As of June 2020, more than 3.2 million consumer records were exposed in the 10 biggest data breaches this year. Eight of the ten largest breaches occurred at healthcare or medical organizations, meaning patient information in addition to PII was likely acquired by hackers. Data loss prevention (DLP) is an ever-changing practice, with new security policies and information security standards evolving to keep up with the threat of online hackers.
Employee monitoring and productivity tracking features valuable insights into your teams’ performance levels throughout the day. If your office has been recently affected by the COVID-19 pandemic, you might also be transitioning into a more remote-friendly workplace environment. How do you make sure your employees are staying productive? Can you accurately measure an increase or decrease in your team’s overall productivity?
The first software development team I worked on operated on the follow mantra: Make it work. Then, make it fast. Then, make it elegant (maybe). Meaning, don’t worry about performance optimizations until your code actually does what it’s supposed to do, and don’t worry about code maintainability until after you know it both works and performs well. Users generally have no idea how maintainable the code is, but they do know if the application is broken or slow.
Bring your own device (BYOD) describes the practice of using a personal device such as a smartphone or tablet to conduct business on an organization's network or with its data. Organizations constantly walk a tightrope with their BYOD policies to balance employee productivity and satisfaction against the effective management of cybersecurity risks.
Today’s software development life cycle includes a variety of quality and security testing techniques at every stage. Frequent testing throughout the DevOps pipeline is imperative considering the ever-increasing pace of development. One of the most common testing methods that companies use to ensure the products they are pushing out are secure and high-quality is black box testing.
API gateways have become a standard component in modern application architectures. The gateway exposes application APIs to the Internet and serves as a logical place to enforce policy. This is a two-part series about enforcing API authorization policies in Apigee with Okta as the identity provider (IdP).
Maximizing the value of your application security (AppSec) analytics not only provides a window into whether or not you’re meeting security requirements but also it helps you prove your ROI. That can be a challenge for a lot of organizations – when stakeholders are not close to the data, they may miss milestones like hitting goals for reducing security debt or even how much AppSec program has matured by data.
A critical vulnerability in Instagram’s Android and iOS apps could have allowed remote attackers to run malicious code, snoop on unsuspecting users, and hijack control of smartphone cameras and microphones. The security hole, which has been patched by Instagram owner Facebook, could be exploited by a malicious hacker simply sending their intended victim a boobytrapped malicious image file via SMS, WhatsApp, email or any other messaging service.
Web design trends come and go at a dizzying pace these days. While it might be easy to completely redo a simple website or a web application, visual design is not often a top priority for large-scale enterprise applications. But even with larger applications, there comes a time when the system’s look and feel becomes dated and the user experience is just not at the level it might be. And it directly impacts customers. It’s probably time for a refresh!
Industry research firm Gartner asked cybersecurity thought leaders to submit a video of themselves answering the question “What are your customers’ top security priorities?” for the Gartner Security & Risk Management Summit, a virtual event for the EMEA region held this month. Julian Waits, general manager of cybersecurity for Devo, was among those to whom Gartner posed the question. His video is below, and this blog post offers an expanded version of his response.
