any questions you may have about your network, our firewalls, or the Internet of Things!

You can also follow us on Twitter and Facebook.