<?xml version="1.0" encoding="UTF-8"?><rss version="2.0"
	xmlns:content="http://purl.org/rss/1.0/modules/content/"
	xmlns:wfw="http://wellformedweb.org/CommentAPI/"
	xmlns:dc="http://purl.org/dc/elements/1.1/"
	xmlns:atom="http://www.w3.org/2005/Atom"
	xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
	xmlns:slash="http://purl.org/rss/1.0/modules/slash/"
	>

<channel>
	<title>Security Archives - CertiNET</title>
	<atom:link href="https://www.certinet.tech/category/security/feed/" rel="self" type="application/rss+xml" />
	<link>https://www.certinet.tech/category/security/</link>
	<description>IT Solutions</description>
	<lastBuildDate>Fri, 15 Jan 2021 16:00:44 +0000</lastBuildDate>
	<language>en-CA</language>
	<sy:updatePeriod>
	hourly	</sy:updatePeriod>
	<sy:updateFrequency>
	1	</sy:updateFrequency>
	<generator>https://wordpress.org/?v=6.9.4</generator>

<image>
	<url>https://www.certinet.tech/wp-content/uploads/2020/03/cropped-LOGO_Certinet_A-32x32.jpg</url>
	<title>Security Archives - CertiNET</title>
	<link>https://www.certinet.tech/category/security/</link>
	<width>32</width>
	<height>32</height>
</image> 
	<item>
		<title>Ransomware</title>
		<link>https://www.certinet.tech/ransomware/?utm_source=rss&#038;utm_medium=rss&#038;utm_campaign=ransomware</link>
		
		<dc:creator><![CDATA[CertiNET]]></dc:creator>
		<pubDate>Fri, 15 Jan 2021 16:00:44 +0000</pubDate>
				<category><![CDATA[Security]]></category>
		<guid isPermaLink="false">https://www.certinet.tech/?p=1259</guid>

					<description><![CDATA[<p>Ransomware Initially a problem affecting only large organizations and governments, ransomware is now a scourge impacting SMEs. Indeed, their cybersecurity budgets are generally smaller than large companies, SMEs are easy prey for malicious people. But what is ransomware, also known&#8230; <a class="di-continue-reading" href="https://www.certinet.tech/ransomware/"> Continue Reading&#8230;</a></p>
<p>The post <a href="https://www.certinet.tech/ransomware/">Ransomware</a> appeared first on <a href="https://www.certinet.tech/home">CertiNET</a>.</p>
]]></description>
										<content:encoded><![CDATA[<h1><strong>Ransomware</strong></h1>
<p>Initially a problem affecting only large organizations and governments, ransomware is now a scourge impacting SMEs. Indeed, their cybersecurity budgets are generally smaller than large companies, SMEs are easy prey for malicious people. But what is ransomware, also known as Ransomware in English? Ransomware is malicious programs that encrypt your data to make it inaccessible without the attacker&#8217;s key. To get the key, and therefore your data, you have to pay a ransom. A new trend is in addition to encrypting your data, attackers exfiltrate it to sell it on the black market; giving them a second source of income.</p>
<h1>How is the attack going?</h1>
<p>An employee receives a malicious email inviting him to click on a link or visits a hacked site that contains malware. The employee runs the software and the software scans local files and files on the network and encrypts anything of value (word, pdf, excel, cad, etc.). When the job is completed, a message appears on the user&#8217;s screen telling them how to pay the ransom.</p>
<h1>How can I protect myself from it?</h1>
<p>Having local backups is not enough to protect you from this attack as your backups could also end up being encrypted by ransomware, thus trapping you. Your backups must therefore be hosted externally, on a disconnected hard drive or at a cloud provider, for example.</p>
<p>Some antiviruses also offer ransomware detection which can effectively block malware.</p>
<p>Finally, reducing access to files to employees who really need them can greatly limit the damage in the event of an attack. If employees only need to read purchase orders, giving them write permissions puts your business at risk.</p>
<h1>Need help?</h1>
<p>Our team of professionals is at your disposal to guide you in making decisions related to information technology. Contact us for more information!</p>
<p>The post <a href="https://www.certinet.tech/ransomware/">Ransomware</a> appeared first on <a href="https://www.certinet.tech/home">CertiNET</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>Password and authentication</title>
		<link>https://www.certinet.tech/password-and-authentication/?utm_source=rss&#038;utm_medium=rss&#038;utm_campaign=password-and-authentication</link>
		
		<dc:creator><![CDATA[CertiNET]]></dc:creator>
		<pubDate>Fri, 15 Jan 2021 16:00:18 +0000</pubDate>
				<category><![CDATA[Security]]></category>
		<guid isPermaLink="false">https://www.certinet.tech/?p=1257</guid>

