Have you seen nCipher’s latest case studies?

Have you seen nCipher’s latest case studies?

If you haven’t checked out nCipher’s customer page, now’s the time. In the past few months, we’ve posted case studies involving some pretty unique organizations. More on each below:

Zerto

Zerto is an Israeli company selling a single solution that combines disaster recovery, backup, and cloud mobility (aka ‘IT resilience’).

have you seen

Zerto’s solution is specifically geared towards customers operating in hybrid and multi-clouds environments. As a top provider of IT resilience software, Zerto needed to ensure its own business systems were airtight. The most effective strategy for doing so was to guarantee its PKI was trusted. For its PKI to be trusted, the team also had to ensure the integrity of its CAs (certificate authorities), the credentials used to establish one’s identity and which underpin the security of a PKI. Currently, the best practice for securing CAs is to use an HSM. HSMs, which offer an independently certified, tamper-resistant environment, are an integral part of securing sensitive keys and business processes.

After weighing its options, the Zerto team selected the nShield Solo. Zerto, which has worked with more than one HSM vendor, cited the nShield’s implementation and support, ease of use, and GUI as deciding factors. While Zerto does not share its quantifiable results from the nShield implementation, the team stated ‘having the nShield Solo HSM securing our CAs provides us with peace of mind’.

itAgile

itAgile is an Italian provider of digital document and signature solutions.

One of ItAgile’s solutions, PrimeCert, enables its customers (other businesses) to meet eIDAS (a strict European regulation which establishes a framework for legally binding electronic transactions that facilitate cross-border business throughout the EU) requirements, become trusted service providers or TSPs, and get to market more quickly.

The PrimeCert solution incorporates certificate authorities (CAs), the digital credentials used to certify the identity of users. Well aware that CAs are often the focus of targeted attacks, the itAgile team sought to secure the solution with physical and logical controls, as well as an HSM. After considering its options, itAgile chose nCipher. ItAgile cited as attractive selling points the nShield Solo’s Common Criteria EAL4+ certification, and recognition as a Qualified Signature Creation Devices (QSCDs). ItAgile also noted the nCipher HSMs ‘are dependable and last for many years’. Said Gianni Sandrucci, itAgile CEO, “We know the nShield Solo; it’s a foundational component of the system. The system is successful, and it’s been a positive experience working with the nCipher team and its nShield HSM, allowing us to achieve a short time to market and to recover our costs.”

Memjet

Memjet is a U.S. and Australian designer and developer of modular printing technology that includes printheads, inks, data paths, and modules. The company sells its technology to original-design-and-original-equipment-manufacturing (ODM/OEM) partners, who then integrate Memjet’s technology into their custom-built printing solutions. Since it operates off an ODM/OEM model, Memjet needs to securely support remote manufacturing, where new Memjet-powered printers are created. Doing so involves adding quality assurance chips into printer modules and components, so that Memjet can ensure authentic and appropriate components and consumables are used with a given model, family, or brand of printer.

During the remote manufacturing process, the chip is configured to give the printer or component its unique identity and attribute set. This component is generated securely and digitally signed prior to installation at the remote ODM/OEM facilities using an nShield HSM. Memjet called the solution ‘state of the art’ and the company’s senior director of Information Security said, “I don’t know that we could do what we do with software and have the kind of security we’re looking for without the nShield HSMs.”

Memjet also wanted to refresh its back-office cryptographic key management and signing infrastructure and was able to use nShield HSMs for this project too. Memjet sang the praises of the nCipher sales team, and our overall support and availability.

Interested in learning more about nCipher? Follow us on Twitter, LinkedIn, and Facebook.

‘Where in the World is Peter Carlisle’: 2019 travel milestones (to date)

‘Where in the World is Peter Carlisle’: 2019 travel milestones (to date)

It’s been a busy year for Peter Carlisle, nCipher Security’s VP of Global Sales. In honour of his 10th ‘Where in the World is Peter Carlisle’ blog (Las Vegas), we decided to check in on his 2019 travel milestones and ask some questions about his non-stop global adventures. First, a handy chart:

