A comprehensive defense-in-depth strategy requires security mechanisms to be applied through the implementation of hardware, software and security policies. Hardware protection includes, but is not limited to, the implementation of next generation firewalls (NGFW), intrusion prevention systems/intrusion detection systems (IPS/IDS) and secure Web gateways (SWG). Software-based protection is done through anti-virus software deployments, automated patch management or tools for Internet monitoring. Finally, no defense-in-depth strategy would be complete without the implementation of strong security policies that prescribe processes for incident reporting, service and system audits, and security awareness training.
Verisign Champions Cybersecurity Awareness in October
Cybersecurity is no longer a concern for just IT and security professionals. Recent breaches at organizations like Sony, Target, JP Morgan Chase, and numerous U.S. government entities have brought the issue of cyber-attacks very close to home. If you bank online, use your debit card at a local store or engage in any activity that relies on an Internet-connected system, you are at risk.
Verisign iDefense Analysis of XcodeGhost
Background
Thinking Ahead on Privacy in the Domain Name System
Earlier this year, I wrote about a recent enhancement to privacy in the Domain Name System (DNS) called qname-minimization. Following the principle of minimum disclosure, this enhancement reduces the information content of a DNS query to the minimum necessary to get either an authoritative response from a name server, or a referral to another name server. This is some additional text.
In typical DNS deployments, queries sent to an authoritative name server originate at a recursive name server that acts on behalf of a community of users, for instance, employees at a company or subscribers at an Internet Service Provider (ISP). A recursive name server maintains a cache of previous responses, and only sends queries to an authoritative name server when it doesn’t have a recent response in its cache. As a result, DNS query traffic from a recursive name server to an authoritative name server corresponds to samples of a community’s browsing patterns. Therefore, qname-minimization may be an adequate starting point to address privacy concerns for these exchanges, both in terms of information available to outside parties and to the authoritative name server.
Introducing Verisign Public DNS: A Free Recursive DNS Service That Respects Your Privacy
There are two types of information that can be found online about you: the information you intentionally post and the information that is automatically collected.
The information that you intentionally post is what you want everyone to know about you. Your professional life is documented on LinkedIn. Your social activities with friends and family are chronicled on Facebook. You alert the world of your immediate thoughts on Twitter. You even choose to provide your address and credit card information when buying things online. All of this personal information about you is deliberately posted and collected with your consent.
Protect Your Network from BYOD Malware Threats with the Verisign DNS Firewall
Today’s new age of ubiquitous connectivity has created an insatiable and growing demand among employees and consumers to be online with familiar systems and tools at all times. Employees are no longer satisfied with the limited choices in devices and tools provided to them by their corporate IT organizations. They want to use what they want,when they want. They believe that choosing their own devices and tools provides them with the highest level of comfort and efficiency. This desire to use personal devices in work environments, referred to as “bring your own device (BYOD),” coupled with the growing cyber-attack surface, poses significant challenges to IT organizations. These challenges are leading such organizations to ask themselves – Are we ready to support BYOD?
Is Your E-Commerce Site Ready for the Holidays?
Even though summer is just heating up, internet retailers already have visions of dollar signs dancing in their heads as they prepare for the onslaught of holiday web traffic that will soon ring in the 2015 holiday season. However, much of their focus is on marketing, and not the critical security measures they need to have in place to help keep their customers safe and satisfied as they shop online during the holidays.
As we have seen from the numerous security breaches and cyberattacks reported during last year’s holiday season, understanding the threat landscape and putting appropriate mitigation plans in place is critical to a business’s revenue and reputation. Just one hour of network downtime due to an outage or malicious attack can have far reaching consequences for a retailer, especially during the holidays.
Introducing the Verisign DNS Firewall
Defending against cyber threats is not only critical, but increasingly difficult and expensive. Just a quick glance at today’s news headlines and it is clear that these threats present numerous challenges to Internet users and the organizations that both serve and employ them. For example, in 2014, McAfee Labs observed a 75 percent year-over-year increase in new malware equating to 387 new threats per minute. Further, the Ponemon Institute estimates the average data breach costs large organizations $3.8 million per event.
Most solutions either require extensive investment or do not meet an organization’s constantly evolving needs. Traditional, appliance-based security solutions can require organizations to shell out considerable amounts of money, both in up-front capital expenditure and in on-going maintenance fees. Conversely, many managed cloud-based offerings do not provide the critical capability to customize the solution based on an organization’s specific business environment and security needs. Finally, do-it-yourself (DIY) open-source solutions suffer from constant patching and maintenance problems.
Enter the Verisign DNS Firewall, an easy-to-configure, cost effective managed cloud-based service that offers robust protection from unwanted content, malware and advanced persistent threats (APTs), delivered with the ability to customize filtering to suit an organization’s unique needs.
Verisign Named to the Online Trust Alliance’s 2015 Honor Roll
Verisign is excited to announce that we made the Online Trust Alliance’s (OTA) 2015 Honor Roll for showing a commitment to best practices in security, privacy and consumer protection. This is the third consecutive year that Verisign has received this honor.
3 Key Steps for SMBs to Protect Their Website and Critical Internet Services
The National Small Business Association (NBSA) recently released a report revealing that half of all small businesses have been the victim of a cyber-attack – and the cost of dealing with these attacks has skyrocketed to $20,752 per attack. In about a third of attacks, the victim’s website was taken down, often for days. The impact of such outages cannot be measured by the immediate lost revenue alone, as the long term impact of the harm to your reputation and customer loss cannot be easily calculated.