Video Screencast Help
Website Security Solutions
Showing posts tagged with Security
Showing posts in English
Andy Horbury | 05 Nov 2013 | 0 comments

For anyone intent on finding out exactly what the worldwide impact of cybercrime is now – and the price we are all paying as it penetrates every corner of the global markets – there can be no better starting point than the 2013 Norton Cybercrime Report[1].

The findings are both eye-opening and deeply concerning. According to the report, some 1 million-plus adults become cybercrime victims every single day and, if you break that down, it equates to a staggering 12 victims per second.

This annual report, commissioned by Symantec[2], is focused on understanding exactly how cybercrime affects consumers (more than 13,000 adults across 24 countries took part in the 2013 survey) and how the adoption and evolution of new technologies impacts their overall security.

And what an impact that turns out to be, with the global price tag of consumer cybercrime now topping US$...

Andy Horbury | 27 Sep 2013 | 1 comment

14717-Symantec-UMB-header-660x200.jpg

Your website is your window on the world – it’s your shop front, your brand on display and a key route to market and perhaps your most essential sales and marketing tool. And as such it critical to your business: and if something bad were to happen then it would be a disaster your shop could be closed, your reputation tarnished and visitors stopped coming. This is why website security is so important.

We’ve designed this infographic to help educate you and help you understand six threats to your website and what you can do to prevent them.

1. Website malware

Web servers can be attacked by malware, compromising...

Andy Horbury | 21 Aug 2013 | 0 comments

Ciphers have been in use since around 3,000B.C., but their importance and relevance for information security has really come to the mainstream with the growth of the Internet and the escalating volumes of data exchanged on line every day.

The history of ciphers and encryption is a compelling one – being a constant battle between encryption by cryptographers and decryption by cryptanalysts. That has brought repeated cycles of development of a cryptographic algorithm, attempts to break it, followed by a new cipher algorithm to replace the obsolete ones.

14717-Symantec-VA-header-660x200.jpg

And that battle goes on today, with the big focus now on preventing keys from being factored/hacked. Most of us will no doubt have come into contact with the RSA algorithm in our...

Belinda Charleson | 21 May 2013 | 1 comment

It’s time to stop and take a moment to consider cyber security, says the Australian Government. Once a year, the government gets together in partnerships with industry, the community, and consumer organisations to help make people aware of basic steps they can and should do to protect their personal and financial information.

This year’s theme on their Website is “Our Shared Responsibility”. I encourage you all to go out and look at their website, where they help distill a lot of activities down to the basic 10. (With commentary by me.)

  1. Install and update your security software and set it to scan regularly. If you’re broke, there are free A/V options from Microsoft, AVG, and Avast. Install one of these at minimum! Then as soon as you can, upgrade to a top-rated A/V like Norton.
  2. Turn on...
FranRosch | 13 Dec 2012 | 0 comments

On Tuesday, Microsoft announced that they have just upgraded their entire Outlook.com mail environment to an Always On SSL experience, protected by Extended Validation (EV).  This means that all of the user’s data is protected via 2048-bit encryption - not just the log on page - on Outlook.com, as well as Hotmail, and Live.

This is a big deal. Always-On SSL is the most recommended way for any kind of social media to be enabled for user security.  When a site is completely hosted over HTTPS, the user is much better protected from attacks and surveillance.  For example, on sites without Always On SSL, although the logon would be encrypted, if the subsequent pages are not protected by HTTPS the cookie with the login credentials could be intercepted and used for malicious purposes.

...

Jeannie Warner | 10 Sep 2012 | 4 comments

This is the first in a series of ponderings I've been having about Cloud computing, how little it's understood by end consumers, and what we in the IT space need to do to better educate the people on the street. The general internet has been greedy in terms of self-interest, selling people short in its expectations of their ability to learn about concepts and ideas. However, I am idealistic enough to really believe that once people understand what is in their best interest in terms of internet security, they will tend to act in ways that support that self-interest, to the extent that they are able. And so if we wish people to act in enlightened self-interest, we need to educate the society around us.

This pondering started when I read this viral article from the Business Insider, spread by Facebook: http://www.businessinsider.com/people-think-stormy-...

FranRosch | 04 Sep 2012 | 1 comment

Trust on the internet isn't just a catch phrase. It's a concern that engenders policies that extend from the virtual world of security products and integration all the way down into process and physical reinforcement. It is also a daily practice at Symantec, where we back up our mission statements with concrete, measured practices. We built our datacenter facilities with a defense in depth approach, and believe in practicing what we preach regarding the standards a CA should adhere to. My leadership team demands that our infrastructure supports our strategy to be the best.

We gave the folks at CNet a tour of our Operations facility where we process SSL Certificates, and showed them our model of what makes a secure facility. We are constantly investing in improvement, keeping up with the latest trends in physical security as a vital link to supporting our virtual security. Recently, CNet published the following article about what they saw on that tour:

...

Jeannie Warner | 28 Aug 2012 | 0 comments

Keeping Your Personal Information Secure
 

It’s a great time for sports fans, with the summer Olympics still fresh in our minds, the NFL season kicking off, and hockey and basketball just around the corner. Unfortunately, it’s also a great time for cyber criminals who take advantage of the excitement to steal valuable personal information.

A common approach, known as “phishing,” uses phony emails that inform fans they have won the “NFL Lottery” or can purchase discounted tickets. These emails often contain links to websites that look genuine but are designed to trick users into providing login and password details. Some also include attachments that can download nasty computer viruses.

As scammers grow more sophisticated, users have to up their defensive game. Here are some tips to help protect against phishing attacks:

  1. Never click on links or open attachments in unsolicited emails....
FranRosch | 07 Aug 2012 | 0 comments

Last week the Certificate Authority / Browser Forum (CA/B) voted down a motion to extend a deadline for its members to sign an intellectual property rights agreement (IPR). Signing this agreement is mandatory to retain membership. Those who had not signed by August 1st are no longer members of the CA/B Forum. Entrust, CyberTrust (Verizon), and Research In Motion (RIM) are among the CAs who did not, or would not sign the IPR. They’re all out.

So what?

What’s so important about the IPR is that it enables CAs and browsers to work together as an industry to develop improved Internet security standards without infringing on any particular organization’s intellectual property rights.  This transparent, collaborative workgroup will help drive innovation to better secure data in transit over the Internet.

As a result of their inaction, the CA’s mentioned above will not have a role in forging a more secure future for...

FranRosch | 02 Jul 2012 | 0 comments

Symantec has been a key driver in collaborative work with the CA/B Forum to develop a new set of baseline requirements for organization and domain validated SSL certificates. The CA/B Forum is an organization of leading Certification Authorities (CAs) and vendors of Internet browser software and other applications. The CA/B Baseline Requirements are documented in “Baseline Requirements for the Issuance and Management of Publicly-Trusted Certificates v. 1.0”.

We are proud to announce that Symantec is adopting the new Baseline Requirements effective July 1st, 2012. 

The Baseline Requirements focus on providing clear standards for CAs on important topics including verification of identity, certificate content and profiles, CA security, revocation mechanisms, use of algorithms and key sizes, audit requirements, liability, privacy and confidentiality, and delegation (...