Categories
Newss Technology

Microsoft Defender ATP gets new Threat & Vulnerability Management functionality

Microsoft has announced the general availability of Threat & Vulnerability Management solution. The tech giant says the solution was made available on June 30 and provides real-time vulnerability management to the organizations.

The new solution is a built-in capability in Microsoft Defender ATP (Advanced Threat Protection). The Microsoft Defender ATP uses a risk-based approach to discover, prioritize, and mitigate endpoint vulnerabilities and misconfigurations.

While designing the solution, Microsoft worked with a dozen of enterprise customers including Telit, a global leader in IoT enablement, to understand the limitations and complications of the existing processes.

During the process, Microsoft found that the current approaches being used to scan vulnerabilities are slow and periodical. This could lead to security blind spots between scans, flooding the organizations with vulnerabilities. Further, manual mitigation of vulnerabilities sometimes takes days, weeks, or months to complete. Hence, attackers have a window to attack the enterprises.

Threat & Vulnerability Management solution is aimed to address these issues.

“Our goal is to empower defenders with the tools they need to better protect against evolving threats, and we believe this solution will help provide that additional visibility and agility they need,” wrote Rob Lefferts, Corporate Vice President at Microsoft Security, in a blog post.

The new offering will provide several benefits to customers, like enabling continuous discovery of vulnerabilities and misconfigurations, and business-context based prioritization and dynamic threat landscape. It will provide correlation of vulnerabilities with endpoint detection and response (EDR) alerts to expose breach insights.

Customers will also get machine-level vulnerability context during incident investigations, built-in remediation processes through integration with Microsoft Intune and Microsoft System Center Configuration Manager.

The new TVM solution is now generally available. Existing customers can find it in Microsoft Defender ATP portal. New customers can take a free trail here.

READ NEXT: Microsoft empowers Indian startups to scale globally with new initiative and venture fund expansion

Categories
News

NEC Server Software Enables Advanced and Secure Login to Websites in Compliance with FIDO2

NEC Corporation announced today the availability of its enhanced NC7000-3A server software, which will enable simple, secure and swift authentication of users for access to websites and mobile applications through biometric authentication.

In addition, NEC is also releasing SDK-based voice authentication that accurately identifies users by extracting the unique characteristics of their voices when they speak predetermined phrases. The FIDO2(1)-compliant server software and updated SDKs are scheduled to be available in July and August 2019 respectively.

NC7000-3A integrates with business/service provider user profiles and manages authentication activities for web services. This software is a FIDO-certified product that enables users to be authenticated without sending biometric information or any other personal information outside of a terminal, thereby reducing the risk of compromising biometric identities and passwords.

Following this update, NC7000-3A server software is now certified with the FIDO2 standards established by the FIDO Alliance(2), which promotes international standards for “password-less” online user verification.

Existing NC7000-3A server software is certified with FIDO UAF, which allows users to login with biometric authentication when using mobile applications, such as online banking. This latest update also supports FIDO2, which enables users of PCs and smartphones to use biometric authentication when logging in to websites as well. FIDO2 capability enables login using external authentication devices, such as security keys, through USB/NFC/Bluetooth communication standards.

In addition, SDK that support a variety of authentication options, including fingerprint, face and voice recognition, are available for Android OS and iOS, enabling customers to freely select and combine multimodal authentication.

This server software and SDK will improve the convenience of logging in and prevent spoofing, which will contribute to the security of web services that require identity authentication. Specifically, it will enable password-less authentication for e-commerce, digital banking, and web services provided by municipalities and government agencies.

Under NEC’s “Mid-term Management Plan 2020,” the company is actively promoting services in new fields that leverage network strengths. Through this software, NEC is flexibly leveraging its networks to accelerate the provision of NEC Smart Connectivity(3), which links data generated by people and industry to create new social value.

“The NC7000 series is at the core of the NEC Smart Connectivity program and has a solid record of installations for financial institutions and telecommunications carriers,” said Takashi Sato, General Manager, Digital Services Solution Division, NEC Corporation. “This enhancement strengthens the role of Bio-IDiom(4), NEC’s portfolio of biometric solutions, in the provision of highly secure and convenient user certification, which supports the realization of a society where people, goods and services are reliably linked.”

Andrew Shikiar, executive director and chief marketing officer, FIDO Alliance, added: “NEC’s consistent efforts as a FIDO Alliance sponsor member help to promote the evolution and globalization of simpler, stronger FIDO Authentication. We are pleased to see NEC introduce its FIDO2 Certified server today as part of the strong and continuously growing ecosystem aimed to reduce the world’s reliance on passwords.”

