Thanks to the COVID-19 pandemic, working remotely is now a new normal for most businesses across the world. While keeping the workforce safe from the pandemic, this rapid shift to remote work culture is also blurring the boundary between our professional and personal lives. Many employees are now struggling to provide childcare during work hours, while some are using their personal devices to fulfill their work duties. This shift is changing the role of IT security and employers are now bending over backward to ensure a secure work environment for their growing remote workforce. But how exactly how is this changing network boundary posing new security risks? Let us find out. The Changing Network Boundary and BYOD Pose New Security Concerns Cybersecurity risks are looming everywhere and securing remote workplaces require extra stringent policies in place. Here are some common issues faced by employers due to this sudden transition to a remote workforce: Uninterrupted Connectivity: Businesses must ensure their remote workers are constantly connected to the corporate network. This means the VPN is always accessible, and there are no hardware or software-related issues. Most organizations are now forced to move away from a traditional data center environment and [...]
About Gareth PeakThis author has not yet filled in any details.
So far Gareth Peak has created 7 blog entries.
Dreamtime attended the excellent pop up Art Expo held by Willyama as part of NAIDOC Week. We will be proudly displaying this amazing piece by #selinanumina in our offices for everyone to enjoy!
Background We have a client who we provide a base level service to. We are responsible for ensuring their desktops are operational and their employees have the capability to log in to their emails, with all other services being provided by another agency. What Happened Recently, we received a call from one of their employees stating that their emails had stopped working. After some initial investigation it was discovered that Microsoft had blocked their account due to the fact that it had hit the threshold for emails being auto-forwarded. This piqued the interest of our security analyst who investigated further and discovered that emails were being forwarded from the O365 account to a gmail account since 15 July. After discussing with the client, this email address was not known to them. Our analyst then disabled the rule within their email account and examined their emails for anything suspicious that may have arrived around the date the rule was first created. This is when our analyst discovered this little gem: As you can see, the email preys on the complacency of users by telling them they can bypass password change requirements by clicking on the link and logging in. This [...]
Weak and stolen passwords are the number one reason for data breaches globally. This has introduced specific password alternatives like biometrics, Single Sign-On Sessions (SSO), pin codes, Magic links, and physical keys to the forefront of the digital world. However, as great as these alternatives are and as breach-prone, the traditional passwords may be, passwords still dominate the world of cybersecurity.Since password management is evolving rapidly, new ways of keeping passwords secure are being introduced. Let us explore a few tips that can help safeguard passwords and make you re-think about password security.Create Strong Passwords with Long PassphrasesThe Australian Cyber Security Centre (ACSC) recommends coming up with long passphrases that are easy to remember but difficult to guess. Strong passwords are at least fourteen characters in length and represent a combination of both uppercase and lowercase letters along with symbols. It is also worth noting that the passwords should not be so complicated that they force the users to write them down everywhere. The best practice is to create a passphrase as if it is representing a story or use a PAO (Person-Action-Object) terminology. As an example, you can take the first letters of each word from the sentence “a crazy white fox is jumping over a [...]
Enterprise security and resource management are of utmost importance for any organisation these days. Application whitelisting is a proactive threat mitigation technique that allows pre-authorised programs or software to run while all the others are blocked by default. Benefits of Application Whitelisting Along with security controls, application whitelisting also provides the added benefit of providing resource management within a network. Since only whitelisted applications can run, system crashes and lags are considerably reduced even if the demand for network resources scales up. This technology was originally developed to prevent the usage of unauthorised or unlicensed software. However, with the advent of cyber threats, unauthorised downloads, malware, adware, and malicious email attachments, this technology has demonstrated its efficacy in the prevention of security attacks and unauthorised file executions as well. Last but not the least, it also keeps an inventory of applications and versions installed on your network. How Application Whitelisting Works In stark contrast with traditional blacklisting used by most antiviruses where certain applications are fully blocked, application whitelisting places control over which programs can run on a given machine or network in the hands of the administrators. Any program that wishes to run is then matched against a [...]
As COVID-19 (coronavirus) continuous to disrupt our lifestyles and hurt economies worldwide, it has also made organisations vulnerable to cybersecurity risks as employees continue to work remotely. Almost 7 months have passed and Covid-19 has turned into a global pandemic posing a major health crisis to countries across the globe. Organisations have had to take measures to ensure the well-being of their staff and keep their services running for customers at the same time. Due to this, having employees work-from-home has become the new norm. This pandemic has in many ways opened doors of new opportunities and possibilities for the corporate world. While the health crisis is a concern, there are a host of benefits that both employees and employers can experience that comes along with remote-working. The benefits employees enjoy while working-remotely can include: Comfortable working environment. More time with family. Cost savings on travel Casual dress-code Limited supervision and so on. While on the other hand, the benefits companies enjoy while their employee work-from-home includes: Low-operational costs. Costs savings on electricity bills. Low hardware operational-costs. Increased productivity, studies have found employees that work-remotely is 35%-40% more active and productive than employees who work in the office. In light of [...]
The process of indigenous procurement can be confusing for many businesses and organisations. In this article, we provide answers to many of the burning questions you may have around this topic. Reach out to us if we haven't answered a question for you. How do the commonwealth procurement rules support indigenous procurement? Exemption 16 of the Commonwealth Procurement Rules (CPR) enables Commonwealth buyers to purchase directly from Indigenous small and medium enterprises (SMEs) for contracts of any size and value. Under this exemption, value for money must still be determined but this can be done through a simple quote process. What is the indigenous procurement policy (IPP)? The IPP gives direction to procurement officers on when Exemption 16 to the CPR’s must be considered. The IPP has three parts: A target for the number of contracts to be awarded to Indigenous businesses. A mandatory set-aside of contracts valued between $80,000 to $200,000 and all remote contracts. Indigenous participation requirements for Indigenous employment and/or supplier used in contracts valued at $7.5 million or more in specified sectors. What is an indigenous business? Under the policy, an Indigenous business is any business that is 50 per cent or more Indigenous-owned. Supply [...]