In a world where organisational endpoints leave the office, and employers are increasingly allowing employees to work remotely, the risk that these endpoints pose when connecting to the corporate network is immense. This has brought some significant consequences from a security perspective, with these devices expanding the network perimeter and thus making it more vulnerable.
“Digital transformation has led to endpoints being able to connect anywhere, anytime, which increases their risk of attack,” says Stefan van de Giessen, general manager of cybersecurity at value-added distributor Networks Unlimited Africa. “Because employees also use these devices for personal consumption and are bypassing network controls and policies, organisations cannot control them outside their VPNs. Simply put: more devices logged into a network brings a greater need for endpoint security.”
Endpoint security, which focuses on individual devices, plays a very important role in network security overall, addressing how the devices interact, and the connected pathways between them. Because endpoints offer gateways to a network, we can see why it is important to safeguard them against those of ill intent, who attempt to gain entry into the network in order to steal information through malware, or shut the network down through distributed denial of service attacks (DDoS), and/or hold the network to ransom.
How to protect your endpoints in this BYOD world?
Endpoints in the mobile world offer vulnerabilities because employees operating their own devices may not always be empowered to run the latest software and operating systems, or aware of suspicious activity and attacks. This clearly makes the ‘bring your own device’ (BYOD) arena a key vulnerability.
Endpoint security ensures that employees are following the right security protocols and that all devices are running on updated systems and programs, which will help prevent security breaches.
Networks Unlimited Africa says it offers a combination of unfiltered data collection, predictive analytics, and cloud-based delivery to provide endpoint protection that puts the network operator back in control.
“Endpoint protection technologies give organisations the ability to detect and respond to security events within their environments,” he says. “It takes a number of different security technologies to enable a complete endpoint security stack. The good news is that, while attackers have multiple tools for exploiting endpoints, organisations also have a number of solutions that can be used to make up a complete endpoint security stack.”
Tools that can be used in the complete endpoint security stack include:
- Endpoint protection platform (EPP): the goal is to prevent code execution and technologies include anti-virus (AV) and anti-malware technologies that aim to block malicious code from running on endpoints, as well as encryption and data loss prevention (DLP) capabilities.
- Endpoint detection and response (EDR): EDR gives organisations the ability to see what’s happening on an endpoint and adds to a security professional’s information over and above the EPP. Capabilities commonly found in EDR include a recording system, behaviour detection capabilities, data search, suspicious activity detection and response capabilities.
- Application whitelisting:Application whitelisting can be beneficial for static servers or point-of-sale (POS) systems that are intended to be limited to certain range of tasks.
- Privilege management:Privileged accounts include local administrator accounts as well as domain-level accounts, and the protection of privileged accounts is a core element of endpoint security.
- Vulnerability and patch management: Vulnerability management technology is used to identify unknown security vulnerabilities within an organisation. Patch management follows on from vulnerability management, as security managers can only patch the vulnerabilities that they know about.
- OS hardening: Organisations can take multiple steps to harden desktop operating systems to make it harder for attackers to compromise.
- Deception: Deception is an early indicator of threat actors in your environment. Deception technologies present bogus credentials and services to an attacker. When the deception services are attacked, the organisation is alerted and can take additional steps to limit risks and protect the rest of their environment.
- Central alerting and monitoring: Visibility into alerts from a central location is key to being able to respond timeously, and having the ability to ingest alerts from across an enterprise infrastructure is critical.
Van de Giessen says: “Endpoint protection technologies give organisations the ability to detect and respond to security events, but must tackle issues such as insufficient security controls, poor patch management and lack of environment hardening in order to avoid compromise. As a result, network security professionals need to use different types of endpoint security methodologies in order to prepare a holistic defence stack in order to detect, prevent and respond to the most advanced endpoint cyberattacks.”
Samsung enters 2020 with six new smartphones
With six new devices, Samsung has started 2020 on the right foot and in the right direction with strong devices at attractive price points, writes BRYAN TURNER.
In Johannesburg this week, Samsung unveiled six new devices, five of which aim to simplify the various Samsung Galaxy lineups.