“I am very pleased to see NEC obtain FIDO2 certification and to reinforce its standing as a member of the FIDO Alliance, whose goal is to supplant reliance on passwords,” said Koichi Moriyama, a Member of the FIDO Alliance Executive Council, Chairman of the Japan Working Group, Senior Director of Product Innovation, Product Department, NTT DOCOMO, INC. “As one of Japan’s leading ICT companies, we look forward to working together to accelerate efforts to create a world without passwords through deployment of FIDO certified products.”

References:
(1) https://fidoalliance.org/fido2/
(2) https://www.fidoalliance.org
(3) This is a collective term for network services that leverage NEC’s expertise and track record in network technologies and related solutions. We will utilize 5G and LPWA to create new data distribution that connects previously untapped data in various fields, such as social infrastructures, manufacturing, and retail, and delivers it to the people and goods they need.
(4) “Bio-IDiom” is NEC’s portfolio of biometric identification solutions, including face, iris, fingerprint, palm print, finger vein, voice, and ear acoustic solutions.
https://www.nec.com/en/global/solutions/biometrics/index.html

READ NEXT: Defend your business from modern-day cyber attacks with these 3 tips

Categories
Articles

Top 3 time-consuming IT tasks and how to automate them

In our hyper-connected digital age, there has never been more pressure on IT departments to ensure the smooth, cohesive and successful running of their organization’s internal infrastructure.

Regardless of your sector or industry, in many ways, your IT department is the backbone of your entire operation. If your IT department is inefficient, every element of your business will suffer.

As digital technologies evolve, opportunities to automate key aspects of your IT department’s daily initiatives continue to emerge.

IT automation has the power to make your organization more secure, more productive and more time efficient than ever before. Here we explore the three most time-consuming tasks facing today’s IT departments and how it’s possible to automate them to your advantage.

Distribution

Fundamentally, software distribution encompasses each of the aforementioned areas and more.

As contemporary IT systems become increasingly complex, not only do they consume colossal levels of bandwidth, but they take an incredibly large amount of time to manage. That said (you might be spotting a theme at this point), automating key elements of your software distribution strategy is the way forward.

How? Concerning the automation and general improvement of your internal software distribution processes, the route to success is stripping down your physical assets by basing the majority of your system’s key components in the cloud. In turn, this will eliminate the need to invest in expensive infrastructure or become hindered by time-consuming processes.

By examining your current infrastructure and identifying what you can trade for the cloud, you’ll foster efficiency while creating a clear-cut path for distribution-based automation.

Cloud-based IT software distribution solutions serve to automate these most intricate of processes while increasing operational efficiency and consuming far less bandwidth – the key ingredients to operational success.

 

“Every once in a while, a new technology, an old problem, and a big idea turn into an innovation.”  – Dean Kamen

Across the board, software deployment can drain a huge amount of time, money and resources. But, by automating your IT department’s most frequent or critical processes, you will save tons of time and free up your department’s schedule to take care of other tasks in the pipeline.

Maintenance

Regular IT maintenance is integral to the ongoing health and success of your organization.

Ensuring that every component of your infrastructure is operational, updated and working to its optimum capacity is incredibly time-consuming.

But, while performing system maintenance was once a primarily manual task, IT automation solutions have made it possible to deploy tailored maintenance plans at predetermined times and frequencies, making the whole process secure, controlled and fluid from start to finish. A time-saving innovation with an endless stream of organizational benefits.

How? On an individual basis, installing automated disk check or cleanup software and scheduling periodical updates on each computer within your company’s system will ensure the ongoing performance and health of each cog in the wheel, so to speak.

Moreover, using your operating software’s in-built system backup automation, programming it to operate on a regular basis, you will keep on top of your maintenance duties with minimal intervention.

On a wider scale, utilizing a cloud-based software solution powered by micro-agents will help you perform such tasks on larger, more complex systems while ensuring all of your files, assets and efforts are securely backed up in the cloud, thus ensuring security, while saving you energy to apply on other aspects of the business.

Security

In the age of information, cybersecurity is of paramount importance. On an average, there are over 130 large-scale, targeted breaches in the US alone every year, a number that is growing by 27% every 12 months.

Any form of a cyber breach can prove devastating to your business and it’s the responsibility of your IT department to fortify the organization against any potential attacks.

