Archive for June, 2020

Things To Know About Browser Security Headers

Posted by centexitguy in Security on June 30, 2020

Browser security headers are HTTP response headers that define whether a set of security measures should be activated or deactivated on the web browser. They govern the way the browser behaves when communicating with the site. So, these security headers can be used to outline communication and improve web security.

Here are five security headers that need to be understood for securing a website:

  • HTTP Strict Transport Security (HSTS): A common practice of securing a website is to use a SSL/TLS certificate and migrate the website from HTTP to HTTPS. However, most website administrators forget that their website may still be available over HTTP connection. This issue can be overcome by employing HSTS. If HSTS is used for a website equipped with HTTPS, the server forces the browser to communicate over secure HTTPS only; thus, eliminating the possibility of the HTTP connection.
  • Content Security Policy (CSP): CSP can be used to protect the website against Cross Site Scripting and other code injection attacks. It does not rule out the chances of these attacks entirely but helps in minimizing the damage. It equips the website admin with the authority to restrict the resources that a user is allowed to load when using the site. Thus, the admin can white list the website’s content resources as per the security requirements.
  • Cross Site Scripting Protection (X-XSS): This header can be used to protect against Cross Site Scripting attacks. It prevents the page from loading if any cross site scripting is detected. XSS filter is enabled in browsers such as Chrome, IE, and Safari by default.
  • X-Frame-Options: This type of browser security header can be used for protection against ‘Clickjacking’ attacks. In case of such attacks, the user is made to click on a page under the pretension that he is on an official site. However, a hidden code is being run in the background. This may lead to loss of confidential user information. X-Frame-Options disable the iFrames present on the site preventing others from embedding any code in your content.
  • X-Content-Type-Options: MIME Sniffing is a common feature that is used to discover an asset’s file format. However, it can also be used to execute cross site scripting attacks. X-Content-Type-Options acts as a precaution against MIME Sniffing as it instructs the browser to follow the MIME type instructed in the header.

For more information on browser security headers and how to secure your portal, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Why Organizations Need Intent-Based Networking?

Posted by centexitguy in Networking on June 29, 2020

Intent-based networking or IBN applies deep intelligence and intended state insights to networking. These insights replace the need to manually configure the network. In general terms, the administrators can send a request with desired outcomes or intent to the network instead of coding individual tasks manually. The network’s software understands the intent and decides on the steps that need to be taken based on AI and Machine Learning.

IBN has some advantages over traditional and software-based networking which makes it an ideal choice for organizations. Following are some reasons why organizations need IBN:

Reduction In Manual Tasks: In the case of traditional networking, the administrator has to manually reconfigure every task with changing business needs. However, in the case of IBN, the administrator feeds the business needs to the network and the network analyzes these needs, verifies if a change in configuration will solve the need, suggests configuration options, and makes the required changes.

Faster Troubleshooting And Resolution: An intent-based networking system keeps on monitoring itself regularly. This helps in identifying any issues as soon as they arise. Also, IBN has the capability to repair itself without any human intervention using Machine Learning to find suitable solutions.

Reduced Risk Of Non-Compliance: Since the intent-based network is constantly monitoring and repairing itself, it ensures that the system is always in compliance with any policies set by the administrator.

Better Security: Looking for security threats is a part of regular monitoring conducted by an intent-based network. It monitors encrypted traffic as well to be aware of any possible threat. This results in immediate identification and containment of any security breaches to ensure data and network security of the organization.

Optimized Analytics: Understanding network performance is essential for making efficient decisions and predicting network outcomes for minimal risk. IBN regularly collects data about itself which can be used to deduce important information about network performance.

Rapid Implementation Of Business Goals Into Network Configurations: The main advantage of using intent-based networking is that it readily modifies the network configuration as per high-level business goals. The administrator can easily choose from vetted configuration options suggested by IBN saving the time needed for manual planning, testing, and configuration. Faster implementation of business goals into network configuration results in higher ROI.

For more information on Intent-Based Networking and why organizations need IBN, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments

Ways In Which Data Is Keeping Us Safer Amid The Coronavirus Crisis

Posted by centexitguy in Security on June 24, 2020

PDF Version: Ways-In-Which-Data-Is-Keeping-Us-Safer-Amid-The-Coronavirus-Crisis

, ,

No Comments

Ways To Verify Data Breaches

Posted by centexitguy in Security on June 18, 2020

A data breach is an incident where a hacker gains access to a database that contains the user’s personal details such as login information, financial details, Social Security Number, address, PHI, etc. In the case of an organization, a data breach can result in revealing of trade secrets and other critical business information. Once stolen, this information is then sold on the dark web to cyber criminals who use it for their profit.

The damage caused by a data breach can be minimized if it is detected in time. Here are some ways to verify a data breach:

  • Online Tools: A number of online tools are available to help users in verifying if their email account has been breached. Another way of verifying a data breach is via a data breach database. A data breach database such as HIBP (created by Troy Hunt, a Microsoft regional director, and MVP) contains a list of compromised email accounts and passwords. Users can search these databases for their email to see if their email and password are among the compromised lists.
  • Updated Browsers: Using an updated browser that has special features can help users in knowing if their password has been compromised. Browsers such as Chrome 79 include ‘Password Checkup Feature’. When a user enters a password, the feature warns the user if the password has been compromised without the need of saving the password.
  • Unauthorized Activity: Regularly check your accounts for any unauthorized activity in your account. Keep an eye on your sent emails. If you notice any emails sent to anonymous accounts, this indicates that your email account has been hacked. In case of any social media account, make a note of any unusual posts, messages, etc. Any unauthorized activity indicates a data breach including username and password.

Whilst these methods may be helpful, there is no bulletproof method of verifying a data breach. An ideal way of approach is to employ stringent data protection strategies. Some of the most efficient personal data protection strategies include access controls on the network, use of automated backup system, equip the data storage center with a protective suit, robust monitoring & reporting, and use of a secure password.

For more information on ways to verify data breaches, contact Centex Technologies at (254) 213 – 4740.

, , , ,

No Comments