Tag: data protection

How ESG relates to the protection of sensitive data

Post author By Editorial Eval
Post date 7 de April de 2022

ESG practices have emerged due to the devastating effects of climate change and the understanding of its importance, investors are investing their capital in companies that are vigilant about their environmental impact.

This school of thought has led many investors to evaluate a company’s ESG score. ESG, which stands for Environment, Social and Governance, generally refers to investments or corporate programs based on the three pillars that make up the acronym.

In practice, investors look for businesses that share their values and the tangible practices that companies implement to attract and retain ESG investments.

According to data from Morningstar, an American financial services company based in Chicago, showed that by 2020, one out of every four dollars invested in the United States was allocated to sustainable companies using an ESG assessment and that sustainable funds attracted a record $51.1 billion in investments.

A company’s investment in ESG demonstrates a positive impact on the environment, how much it values customer relations and its level of commitment to ethics and compliance.

ESG and data protection

Discussions about ESG investments usually focus on factors such as minimizing carbon emissions and increasing the diversity of employees and board members. As critical as they undoubtedly are, it is important not to neglect the role of data protection in the context of governance in ESG initiatives.

Facebook, for example, learned this the hard way: after the Cambridge Analytica scandal, in which a political data consulting firm was accused of collecting personal data from more than 80 million users, the tech giant’s shares lost a fifth of their value and several ESG funds reconsidered their ties to the company.

Regardless of whether a company operates a global social media network or not, it is inevitable that its data privacy practices will increasingly come under the ESG spotlight. Especially with data protection placed at the top of corporate governance and risk agendas following the post-pandemic shift to cloud computing and hybrid working.

Data protection obviously falls under the Governance (‘G’) arm of ESG concerns, given the accelerated global implementation of laws regarding the processing of personal information, led here in Brazil mainly by the
General Data Protection Law (LGPD)
.

Non-compliance by a company not only signals to ESG investors that executives are not concerned about current regulatory and governance trends, but can also result in heavy fines.

Any such sanction is likely to be accompanied by a requirement for immediate corrective action, which can entail considerable operational cost and jeopardize the company’s ability to trust and reduce the value of its existing data sets. Along with the likely damage to the company’s reputation, this in turn can result in a loss-making investment or reduced profit.

Social and environmental elements that are part of ESG are also related to data protection

The way in which a company uses information about individuals affects their privacy or the functioning of a democratic society, this should also be considered as part of the Social (‘S’) element in the ESG criteria.

Any new technology, such as Artificial Intelligence, the Internet of Things (IoT), Big Data, should only be implemented after a careful impact assessment, considering how personal data is handled, how the usage process works and how it might affect it. Given that human rights and freedoms issues often inform ESG investment decisions.

Although not immediately apparent, there are also environmental factors (‘E’) at play in a company’s data protection practices. A fundamental principle of the LGPD, for example, is data minimization.

In other words, a company must ensure that the personal data over which it has control is relevant and limited only to what it needs for its operations. It would be a violation of this principle, for example, for a company to obtain superfluous information about the health conditions of its employees that is not relevant to their jobs.

Storing and processing excess data in this way requires data centers with larger servers, increasing energy consumption. With recent research indicating that information technology of this kind can account for up to 3.9% of global greenhouse gas emissions, adhering to the principle of data minimization is not just a matter of regulatory compliance, but also of energy efficiency.

Data protection and governance are basic criteria for ESG investments

To remain compliant with the rapidly evolving legal landscape of data privacy and security, governance-focused companies will take active steps to actively and effectively monitor their compliance.

One strategy that many companies have used is to employ a privacy officer. A designated privacy office will help with the responsibility of maintaining compliance and responding to consumer requests.

In addition, adopting security and privacy standards, such as the NIST privacy framework or ISO 27701©, will help protect against data breaches and ransomware attacks. Companies that use up-to-date standards and technology will demonstrate a commitment to the evolution and importance of data privacy and security.

As the importance of ESG investment continues to grow, companies need to implement comprehensive data governance, privacy and security programs to be aligned with an ESG strategy, measuring up to their business objectives.

A robust data privacy and security program will not only help your ESG score, but will also demonstrate your commitment to sustainable practices, which will attract investors. In addition, privacy and security teams can use ESG to guide their programs.

A comprehensive data privacy and security program should include policies that are environmentally beneficial, socially responsible and help with compliance and governance.

In the ESG challenge, companies can rely on the CipherTrust Data Security Platform solution

According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud.

To handle the complexity of where data is stored, CipherTrust Data Security Platform provides strong capabilities to protect and control access to sensitive data in databases, files, and containers. Specific technologies include:

CipherTrust Transparent Encryption

Encrypt data in on-premises, cloud, database, file, and Big Data environments with comprehensive access controls and detailed data access audit logging that can prevent the most malicious attacks.

CipherTrust Database Protection

It provides transparent column-level encryption of structured and confidential data that resides in databases such as credit card, social security numbers, national identification numbers, passwords, and e-mail addresses.

CipherTrust Application Data Protection

It offers APIs for developers to quickly add encryption and other cryptographic functions to their applications, while SecOps controls the encryption keys.

CipherTrust Tokenization

It offers application-level data tokenization services in two convenient solutions that provide customer flexibility – Token without Vault with dynamic policy-based data masking and Tokenization in Vault.

CipherTrust Batch Data Transformation

Provides static data masking services to remove sensitive information from production databases so that compliance and security issues are alleviated when sharing a database with a third party for analysis, testing, or other processing.

CipherTrust Manager

It centralizes keys, management policies, and data access for all CipherTrust Data Security Platform products and is available in FIPS 140-2 Level 3 compliant physical and virtual formats.

CipherTrust Cloud Key Manager

It offers its own key lifecycle management (BYOK) for many cloud infrastructure, platform, and software-as-a-service providers.

CipherTrust KMIP Server

It centralizes key management for the Key Management Interoperability Protocol (KMIP) commonly used in storage solutions.

CipherTrust TDE Key Manager

Centralizes key management for encryption found in Oracle, SQL and Always Encrypted SQL.

The portfolio of data protection products that make up the CipherTrust Data Security Platform solution enables companies to protect data at rest and in motion across the entire IT ecosystem and ensures that the keys to this information are always protected and only under your control.

It simplifies data security, improves operational efficiency, and accelerates compliance time. Regardless of where your data resides.

The CipherTrust platform ensures that your data is secure, with a wide range of proven, industry-leading products and solutions for deployment in data centers, either those managed by cloud service providers (CSPs) or managed service providers (MSPs), or as a cloud-based service managed by Thales, a leading security company.

Tool portfolio that guarantees data protection and ESG compliance

With data protection products from the CipherTrust Data Security Platform, your company can:

Strengthening safety and compliance with ESG practices

CipherTrust data protection products and solutions address the demands of a range of security and privacy requirements, including electronic identification, authentication and trust, Payment Card Industry Data Security Standard (PCI DSS), General Data Protection Act (LGPD), and other compliance requirements.

Optimizes team and resource efficiency

CipherTrust Data Security Platform offers the broadest support for data security use cases in the industry, with products designed to work together, a single line for global support, a proven track record of protecting against evolving threats, and the industry’s largest ecosystem of data security partnerships.

With a focus on ease of use, APIs for automation, and responsive management, the CipherTrust Data Security Platform solution ensures that your teams can quickly deploy, secure, and monitor the protection of your business.

In addition, professional services and partners are available for design, implementation, and training assistance to ensure fast and reliable implementations with minimal staff time.

Reduces total cost of ownership

CipherTrust Data Security Platform’s data protection portfolio offers a broad set of data security products and solutions that can be easily scaled, expanded for new use cases, and have a proven track record of protecting new and traditional technologies.

With CipherTrust Data Security Platform, companies can prepare their investments for the future while reducing operating costs and capital expenditures.

About EVAL

With a track record of leadership and innovation dating back to 2004, Eval not only keeps up with technological trends, but we are also in an incessant quest to bring news by offering solutions and services that make a difference to people’s lives.

With value recognized by the market, EVAL’s solutions and services meet the highest regulatory standards of public and private organizations, such as SBIS, ITI, PCI DSS, and LGPD. In practice, we promote information security and compliance, increase companies’ operational efficiency, and reduce costs.

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

Tags data protection, ESG, general data protection law, lgpd

IoT Security: Risk in +50% of Medical Devices

Post author By Arnaldo Henrique Miranda
Post date 16 de March de 2022

More than half of the real-time connected IoT medical devices in hospitals currently pose IoT (Internet of Things) security threats due to existing critical vulnerabilities that can considerably compromise patient care.

This is shown in the report

State of Healthcare IoT Device Security Report

2022 report from Cynerio, a company that develops IoT security platforms for healthcare.

According to the survey, 53% of the Internet-connected medical devices analyzed had a known vulnerability; for every smart device connected at the bedside, one-third were identified as presenting a critical risk.

Cynerio analyzed more than 10 million IoT medical devices in more than 300 global hospitals and medical facilities.

The report warns that if these medical devices were accessed by cybercriminals, it would affect service availability, data confidentiality, and even patient safety.

