Category Archives: Cyber Security

Phishing Never Takes a Holiday

Posted on by
Reply

No. I’m not referring to the now infamous GoDaddy employee $650 holiday bonus email. Employees who responded to the email with the requested information were later informed that they had failed the company phishing test. If you have not yet read that dispiriting story, it’s here.

I am referring to this charming email which I received this morning.

Phishing Email and Fish
Phishing Email from “[email protected]

It is from: “Mobilehelix passwordexpiration.”

Presumably, that would be warning enough for your employees to hit the “Delete” button posthaste.

If not that, then maybe those over-sized blue bands which overlap the line below would be a tip-off.

(I have obscured the recipient’s email address.)

This is a very good opportunity for me to show you a security feature in our LINK App. When you open an email in LINK you will always see the alias and below it the sender’s email address. You don’t have to tap or do anything else to display the email address. It’s there.

In this case the alias is the aforementioned, “Mobilehelix passwordexpiration.”

And the email address is, “[email protected].”

If your employee were uncertain as to whether to hit that “Delete” button, I think that seeing that the email is from “[email protected]” would be the icing on the cake. This email is definitely not from the company IT department. Delete.

We are serious about security at Mobile Helix. Much of what we build into the LINK system, such as certificate-based device registration in the new user registration process, is behind the scenes. It’s invisible to your employee and works in the background.

But this security feature is a designed to help your employees to be watchdogs for senders with devious intentions. 90% of organizations experienced targeted phishing attacks in 2019. Humans are the weakest link. This is one simple tool to help all of us to be vigilant.

-Maureen

Originally published in LinkedIn on December 28, 2020

IRM Master Class at ILTA>ON

Posted on by
Reply

Learn about Information Rights Management – what it is and how it is implemented – on Wednesday, 8/26/2020, at ILTA>ON.

Our CEO and Chief Architect, Seth Hallem, will be presenting an educational Master Class on using Information Rights Management to prevent data leakage at ILTA>ON. Note: this is an educational session, not a promotion of our LINK app.

What You Will Learn

What is Rights Management? This class will dive into what rights management is, how it works, and who the major providers are. The introduction to the class will discuss the goals of Information Rights Management, what specific security problems IRM solves, and some of the major challenges IRM presents, particularly focused on how to navigate the trade-off between protection and practicality with IRM technologies.

Microsoft (Azure) Information Management: We will then spend the second portion of the class diving into Microsoft’s Information Protection (formerly known as Azure Information Protection) technologies, how those are implemented both on-premise and with Azure, and how they work for documents and emails. In this section we will dive into the architecture of Microsoft’s Information Protection, the benefits/disadvantages of this architecture, and how this particular implementation fulfills the security promises of IRM outlined in part 1.

Challenges with IRM: We will also dig into the challenges with IRM, and why IRM has not yet become a standard requirement for a secure enterprise.The class will conclude with a step-by-step outline for how to get started with Microsoft Information Protection. The goal of this section is to provide enough hands-on details to allow the attendees to get started down the IRM path with a clear vision of how it works, how to get started, and how to manage the trade-offs between security and flexibility based on the protection requirements for a particular client or matter.

When: Weds., August 26, 2020 at 11:30 AM – 12:30 PM CT / 5:30 – 6:30 PM BST

Where: ILTA>ON Registrants will join via Zoom

Bonus: All attendees will be entered in our drawing for a $200 Amazon Gift Card.

Recording: If you would like a link to the recording after Aug. 26th, email me at [email protected] or request it via the ILTA>ON platform.

-Maureen

LINK App: New Safari Button

Posted on by
Reply

Here is a great new feature in LINK which I use several times a day. When you open a web page in the LINK app using LINK’s browser, you can now tap the familiar Safari button to open the page in the device’s Safari browser.

You can open a link in an email, or in a document, or from an application page, then tap the Safari button to open the page outside of LINK. Here is an example.

Tap on link in Email
Opens in LINK’s browser
Tap Safari Button
Opens in Safari
Tap on “Link” to return to LINK app

I use the Safari button when I receive a link to an uncommon video conference or signature service (we test the popular ones in the LINK browser), or when a page is not rendering correctly. I also use the Safari button when I want to read something, but not now. I open it in Safari. It stays open in Safari. Then I can go back to LINK and continue working.