Item Number Comment
Miles Traveled 168,000 7 times around the world
Nights away 91 Of a 212 day period so around 43% of the year to date
Nights in the air 17 Am learning to sleep on-board – but it doesn’t come naturally
Nights in Hotels 74 2.5 months of the year so far or about a third of the available days
Number of flights 52 At 2 hours per flight, plus a few delays it means over 100 hours in airports – or nearly 3 working weeks
Hours in the air 378 That’s 16 x 24 hour days or almost 10 x 40 hour working weeks
Hotel check-ins 33 Will do anything to beat the queue!
Countries visited 12 Uruguay, Argentina, USA, Australia, Japan, Hong Kong, Vietnam, Netherlands, Italy, Qatar, UK, Germany
US states visited 8 Florida, California, Georgia, Ohio, Kentucky, Minnesota, Arizona, Illinois
Continents Visited 6 Just Antarctica to go!

nCipher: How do you feel about your carbon footprint?

where-in-the-world

PC: Well, it’s something I think about a lot and I do worry about being responsible in this area. I would never make a long journey for a single meeting so I always maximise my time abroad by filling my calendar with as many engagements as possible. This means seeing customers, partners and spending time with the local nCipher team. I find I use all the available hours and have conversations at breakfast, lunch, dinner and all points in between. I know that we have technology that can support conference calls and video calls and make it easier to connect remotely, but there will always be a value in face-to-face contact. It’s often the unplanned, informal moments that deliver the value on a trip and those don’t happen on conference calls. All of our meaningful relationships as individuals tend to be founded on face-to-face engagement. I’m thinking here of family, close friends and partners. I don’t see that we should expect business relationships to work without the human touch. I see regularly how much it means to customers to have a senior executive take time out to come and engage first hand and I know that my team values the opportunity to spend time with me when I am on the road. It certainly helps me to get to know my team as individuals, which I believe is important.

nCipher: What some of the things you do to maximise your effectiveness when you travel?

where-in-the-world

PC: I like to try and soak up as much of the atmosphere and culture of anywhere I go, even it’s a short trip. That means NOT staying at the airport, but making my way downtown. I always eat local as well, since it gives an insight into how things work; watching behaviour and body language is a great learning tool. I try to minimise my time spent on calls back to the office as that distracts me from my local focus. My aim is to have as much “face time” as possible when I am on the road as, for me, that is the key opportunity that travel gives me. Finding time to have a walk around and soak up the sights and atmosphere is important to me too. It helps me physically if I have been on a long flight, helps me get my thoughts and plans for the trip in order and also gives me the chance to see a little of the local culture up close.

nCipher: What tips do you have for other business travellers?

PC: Travel light: It’s always got to be hand luggage only. Waiting for luggage at the carousel or queuing to check in a bag are two big time wasters – would literally cost me days over the course of a year. So get a strong lightweight case and pack only what you really need. A check of the weather forecast for your destination is usually a smart thing to do, it can help remind you not to pack a raincoat for that trip to Dubai!

where-in-the-world

Look after your eyes: Crossing time zones and having disrupted sleep patterns can be hard on the eyes. Always have your sunglasses on hand and pack a good quality eye product to soothe away any shadows. For me it’s Kiehl’s Eye De-Puffer and my folding Persol shades!

Perhaps most importantly – focus on the moment. When you are on the move constantly and juggling a lot of balls it’s tempting to be looking ahead at the next thing or next destination. Try and focus on the place you are right now and the people you are with. That’s the key to maximising value from travel and in making the most of time at home in between trips. It’s also the best way to avoid jet lag!

nCipher: Travelling as much as you do there must be things that you find annoying?

where-in-the-world

PC: Airports tend to be busy, noisy places and a lot of people get very stressed with the demands of modern travel which can create a challenging environment. As a regular traveller I plan ahead for the airport and do everything I can to speed my way through all the various roadblocks that can crop up. So I’m afraid I can be impatient with those who are less prepared! My big bugbear is people who appear to know nothing about the security screening process and act bewildered when asked to take toiletries and electronics out their bags despite having passed dozens of graphic signs and watched everyone else ahead in the line do the exact same thing. My family find travelling with me a mixed blessing. On the one hand they find my familiarity with all the procedures reassuring but, on the other hand, they know that if one of them slows us down with a forgotten water bottle in the hand luggage they will hear about it from me!

nCipher: Has anything unusual happened on your travels this year?

where-in-the-world

PC: There have been plenty of memorable moments this year. Here’s one that still makes me smile: I had a room on the 35th floor when I stayed in Melbourne. It had a wonderful view over the famous sports grounds and river.

I figured that as no-one could possibly overlook my room I would leave the blinds open so that the dawn light would help me wake up.

I woke at first light around 5:30am and stood by the window with a coffee in hand contemplating the day ahead. I was pretty surprised when a hot air balloon with 20 or so sightseers passed right by the window. Mind you – to be fair – probably not as surprised as they were as I hadn’t got fully round to getting dressed!

nCipher: You stay in a lot of hotels – what makes for a good one in your book?