IoT security in healthcare: a major target for cyber attacks

And even with continued investments in cybersecurity, critical vulnerabilities remain in many of the medical devices that hospitals rely on for patient care.

In practice, healthcare institutions need advanced solutions that mitigate risks and enable them to fight back against cyber attacks, it could mean life or death for patients.

Of all medical IoT devices, the report found that infusion pumps are the most common device with some type of vulnerability at 73%, especially since they represent 38% of a hospital’s IoT.

If criminals hack into an IV pump, it would directly affect patients, since they are directly connected to their users.

Some of the main causes of vulnerabilities found in healthcare facilities result from relatively simple things, such as out-of-date programs.

For example, the report found that most IoT medical devices were running older versions of the operating system.

In addition, default passwords, used on every smart device, across the organization are common risks, especially since these credentials are weak and protect about 21% of smart devices.

In fact, healthcare has become the number one target of cybercriminals in recent years, mainly due to outdated systems and insufficient cybersecurity protocols.

Growing IoT Adoption Has Advantages and Vulnerabilities

The Internet of Things has over the years brought immense advantages to medical organizations and their patients.

From giving patients clearer visibility into their treatment to reducing some of the cost, access, and care coordination challenges currently facing the healthcare industry, IoT is poised to change the way we keep individuals healthy.

According to the report

Global Market Insights report

, the global healthcare cybersecurity market is expected to increase above $27 billion by 2025, with a CAGR of 19.1% from $8.2 billion in 2018.

The Internet of Medical Things (IoMT) has offered a simple doorway for cybercriminals trying to misuse and profit from vulnerabilities.

A
Open Source Cybersecurity Intelligence Network and Resource
states that there are, on average, 6.2 vulnerabilities per medical device.

Considering the sheer volume of IoT medical devices currently present in clinics and clinical environments, this shows a picture of high risk regarding IoT security.

IoT security poses risk to patient care

Because edge devices are absent in a secure network environment, it is simpler for cybercriminals to control the connected medical device, for example, a health assessment device, portable ventilator, or insulin pump, which sends crucial information to the hospital.

In addition, many of these devices are with default passwords and inaccessibility firewalls that make them more vulnerable.

Cybercriminals can gain access to the device to deploy harmful code and make unapproved modifications to the device’s software.

Appropriate anti-malware mechanisms should be in place to ensure the integrity of the device and protect it from spyware and Trojan attacks, thus ensuring IoT security.

Also regarding IoT security, healthcare institutions should still ensure the device is configured with strict password policies.

Compliance with the General Law on Data Protection (LGPD) is also required for equipment used to obtain patient health information.

An organization is only as strong as its weakest link

This means it is more important than ever that healthcare organizations protect and invest in IoT security on all network-connected devices.

Implying the implementation of a solution that can track all traffic to and from IoT devices, as well as limit who and what each device can talk to.

Finding a way to secure and track what machines and devices are doing is crucial. In addition, a vigorous, strong, cloud-oriented network infrastructure is critical.

As medical organizations seek to access the benefits of IoT devices, many of them become obvious targets for cybercriminals.

Getting the right infrastructure and processes in place to protect your frontline will help prepare for the correct and safe use of devices, as well as have the best patient outcomes.

CipherTrust Data Security Platform is the right solution for your hospital to ensure IoT security

The CipherTrust Data Security Platform solution is an important technology resource that can be associated with the use of the Internet of Things (IoT), further extending the security and protection of data.

According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud.

To address the complexity of IoT security, the CipherTrust Data Security Platform solution provides strong capabilities to protect and control access to sensitive data in databases, files, and containers. Specific technologies include:

CipherTrust Transparent Encryption

Encrypts data in on-premises, cloud, database, file, and Big Data environments with comprehensive access controls and detailed data access audit logging that can prevent the most malicious attacks.

CipherTrust Database Protection

CipherTrust Application Data Protection

It offers APIs for developers to quickly add encryption and other cryptographic functions to their applications, while SecOps controls the encryption keys.

CipherTrust Tokenization

CipherTrust Batch Data Transformation

It provides static data masking services to remove sensitive information from production databases, so that compliance and security issues, directly linked to the IoT security issue, are alleviated when sharing an information database with a third party for analysis, testing, or other processing.

CipherTrust Manager

It centralizes keys, management policies, and data access for all CipherTrust Data Security Platform products and is available in FIPS 140-2 Level 3 compliant physical and virtual formats.

CipherTrust Cloud Key Manager

It offers its own key lifecycle management (BYOK) for many cloud infrastructure, platform, and software-as-a-service providers.

CipherTrust KMIP Server

It centralizes key management for the Key Management Interoperability Protocol (KMIP) commonly used in storage solutions.

CipherTrust TDE Key Manager

Centralizes key management for encryption found in Oracle, SQL and Always Encrypted SQL.

The portfolio of data protection products that make up the CipherTrust Data Security Platform solution enables healthcare organizations to protect data at rest and in motion across the entire IT ecosystem and ensures that the keys to this information are always protected and only under your control.

It simplifies IoT security over data, improves operational efficiency, and accelerates compliance time. Regardless of where your data resides.

Tool portfolio ensuring data protection in IoT devices

With data protection products from the CipherTrust Data Security Platform, your healthcare organization can:

Strengthen security and compliance

CipherTrust data protection products and solutions address the demands of a range of security and privacy requirements, including electronic identification, authentication and trustThe Payment Card Industry Data Security Standard (PCI DSS), the General Data Protection Act (LGPD), and other compliance requirements.

Optimizes staff and resource efficiency in IoT devices

In addition, professional services and partners are available for design, implementation, and training assistance to ensure fast and reliable implementations with minimal staff time.

Reduces total cost of ownership

CipherTrust Data Security Platform’s data protection portfolio offers a broad set of data security products and solutions that can be easily scaled, expanded for specific use cases for IoT security, and have a proven track record of protecting new and traditional technologies.

With CipherTrust Data Security Platform, healthcare institutions can prepare their investments for the future while reducing operational costs and capital expenditures.

About Eval

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

Tags data protection, IoMT, IoT, lgpd

Data Protection

Ransomware Attack: Know Your Anatomy and Protect Yourself

Post author By Editorial Eval
Post date 11 de March de 2022

The year 2021 was a total highlight for ransomware attack cases as it wreaked havoc on individuals and organizations around the world when it comes to Cybersecurity. It is a trend that will continue into 2022 and beyond.

While ransomware is not new to Cybersecurity, it is a threat that has received attention at the highest levels of government and business.

The threat has affected people’s ability to get medical care, put gas in their vehicles, and buy groceries, among other impacts.

The financial effects of a ransomware attack also became prominent during 2021. The impacts hit supply chains, causing more widespread damage than an attack against a single individual.

There has also been an increased response from government and technology vendors to help stem the tide of ransomware attacks.

Anatomy of a ransomware attack in 2021 and 2022

We haven’t even finished the first quarter of 2022 and ransomware attacks are already catching our attention. Companies such as Americanas, Submarino, Shoptime, Samsung, NVidia, and Mercado Livre have recorded Cybersecurity incidents that were probably triggered by ransomware attacks and phishing scams.

The anatomy of attacks that occurred throughout 2021, and will likely continue into 2022, indicates that cybercriminals have realized that certain techniques produce better results and are focusing on those approaches.

Let’s look at some of the main attack characteristics.

Supply Chain Attacks

Instead of attacking a single victim, the supply chain attacks have extended the blast radius. An excellent example of a ransomware attack in 2021 is the Kaseya attack, which affected at least 1,500 of its managed service provider customers.

Double Extortion

In the past, ransomware was about attackers encrypting information found on a system and demanding a ransom in exchange for a decryption key.

With double extortion, the attackers also export the data to a separate location. There, it can be used for other purposes, including leaking the information to a public website if payment is not received.

Ransomware as a Service (RaaS)

In Cybersecurity, gone are the days when every attacker needed to write their own ransomware code and perform a unique set of activities. RaaS is pay-per-use malware.

It allows attackers to use a platform that provides the code and operational infrastructure necessary to launch and maintain a ransomware campaign.

Attack unpatched systems

This was not a new trend for 2021, but it remains a problem year after year. Although there are ransomware attacks that use new zero-day vulnerabilities (
Zero Day
), most continue to abuse known vulnerabilities in unpatched systems.

Phishing Scams

Although ransomware attacks can infect organizations in different ways, in 2021, some form of phishing email was the primary cause.

How to invest in Cybersecurity and prepare for ransomware attacks

Perhaps one of the most important cybersecurity lessons to be learned from the past few years is the importance of advanced preparation for potentially disruptive incidents, such as phishing or ransomware attacks.

A wave of social engineering coups followed as the global health crisis spread around the world, striking at the fears and discomfort of workers during this uncertain period.

While many of the phishing and ransomware controls are already in place today, there are important steps that security administrators should take to prevent and address a potential attack.

