Archive

Security

Why e-mail could be your top data security threat

A growing problem Phishing remains the method of choice for the vast majority of cyberattacks. Using sophisticated social targeting, disguised links and attachments, cyber criminals can do in seconds what could take hours or days for an advanced piece of software to do: circumvent a security platform and gain access to sensitive data or critical […]

How to build an effective patch management program

Mapping of current network topology. Establishing a baseline of vulnerabilities. Application of all outstanding patches. Determining cadence of patch application. Review of ongoing critical patch escalation processes. In-depth quarterly reviews. Continuous, ongoing assessment and monitoring. Auditing and compliance analytics. When properly planned and executed, this process provides critical insight into the potential risks inherent in […]

OnX Dynamic IT Workforce Blog

Penetration testing, Chicken Guns, and Mike Tyson

Penetration testing explained In the 50s, fleets of aircraft were in use all over the world, but facing a dangerous problem: running into birds in midair. This led to technical advances in building new windshields and new engines, but engineers needed to ensure that their designs would satisfy their requirements. So how do you make […]

Your Quick Guide to Conducting Secure Videoconferences

Known issues: what attackers are already looking for The time is ripe for attackers to analyze different videoconferencing solutions for vulnerabilities, analyze them, and exploit them to run their code, gain unauthorized access to corporate infrastructure, and conduct additional malicious activity. So what can you do? How do you do it? The good kind of […]

OnX Blog

How a VPN protects your privacy

Think about all the times you’ve been on the go, reading emails while in line at the coffee shop, or checking your bank account while waiting at the doctor’s office. Unless you were logged into a private network that requires an encryption key, any data transmitted during your online session could be vulnerable to eavesdropping […]

Why Businesses Need Endpoint Protection

Endpoint protection helps businesses keep critical systems, intellectual property, customer data, employees, and guests safe from ransomware, phishing, malware, and other zero-day cyber attacks.  Why businesses need endpoint protection: Criminals are constantly developing new ways to attack networks, take advantage of employee trust, and steal data. Smaller businesses may think they’re not a target, but […]

Our current state: A perspective from our CSO during the COVID-19 crisis

Security plays an additional role in a crisis like COVID-19 in protecting an organization’s ability to respond effectively, which sometimes means accepting more risk. Security has to be laser-focused on ensuring a physical or cyber crisis does not impede the organization’s response efforts. It also needs to be a part of the ongoing risk decision-making […]

After the Smoke Clears – What can we learn about risk management

The security team has a particular responsibility in helping to answer these questions. The mission of a security team is to protect a business from risk. The risk of a pandemic eliminating supplies, services, and customers, as well as forcing employees to stay home, etc., probably was not on the radar of most businesses. It […]

OnX-Leverage-Tools-IT-Security

In response to COVID-19 now is the time to build a Cyber Risk Program – Learn how

According to IDC (Source – Worldwide CISO Influence Survey 2018), business leaders and CISOs view information security as vital to competitiveness of products and services while protecting the interests of their customers. Areas an Enterprise Cyber Risk Program should cover When an organization promises to deliver the value of digital business to customers, it’s often […]

workload migration

Now, more than ever, network infrastructures need Network Access Control

A recent example was provided by an attacker penetrating an IoT-based HVAC system that ultimately provided the attacker a nearly unrestricted path all the way to the victim corporation’s Point of Sale systems. Table of Contents: How Network Access Control works How NAC solves IoT device vulnerabilities A common misconception about modern NAC solutions NAC […]

IT solutions

The Effects of the Coronavirus on Cybersecurity

Attackers are capitalizing on our fear Cybercriminals and malware authors always try to find the most effective way to trick users into making poor, risky choices. Fear is an extremely effective mechanism, so in the last weeks we’ve seen this happen with the pandemic. Phishing attacks that purport to carry news about quarantines and lockdowns, […]

Six security trends to watch for in 2020

Two items for home users and consumers: We will see more discovered vulnerabilities in, and attacks against, so-called “smart home” products, such as smart speakers, security systems, and cameras. Any time we see widespread deployment of technology that is, relatively speaking, in the early stages of maturity, we expect that attackers will pay attention and […]