System troubleshooting, updates, security software installation and patch management activities are not only incredibly time-consuming but as a regular task, they present an ongoing challenge for over-stretched IT departments.

By automating all of these vital processes, you will ensure the ongoing protection of your business empire while empowering your IT operatives to focus on more strategic initiatives that further benefit the organization.

How? As cybersecurity is so integral to your company’s future, it’s important to note that while getting autonomous tech to do most of the heavy lifting will prove incredibly effective – you must work collaboratively with your IT department to ensure that your automated initiatives are working to the best of their abilities to avoid any unforeseen breaches.

When looking at autonomous security solutions, it’s important to consider your existing platforms as well as the size of your company and choose your tools accordingly. To really win in the battle against corporate targeting cyber criminals, you will need to look for the following qualities in potential protection-based automated solutions:

  • The ability to detect existing weaknesses in your infrastructure or system.
  • The ability to run regular routine security checks and software updates.
  • The ability to scale seamlessly with the growth of your organization.
  • The ability to record all of your patching activity for security data and auditing processes.

For more IT-enhancing insights for your business, read about the top five collaboration tools for DevOps teams.

Guest Author- Jeff Broth

Jeff Broth is a business writer, mentor, and cybersecurity advisor. He has been consulting both enterprises and SMBs for the past seven years.
Categories
Cloud Cloud News Event

Discover new IT strategies, products and services, and learn from peers at the Interop 2019—an unbiased IT conference

Global information technology (IT) services market is expected to reach $748 billion by 2020. — Statista

The IT sector is a key driving force for the global economy and also has its cascading effect on other industries and markets.

Cloud computing, data analytics, software development, artificial intelligence, and other emerging technologies have now become the basic requirements for every business to survive in the era of digital transformation.

Innovation is knocking the doors of every industry. This has made all the enterprises today to adopt IT technologies to improve customer experience, optimize time to market, enhance operational efficiency, as well as reduce operating costs.

To provide enterprises and IT leaders a complete objective view of the things happening across all IT disciplines, Interop 2019 is coming to Las Vegas on May 20-23.

Interop 2019 conference- At a glance

With the theme— Keeping IT Real, the Interop 2019 is an unbiased IT conference that will help attendees to discover new strategies, products, and services. It will also help them hear from peers in the industry facing similar challenges and issues.Interop 2019

Interop is an independent platform where IT professionals can meet and learn from each other about everything that is going on in the industry. It will feature speakers from industry leaders like Google, Microsoft, Juniper Networks, Cisco, Delta Dental, and Red Hat.

The conference will witness all levels of IT and business professionals who are tasked with leveraging technology to drive their organizations forward.

Topics to be discussed at Interop 2019

The four-day conference will cover all the aspects of the IT industry that can help attendees to develop the necessary skills for managing a successful IT organization.

  • Cloud
  • Data & Analytics
  • DevOps
  • Emerging Tech
  • Infrastructure
  • IT Strategy
  • Professional Development
  • Security

Expert speakers at the Interop 2019

  1. Shawn Anderson, Executive Security Advisor, Microsoft
  2. Sonia Cuff, Cloud Advocate, Microsoft
  3. Khadija Mustafa, Sr. Director of Business AI, Microsoft
  4. Jim Carey, Product Management Lead, IBM
  5. Michael Melore, Cyber Security Advisor, IBM
  6. Doug Lhotka, Cybersecurity Architect, IBM
  7. Aurora Morales, Search Outreach Specialist, Google
  8. Ajay Chenampara, Domain Architect, Red Hat
  9. Renee McKaskle, CIO, Hitachi Vantara
  10. Matthew Oswalt, Network Reliability Engineer, Juniper Networks
  11. Hank Preston, Network Engineer, Cisco
  12. Jasdeep Singh, Security Engineer, AT&T
  13. Shekar Atmakur, Manager, KPMG
  14. Deborah Adleman, Director, US and Americas Data Protection Leader, EY
  15. Genetha Gray, Lead People Research Scientist, Salesforce

To check the full list of speakers, click here.

Why attend Interop 2019— the unbiased IT conference?

Unlike a typical vendor show, the Interop will provide an unbiased view of the things that are going on across IT sector and the way other IT leaders are keeping up with the rapid pace of change.