Daily Cybersecurity checks for phishing and ransomware

During business activities the main ways to prepare for phishing, ransomware and other cyber attacks include the following:

Secure the network perimeter and mitigate any potential breaches to prevent malware from entering the organization;
Analyze intrusion attempts and make adjustments to perimeter protection as needed;
Ensure that network perimeter Cybersecurity equipment, including firewalls, intrusion detection and prevention systems, DMZs, and security analysis systems and software are up to date with current configurations and rules;
Regularly monitor performance metrics, such as average detection time and average repair time, to ensure that incidents are managed effectively;
Test and verify cybersecurity management systems and software can be accessed and managed remotely;
Perform regular updating of safety equipment rules and other parameters;
Install and test all relevant patches;
Review and update cybersecurity policies and procedures as needed, especially for phishing and ransomware incidents;
Train cyber security team members on all security mitigation features, procedures, and policies.

Investment in Cybersecurity goes beyond critical global events

The COVID-19 pandemic and other global events, such as Russia’s current war against Ukraine, affect thousands of companies and millions of people around the world.

While the long-term implications have yet to be determined, for cyber security professionals, the need for increased due diligence is key.

With people working remotely and focusing on global issues, cybercriminals are likely to be more aggressive.

In future similar events, the need for proactive Cybersecurity management will be an essential business requirement.

CipherTrust Transparent Encryption: Real-Time Protection Against Any Type of Ransomware Attack

CipherTrust Transparent Encryption is a file system-level encryption solution that leverages the encryption and key management capabilities of the CipherTrust Manger platform to protect against any type of Ransomware attack.

Filesystem-level encryption is a form of disk encryption in which individual files or directories are encrypted by the system itself. The CipherTrust Transparent Encryption solution performs transparent encryption.

In practice, authorized users continue to have read and write access to the encrypted data, while unauthorized users cannot access the encrypted data. As the main characteristics of the solution, we can highlight:

Centralized key and policy management to meet compliance requirements;
Performs transparent encryption of server data at rest without interrupting business operations or application performance;
Granular access controls so that unauthorized users and processes cannot access the encrypted data;
It can be deployed on network shares, file, web, application, database servers, or other machines running compatible software.

Deployment is simple, scalable, and fast, with agents installed on the operating file system or device layer, and encryption and decryption are transparent to all applications running above it.

CipherTrust Transparent Encryption is designed to meet data security compliance requirements and best practices with minimal disruption, effort, and cost. Critical to combating the Ransomware attack.

Implementation is seamless, keeping business and operational processes running smoothly, even during deployment and launch.

About EVAL

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

Tags cyber security, data protection, phishing and ransomware, Ransomware, ransomware attack

Data Protection

How to prevent cyber attacks: Key ways to protect yourself

Post author By Editorial Eval
Post date 1 de February de 2022

While cyber attacks and threats are an ongoing struggle and a major challenge for businesses , they can be avoided by knowing the various types of protocols, exploits, tools, and resources used by cybercriminals. In addition, knowing where and how to expect attacks ensures that you create preventive measures to protect your systems.

Basically, cyber attacks are executed with malicious intent, when a cybercriminal tries to exploit a vulnerability in an organization’s system or individuals. These attacks threaten to steal, alter, destroy, disable, gain access to, or make use of an unauthorized asset.

In practice, cyber attacks, threats and vandalism are a dangerous and growing problem for companies.

Almost every modern organization requires at least one computer network and the assets that make up its connectivity structure, such as switches, access points, and routers, to operate in its IT infrastructure. Besides this, we have as computational structure servers, desktops, laptops, printers, and other mobile devices that complete a technological architecture.

Unfortunately, while these devices and applications offer a great benefit to the enterprise, they can also pose a risk. All it takes is inefficient asset management or an employee clicking on a malicious link, and then cybercriminals gain access to your network and infect your systems.

But this risk can be reduced.

How to prevent cyber attacks?

Preventing a breach of your network and systems requires protection against a variety of cyber attacks. For each attack, the appropriate countermeasure must be deployed/used to prevent it from exploiting a vulnerability or weakness.

The first line of defense for any organization is to assess and implement security controls.

1. Break the pattern of cyberattack

Preventing, detecting or stopping the cyber attack at the earliest opportunity limits the impact on business and the potential for reputational damage.

Even though it is usually the more motivated attackers who have the persistence to carry out multi-stage attacks, they often do this using common, cheaper, and easier-to-use tools and techniques.

Therefore, implement security controls and processes that can mitigate attacks, making your company a difficult target.

Likewise, take a defense-in-depth approach to mitigate risk across the full range of potential cyber attacks, giving your company more resilience to deal with attacks that use more customized tools and techniques.

2. Reduce your exposure by using critical security controls against cyber attack

Fortunately, there are effective and affordable ways to reduce your organization’s exposure to the most common types of cyber attack on Internet-exposed systems.

Boundary firewalls and Internet gateways – establish network perimeter defenses, particularly Web proxying, Web filtering, content scanning, and firewall policies to detect and block executable downloads, block access to known malicious domains, and prevent users’ computers from communicating directly with the Internet;
Malware protection – establish and maintain malware defenses to detect and respond to known cyber attack code;
Patch management – fixes known vulnerabilities with the latest software version to prevent attacks that exploit software bugs;
Allow list and run control – prevents unknown software from being run or installed, including AutoRun on USB and CD drives;
Secure configuration – restrict the functionality of each device, operating system, and application to the minimum necessary for business operation;
Password policy – make sure that an appropriate password policy is in place and followed;
User access control – includes limiting the execution permissions of normal users and enforcing the principle of least privilege.

3. Attenuate the ‘research’ stage

Any information published for open consumption should be systematically filtered before being released to ensure that anything of value to an attacker (such as software and configuration details, names/jobs/titles of individuals, and any hidden data) is removed.

Training, education, and user awareness are important. All your users must understand how published information about your systems and operation can reveal potential vulnerabilities.

They need to be aware of the risks of discussing work-related topics on social media and the potential to be targeted by cyber attack and phishing attacks. They must also understand the risks to the business of releasing confidential information in general conversations, unsolicited phone calls, and e-mail recipients.

4. Reduce the ‘delivery’ stage

The delivery options available to an attacker can be significantly reduced by applying and maintaining a small number of security controls, which are even more effective when applied in combination:

Up-to-date malware protection can block malicious e-mails and prevent malware from being downloaded from websites;
Firewalls and proxy servers can block unsafe or unnecessary services and can also keep a list of known bad sites. Similarly, subscribing to a site reputation service to generate a list of denied sites can also provide additional protection;
A technically enforced password policy will prevent users from selecting easily guessed passwords and lock accounts after a specified number of unsuccessful attempts. Additional authentication measures for access to particularly confidential corporate or personal information should also be in place;
Secure configuration limits system functionality to the minimum necessary for business operation and should be applied systematically to all devices used to conduct business.

5. Minimize the ‘breach’ stage of the cyber attack

As with the delivery stage, the ability to successfully exploit known vulnerabilities can be effectively mitigated with just a few controls, which are best deployed together.

All malware depends on known and predominantly patched software flaws. Effective vulnerability patch management ensures that patches are applied at the earliest opportunity, limiting the time your organization is exposed to known software vulnerabilities;
Malware protection at the Internet gateway can detect known malicious code in an imported item, such as an e-mail. These measures should be complemented by malware protection at key points in the internal network and on users’ computers, where available;
Well implemented and maintained user access controls will restrict the applications, privileges, and data that users can access. The secure setup can remove unnecessary software and default user accounts. It can also ensure that default passwords are changed and that all automatic features that can activate malware immediately (such as AutoRun for media drives) are disabled;
Training, education and user awareness are extremely valuable in reducing the likelihood of successful ‘social engineering’. However, with the pressures of work and the sheer volume of communications, you cannot rely on this as a control to mitigate even a cyber attack;
Finally, the key to detecting a breach is the ability to monitor all network activity and analyze it to identify any malicious or unusual activity.

If all measures for the research, delivery and breach stages are consistently in place, most cyber attacks can be prevented.

However, if the cybercriminal is able to use tailored features, you should assume that they will bypass them and get into your systems. Ideally, companies should have a good understanding of what constitutes ‘normal’ activity on their network, and effective security monitoring should be able to identify any unusual activity.

Once a technically capable and motivated attacker has full access to your systems, it can be much more difficult to detect their actions and eradicate their presence. This is where a complete defense-in-depth strategy can be beneficial.

The CipherTrust Data Security Platform solution allows companies to protect their structure against cyber attacks

According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud.

CipherTrust Transparent Encryption

Encrypt data in on-premises, cloud, database, file, and Big Data environments with comprehensive access controls and detailed data access audit logging that can prevent the most malicious cyber attacks.

CipherTrust Database Protection

CipherTrust Application Data Protection

It offers APIs for developers to quickly add encryption and other cryptographic functions to their applications, while SecOps controls the encryption keys.

CipherTrust Tokenization

CipherTrust Batch Data Transformation

CipherTrust Manager

It centralizes keys, management policies, and data access for all CipherTrust Data Security Platform products and is available in FIPS 140-2 Level 3 compliant physical and virtual formats.