The most notable new handset, the Galaxy Note10 Lite, has arrived in South Africa – and in record time. The device was unveiled at CES 2020 in Las Vegas only two weeks ago, and is expected to launch in South Africa in the next two weeks.
The Note10 Lite shaves off a few arguably non-essential features from the Note10 to make Note features accessible to more South Africans. These features include wireless charging, waterproofing and a curved screen. Other than that, the Note10 Lite still features the iconic S-Pen, including all the cool features of the new S-Pen. Of course, the Lite comes in at around R7000 less than its more feature-rich sibling, which is a huge price drop considering the three non-vital features it sacrificed.
For a full specs list of the features of the Note10 Lite, please read our launch coverage from CES 2020.
“We have to be able to support the customers with better memory and better battery,” says Justin Hume, director of integrated mobility at Samsung South Africa. “128GB storage becomes fairly standardised across the range. From a battery perspective, we now see 5000 milliamp batteries making an appearance on A21 and A31 product. So you can see the customer is truly getting great value for their money there. But as we focus on those products, we are also introducing a brand new product into the range, which is the Note 10 Lite and we are making the S-Pen more accessible to everyday South Africans.”
Samsung’s extensive lineups, the Galaxy S, A, J, and Z lines, were understandable because they were all set at their own price points. For a while, it made sense that the Galaxy S range were the flagships, the Galaxy A range was the high-mid range devices, the Galaxy J devices were mid-range, and the Galaxy Z devices were entry-level.
Until they weren’t. When Galaxy Z devices from 2017 started being better than Galaxy A devices from 2018, it became apparent that technology was moving forward way too quickly to have so many lines. Consumers also became confused because the Galaxy A devices were supposed to hold a level of status that was shared with the Galaxy Z range just a year later.
Last year, Samsung reduced its device line to Galaxy S for its flagships and Galaxy A for everything else. It now launches devices under the A prefix with a numbered suffix indicating the level of its specifications. The new lineup started taking shape with the Galaxy devices last year with the Galaxy A50 and Galaxy A70, and consolidated the Z and J devices to the Galaxy A10, A20, and A30.
This year, Samsung has announced the Galaxy A11, A21, A31, A51 and A71, which provide a clear indication of which devices they will be succeeding. The devices will be released throughout 2020, staggered over the next few months until July.
The Galaxy A11 will feature a large 6.4-inch screen with an Infinity-O display, which is a punch hole for the front camera. On this device, the punch hole will be on the corner of the screen, instead of in the middle as with the Note10 handsets.
For an entry-level device, it’s surprising to see a triple camera array with a 13MP main sensor, an 8MP ultrawide lens, and a 2MP depth-sensing camera for portrait mode pictures. It will also support 15W fast-charging and features a 4000mAh battery. It will start at R2999 for the 32GB version and will be available in July 2020.
The Galaxy A21 shows off a slightly larger 6.5-inch screen and a triple rear camera system as well, but ups the ante with a 48MP main rear sensor. The battery will also be a whopping 5000mAh, with 15W fast charging as well. It will start at R3499 for the 32GB version and will be available in June 2020.
The Galaxy A31 will go back to 2019 roots with its display featuring an Infinity-U display, which is a tear-drop notch in the middle for the front camera. What users will get from the display is an in-screen fingerprint sensor, which can unlock the phone by reading one’s fingerprint through the display.
It will pack another camera in the array. It will feature the familiar 48MP and 8MP ultrawide lenses, with an upgraded 5MP depth sensor and a 5MP macro lens for taking sharper close-up shots. It will also feature the massive 5000mAh battery as in the A21, with 15W fast charging support. It will start at R5499 for the 128GB version and will be available in May 2020.
The Galaxy A51, which we will be providing a review of soon, gets closer to the flagships with some impressive features, like the quad-camera array in the A31, as well as a wide-angle 32MP selfie camera. It features an Infinity-O display, with a punch hole in the centre like the Note10. It also houses Samsung’s Exynos 9611 CPU, which is suitable for playing graphically intensive games. It starts at R6999 for the 128GB version and is available now.