PC: I have pretty straightforward needs when it comes to hotels – but there are three things that I always look for:

  1. Being able to open a window and have some fresh air (too much air conditioning gets uncomfortable after a while)
  2. The ability to make a really good cup of coffee in my room when I wake up (so love to see a Nespresso in the cupboard!)
  3. A proper powerful shower in a cubicle (I hate curtains over the bath!).

If I have those things, then we’re off to a good start. A good view out of the window lifts the spirits as well!

nCipher: Any plans to slow down this year after such a busy few months?

where-in-the-world

PC: No, not at all. I will be travelling in Europe in September and then I have nCipher’s Channel Partner Conferences to host in October which will take me around the world with one in Amsterdam, one in Ho Chi Minh City and one in New Orleans. Hong Kong is already on the agenda for November so it doesn’t look like I will be doing much sitting around.

nCipher: Do you enjoy your role with its challenging schedule?

PC: I’m very lucky to be able to do what I do. I have been to many amazing places and had the opportunity to meet and spend time with a vast spectrum of people. I’ve always enjoyed travel and the fact that I can incorporate that into my work life is a real bonus.

When I look back on the last few years at all the great memories I have, all the customer projects we’ve delivered and all the fun along the way I can only feel privileged.

nCipher: And finally, if you were to write a song for your blues band about your travel experiences what might that be?

where-in-the-world

PC: I think I already have that covered. Almost all of the time I enjoy my time on the road, but, just occasionally, I get the feeling that it’s time to get back home and away from all the hustle and bustle. There is a song on the forthcoming Sloe Train album called “Feel Like Going Home” which sums up that feeling!

If you’d like to learn even more about Peter, please visit his LinkedIn page. If you’d like to learn more about nCipher, please follow the company on Twitter, LinkedIn, and Facebook.

Highlights from the nCipher 2019 South Korea Encryption Trends Study

Highlights from the nCipher 2019 South Korea Encryption Trends Study

Jim DeLorenzo | Solutions Marketing Manager More About This Author >

This week, nCipher issued the results of its 2019 Korea Encryption Trends Study from the Ponemon Institute. The report, which polled hundreds of South Korean respondents, was a mixed bag of positive and concerning developments.

In South Korea, only 37% of companies have an encryption strategy – a surprising number when considering South Korean organizations must adhere to one of the strictest data protection regulations in the world, the Personal Information Protection Act (PIPA). The finding is especially notable when compared to the global number (45%), Germany (67%), the United States (65%), Australia (51%), and the United Kingdom (50%).

highlights-from-the-nCipher-2019

But, there are also encouraging findings: As South Korean organizations adopt the public cloud, the IoT, and virtualized containers like Docker, they are also embracing encryption to protect their applications and sensitive information. Over two-thirds (67%) of South Korean organizations are transferring data to the cloud, which is driving both more encryption, and higher use of hardware security modules (HSMs) to protect encryption keys. Half (51%) of South Korean organizations are utilizing HSMs, a number that ranks above the global average.

Over half (53%) of the respondents use encryption to protect cloud gateways, and 40% to protect public cloud services. Over one-third (38%) use HSMs for public cloud encryption, and 41% plan to use HSMs for this purpose in the next 12 months. This is notable, especially when considering the global figure of 33%. Also significant are the 38% using encryption to protect IoT platforms and data repositories, and the 32% using encryption to protect IoT devices.

While the percentage of organizations embracing encryption may not be as high as expected, it’s evident South Korean organizations are attuned to the importance of protecting sensitive data. Almost three-fourths (70%) list the protection of intellectual property as the number one driver for implementing an encryption strategy, followed by protecting customer personal information (53%).

Ultimately, encryption usage is a clear indicator of a strong security posture. Organizations that deploy encryption are more aware of threats to sensitive and confidential information and are making a greater investment in IT security. As South Korean organizations continue to embrace established and emerging technologies, it’s reasonable to expect that investment will grow even larger.

Questions or comments? Download the report here. You can also follow nCipher on Twitter, LinkedIn, and Facebook

Why HSMs are different than safes

Why HSMs are different than safes

Brad Beutlich More About This Author >

The Great Pyramids of Giza in Egypt are probably the first safes ever constructed. They were built as tributes to and the final resting place of three Egyptian pharaohs. They had very complicated locking mechanisms that didn’t work since sometime between 2500 BC and the 18th century, their contents were removed. Still, you have to give the Egyptians credit for being the first to create a workable safe. Fast forward to the 1800s and the first combination lock safe was invented. In any case, a safe is designed to secure something of physical value so that only authorized people can and unauthorized people can’t access its contents.