CipherTrust Cloud Key Manager

It offers its own key lifecycle management (BYOK) for many cloud infrastructure, platform, and software-as-a-service providers.

CipherTrust KMIP Server

It centralizes key management for the Key Management Interoperability Protocol (KMIP) commonly used in storage solutions.

CipherTrust TDE Key Manager

Centralizes key management for encryption found in Oracle, SQL and Always Encrypted SQL.

It simplifies data security, improves operational efficiency, and accelerates compliance time. Regardless of where your data resides.

Tool portfolio that ensures data protection against cyber attacks

With data protection products from the CipherTrust Data Security Platform, your company can:

Strengthen security and compliance against cyber attack

CipherTrust data protection products and solutions address the demands of a range of security and privacy requirements, including electronic identification, authentication, and trust, Payment Card Industry Data Security Standard (PCI DSS), General Data Protection Law (LGPD)among other compliance requirements.

Optimizes team and resource efficiency against cyber attacks

In addition, professional services and partners are available for design, implementation, and training assistance to ensure fast and reliable implementations with minimal staff time.

Reduces total cost of ownership

With CipherTrust Data Security Platform, companies can prepare their investments for the future while reducing operating costs and capital expenditures.

About Eval

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

Tags cyber attacks, data protection, general data protection law, lgpd

Data Protection

Dangers of public WiFi: data of 2 million users leaked

Post author By Editorial Eval
Post date 20 de January de 2022

In our connected world, using free public Wi-Fi has become a daily routine for some people. But secure and reliable connections are not always what they seem.

Public Wi-Fi access points are easy targets for cybercriminals who can use them to invade your privacy and steal your data.

This is what happened with WSpot, a WiFi management software company based in Brazil. It exposed data from about 2 million user companies, 5% of its customer base was affected by this leak.

About the leak and the relationship with public WiFi

Security research firm SafetyDetectives discovered the leak and warned that WSpot had an incorrectly configured Amazon Web Services S3 asset. Supposedly, the vulnerability found was unprotected and open to public access, which generated 10 GB of visitor data exposure.

About 226,000 files were exposed in this data leak. The leaked information includes personal details of at least 2.5 million users who have connected to the WSpot client’s public WiFi networks.

In addition, the information exposed included details of individuals who accessed the companies WiFi service, leaking information such as name, home address, email and taxpayer registration numbers, and plain-text login credentials created by users when getting registered to the service.

The company explained that the leak was caused by a lack of “standardization in information management”, which was stored in a specific folder. The company also noted that it has been dealing with the problem since SafetyDetectives notified it and the technical procedures were completed on November 18.

Why can using public Wi-Fi connections be dangerous?

Among the main dangers of public Wi-Fi are the risks of data breaches and malware infections. In the first scenario, cybercriminals can intercept the information you transmit over an unprotected connection.

In the second scenario, digital criminals may present you with an imitation of a legitimate website, tricking you into downloading malware.

Using an insecure public Wi-Fi network offers cybercriminals a great opportunity. Here is what makes it a vulnerable wireless network:

No or weak password protection;
Improperly configured Wi-Fi routers;
Outdated router software;
Many careless users;
Logging into a fake Wi-Fi access point.

By 2023, there will be almost 628 million public Wi-Fi access points. And as their number increases, so do the potential dangers. Let’s see what you risk by connecting to a free public Wi-Fi network.

What are the risks of using public WiFi?

Those who don’t know how to use public Wi-Fi safely can quickly find themselves in trouble. To avoid this, you should always keep your guard up against the following dangers of open wireless networks.

Identity Theft

Identity theft is a cyber crime with the primary goal of illegally obtaining someone’s data.

Most commonly, cybercriminals use public Wi-Fi hotspots to steal people’s credit card information and commit financial fraud. With enough information about an individual, criminals can apply for loans, withdraw money, make purchases, and commit other crimes, all in their name.

Data breach

Using public Wi-Fi safely is essential to avoid data breaches, which happen when criminals illegally access private information. While identity theft primarily involves financial information, data breaches can affect any type of information you store on your device.

If you don’t know how to use public Wi-Fi safely, cybercriminals can steal your photos, videos, documents, and contacts, among others.

Malware Infection

Using public Wi-Fi makes you an easy target for browser hijackers who distribute malware to unsuspecting surfers. You may just be opening a news website when a supposedly innocent-looking pop-up ad appears on your screen. What you don’t know is that by accidentally clicking on it, you get dangerous software directly on your phone or laptop.

How to stay safe on public WiFi networks

Here’s what you need to do if you want to minimize the security risks of public Wi-Fi:

Use a VPN on a public WiFi network

To stay secure on a public Wi-Fi network, use a Virtual Private Network (VPN) application. The application hides your IP address and encrypts the information you send online, making it unreadable to third parties.

Do not access or send your confidential data when accessing a public WiFi

You don’t want your sensitive data to be intercepted, so make sure you don’t expose any. Forget about online banking, shopping, and remote work when connecting to a public Wi-Fi.

Do not use any application that may contain confidential data. The sad truth is that many applications have security holes, so anything you do in them can be visible to hackers.

Use an antivirus

Unfortunately, an antivirus program does not save your personal data from interception, but it can protect your device from various malware. This includes malicious programs that hackers secretly send to your phone or laptop on a public Wi-Fi network.

Turn on the firewall when accessing via public WiFi

Enabling the firewall can save your laptop from suspicious data packets. Simply put, a firewall analyzes data traffic and protects your device from unauthorized access. So whenever you connect to a public Wi-Fi network, don’t forget to activate the protection.

There is no magic solution for data security. While website owners and retailers should clearly up their game in protecting our privacy, we also need to do our part to at least eliminate the easiest fruit for hackers.

Fortunately, with just a little attention and these simple steps, you can protect your data and still enjoy the convenience of public Wi-Fi.

Invest in data protection in 2022 and beyond.

The CipherTrust Data Security Platform solution allows companies to protect their structure against attacks even with access via public WiFi.

According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud.

CipherTrust Transparent Encryption

Encrypt data in on-premises, cloud, database, file, and Big Data environments with comprehensive access controls and detailed data access audit logging that can prevent the most malicious attacks.

CipherTrust Database Protection

CipherTrust Application Data Protection

It offers APIs for developers to quickly add encryption and other cryptographic functions to their applications, while SecOps controls the encryption keys.

CipherTrust Tokenization

CipherTrust Batch Data Transformation

CipherTrust Manager

It centralizes keys, management policies, and data access for all CipherTrust Data Security Platform products and is available in FIPS 140-2 Level 3 compliant physical and virtual formats.

CipherTrust Cloud Key Manager

It offers its own key lifecycle management (BYOK) for many cloud infrastructure, platform, and software-as-a-service providers.

CipherTrust KMIP Server

It centralizes key management for the Key Management Interoperability Protocol (KMIP) commonly used in storage solutions.

CipherTrust TDE Key Manager

Centralizes key management for encryption found in Oracle, SQL and Always Encrypted SQL.

It simplifies data security, improves operational efficiency, and accelerates compliance time. Regardless of where your data resides.

Tool portfolio that guarantees data protection also with access via public WiFi

With data protection products from the CipherTrust Data Security Platform, your company can:

Strengthen security and compliance even when using a public WiFi

Optimizes team and resource efficiency

In addition, professional services and partners are available for design, implementation, and training assistance to ensure fast and reliable implementations with minimal staff time.

Reduces total cost of ownership

With CipherTrust Data Security Platform, companies can prepare their investments for the future while reducing operating costs and capital expenditures.

About Eval

EVAL has been developing projects in the financial, health, education and industry segments for over 18 years. Since 2004, we have offered Authentication, Electronic and Digital Signature and Data Protection solutions. Currently, we are present in the main Brazilian banks, health institutions, schools and universities, and different industries.

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

Tags cyber crime, data breach, data protection, identity theft, malware, public wifi

Data Protection

Cyber security threats: risks that businesses must be prepared for

Post author By Editorial Eval
Post date 28 de December de 2021

Cyber security threats continue to be a major challenge for individuals and businesses around the world. Cybercrime, costs globally more than $6 trillion annually, according to
Annual Cybercrime Report 2020
.

To put this in perspective, if cybercrime were a country, it would be the third largest global economy after the US and China.

Since the pandemic in early 2020, many cybercriminals have changed the way they operate. This is because the change in working practices, such as the home office, presented many security vulnerabilities that these criminals quickly exploited.

In 2022, the cybersecurity threat landscape will continue to evolve as many companies return to pre-pandemic working practices, while still maintaining some of the flexible working arrangements they adopted in 2020.

This highlights the importance of understanding what the main cybersecurity risks of 2022 will be and what your company can do to mitigate these risks.

Cyber security threats will continue to increase in 2022 if robust measures are not taken

According to Gartner, organizations that adopt a cybersecurity architecture can reduce the financial impact of security incidents by an average of 90%.

The top 5 types of cybersecurity threats that everyone should consider and be aware of in 2022 are listed below:

1. Ransomware

According to Cybersecurity Ventures, the cost of cybercrime from ransomware attacks is expected to reach $265 billion by 2031.

