Data in mysterious places – the subtle crisis of data harvesting apps

Recent news stories highlight the danger of unwanted data exfiltration by popular applications. The use of apps is increasingly important across working environments; recognizing the potential threat that they pose and implementing appropriate safeguards tailored to organizational needs is critical.

Continue reading “Data in mysterious places – the subtle crisis of data harvesting apps”

Cloud Security 101 – Do you already CASB?

“Hey, Mike, where can I find our current project calculation? Our client keeps asking questions … ”
“It’s in our team’s Box folder like all the previous versions. Wait a second, I’ll share the link with you!”
“Great! Maybe you can share that file directly with them? And please, add their purchasing department as well. You’ll find the contact in Salesforce.”

Continue reading “Cloud Security 101 – Do you already CASB?”

The impact of GDPR on security research: A look at WHOIS

When individuals, companies, organizations, and governments register a domain, they are required to provide information to a domain registration company, called a registrar. This information usually includes their name, address, email address, phone number, administrative contact details (who has legal power and usually also who pays the bills), and technical contact details (who runs the infrastructure).1 Continue reading “The impact of GDPR on security research: A look at WHOIS”

Mobile Threat Defense – trying to extend established Enterprise Mobility Management

Portable devices like smartphones and tablets have developed from being just single-purpose communication tools to becoming valuable assets in business infrastructures and in personal life. Smartphones have become the most important devices in consuming digital media, purchasing goods Continue reading “Mobile Threat Defense – trying to extend established Enterprise Mobility Management”