Here are the key benefits of attending the Interop IT conference:

  • Attendees will be able to take their career to the next level with IT education. This education will be completely based on truths, vendor-agnostic, and experiences from real-world.
  • Meet the industry leaders and disruptive newcomers in the IT sector.
  • Interact with the peers, exchange ideas, and have conversations with them in a relaxed and mutual environment.
  • Have fun in the Las Vegas—TechFair, yoga, 5K run, and attendee party.

Registration

To know about the passes & prices and register for the event, follow this link.

Daily Host News (DHN) is the official media partner of this event. Stay tuned with us for latest updates.

Categories
Newss

50% of employees use apps and software not approved by the enterprise: Igloo report

Employees are confident about the security of the tools and systems implemented by their companies. But their behavior is risky when it comes to sharing confidential information. As per a recent report by Igloo, 69% of employees use email for storing or sharing confidential information.

Igloo, a leading provider of intranet software & digital workplace solutions, surveyed over 2,000 individuals at companies with 250+ employees. In the report titled “2019 State of the Digital Workplace”, the company said that push for the digital transformation in the enterprise is rapidly accelerating.

Below are the key findings of Igloo’s 2019 State of the Digital Workplace report:

  • Remote employees feel left out because of traditional technologies

Today, the remote working culture is trending as more and more companies allow employees to work from outside the office. But the remote workers face several challenges.

As per the report, 69% of remote workers said that they faced challenges which aren’t faced by the employees who work from the office.

They feel missing out on information (56%), being excluded from meetings (54%), and struggling to access important documents (43%).

These challenges can be solved by adopting a modern and digital workplace.

  • Knowledge-sharing and collaboration practices remain risky

91% of employees are confident about the collaboration tools provided by the company that they would allow only authorized individuals. However, their behavior is risky when it comes to sharing confidential data. 69% of them use emails to store or share that data, 45% use shared document drives, and 38% use intranet. Only 14% of employees use secure FTP.

50% of employees use apps that aren’t approved by the enterprise. Of them, 55% use non-approved apps to avoid being tracked by the company, while 62% use these for ease of use.

Also read: 97% of enterprises perform data backup at least once a year: Acronis’ World Backup Day survey

  • Majority of intranet solutions aren’t meeting collaboration needs

80% of employees said that they use the intranet, majorly for communication, collaboration, and information sharing. However, respondents said that they found it difficult to find the resources that allow them to do so.

A lot of them reported difficulty in finding the right documents. 43% said that they chose to avoid sharing a document with a colleague because they found it difficult to find the document.

To download the full “2019 State of the Digital Workplace” report, click here.

Images source: Igloo

Categories
Newss Wordpress

Flaw in YellowPencil plugin leaves over 30K WordPress sites open to hacking

YellowPencil, a popular WordPress plugin for visual style editing, has got hacked. Last week, the attackers infected the plugin with a couple of software vulnerabilities that could allow them to update arbitrary options on vulnerable websites.

If any website with active YellowPencil installation is hacked, the attackers gain the ability to make changes to the URLs of the website and the homepage. They could do it using unauthenticated SQL injection.

The plugin has more 36,000 downloads, which means that the number of vulnerable websites was high. On 8th April, WordPress closed this plugin on its repository of plugins. It is now not available for download.

According to researchers at Wordfence, “The first flaw that enables this attack is present in the yellow-pencil.php file within the plugin. The yp_remote_get_first() function is called on every page load and checks if a specific request parameter (yp_remote_get) has been set. If it has, the plugin escalates privileges to that of an administrator for the remainder of the request.”

When the parameter status is checked out, the plugin enables the attackers to take actions on websites, which are usually meant to be done from administrators only.

But what is scarier is that the YellowPencil plugin hack is part of a larger campaign that is run by the same attacking group, according to researchers at Wordfence.

“Exploits so far are using a malicious script hosted on a domain, hellofromhony[.]com , which resolves to 176.123.9[.]53.”

Also read: Microsoft develops SECCON framework to strengthen security of Windows 10 devices

The developers behind the YellowPencil have fixed the vulnerability with a new update. To avoid the websites from getting into the hands of attackers, users must update their plugin to the latest version. All the older versions of YellowPencil are currently at risk.

Categories
Newss

Microsoft develops SECCON framework to strengthen security of Windows 10 devices

Microsoft has developed a new security configuration framework that will define the security levels required for the Windows 10 devices among enterprises.

Called SECCON, the new framework will simplify security configuration while still providing flexibility to balance, security, productivity, and user experience. Microsoft has defined five security levels for addressing the security needs of Windows 10 devices.