The report predicts that there will be a new attack every 2 seconds as cybercriminals progressively refine their malware payloads and related extortion activities.

In this type of cybercrime, the victim’s computer is locked, usually by encryption, preventing them from using the device and everything stored on it.

To regain access to the device, the victim needs to pay a ransom, usually in the form of virtual currency.

There are different types of transmission of such threats. However, most of the time, ransomware spreads via malicious email attachments, infected software applications, compromised websites or infected external storage.

2. Internal threats

This is one of the most common types of cybersecurity threats. It usually occurs when employees, intentionally or unintentionally, misuse authorized access in a way that negatively affects the organization’s system.

In most of these cybercrime cases, it is due to non-compliance with the organization’s policies and procedures. As such, they are prone to emailing customer data to third parties or sharing their login information with others.

These types of attacks would bypass cybersecurity protocols to delete, sell or steal data. This can disrupt operations and cause major damage to data.

3. Phishing attacks

Phishing attacks are one of the most prevalent cybersecurity threats in today’s business environment.

According to Verizon’s 2021 Data Breach Investigations Report (DBIR), phishing is the top “variety of action” seen in breaches in 2020, with 43% of breaches involving phishing and/or pretexting.

Phishing aims to trick users into compromising important and confidential information. Typically, attackers use fake emails that look trustworthy or from legitimate sources.

The main idea is to make users perform some actions (e.g. clicking on a link or opening email attachments) that allow attackers to install malware on their devices.

4. Attacks in the cloud

The cloud has become a critical part of our everyday life. However, we should be aware that not all cloud services provide secure authentication and encryption.

Incorrect configuration can cause cybercrime, including intrusions, network vulnerabilities and data leaks.

According to IBM, more than half of the breaches threats to cybersecurity in the cloud are caused by simple issues. While, two-thirds of cloud security incidents can be prevented by checking configurations.

5. Malvertising attacks

Malicious advertising, also known as malvertising, is an emerging new form of cybercrime.

Through this technique, cybercriminals inject malicious code into digital ads that redirect users to malicious websites or install malware on their devices.

It is very difficult to be identified by internet users and editors. Thus, they are usually served to consumers through legitimate advertising networks. Any advertisement displayed on websites may present a risk of infection.

Even some world-renowned companies have inadvertently displayed malicious ads on their websites.

More cyber attacks related to COVID-19

Cybercriminals quickly exploited the pandemic, using it as a pretext for phishing emails, fake apps and interesting links to malicious websites.

As 2022 progresses, there are likely to be more COVID-19 related developments around the world, new variants, vaccine news and booster dose offers for example.

Cybercriminals are eager to exploit these developments to continue tricking company employees into downloading malicious software or providing sensitive information that can be used for cybercrime.

CipherTrust enables businesses to protect their structure against cybersecurity threats

According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud.

CipherTrust Transparent Encryption

Encrypt data in on-premises, cloud, database, file, and Big Data environments with comprehensive access controls and detailed data access audit logging that can prevent the most malicious attacks.

CipherTrust Database Protection

CipherTrust Application Data Protection

It offers APIs for developers to quickly add encryption and other cryptographic functions to their applications, while SecOps controls the encryption keys.

CipherTrust Tokenization

CipherTrust Batch Data Transformation

Provides static data masking services to remove sensitive information from production databases, so that compliance and cybersecurity issues are alleviated when sharing a database of information with a third party for analysis, testing or other processing.

CipherTrust Manager

It centralizes keys, management policies, and data access for all CipherTrust Data Security Platform products and is available in FIPS 140-2 Level 3 compliant physical and virtual formats.

CipherTrust Cloud Key Manager

It offers its own key lifecycle management (BYOK) for many cloud infrastructure, platform, and software-as-a-service providers.

CipherTrust KMIP Server

It centralizes key management for the Key Management Interoperability Protocol (KMIP) commonly used in storage solutions.

CipherTrust TDE Key Manager

Centralizes key management for encryption found in Oracle, SQL and Always Encrypted SQL.

It simplifies data cybersecurity, improves operational efficiency, and accelerates compliance time. Regardless of where your data resides.

Tool portfolio that ensures data protection

With data protection products from the CipherTrust Data Security Platform, your company can:

Strengthen cybersecurity and compliance

Optimizes team and resource efficiency

In addition, professional services and partners are available for design, implementation, and training assistance to ensure fast and reliable implementations with minimal staff time.

Reduces total cost of ownership

With CipherTrust Data Security Platform, companies can prepare their investments for the future while reducing operating costs and capital expenditures.

About EVAL

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval safety is value.

Tags Ciphertrust, cyber attacks, data protection, Ransomware

Data Protection

Fighting cyber attacks: the importance of prevention

Post author By Editorial Eval
Post date 14 de December de 2021

Throughout 2021, individuals, businesses and governments have all been concerned about combating cyber attacks.

Keeping our data safe in a world where everything is on the Internet, from travel diaries to credit card information, data protection has become one of the most pressing challenges of cybersecurity.

Ransomware, phishing attacks, malware attacks, and other cybersecurity threats are some examples. No wonder that one of the fastest growing areas in IT is combating cyber attacks.

The need for data protection is increasingly recognized by organizations.

Companies, in particular, are paying more attention, as data breaches cause great damage every year and expose large amounts of personal information.

The fight against cyber attacks is increasing as society is increasingly connected

Although many of the attacks that occurred in 2021 were caused by the increased use of the Internet as a result of the pandemic of coronaviruses and blockades, the threat to businesses remains significant.

With the cost of combating global cyberattacks estimated to reach $10.5 trillion by 2025, according to
Cybersecurity Ventures
a specialist cybercrime magazine, the threats posed by cybercriminals will only increase as organizations become more reliant on the internet and technology.

Ransomware cases increased in 2021 by about 62% from 2019, and it is considered the top threat this year. In fact, cyber threats are becoming more sophisticated during these times and are much more difficult to detect.

The nature of all attacks are much more dangerous than a simple theft. So let’s dig a little deeper into this discussion by showing the top cyber attack cases occurring in 2021.

The Colonial Pipeline

If we are going to talk about cyber attacks occurring in 2021, then Colonial Pipeline should be on the list.

Considered the largest fuel pipeline in the United States, it experienced a cyber attack in May 2021, disrupting fuel distribution in 12 states for a few days. The company had to pay $4.5 million as ransom to resolve the situation.

Florida’s supply system

A cybercriminal tried to poison the water supply in Florida and managed to increase the amount of sodium hydroxide to a potentially dangerous level.

The cyber attacks occurred by hacking into the IT systems of the Oldsmar city water treatment plant, briefly increasing the amount of sodium hydroxide from 100 parts per million to 11,100 parts per million. This scenario is an example of how an invasion of critical infrastructure at any level puts residents’ lives at risk.

Microsoft Exchange

A massive cyber attack has affected millions of Microsoft customers worldwide, in which cybercriminals actively exploited four Zero Day vulnerabilities in Microsoft’s Exchange Server solution.

At least nine government agencies, as well as more than 60,000 private companies in the United States alone, are believed to have been affected by the attack.

Aircraft Manufacturer Bombardier

A popular Canadian aircraft manufacturer, Bombardier, suffered a data breach in February 2021. The breach resulted in the compromise of confidential data of suppliers, customers, and about 130 employees located in Costa Rica.

The investigation revealed that an unauthorized party gained access to the data by exploiting a vulnerability in a third-party file transfer application.

Acer Computers

World-renowned computer giant Acer suffered a ransomware attack, being asked to pay a ransom of $50 million, which made the record for the largest ransom known to date.

A cybercriminal group called Revil is believed to be responsible for the attack. The digital criminals also announced the breach on their website and leaked some images of the stolen data.

In Brazil it was no different in terms of the intensity of attacks and cybercrime

In a survey conducted by digital security company Avast, cybercriminals continue to take advantage of the Covide-19 pandemic by exploiting people’s habits created during the lockdown period to spread scams.

Following the global trend, ransomware attacks, cryptocurrency malware, and other scams were prevalent in Brazil.

For mobile devices, adware and fleeceware are among the top threats. According to Avast, the growth of ransomware attacks in Brazil was stronger than the global average.

Combating cyber attacks is already a major concern for most Brazilian companies today, as many of these attacks occurred only in 2021, such as the one that occurred at Lojas Renner, which completely paralyzed the system.

We still had the case of the Fleury group, which was unable to perform tests for several days, and JBS, which was forced to pay US$ 11 million in ransom for the hacker attack on its operation in the United States, all these situations put the issue even more in evidence in Brazil.

Organs and companies linked to the Brazilian government have also been targeted by cybercriminals. Social Security, the Ministry of Labor, the Federal Public Ministry, Petrobras, among other organizations have also suffered attacks.

Already in 2021, the LGPD offered an opportunity for companies to rethink how they fight cybercrime.

The General Data Protection Law (LGPD) went into effect in September 2020. The overall goal of the new legislation is to establish a regulatory framework for the protection of personal data, making it easier for all Brazilian citizens to understand how their data is used and, if necessary, to file a complaint about its processing.