Sound good? Here are other benefits of the Safari button:

  1. Safari is where you do your personal browsing. If you are logged in to nytimes.com, for example, those cookies are cached in Safari. If you click a hyperlink in Link, your cookies/password manager are not available to you. Better to just browse in Safari.
  2. The LINK browser routes all traffic through your office network. The Safari button allows you to move all personal web browsing into your personal browser. This (a) keeps your work network safe, and (b) prevents web proxies that your company establishes from intercepting and monitoring your traffic. It is a simple matter of employee privacy – you should always have the ability to keep your personal business personal.
  3. Native Safari has special capabilities that LINK does not. In particular, Safari has knowledge of all the apps on your device and many sites will use this capability to automatically launch a mobile app, rather than continuing to view a website in the browser. Safari also has a few important features that are not implemented in LINK’s browser. Chief amongst them is WebRTC, which is a protocol for real-time applications like in-browser video conferencing.
  4. IT can control when Link automatically pushes hyperlinks clicked in email to the native Safari browser. For example, IT can configure Facebook links to automatically open in Safari outside of the LINK container.

Have any questions? Let me know at [email protected].

-Maureen

Who is putting security at risk? It might be your CXOs…

Posted on by
Reply

A new report from MobileIron, “Trouble at the Top,” is eye-popping, although perhaps not surprising to IT professionals. In fact, it might provide very helpful data in making your case for security policies within your organization.

Between February and March 2020 Vanson Bourne interviewed 300 enterprise IT decision-makers and 50 C-level executives in Europe, UK, and the US regarding their organizations’ mobile security protocols.

C-Suite executives are highly targeted for cybersecurity attacks, including phishing.

Yet “76% of C-level executives admitted to requesting to bypass one or more of their organization’s security protocols” during the last year, per the findings.

In a note of irony for IT professionals, “Almost three in four (72%) IT decision-makers also claimed the C-suite is the most likely to forget or need help with resetting their passwords,” writes ZDNet, quoting from the MobileIron study.

MobileIron’s overall point is that employees need the right tools to be secure and productive at the same time. Or, as we would say, security measures cannot afford to impair usability or people will conjure up a way around them.

There is much more in the study. You can register for the download of MobileIron’s “Trouble at the Top” report here.

-Maureen

Protect Your Data in a Remote Work Environment – ILTA Educational Webinar

Posted on by
Reply

Working remotely became a neccessity almost overnight. But were firm architectures ready? Two common entry points to system hacks, social engineering and network vulnerabilities, threaten the security of remote working. In this session, Mobile Helix CEO and Chief Architect, Seth Hallem, will describe these vulnerabilities and propose practical and actionable ways to address these weaknesses using safe browsing, network proxies, authentication, authorization, and DLP. These mitigations apply to both desktop and mobile devices.

This is an ILTA Educational Webinar. It is free to members as well as to non-members as part of ILTA’s COVID-19 content. Non-members may register for a free login-in.

WATCH THE RECORDED WEBINAR HERE

Outline:

I. Social engineering: Phishing, “Water Hole,” SIM card swaps

   Mitigations including:

    A. Safe browsing

    B. No SMS

    C. Web filtering via proxying

    D. Data Loss Prevention (DLP): printing, recipient checking, metadata filtering

II. Network vulnerabilities

    Mitigations including:

    A. Layered security

    B. Filter – proxy

    C. Authenticate the source – certificates, IP fencing, DoS defense

    D. Authenticate the user – AD credentials, complex passwords, SSO

    E. Authorize – manage email attachments

III. Example of a secure architecture

We welcome you and your questions on June 10th.

Write to us at: contact@mobilehelix dot com.

-Maureen

Okta Sees a COVID-19 “Zoom Boom”

Posted on by
Reply

If you have an office job, you likely now WFH (work from home). The odds are that you have found yourself on at least a handful of video teleconference calls in the past four weeks. There is no question that video conference services have been the backbone of the information workforce during this month of “stay-at-home”. Teachers, students, courtrooms, and television shows are going live from homes all over America.

In the process of doing research, I happened to find this April 8th post by Hector Aguilar, Okta’s President of Technology, How COVID-19 Is Changing the Way We Work: Zoom Boom + MFA is the Way. Okta is a leader in identity management and Multi-Factor Authentication. Therefore, Okta has a unique and vast window into the usage of cloud services.

We all know anecdotally that Zoom usage has been rocketing. This is the first data that I have seen comparing Zoom to other video conference services.

Percentage Increase in Unique Daily Users of Zoom, Cisco WebEx, and Ring Central from 2/24/2020 to 3/27/2020
Source: Okta

From February 28 to March 27, Cisco’s WebEx and Ring Central’s unique daily users were up about 50%, but Zoom’s were up 200%.

Zoom’s adoption has been nothing short of incredible. From yoga teachers to grandparents, people are thrilled with its ease of use. I have used quite few of the video conferencing services. Out company tried Zoom over two years ago and never looked back. Both the ease of use and the pricing were  a world apart from the other services.