OnX-Attacker_mindset-blog

IT Security: ways to win the cyberwar

Think like an attacker It’s always better to be proactive than reactive when it comes to dealing with cyberattacks. To stay one step ahead, many IT Security Specialists can try to take on the mindset of an attacker. If the attacker’s motive is financial gain, what systems would they attempt to exploit? What if the […]

OnX Cloud Grocery Retailer Blog

Lessons learned From 2018: Patch management remains a challenge

Real-world solution OnX Canada recently aided a client, a national grocery retailer, that serves all 10 Canadian provinces’ food shopping needs. The client acquired a similar large business and needed to realign its organization while still remaining competitive in the marketplace. It was also concerned about upgrading and integrating technology between the businesses and was […]

OnX Cisco Master of Security Certification

OnX awarded Cisco Master of Security Certification

To achieve the Cisco Master of Security Certification, OnX team members had to show their exact understanding of individual Cisco security practices, as well as demonstrate a deep understanding of how those practices should function as a cohesive set of solutions. The OnX team also had to showcase current examples of successful projects in which […]

Zero Day Vulnerabilities

Why Your Security Program Must Include Proactive Zero-Day Defense Protection

The Internet Security Threat Report (ISTR) published by Symantec in April of 2017, notes that the number of malware variants has risen to 357 million different strains. To put that in perspective, that’s roughly one malware strain per 21 people or roughly one strain for every person online. The real problem is one of scope; […]

Ransomware attacks

Ransomware Attacks: Protecting Your Business from Becoming a Statistic

This particular ransomware strain, although hitting numerous hospitals in the UK and many other organizations across the world had a kill switch. The ransomware would attempt to connect to a domain with a very long and complex name, if the domain was _not_ live, the ransomware proceeded to encrypt all files. If the domain _was_ […]

Why intrusion detection does not go far enough

Why Intrusion Detection Does Not Go Far Enough

Intrusion Detection Is Not A Cure-All A ransomware attack in early 2016 dubbed “SamSam” was so severe — and, frankly, frightening — that the FBI sent out an alert to watch out for it. The problem was hackers discovered a huge security hole in a popular piece of open-source networking software and used it to […]

OnX Blog

Keeping Intruders Out of Your Web Apps

Understand the Key Web App Attack Vectors Start by familiarizing yourself with hackers’ favorite ways into apps, such as: SQL injections Cross-site scripting (XSS) Denial of service (DoS) attacks There are many more, of course, and new ones are being dreamed up every day. Make sure your security team stays abreast of all of these […]

5 Top IT Manager Concerns Addressed by a Security Intelligence Appliance

5 Top IT Manager Concerns Addressed by a Security Intelligence Appliance

So after completing your research, if you decide Splunk Enterprise Security is the right solution, then you must determine how to get Splunk up and running quickly with the limited time available from your IT staff? Enter the OnX Security Intelligence Appliance. OnX has developed the appliance in partnership with Splunk and Cisco to address […]

The object of storage

The object of storage

The History of Object Storage Object storage was a redundant and scalable storage system that provided a generalized data container with an index and metadata layers for the objects. Objects stored in the system were accessed via the index, and information pertaining to these objects was contained in the metadata. Files of all types and sizes could be […]

Partnering for your HEALTH

Partnering for your HEALTH

The strategic relationships of the OnX Healthcare Practice are positioned to be responsive to current healthcare industry demands. Challenged by fiscal constraints, increased service demand, data requirements and consumer expectations, the Healthcare Practice remains focused on client solutions that will improve operational efficiency and clinical outcomes. In response, OnX forged a strategic partnership with MEDSEEK […]

In the ball park

In the ball park

These are things to think about before you get to the type of environment that has hundreds and hundreds of hosts, and thousands of guests, across multiple hypervisors.  Are you even in the ballpark when it comes to best practices, measuring performance and security? As a specific example, let’s talk about security. Most shops spend […]

BYOD

BYOD

Personal preferences for Apple IOS, Google Android, and Microsoft Windows-based devices are driving consumer devices into the corporate networks and create device management and data security concerns. Home offices, the desire to have the newest devices on the market, tablets, netbooks, and smartphone preferences all cause a need for organizations to create a “BYOD policy”. […]