The goal of the LGPD can be summarized in three key points:

Strengthening the rights of individuals;
Train the actors involved in data processing;
Increase the credibility of regulation through cooperation between data protection authorities.

If there is one thing that the LGPD achieved during the year 2021, it was to raise awareness about data protection and privacy issues. In practice, companies cannot sweep incidents under the rug because of the risk of revenue-based fines.

The data protection law has also given companies more visibility into the data they are collecting. The basic principle of the LGPD is that companies know what data they have and ensure that they are processing it correctly and securely.

LGPD compliant companies now have the basic elements they need to build a good information security program because if you don’t know what you have, you don’t know what to protect.

The Data Protection and Privacy Act has also changed the financial equation for organizations when it comes to privacy risk. This has encouraged companies to think holistically about risks and invest in improving privacy controls and governance.

Invest in 2022 and beyond. CipherTrust solution enables the fight against digital crime

According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud.

CipherTrust Transparent Encryption

Encrypt data in on-premises, cloud, database, file, and Big Data environments with comprehensive access controls and detailed data access audit logging that can prevent the most malicious attacks.

CipherTrust Database Protection

CipherTrust Application Data Protection

It offers APIs for developers to quickly add encryption and other cryptographic functions to their applications, while SecOps controls the encryption keys.

CipherTrust Tokenization

CipherTrust Batch Data Transformation

CipherTrust’s solution designs data protection products and solutions against cyber attacks to meet a range of security and privacy requirements, including electronic identification, authentication, and trust.

CipherTrust Manager

It centralizes keys, management policies, and data access for all CipherTrust Data Security Platform products and is available in FIPS 140-2 Level 3 compliant physical and virtual formats.

CipherTrust Cloud Key Manager

It offers its own key lifecycle management (BYOK) for many cloud infrastructure, platform, and software-as-a-service providers.

CipherTrust KMIP Server

It centralizes key management for the Key Management Interoperability Protocol (KMIP) commonly used in storage solutions.

CipherTrust TDE Key Manager

Centralizes key management for encryption found in Oracle, SQL and Always Encrypted SQL.

It simplifies data security against cyber attacks, improves operational efficiency, and accelerates compliance time. Regardless of where your data resides.

The CipherTrust platform offers a wide range of proven, market-leading products and solutions to ensure the fight against cyber attacks.

These products can be deployed in data centers or at cloud service providers (CSPs) or managed service providers (MSPs). In addition, you can also count on the cloud-based service managed by Thales, a leading company in the security industry.

Portfolio of tool to ensure cybercrime is tackled

With data protection products from the CipherTrust Data Security Platform, your company can:

Strengthen security and compliance

CipherTrust designs its data protection products and solutions against cyber attacks to meet a range of security and privacy requirements, including electronic identification, authentication, and trust.

In addition, these products are also compliant with the Payment Card Industry Data Security Standard (PCI DSS), the General Data Protection Act (LGPD), and other compliance requirements.

Optimizes team and resource efficiency against security incidents

CipherTrust Data Security Platform is the industry leader and provides extensive support for data security use cases.

With products designed to work together, a single thread for global support, and a proven track record of protecting against evolving threats, this platform also boasts the industry’s largest ecosystem of data security partnerships.

The CipherTrust Data Security Platform solution was developed with a focus on ease of use, with APIs for automation and responsive management.

With this solution, your teams can quickly implement, secure, and monitor the protection of your business against cyber attacks.

In addition, professional services and partners are available to assist in implementation and staff training, ensuring fast and reliable implementations.

In this way, it is possible to reduce the time required from your staff for these activities.

Reduces total cost of ownership

The CipherTrust Data Security Platform offers a broad set of data security products and solutions for protection against cyber attacks.

This portfolio can be easily scaled, expanded for new use cases, and has a proven track record of protecting both new and traditional technologies.

With the CipherTrust Data Security Platform, companies can prepare their investments to combat cyberattacks while reducing operational costs and capital expenditures.

About Eval

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

Tags cyber attacks, data protection, data security, lgpd, Ransomware

Data Protection

Zero Trust: How to Achieve Cybersecurity in Your Business

Post author By Editorial Eval
Post date 6 de December de 2021

Since users have started connecting through unmanaged mobile devices and internet-connected business applications, there is a growing need to implement more efficient security strategies, such as Zero Trust.

Zero Trust is a concept put forward by Forrester Research over a decade ago. The fundamental principle of the zero trust approach is least privilege access, which assumes that no user or application should be inherently trusted.

At its core, Zero Trust starts from the basis that everything is potentially hostile to an organization and a secure connection can only be established through efficient management and use of the user’s identity and the context of use, such as the user’s location, the security posture of the endpoint device and the application or service requested.

Zero Trust extends protection and enables modernization

Zero trust is not simply about a single technology, such as identity and remote user access or network segmentation. Zero Trust is a strategy, a foundation on which to build a cybersecurity ecosystem.

Basically, there are three principles in its definition:

Terminate all connections

Many technologies, such as firewalls, use a “pass-through” approach, meaning that files are sent to their recipients at the same time they are being inspected.

If a malicious file is detected, an alert will be sent, but it can often be too late. In contrast, zero trust terminates all connections so it can hold and inspect unknown files before they reach the endpoint.

Built on a proxy architecture, Zero Trust operates inline and inspects all traffic at line speed, including encrypted traffic, performing deep data and threat analysis.

Protect data using context-based policies

Zero trust applies user identity and device posture to verify access rights, using granular business policies based on context, including user, device, requested application, as well as content type.

Policies are adaptive, meaning that as context changes, such as the user’s location or device, user access privileges are continually re-evaluated.

Reduce risk by eliminating the attack surface

Zero Trust connects users directly to the apps and resources they need and never connects them to networks.

By enabling one-to-one connections (user-to-app and app-to-app), zero trust eliminates the risk of lateral movement and prevents a compromised device from infecting other network resources.

With Zero Trust, users and applications are invisible to the Internet, so they cannot be discovered or attacked.

Benefits of adopting Zero Trust

Effectively reduces business and organizational risk

As we saw earlier, Zero Trust assumes that all applications and services are malicious and not allowed to communicate until they can be positively verified by their identity attributes.

These are immutable properties of the software or services themselves that meet pre-defined trust principles, such as authentication and authorization requirements.‍

Zero trust therefore reduces risk because it reveals what is on the network and how those assets are communicating. In addition, as baselines are created, a Zero Trust strategy reduces risk by eliminating over-provisioned software and services and continuously checking the “credentials” of each communicating asset.

Provides access control in cloud and container environments

Security professionals’ biggest fears about moving to and using the cloud are loss of visibility and access management.

With a zero-trust security architecture, security policies are enforced based on the identity of the communication workloads and tied directly to the workload itself.

This way, security remains as close as possible to the assets that require protection and is not affected by network constructs such as IP addresses, ports and protocols. As a result, the protection not only follows the workload where it tries to communicate, but remains unchanged even when the environment changes.

Helps reduce the risk of a data breach

As zero trust is based on the principle of least privilege, every entity, user, device, workload, is considered hostile.

As a result, each request is inspected, users and devices are authenticated and permissions are assessed before “trust” is granted, and this “trustworthiness” is continually reassessed as any context changes, such as the user’s location or the data being accessed.

If an attacker gains a foothold in the network, or cloud instance through a compromised device or other vulnerability, that attacker will not have the ability to access or steal data as a result of being untrusted.

In addition, there is no ability to move laterally due to the zero trust model of creating a “secure segment of one”, meaning there is nowhere an attacker can go. Access is always blocked.

Supports compliance initiatives

Zero trust protects all users and workload connections from the internet, so they cannot be exposed or exploited. This invisibility makes it simpler to demonstrate compliance with privacy standards, such as the General Data Protection Law (GDPR) and other regulations, and results in fewer findings in audits.

Additionally, with Zero Trust segmentation (micro-segmentation) in place, organizations have the ability to create perimeters around certain types of sensitive data using fine-grained controls that keep regulated data separate from other unregulated information.

When it comes time for an audit, or in the event of a data breach, a zero-trust segmentation strategy provides superior visibility and control over flat network architectures that provide privileged access.

Secure your environment with SafeNet Trusted Access and Zero Trust

Thales in partnership with Eval, offers strong and effective authentication services that enable enterprises to pursue consistent authentication policies across the organization, automating and simplifying the deployment and management of a distributed property of tokens, while protecting a broad spectrum of resources, whether on-premises, cloud-based or virtualized.

SafeNet Trusted Access is a cloud-based access management service that combines the convenience of the cloud and web single sign-on (SSO) with granular access security.

By validating identities, enforcing access policies and applying Smart Single Sign-On, organizations can ensure secure and convenient access to multiple cloud applications from one easy-to-navigate console.

Cloud-based applications play a vital role in meeting the productivity, operational and infrastructure needs of the enterprise. However, the challenge of managing users’ multiple cloud identities increases as more cloud applications are used.

Each new service added to an organization’s cloud makes unified visibility of access events harder to achieve and increases compliance risk.