Jump ahead to the late 20th century and the advent of securing digital information so that only authorized people can access the information. It wasn’t a stretch to use the analogy of a safe to conjure up an image that everyone could understand. Hardware Security Modules (HSMs) and safes have had a shared vision from the start. Early HSMs took this analogy to heart by using physical keys in locks to secure the digital contents.

why HSM are different

Early on, technologists should have divorced themselves from the “safe” analogy but due to its ease of description to the accountants, most kept propagating this image. In reality, a safe and an HSM are very different and only a discussion of the differences (in order to discredit the analogy) should be addressed.

As stated earlier, a safe is designed to secure something of value so that the owner of the item knows where it is at all times and can take comfort that it’s not being stolen. A safe is very binary: an item is inside the safe and therefore secure OR the item is outside the safe. Once the item is outside the safe, the safe plays no additional role in its security.

An HSM is a complicated piece of technology that performs two basic functions: it creates cryptographic elements through complex mathematical equations involving large prime numbers, modal properties and random numbers. Once these cryptographic elements are created, the HSM then provides the mechanism (working with other applications like SQL, Oracle, Microsoft, etc.) to use these elements. The use of these elements does include the protection of the keys but not the storage of same. This single sentence demonstrates the difference between a safe and an HSM. Storage is binary, protection is non-binary.

If we were to examine the physical safe analogy in a logical world, the safe would be opening and closing multiple times every second. For a hacker, less than a second of vulnerability is all they need to wreak havoc on a corporation’s data. See the problem? This is why an HSM should be more considered a safe place to perform crypto functions.

An HSM is far from binary. Contents of an HSM are stored inside the HSM, used by applications inside the HSM, used by applications outside the HSM, modified within the HSM, extracted from the HSM, created inside the HSM and a long list of other very complicated tasks. And unlike a safe, an HSM is also designed to secure its contents when the item is outside the HSM. Even the Egyptians didn’t think of that one. With all that an HSM must do, comparing an HSM to a safe simply isn’t valid.

It is because this analogy isn’t valid that any discussion whereby an HSM’s security is defined simply by its key storage within the HSM is overly simplistic to the complexities of its intended use. Crypto is complicated and those trying to use it are constantly trying to find ways of simplifying the discussion, especially to the people writing the check. Many of the simplified analogies used when explaining crypto are quite acceptable but the simplification of an HSM to a thick steel box with a large handle, spinning dials and stainless steel bolts is only serving to minimize or marginalize the HSM’s important role in an effective security solution.

Please click here to learn more about nCipher’s products. You can also follow us on Twitter, LinkedIn, and Facebook.

How to fill the cyber skills gap in today’s modern workforce

How to fill the cyber skills gap in today’s modern workforce

Cindy Provin | SVP Entrust Datacard and General Manager, nCipher Security More About This Author >

Our economy is increasingly driven by technology, even in areas that do not at first glance appear to have a technology focus. GPS and AI play a critical role in farming and agriculture, and even the artisanal goods sold at the smallest bodega or gourmet store, pizza joint or coffee shop are part of a sophisticated global supply chain. Quite simply, business processes and technology are at the heart of today’s global economy, and we are falling short.

One area in which we are falling short is in employee cyber skills. Because nearly every job today – from warehouse worker or barista, to real estate agent to lawyer – relies on connectivity and interaction with technology, a baseline level of cyber skill is important. We also need experts to focus specifically on securing our digital enterprises.

The skills gap is especially wide when it comes to cybersecurity

The Society for Human Resources Management (SHRM) says 83% of human resources professionals report having had difficulty recruiting suitable job candidates in the past 12 months. In addition, 52% of SHRM survey respondents say the skills shortage has worsened in recent years. This gap is even more pronounced in the tech industry and in cybersecurity in particular.

how to fill cyber skills

SHRM says the skills gap is visible in the trades, middle-skills jobs and most notably in high-skilled science, technology, engineering and math jobs including the data analysis, science, engineering and medical fields. A study from nonprofit group (ISC)² states there will be a cybersecurity worker shortage of 1.8 million by 2022 – a 20% increase since 2015.

This shortage means that many front-line cyber threats simply go unanswered, creating security and financial risk for our digitally enabled society and economy. Corporations have identified the skills gap as a major strategic issue and potential drag on economic growth, and are aggressively attacking the skills gap to win the talent war.