The Galaxy A71, which is right below the Galaxy S10 in the line of devices, features a Qualcomm Snapdragon 730, which also translates to having a better graphics processor and a better gaming experience. It will feature a similar quad-camera array with a 64MP main sensor. It starts at R8999 for the 128GB version and will be available from February.
Samsung has shown off its strong competitive by revealing so many products at the beginning of the year. This will be an interesting year in the mid-range handset space, now that Samsung is pulling out the stops to put so much value into its mid-range devices.
Security issues grow with transition to smart TVs
You can’t picture a modern home without smart equipment. Smart thermostats, smart refrigerators, robot vacuums, and smart TVs won’t surprise anyone these days. For example, around 70% of the TVs being sold worldwide are smart TVs. Although they bring more entertainment, these devices also carry new digital threats.
Sometimes people forget that smart TVs are as vulnerable to cybercrime as their smartphones and computers. Daniel Markuson, the digital privacy expert at NordVPN, says that “although smart TVs are connected to the internet and have similar functions to computers, they aren’t equipped with the same security tools, which makes them easy prey for hackers.”
What’s so scary about your TV getting hacked? As smart TVs gain more features, the amount of your private information they handle increases too. TVs aren’t just for watching movies and shows anymore. Now you can use them for web browsing, streaming video content, gaming, and even shopping online.
To enjoy your smart TV to the fullest, you need to download various apps and games. These cost money, so you need your credit card details filled in. Putting your financial information, logins, and passwords on your TV makes it an appealing target for hacking.
According to Daniel Markuson, a smart TV can be used to spy on its users. Hackers can access its camera and microphone through malware, which they can slip into your TV when it is connected to Wi-Fi. They can use footage from your bedroom or living room to blackmail you and your family. By watching your home and listening to your conversations, hackers know what goods you have, where you keep them when you’re away, and what your plans are.
If you use your smart TV for web browsing, you can infect it with various viruses too, says the digital privacy expert at NordVPN. Like computers, smart TVs run on software, but they don’t have the same strong antivirus and firewall systems installed. Once your TV gets infected, your browsing history, passwords, and other private data become accessible to hackers. And they won’t miss the opportunity to use this information in ransomware attacks.
Even though smart TVs are vulnerable to cyber threats, Daniel Markuson says there is no need to panic yet. The expert names a few simple principles every smart TV owner should follow to protect their device.
Always update your TV’s software whenever a new version becomes available. The expert says that software updates are crucial for cybersecurity as manufacturers do their best to patch vulnerabilities. Updates often repair security flaws, fix or remove various bugs, add new features, and improve the existing ones. Some TVs install updates automatically by default. With others, you may need to check for updates periodically to make sure your device runs on the latest version.
Use available security measures such as a VPN. The best practice for any internet-connected device is to install a firewall and use a VPN such as NordVPN. It secures your device and lets you enjoy fast internet access with encryption-powered privacy.
Connect your smart TV to the internet only when needed. It isn’t necessary to have your TV connected to Wi-Fi all the time. To make it less vulnerable to hacker attacks, turn on the Wi-Fi connection only when you are using it.
Download apps from official stores only. Do not install any programs and games from unofficial sources on your smart TV. Make sure that both the app and its provider are reliable. Moreover, if an application asks for access to your data, camera, or microphone that isn’t necessary for its operation, never accept it.
Be careful with personal files and financial data. Shopping online on a big smart TV screen might be fun, but be careful providing your credit card details and other sensitive information this way. Although some manufacturers equip their TV sets with security features, they cannot guarantee safety online. “People who synchronize their smart TVs with their computers to access compatible media content should be especially cautious,” warns Daniel Markuson. The connection between your smart TV and your computer can be a weak link and lead to a data breach.
Use strong Wi-Fi passwords. This practice is the most obvious and the easiest to follow. Create a strong password to protect your Wi-Fi connection at home and don’t share it with any outsiders.
Turn off your TV camera when not in use. Whether it’s a built-in camera or the one connected to a TV via Wi-Fi, turn it off when not using it. If you can’t turn off your camera, use a piece of tape or a sticker over the camera lens to cover it.