Zoom has had a challenge-laden couple of weeks as the onslaught of users and attention by security analysts have exposed vulnerabilities. Some, such as “Zoom-bombing,” where intruders disrupt a session, can be managed with existing policies. Others are more serious. Zoom is reporting fixes weekly. They report that they have removed the use of the Facebook SDK in their iOS app, which was sending user data to Facebook.

School districts have banned usage of Zoom. There are three class-action law suits against Zoom.

Zoom announced yesterday that they have formed a CISO Council and an Advisory Board to look at ways to address Zoom’s security and privacy issues, with CISOs from VMware, HSBC, NTT Data, Netflix, and more participating. In what would appear to be a major coup for Zoom, Alex Stamos, former CSO at Facebook, now at Stanford, tweeted on April 8th that he will join Zoom as an outside advisor.

I’m optimistic that they will resolve most of these issues. Zoom has a lot to gain by doing so.

-Maureen

April 9, 2020

We’re an official NetDocuments ISV Partner!

Posted on by
Reply

We’ve been a NetDocuments partner for years. Recently, with Leonard Johnson heading up their partner ecosystem, NetDocuments have formalized their NetDocuments ISV Partner Program. We have used their REST APIs to give NetDocuments users access to their documents and their email in the same encrypted container app, LINK. NetDocuments is committed to the platform approach wherein both Independent Software Vendors and NetDocuments customers can develop solutions for optimizing their workflows using the REST APIs.

It’s easy to review, compare, annotate, file, and email documents all within our LINK app. LINK also offers a managed integration with the Microsoft Office apps for editing on an iPad or smartphone.

Continue reading

ILTA LegalSEC Summit 2019 Redux

Posted on by
Reply

We are back from a busier than ever ILTA LegalSEC Summit. People attend LegalSEC to genuinely learn how they can keep their law firms protected. This is no easy feat because cybersecurity is a moving target. While Big Law firms participate, there is great value for small and medium sized firms where there might not be a CISO. The Director of IT or network engineer might be the security department. The two or three days at LegalSEC are packed with information.

This year the well-received keynote by William R. Evanina, Director of the National Counterintelligence and Security Center, was recorded. Another popular session was “Leverage These Free Resources to Up Your Security and Governance Game.” Both of these and several other LegalSEC 2019 sessions can be heard at no cost by ILTA members, here.

Heads up, save the date. Next year’s LegalSEC Summit 2020 will be June 1-3 and the location…San Antonio at the Marriott Riverwalk. If you have visited the Riverwalk you know that this is a fantastic location. Hope to see you there.

Mobile Helix LINK at ILTA LegalSEC Summit 2019, June 3-5

Posted on by
Reply

We love LegalSEC!

and we are a sponsor again this year. We will be at Table number one showing LINK’s latest mobile DLP features.

Stop by to say hi and to see a LINK demo. Our LINK app’s encryption, containerization, and authentication provide strong security for your documents and data. Now LINK offers key word and metadata filtering, recipient checking, and restriction on emailing files from classified workspaces.

This year’s keynote speaker is William R. Evanina, Director of the National Counterintelligence and Security Center.

Register here

ILTA LegalSEC Summit 2019 Keynote Speaker William R. Evanina

LegalSEC Summit 2019 is designed for technology professionals at every level who manage security, information governance and data privacy tech projects and initiatives in support of the practice of law. This exciting two-day Summit offers premier learning and a connected networking environment to focus on information security challenges faced by the legal industry.

Is Your Email Vulnerable? Ask the Chinese Military

Posted on by
Reply
Image: ribkhan, Pixabay

I’m a current events junkie. I’ll admit it. And I work with law firms. Thus, my favorite podcast? “Stay Tuned with Preet.” Yes, this is Preet Bharara, the former U.S. Attorney for the Southern District of New York. Check out an episode. Preet takes a few questions about the law at the beginning of each episode. Then he has a guest. Preet is not only smart, but surprisingly personable. It’s a fast-moving hour.

A recent guest was John P. Carlin, former Assistant Attorney General for the National Security Division at the Department of Justice and Chief of Staff to Robert Mueller at the FBI. He is currently a partner with Morrison & Foerster. Carlin is an international cybersecurity expert.

One of the things which caught my attention in this episode was Carlin’s story of the US subsidiary of a German company whose data was stolen by hackers in the Chinese military. The company, SolarWorld, in Hillsboro, Oregon, made solar energy components.

How was the data stolen? Email. Carlin said, “Email. It is the least protected part of the system, usually. Not like Intellectual Property which is encrypted or where special measures are taken to protect it. They stole email traffic.”

Continue reading