Businesses are using a variety of methods to find needed cybersecurity talent

Many businesses are offering on-site and off-site training to help employees build the additional skills they require. According to SHRM, 33% of employers say that more work visas are needed for foreign citizens.

Some of today’s employers also are working to fill the skills gap by hiring from “untapped markets,” including people with criminal backgrounds. (ISC)² advises employers to “look for new recruitment channels and unconventional strategies and techniques to fill the worker gap.”

Moreover, some industry experts suggest that new cybersecurity professionals should be recruited from the ranks of ethical hackers and that “vulnerability reports should be the new resume.” There is also a move to embrace emerging cybersecurity talent even if those individuals lack college degrees.

But organizations need all the help they can get

At nCipher, we understand how difficult it is to find the talent needed to secure your enterprise IT environment. That is why, in addition to providing a broad range of market-leading data protection solutions, we also deliver professional data security services and training.

The complete nCipher package of cybersecurity solutions will help your organization safeguard its most sensitive data and business processes, while ensuring your business complies with regulations and industry mandates.

For more information on how nCipher helps businesses protect critical data, check out our product page. You can also follow nCipher on Twitter, LinkedIn, and Facebook.

Leopard Spots and Zebra Stripes: Big Data and Identity Management

Leopard Spots and Zebra Stripes: Big Data and Identity Management

The expression “a leopard cannot change its spots” maintains that it is challenging to alter ones’ inherent nature — not only who you are but also what defines you. Your spots, in this case, include your ways, habits, and behaviors. In this age of big data, the concept is fitting, because this kind of information is increasingly being used to identify individuals and even machines.

For years identity management has relied on three factors for authentication:

  1. What one knows (passwords)
  2. What one has (tokens)
  3. And what one is (biometrics)

Behavior, a fourth factor, is now shaping the evolution of identity management.

In this blog post, and in one by my colleague Sandy Carielli from Entrust Datacard, we discuss big data analytics and how it is enabling the evolution of new behavior-based authentication for easier and more robust identity management. In the following, I focus on the analytics component, how it is increasingly used across enterprises, and why it is important to protect big data. I encourage you to read Sandy’s blog Leopard Spots and Zebra Stripes: Fraud and Behavioral Analytics to learn more about behavioral biometric authentication and get a more complete picture of this interesting and timely subject.

Big Data Analytics

Everyone claims to be using “Big Data,” but what is it really? Merriam-Webster defines big data as “an accumulation of data that is too large and complex for processing by traditional database management tools.” However, when analyzed by new algorithmic data mining methods, big data can reveal patterns, trends, and associations that can, among other things, relate to human behavior and interactions. This is how big data analytics is enabling behavioral biometric-authentication mechanisms.

The 2018 Data Threat Report commissioned by Thales and conducted by 451 Research revealed 99% of respondents (a sample of 1,200 senior security executives from around the globe) are using or planning to use big data. With such a high adoption rate, big data is already transforming many areas of business, including identity management at the individual and device level.

With the advent of more interconnected systems and the Internet of Things (IoT), advanced data aggregation capabilities, and big data analytic engines, organizations can now collect and review previously overlooked facts, figures, trends, and behaviors to “paint a bigger picture,” have better situational awareness of the environment within which they operate, and, ultimately, become more competitive.

Increasing volumes of data can provide unlimited benefits for enterprises seeking to better understand their customers and their business. However, with more data available for analytical purposes, the harder it becomes to protect it across distributed repositories. And with data breaches continuing to make headlines, big data, which includes sensitive and personal data, must not only be protected for privacy concerns, but its integrity must also be preserved to ensure its value as a resource. At the end of the day, if one cannot trust that the data being used for knowledge discovery and decision-making is authentic and has not been altered, it becomes pointless to collect, analyze, and make decisions based on the data.

Challenge

With continued high-profile data breaches and more sophisticated attacks that can leverage synthetic identities or impersonate real identities (be sure to check Sandy’s blog post for more on this [LINK]), the overall security landscape continues to change. As attacks actively target sensitive information, organizations must continue to protect their aggregate big data from internal and external threats to protect their customers’ privacy and their organization’s reputation, and to comply with mandates such as the General Data Protection Regulation (GDPR).

The challenge faced by organizations wanting to use behavioral analytics for authentication is how to implement security solutions without hindering the big data aggregation and analytic processes required to produce the desired insights. Because behavioral biometric data can contain confidential and personal information, and reveal sensitive insight, it can also be a high value target and represent a honeypot for attackers.