					<description><![CDATA[<p>Passwords and authentication The analysis of the most recent attack on the services of the Canada Revenue Agency (CRA) is not yet complete as we already know what could have enabled this attack: passwords reused from another site having been&#8230; <a class="di-continue-reading" href="https://www.certinet.tech/password-and-authentication/"> Continue Reading&#8230;</a></p>
<p>The post <a href="https://www.certinet.tech/password-and-authentication/">Password and authentication</a> appeared first on <a href="https://www.certinet.tech/home">CertiNET</a>.</p>
]]></description>
										<content:encoded><![CDATA[<h1>Passwords and authentication</h1>
<p>The analysis of the most recent attack on the services of the Canada Revenue Agency (CRA) is not yet complete as we already know what could have enabled this attack: passwords reused from another site having been hacked. The CRA&#8217;s case is not isolated, over 15 billion accounts (username and password combinations) are currently for sale on the <em>darkweb</em>.</p>
<p>Too many people reuse the same usernames (often email) and passwords on different sites, allowing malicious people who have successfully hacked into one website to reuse these accounts on other sites; including government or banking sites.</p>
<h1>How can I protect myself from it?</h1>
<p>Starting with the most sensitive sites and systems, especially those containing confidential or financial information, a unique and strong password should be used by every employee with access to these systems. Users having an identity on nearly a hundred sites and systems, how to get there? Here are some possible solutions:</p>
<h2>Single sign-on (SSO)</h2>
<p>This technological solution makes it possible to delegate the authentication of a site or system to an entity dedicated to performing the authentication. Very practical for the user who then has only one strong password to remember, the fact of having a dedicated and centralized system makes it possible to monitor unsuccessful connection attempts and to add controls add-ons such as multi-factor authentication.</p>
<h2>Multi-factor authentication</h2>
<p>There are three (3) ways to authenticate a user: by what he knows (ex: password), by what he is (ex: fingerprint) and by what he has (ex: a house key). So how much more than one authentication factor is multi-factor authentication. When you withdraw money at the counter, for example, you must provide your bank card (owns) and your PIN (knows). By combining a 2nd factor authentication with your password, you make it even more difficult for an attacker to steal your digital identity. There are many free mobile apps that can help you.</p>
<h2>Password manager</h2>
<p>The previous two solutions require that the site or the system support these features. When this is not the case, the password manager can still be used. This allows you to generate and save all your passwords. Some even offer you to fill in the fields for you when you authenticate. Several free apps can help you.</p>
<h1>Need help?</h1>
<p>Our team of professionals is at your disposal to guide you in making decisions related to information technology. Contact us for more information!</p>
<p><a href="#_ednref1" name="_edn1">[i]</a> <a href="https://resources.digitalshadows.com/whitepapers-and-reports/from-exposure-to-takeover">https://resources.digitalshadows.com/whitepapers-and-reports/from-exposure-to-takeover</a></p>
<p>The post <a href="https://www.certinet.tech/password-and-authentication/">Password and authentication</a> appeared first on <a href="https://www.certinet.tech/home">CertiNET</a>.</p>
]]></content:encoded>
					
		
		
			</item>
		<item>
		<title>Cloud</title>
		<link>https://www.certinet.tech/cloud/?utm_source=rss&#038;utm_medium=rss&#038;utm_campaign=cloud</link>
		
		<dc:creator><![CDATA[CertiNET]]></dc:creator>
		<pubDate>Fri, 15 Jan 2021 15:59:40 +0000</pubDate>
				<category><![CDATA[Security]]></category>
		<guid isPermaLink="false">https://www.certinet.tech/?p=1255</guid>

					<description><![CDATA[<p>Cloud computing You&#8217;ve probably heard of cloud computing in the past few years, but what is cloud computing? Is this a solution for large companies only? Cloud computing is the process of renting IT equipment, such as an application, CPU&#8230; <a class="di-continue-reading" href="https://www.certinet.tech/cloud/"> Continue Reading&#8230;</a></p>
<p>The post <a href="https://www.certinet.tech/cloud/">Cloud</a> appeared first on <a href="https://www.certinet.tech/home">CertiNET</a>.</p>
]]></description>
										<content:encoded><![CDATA[<h1>Cloud computing</h1>
<p>You&#8217;ve probably heard of cloud computing in the past few years, but what is cloud computing? Is this a solution for large companies only?</p>
<p>Cloud computing is the process of renting IT equipment, such as an application, CPU time, or disk space, and accessing it remotely, usually over the Internet.</p>
<p>This solution can be very beneficial in reducing your operating and maintenance costs, increasing your speed, getting started and growing quickly without having to invest huge sums of money. There are three types of cloud (SaaS, PaaS and IaaS), although subcategories have been added over time by marketing from some vendors.</p>
<p>Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP) are the biggest players in the market, but other smaller players are worth considering because they may offer better prices for certain services.</p>
<h2>Software as a Service (SaaS)</h2>
<p>A SaaS is an application hosted and maintained by the provider. With a subscription, the customer can consume this application remotely without worrying about the infrastructure of the servers behind. Updating servers, making backups, configuring server security are all supplier responsibilities. The customer for his part must manage access to his instance of the application and manage the content.</p>
<p>Common examples: Office 365, Salesforce, Microsoft Dynamics, Gmail, Dropbox, Zoom</p>
<h2>Platform as a Service (PaaS)</h2>
<p>Do you do software development but can&#8217;t afford to manage the infrastructure to do it? A PaaS can be the solution by offering you components such as databases, web services or others without having to manage the servers supporting them.</p>
<h2>Infrastructure as a Service (IaaS)</h2>
<p>Need to run a big report that takes several hours on your server, but don&#8217;t want to invest several thousand dollars for a task that only runs a few times a month? Why not rent one or even several servers for a few hours a month? For prices ranging from pennies to dollars an hour you can use a state-of-the-art server without having to find a place to store it. In an IaaS mode you are however responsible for all the security of the server as if it were your own, but nothing prevents you from destroying it and starting a new one each time you use it since you can even schedule the creation and destruction. of a server!</p>
<h1>Need help?</h1>
<p>Our team of professionals is at your disposal to guide you in making decisions related to information technology. Contact us for more information!</p>
<p>The post <a href="https://www.certinet.tech/cloud/">Cloud</a> appeared first on <a href="https://www.certinet.tech/home">CertiNET</a>.</p>
]]></content:encoded>
					
		
		
			</item>
	</channel>
</rss>