Users struggle to maintain countless usernames and passwords, while help desk tickets requiring password resets abound. And with cloud applications protected by default with only weak static passwords, the risk of a data breach increases.

Benefits of SafeNet Trusted Access

SafeNet Trusted Access prevents data breaches and helps organizations comply with requirements and regulations, such as the General Data Protection Law (LGPD), allowing them to migrate to the cloud in a simple and secure way. The most important features include:

Flexibility in deployment: on-premise or cloud-only installation, migration possible at any time;
Reduced help desk costs through SAS self-service portal and high degree of automation;
Protection for internal and cloud applications;
Quickly implemented, easy to operate and flexibly scalable;
Strong authentication for almost all platforms and applications;
Integration through SAML, agents, RADIUS or APIs;
Multiple authentication factors for every need: hardware and software tokens, SMS and more;
Automated registration via web and email;
Multi-client capability: centrally across the enterprise, also with delegation;
Certified processes: ISO 27001, SSAE 16 SOC-Type 2.

SafeNet Trusted Access from Thales brings security to access and authentication using the Zero Trust strategy

With SafeNet Trusted Access, customers can authenticate API access, reducing the threat surface in an organization’s IT environment.

While API adoption is increasing, many organizations still rely on on-premise systems to run their business (e.g. HR and ERP systems), making consistent access management and authentication increasingly complex, while negatively impacting user experience.

Many organizations face increasing complexity in their IT environments

Many organizations face the challenge of applying modern, uniform authentication and access management to these applications.

SafeNet Trusted Access reduces the risk of data breaches by providing organizations with a wide range of authentication and policy-based access. This gives companies the agility to provide flexible security and authentication across their environment.

Combined with best-in-class authentication and access security, customers can now overcome complexity, reduce access silos and thrive as they undergo their digital and cloud transformation.

About Eval

With market recognized value, Eval’s solutions and services meet the highest regulatory standards for public and private organizations, such as SBIS, ITI, PCI DSS, and LGPD. In practice, we promote information security and compliance, increase companies’ operational efficiency, and reduce costs.

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

Tags cyber security, data protection, SafeNet Trusted Access, Thales, Zero Trust

Data Protection

IoT in Health: Cybersecurity Revolution and Care

Post author By Editorial Eval
Post date 11 de November de 2021

IoT in Healthcare (Internet of Things) is impacting and changing the sector, making providers smarter and more efficient, making preventive care even more accessible.

With increasing technological innovation in the segment, IoT technology is starting to have a real impact on the healthcare sector.

According to a Markets and Markets study, the medical handheld devices market is expected to reach $12.1 billion by 2021.

These portable devices are far beyond the scope of fitness tracking. New devices can monitor heart attacks, signs of stroke and measure and control insulin levels of diabetic patients.

The Internet of Things, as it is also known, has ushered in a new era of innovation, IoT-linked applications include everything from transportation and manufacturing to smart home control and automation and even entertainment.

It is important to note that the healthcare sector also benefits from the Internet of Things. When applied correctly, IoT in Healthcare has enormous potential. From medication management to patient monitoring, its uses are almost limitless.

Key benefits of IoT in Healthcare

As the word itself suggests, Internet of Things is a network of devices interconnected through a software (IoT gateway).

With the help of sensors, an IoT device detects physical properties such as temperature, pressure, movement, weight, light, and converts them into electrical signals. An IoT gateway then receives the signal and processes it into useful information.

The electrical signal generated by IoT devices can be used to solve complex problems of daily life. As a common use case in healthcare, it enables real-time tracking of medical equipment such as nebulizers, medical kits, oxygen pumps and wheelchairs.

In practice, IoT in Healthcare is transforming the sector in terms of how apps, devices and people interact when delivering healthcare solutions.

Below are some of the key benefits of adopting IoT in the healthcare sector:

1. IoT applied to remote monitoring

Thanks to IoT in Healthcare, you don’t have to rush to the hospital or stay hospitalized every time you need a healthcare professional to keep an eye on your health.

Your doctor can monitor your health in hospital while you are lying in bed. This also with the help of devices.

Remote monitoring has helped thousands of heart and blood pressure patients who need regular check-ups of their health conditions.

IoT devices, such as fitness bracelets or smartwatches, can monitor patients’ blood sugar and heart rate and send real-time information to doctors.

In addition, an IoT device can from IoT, such as unusual heart rate, and send real-time alerts to your doctor or family members.

2. Affordable healthcare using the Internet of Things

IoT has made healthcare accessible to more patients. Remote monitoring saves patients a lot of time and money spent on unnecessary doctor visits or readmissions.

In addition, IoT helps hospitals efficiently manage their administrative operations, such as automating appointment scheduling or real-time tracking of available beds.

It saves the cost of manual labor and consequently reduces the cost of healthcare.

3. Delivering the best treatment through IoT devices

Together with sophisticated health analytics, the Internet of Things can generate useful and actionable insights that can help healthcare professionals provide better patient care.

Real-time data collected through IoT devices can be processed and documented to make an insightful report on patient history and behavior. It helps doctors better understand the nature of the disease and provide better treatment.

4. Efficient diagnosis of diseases

Combined with advanced health analytics, IoT data collected from a patient can help in better diagnosis.

The insight generated through analytics can help healthcare professionals detect symptoms of diseases at an early stage.

With the help of Artificial Intelligence and advanced computing technologies, the Internet of Things can automatically detect and alert patients of upcoming health risks.

5. Easy management of equipment and medicines

Thanks to IoT, you can now store huge piles of medicines and equipment in an organized way. This leaves no room for human error or mismanagement of items.

With the help of real-time tracking, you can have efficient access to all the items and hence retrieve them efficiently and effectively with minimal effort.

6. Reduce human error

Some healthcare operations need precision and accuracy, such as determining a candidate’s eligibility to test a new drug.

Manual data handling, especially when a large volume of data is involved, can increase the chances of high human errors. On the other hand, the Internet of Things ensures that data is error-free.

7. Efficient management of electronic health records

Suppose you rush to the hospital because of a minor chest pain and the doctor needs to understand your medical history. In minutes, and with a few clicks, he can have access to well-documented reports of his medical history stored in the database.

While data security may be a concern, IoT devices may come with their own, more secure, encryption protocols developed especially for IoT devices.

8. Better insurance management

Insurers are using the Internet of Things to bring more transparency into their operations, such as underwriting, claims management and risk assessment.

Also, with IoT devices, it has become easier to detect fraud.

Many leading companies reward their customers if they show better precautions during treatment and reduce insurance costs. Companies determine the right candidates based on IoT data over a significant period.

9. Seamless communication between hospitals

As IoT helps to keep an electronic record of medical history, now you no longer need to carry a folder of documents of your previous diagnosis. It also helps hospitals share useful and necessary information in an integrated and cost-effective way.

In addition, effective collaboration of hospitals enhances health analysis and research. The huge volume of data collected from patients from various hospitals could be useful for healthcare scientists.

10. Efficient Development of Medicines

Drug development is an expensive and time-consuming process. When developing a new medicine, pharmaceutical scientists use iterative processes that involve chemical reactions between various reagents and ingredients.

With the help of IoT and health analytics, they can predict the outcome even without performing reactions.

In addition, IoT helps pharmaceutical companies determine the right candidates for their new drugs. Based on the profile of the ideal candidate and the data collected from various candidates, IoT suggests suitable matches for your tests.

The benefits of the Internet of Things in healthcare are enormous. As we have seen, when integrated with healthcare, the Internet of Things can be used to increase the efficiency of hospital operations, improve patient monitoring and even provide affordable solutions for wearable technology.

However, whenever the network connection works, there will be security issues, and the Internet of Things is no exception in the healthcare field.

Internet of Things devices are easily affected. While people used to only worry about patient data and compliance with regulatory requirements, they still have to worry about the potential risks from cybercriminals.

Thales Luna hardware security modules (HSMs) enable continuous cybersecurity support

A hardware security module (HSM) is a physical device that provides extra security for sensitive data. This type of device is used to provide cryptographic keys for critical functions such as encryption, decryption and authentication for the use of applications, identities and databases.

To give an idea, companies can use a hardware security module, for example, to protect trade secrets of significant value, ensuring that only authorized individuals can access the HSM to complete an encryption key transaction, i.e. to control access properly and if necessary with multi-factor authentication, which is a safety recommendation adopted today.

In addition, the entire lifecycle of the encryption key, from creation, revocation, management and storage in the HSM.

Digital signatures can also be managed through an HSM and all access transactions are logged to create an audit trail. In this way, a hardware security module can help hospitals move confidential information and processes from paper documentation to a digital format.

Thales Hardware Security Modules provide the highest level of security by always storing cryptographic keys in hardware. In addition, they provide a secure encryption foundation as the keys never leave the device validated by FIPS 140- 2, Level 3, , intrusion resistant and tamper-proof.

Encryption in HSM: controlling access to confidential material on IoT devices in healthcare

In addition, Thales also implements operations that make deploying secure HSMs as easy as possible, and our HSMs are integrated with the Thales Crypto Command Center for fast and easy partitioning, reporting, and monitoring of cryptographic resources.