The reason behind developing SECCON framework is that there are thousands of group policies available in Windows. This makes the security configuration complex and makes it difficult for users to choose the best setting. They aren’t sure about the right policies needed for the implementation of a complete scenario. Sometimes they face unintended consequences of security lockdowns.

SECCON will organize the devices into one of 5 distinct security configurations.

  • Level 5 (Enterprise Security)

This should be the minimum level of the security configuration for enterprise devices.

  • Level 4 (Enterprise High Security)

The enterprise devices using which sensitive or confidential information is accessed, should use this level of security configuration.

  • Level 3 (Enterprise VIP Security)

The devices used by larger or more sophisticated security teams, or users who are at high risk, should have Enterprise VIP Security configuration. Recommendations for this level of security can be a little complex because it may need the removal of local admin rights for some organizations, which can take a lot of time.

  • Level 2 (DevOps Workstation)

The devices used by developers and testers should have the DevOps Workstation security configuration. They have access to servers and systems that consist of valuable data and critical functions.

  • Level 1 (Administrator Workstation)

Administrators of identity or security systems present the highest risk to the organization. Their compromised device can cause data theft, data alteration, or service disruption.

Also read: Microsoft expands its intellectual property program to include Azure IoT ecosystem and startups

“In the past, we left defining the security configuration for Windows 10 as a task for every customer to sort out. As a result, we saw as many different configurations as we saw customers. Standardization has many advantages, so we developed a security configuration framework to help simplify security configuration,” concluded Chris Jackson, Principal Program Manager, Microsoft in a blog post.

Categories
News

ZNet Technologies enters into PKI solutions distribution business; partners with GlobalSign

ZNet Technologies to address the growing demand for IT security services in the regional Indian markets by making available wide range of GlobalSign SSL solutions via its partner network

ZNet Technologies (a subsidiary of RP tech India), India’s leading cloud services provider offering cloud infrastructure and managed services to partners and end customers across the globe, today announced that it has entered into IT security services distribution business by joining hands with GMO GlobalSign.

GlobalSign is a leading provider of trusted identity and security solutions for the enterprises and one of the longest established Certificate Authority (CA) in the world.

Becoming a distributor will enable ZNet Technologies to have all the requisite tools and resources to facilitate the adoption of a wide range of GlobalSign’s identity and security solutions in the regional market with the help of its vast partner network.

The solutions include Web Server Security, Authentication & Access Control, Secure Email, Code & Document Signing, and managed platforms for SSL and PKI (Public Key Infrastructure) as well as more diverse range of integration solutions such as Auto Enrollment Gateway utilizing Active Directory.

“We are honored that GlobalSign, a leader in global PKI, IoT (Internet of Things) and digital signing solutions, has chosen ZNet Technologies as their distributor for India. Organizations want the right security tools in place to be able to run their digital businesses effectively without having to worry about identity theft, email phishing, securing their network traffic, etc. With advanced solutions in these areas from GlobalSign, ZNet will be able to work with partners to build a more secure IT set-up for businesses.,” said Munesh Jadoun, CEO & Founder, ZNet Technologies.

Also read: RP tech India enters into cloud business with the acquisition of ZNet Technologies

“We are excited to have ZNet Technologies as one of our prominent partners in India. They have a vast network of partners and their expertise and dedication towards security is very admirable, and we look forward to working together,” said Aditya Anand, General Manager, India, SAARC & Middle East, GMO GlobalSign.

Categories
Cloud Cloud News Newss

MariaDB unveils Enterprise Server for mission-critical workloads

The prominent database provider MariaDB has unveiled a new enterprise-grade server to provide high stability and security for mission-critical applications.

Announced at MariaDB OpenWorks conference in New York, the new MariaDB Enterprise Server comes with influential auditing, and faster and reliable backups for large databases. It will provide an end-to-end encryption for all the data in MariaDB clusters, so that production workloads can’t be compromised by anyone.

Enterprises currently use MariaDB Community Server for specific demands. The features available with new MariaDB Enterprise Server are not available with Community Server. To allow customers on older releases to access new features, the company has backported the new server to earlier supported versions.

MariaDB Enterprise Server aims to provide a strengthened database solution to organizations, for production-grade environments. It will assure quality and test performance at scale for the enterprise applications.

“We’re seeing that our enterprise customers have very different needs from the average community user,” said Max Mether, VP of Server Product Management, MariaDB Corporation.