Focus on Enhanced Security

Industry best practices call for the use of robust encryption solutions to protect sensitive and personal data. Solutions that protect data-at-rest, in use, and in transit form an important part of the enterprise’s information security strategy. But cryptographic key management and the mechanisms that facilitate auditing and compliance are also best practices vital to effective data security.

Strengthening the management of cryptographic keys that protect sensitive and personal data, is essential to ensuring that only authorized users, devices, and applications are allowed access to critical systems. Enhanced security with key management delivered by hardware security modules (HSMs) and transparent data encryption not only hardens the solution to FIPS 140-2 and Common Criteria standards, but also facilitates security auditing and regulatory compliance.

Solutions

Pioneering companies in trusted identity and secure transaction technologies like Entrust Datacard, enable organizations to make transactions easier, secure and reliable for their customers. By providing the tools necessary to gain valuable insights into not only their business, but also their employees’, associates’, and customers’ behaviors — organizations can become more productive, profitable, and competitive. By combining their solutions with those of Thales eSecurity, they can ensure this all happens within a secure environment.

The way forward

Carefully using big data to paint that bigger picture of users and their behaviors enables organizations to develop more sophisticated identification and access control mechanisms to protect their business, and ensure privacy. Deploying solutions that aggregate previously overlooked resources in a secure manner makes it easier for users to be authenticated and allowed access to systems – which in turns makes the enterprise more secure. Whether you are a human user, a device, a leopard or a zebra, protecting your identity is critically important.

To learn how you can apply these new technologies to your business in a secure manner visit Thales and Entrust Datacard. To ensure you stay #FITforGDPR take our free readiness assessment. You can also reach me @asenjoJuan.

How to become a good student when it comes to cybersecurity, online privacy

How to become a good student when it comes to cybersecurity, online privacy

John Grimm | Senior Director of Strategy and Business Development More About This Author >

Summer is almost over. Students, parents and teachers are looking forward to new classes and instructors, football games and more. But during this busy time, they should set aside time to consider and address digital security.

Connected devices and the IoT are everywhere. That makes it easy to forget that all of those new dorm-room gadgets can be fundamentally vulnerable.

Whether you’re a student or parent, device security and digital trails are important concerns. The new school year is a great time for students to check their digital hygiene.

Look, listen and learn

Features like default passwords and one-click setup that enable easy connections to the internet create great potential for security holes that devices vulnerable to hacking. What’s more, devices like Amazon Alexa, Google Home and Siri are always listening for voice commands, creating cause for concern around eavesdropping and personal privacy.

Facebook was recently caught listening to users’ voice chats. Amazon has been busted for eavesdropping, too. And those are just the cases about which we are aware.

Some 59% of Americans have privacy concerns regarding the use of digital assistants, nCipher research reveals. Just more than half (51%) fear their digital assistant is listening to them at all times. Almost half (45%) believe their information is being shared. Meanwhile, 40% worry that their personal bank or credit card information may be compromised.

Where you go, they will follow

how to become a good student

Ralph Waldo Emerson famously said “Do not go where the path may lead, go instead where there is no path and leave a trail.” But in the digital world, students and others don’t have to try to leave a trail. Applications, devices, networks and websites track their every move.

Today’s young people often are blissfully unaware that they can be tracked whenever they and their devices touch the internet. That could be by IP or MAC address, through cookies, or via device beacons.

Students’ location and website or app data, as well as text and images from their social media accounts, continually expand their personal digital trails. But rather than leading students to a bright future, those trails could adversely impact their future employment prospects.

Get an A+ in cybersecurity

Against this backdrop, it’s important for all of us to be good cybersecurity students. That’s true regardless of your major, and whether your graduation lies ahead or happened decades ago.

A great place to start is by replacing default connected device passwords with robust new passwords. Good students also will remember to create new passwords regularly.

Other easy-to-implement security best practices include using personal firewalls, complex or computer-generated passwords, and encrypted communications. Make sure your connected devices are configured to accept authenticated firmware updates/patches to fix any vulnerabilities that get discovered. And be wary of public networks, including free Wi-Fi hotspots, particularly those that aren’t password protected. And understand – and educate others – that any photos and information they share on social media or allow apps to access can stick around longer than a tenured professor.

To learn more about nCipher’s IoT security solutions, please visit our dedicated landing page. You can also follow us on Twitter, LinkedIn, and Facebook.

Subscribe to Big Data
Want to be part of our team? Explore
Get in contact with a specialist Contact Us