Thales’ HSMs follow strict design requirements and must pass rigorous product verification tests, followed by real-world application testing to verify the security and integrity of each device.

With Thales hardware security modules, you can:

Address compliance requirements with solutions for Blockchain, LGPD and IoT, performing hardware key storage, transactional acceleration, certificate signing, code or document signing, bulk key generation and data encryption;
The keys are generated and always stored in an intrusion-resistant, tamper-proof, FIPS-validated device with the strongest levels of access control;
Create partitions with a dedicated Security Office per partition and segregate by administrator key separation.

Therefore, Thales Luna HSMs have been implementing best practices in hardware, software, and operations that make deploying HSMs as easy as possible.

Thales Luna HSMs meet stringent design requirements and must pass rigorous product verification testing, followed by real-world application testing to verify the safety and integrity of each device.

The main advantages of Thales HSM Luna are the following:

The keys always remain in the hardware

Protect your most sensitive cryptographic keys in our FIPS 140-2 Level 3 HSMs.

Storing your keys in our high-security vault ensures that they are protected against tampering, unlike alternative solutions on the market.

With the key-in-hardware approach, apps communicate through a client with keys stored in the HSM and the keys never leave the device.

High performance

Benefit from best-in-class performance across a range of algorithms, including ECC, RSA and AES-GCM, to satisfy the most demanding applications and meet service level agreements.

Thales Luna HSM sends email alerts about events affecting the service and support quickly to the application owner.

Next generation capabilities

With an unrivaled combination of features, including central key and policy management, robust encryption support, streamlined onboarding, flexible backup options, remote management and more.

Thales Luna HSM hardware security modules enable organizations to protect against evolving threats and take advantage of emerging opportunities presented in technological advances.

Route in the cloud

Thales Luna HSM supports many deployment scenarios, from on-premises data centers to private, hybrid, public and multi-cloud environments, providing a tremendous amount of flexibility as it allows customers to move keys in and out of cloud environments.

Broad integration ecosystem

HSMs feature one of the broadest ecosystems available on the market and integrate with more than 400 of the most widely used enterprise applications for PKI, blockchain, big data, IoT, code signing, SSL/TLS, post-quantum, web servers, application servers, databases and more. In addition, we offer extensive API support including PKCS #11, Java, OpenSSL, Microsoft, Ruby, Python and Go.

Emerging technologies

Protect against evolving threats and capitalize on emerging technologies including Internet of Things (IoT), Blockchain, Quantum and more.

About Eval

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

Tags data protection, Internet of Things, IoT

Data Protection

Ransomware Protection: Focus on Backup and Recovery

Post author By Editorial Eval
Post date 10 de November de 2021

Ransomware protection has been one of the main challenges faced by companies of all types, sizes and segments, and technology teams must be ready to take all necessary measures to minimize risks and ensure high availability of operations.

In August this year (2021), global consulting firm Accenture suffered a ransomware attack that threatened sensitive data. This made it another victim in a long line of organizations that have suffered from this type of attack in recent months.

Accenture was “lucky”. Prior to the incident, the company implemented security controls and protocols to protect its IT infrastructure against these threats and prepared a response against ransomware attacks.

As far as the company knows, no customer data or sensitive information was compromised after the attack.

However, many other companies have not been so lucky. Ransomware attacks add up to millions in lost revenue, recovery costs and ransom payments.

Even companies with required ransomware protection actions can still fall victim to attacks, a threat that continues to increase as ransomware becomes more sophisticated and adept at infecting backup data.

IT is under increasing pressure to ensure protection against Ransomware

A big challenge for companies that still struggle to implement effective policies and actions that include security, backup and recovery.

This is shown in Veeam’s Data Protection 2021 report, which points out that 58% of enterprise backups fail, leaving data unprotected against cyberattacks and cybercriminals.

Indeed, data backups and recovery procedures are the first line of defense for protection against Ransomware and other threats, but these backups must be fully protected.

This not only includes physical protections such as video surveillance or entry-exit logging, but also comprehensive storage and network security, which can include a wide range of protections.

An IT team, for example, can use vulnerability scanning, network segmentation, multi-factor authentication, network monitoring, intrusion detection systems and anti-malware/anti-ransomware software to ensure the protection of backups performed during companies’ business operations.

For an effective Ransomware protection, keep at least two copies of each backup

Store them on different types of media and locate them somewhere other than the primary network. At least one of these backups should be immutable and kept offline.

With an immutable backup, data can be written only once, usually in a single session, and cannot be updated or deleted, a strategy often referred to as WORM (write once, read many).

Along with these protections, IT teams must also ensure that all systems are patched and updated in a timely manner.

Backup protection should be part of the prevention strategy against ransomware attacks

The first step in preventing ransomware attacks is to review and update backup policies. These policies should reflect what data the organization has, where it is, and the systems that IT teams should recover first in the event of an attack.

Effective policies detail and validate everything that businesses need to back up and when those backups should occur. Perform data backup operations regularly and frequently, with critical data most of the time.

Also, check and analyze backups for infections. In practice, policies should specify how long to retain backups. Remember that ransomware can remain in the background for quite some time.

An organization should have a comprehensive monitor and alert system that tracks the entire technology backend, including endpoint and network environment, looking for anomalies in traffic, data patterns, user behavior and access attempts.

The protection framework created for the backup should be able to automatically respond to ransomware attacks

Such as quarantine of infected systems. These systems can use machine learning and other advanced technologies to identify and mitigate threats.

Ensure end users receive the education and training they need to minimize risky behavior and know what to do if they suspect their machines have been infected.

Don’t forget that IT teams should take all possible measures to reduce the network attack surface and limit the possibility of end-user actions resulting in ransomware.

Finally, to ensure efficient ransomware protection, IT teams should bring clean systems online, check which backups can be safely restored, and then recover data from those structures.

Once the systems are up and running, they should document lessons learned and take all necessary measures to reduce the risk of subsequent ransomware attacks.

CipherTrust Data Security Platform Enables Assertive Investment in Ransomware Protection

According to IDC, more than 175 zetabytes of data will be created by 2025, and today more than half of all corporate data is stored in the cloud.

CipherTrust Transparent Encryption

Encrypts data in on-premises, cloud, database, file, and Big Data environments with comprehensive access controls and detailed data access audit logging that can prevent the most malicious attacks.

CipherTrust Database Protection

CipherTrust Application Data Protection

It offers APIs for developers to quickly add encryption and other cryptographic functions to their applications, while SecOps controls the encryption keys.

CipherTrust Tokenization

CipherTrust Batch Data Transformation

CipherTrust Manager

It centralizes keys, management policies, and data access for all CipherTrust Data Security Platform products and is available in FIPS 140-2 Level 3 compliant physical and virtual formats.

CipherTrust Cloud Key Manager

It offers its own key lifecycle management (BYOK) for many cloud infrastructure, platform, and software-as-a-service providers.

CipherTrust KMIP Server

It centralizes key management for the Key Management Interoperability Protocol (KMIP) commonly used in storage solutions.

CipherTrust TDE Key Manager

Centralizes key management for encryption found in Oracle, SQL and Always Encrypted SQL.

The portfolio of data protection products that make up the CipherTrust Data Security Platform solution enables Ransomware protection for data at rest and in motion across the IT ecosystem, ensuring that the keys to that information are always protected and only under your control.

It simplifies data security, improves operational efficiency, and accelerates compliance time. Regardless of where your data resides.

Tool portfolio that ensures data protection against ransomware attacks

With data protection products from the CipherTrust Data Security Platform, your company can:

Strengthening security and compliance against ransomware attacks

Optimizes the efficiency of the team and resources used to protect against Ransomware

In addition, professional services and partners are available for design, implementation, and training assistance to ensure fast and reliable implementations with minimal staff time.

Reduces total cost of ownership

The CipherTrust Data Security Platform Ransomware Protection portfolio offers a broad set of data security products and solutions that can easily scale, expand to new use cases, and have a proven track record of protecting new and traditional technologies.

With CipherTrust Data Security Platform, companies can prepare their investments for the future while reducing operating costs and capital expenditures.

About EVAL

Innovate now, lead always: get to know Eval’s solutions and services and take your company to the next level.

Eval, safety is value.

Tags data protection, data recovery, Ransomware, ransomware attack

Effectively reduces business and organizational risk

Provides access control in cloud and container environments

Helps reduce the risk of a data breach

Supports compliance initiatives

The keys always remain in the hardware

High performance

Next generation capabilities

Route in the cloud

Broad integration ecosystem

Emerging technologies

Posts recentes

Comentários

Arquivos

Categorias

Where We Are

Rua Paulistânia, nº 381, 2º andar,
Sumarezinho
São Paulo - SP,
ZIP CODE: 05440-000

Contact

(11) 3670 - 3825
(11) 3865 - 1124
[email protected]

Copyright © 2023, EVAL TECNOLOGIA EM INFORMÁTICA. All rights reserved - CNPJ 05.278.889/0001-97