“These customers are working on a completely different scale with a strong focus on stability and security. In order to be able to cater to these requirements, it is clear that we need to focus on a different solution by creating another version of MariaDB Server specifically focused on enterprise production workloads.”

For increased stability, the company will focus on addressing the defects in new server, whenever identified.

Moreover, MariaDB said that it has distributed the new server securely with a clearly established chain of custody. This will ensure that binaries can’t be compromised.

MariaDB Enterprise Server 10.4 is expected to be available with next version of MariaDB Platform in Spring 2019. The company will also release the GA versions of the new server (v10.2 and v10.3) in Spring.

Also read: MariaDB acquires Clustrix to advance its database platform

Additionally, MariaDB has appointed the cloud database leader Mark Porter as an advisor to the board of directors. Mark used to work with Amazon Web Services (AWS) Relational Database Service (RDS) and Oracle. He will leverage his expertise in cloud, distributed systems, and database operations at scale to advance MariaDB’s cloud strategy.

“Mark’s guidance will be a tremendous asset in building a next-generation MariaDB cloud,” said Michael Howard, CEO, MariaDB Corporation.

“Mark has a proven record of operating and scaling database services while driving rapid growth. SkySQL is designed from the ground up to offer the best MariaDB service for multi cloud, including private cloud environments. It offers enterprise product capabilities beyond the MariaDB community server, that is used widely in public clouds, to ensure quality of service, security and features otherwise only found in proprietary legacy databases.”

Image source: MariaDB

Categories
Newss

Carelessness of employees leading to enterprise security concerns: Microsoft report

Poor security habits within large public sector and commercial organizations are leading to loss of important data and intellectual property. According to a report by Microsoft Ireland, 22% of employees write down their passwords and 8% of them keep the passwords in a document on computer. 44% of employees recycle their personal passwords, which means that they tend to use same passwords for both work and home devices.

Microsoft Ireland commissioned Amarach Research across 700 employees working in large Irish organizations to find the security culture within organizations to understand the way employees access and use confidential data at work and on the go. The research found security gaps that allows hackers to exploit enterprise systems.

As per the report, employees that work from home are more likely to engage in activities that can cause security concerns as compared to other employees.

“Organisations can invest in robust data protection and security measures, but their employees could, accidently, bring about a potential security disaster for their organisation,” said Des Ryan, Microsoft Ireland Solutions Director.

“The most common and least detected sources of data breaches are compromised identities. Passwords can be hacked, guessed, leaked or lost. New technologies like biometric security can deliver the robust security required to protect organisations from most social engineering attacks.”

49% of employees use personal email accounts to save, edit, send, and share work related documents. Further, 24% of employees accidently share work-related items with their friends and family. 73% of them use free Wi-Fi for their work when working from home.

Only 54% of employees said that they receive proper data security training once a year. Only 16% of them had changed their passwords in last 12 months in line with the policies of organization.

Microsoft also mentioned that employees are using same weak passwords across different accounts in their work and home. If one of the passwords is leaked, this can lead to hacking of other accounts as well. For addressing this issue, 60% employees choose to use biometric authentication as an alternative to passwords.

One in three organizations allow employees to use work devices for work purposes only. 50% of employees reported that their personal is better than work device. Whereas, 30% of employees sometimes use their personal device for accessing work files.

“Organisations must now ensure they are taking a considered approach to data security, and embrace new procedures and technologies, coupled with consistent training, enforced policies, along with better device upgrades to enable employees to deliver the productivity needed for successful transformation with a minimum of risk to the organization,” added Des Ryan.

“We see needless security risks created by employees who are unaware or are working from older devices or older versions of Windows. For example, those who are working in a public Wi-Fi spot who do not have the latest security measure or hardware and are in effect, broadcasting sensitive data that can be picked up by a hacker.”

Along with these security concerns, Microsoft also shared some tips to protect the organization. The enterprises should provide training to employees to keep them updated on latest cyberthreats and help them learn what they can do to keep confidential data safe.

Also read: Online risks in India decreased by 2% as people decline unwanted contact—Microsoft report

Employees should open links in emails only when the emails are from trusted sources. They should use longer passwords by mixing them up with upper- and lower-case letters, special characters, and numbers. Multi-factor authentication should also be considered.

Further, organizations need to keep every enterprise software up-to-date, to avoid vulnerabilities. Latest version of Windows 10 should be used, especially because the support for Windows 7 is nearing end.

To access full report, click here.

Page 1 of 6
1 2 3 6