Connect with us

Discover what sensitive data–credit card numbers, medical info, government ID, and more–people in your organization have shared externally.

Image: Andy Wolber/TechRepublic

In October 2020, Google Workspace launched a new data protection insight report for admins in organizations that use Business Standard, Business Plus, Enterprise Essentials, Enterprise Standard, and Enterprise Plus editions. Unlike other security reports already available to Workspace admins, Google sends this report to admins automatically.

What’s Hot at TechRepublic

The report notifies administrators of potentially sensitive data, such as credit card numbers, birth dates, and governmental identification numbers, detected by the system. For example, I received my first email with “Data protection insights” on December 3, 2020. The system identified that 4% of files (305 of 7,555 shared items) containing sensitive content were shared externally (Figure A).

If data loss protection (DLP) is a concern, Google Workspace administrators may want to follow the steps below after receiving each data protection insight report. 

SEE: Google Sheets: Tips and tricks (TechRepublic download) 

Figure A

Screenshot of Data protection insights email, subject

As this example indicates, the data protection insights email focuses a Google Workspace administrator’s attention on the top three types of sensitive data shared outside the organization.

1. Review the key takeaways

The email lists some of the significant data shared externally. In my case, the system featured the following three types of data:

  • 131 files with Global – ICD 10-CM Lexicon (International Classification of Diseases, 10th edition)
  • 319 files with Global – ICD 9-CM Lexicon (as above, but 9th edition)
  • 13 files with United States – Driver’s License Number

This gives you a quick indication of the top three data types that may be available to people outside your organization.

2. Access the data protections insights report

Next, either follow the View Report link from the email or access the data protection insights report in the Google admin console at https://admin.google.com/ac/dp (Figure B). You may need to sign in with your Admin account.

Figure B

Screenshot of Data protection insights report. 10 types of data, with bar chart indicators of the number of shares next to each.

In the Google Workspace admin console, the data protection insights chart summarizes significant concerns by data type.

The report lists several data types, along with the number of files detected with each data type, and the number of those files shared externally. In my case, for example, “Global – Email address” was the most frequently shared item. However, this data type is not actually a security concern for me, since I often include my email address in publicly shared presentations and documents. 

3. Communicate concerns

Take a screenshot of your data protection insights summary and share it with appropriate people in your organization along with a brief security reminder:

“A recent automated Google Workspace data protection scan identified a few potential security concerns. While some of these may be false positives, it’s a good reminder to be thoughtful about any data you share.”

You also might include an additional sentence that summarizes the items of greatest concern from the report. For example, in my case, I might add, “Make sure to not share sensitive information, such as personally identifiable medical information.” Different organizations will no doubt have different security priorities and concerns to emphasize.

4. Configure a custom data protection rule

Administrators for organizations that use Google Workspace Enterprise or Education editions may want to create a data protection rule to address specific items of concern. To do this, sign in to the admin console and go to https://admin.google.com/ac/dp/rules/ to either add a new rule or edit an existing rule.

When you choose Add Rule, the system takes you through the following four-step sequence to configure the data protection rule (Figure C).

Figure C

GIF that rotates through screenshots of each of the 4 steps needed in the Admin console to create a new data protection rule.

Some editions of Google Workspace allow an administrator to create additional data protection rules. These rules may help warn people when they attempt to share specific types of sensitive data or block the attempt entirely.

  • Name and scope: Where you select whether the rule applies to the entire organization, specific organizational units, or specific groups.
  • Triggers and conditions: Where you specify what criteria the content must match (e.g., specific text, a default detector, regex detector, or a word list detector). You may add multiple conditional detectors within a rule.
  • Actions: Where you choose whether to warn people before sharing or to block sharing certain content entirely, as well as choose whether to notify specific admins of the detected data exposure. 
  • Review: Where all of the above settings are displayed before you Create (or Update) the rule.

If you’ve configured the rule to alert you or others, be prepared for an initial series of emails as the rule detects conditions that match your specified settings. After this first set of alerts, activity tends to decrease–unless you have several people actively sharing triggering data, which is exactly what you want.

In my case, I configured a rule to track down the US driver’s license sharing identified in my data protection insight report. Fortunately, the rule helped me figure out that the only actual license number shared was a fictitious license number found in a screenshot of a database vendor’s demo record. I had shared the screenshot with an external editor.

What’s your data protection approach?

If you’re a Google Workspace administrator and have received a data protection insight report, did you find the information useful? Did you, like me, notify others of the data shared? And, if you use the Education or Enterprise editions, did you add a new rule to help identify any shared data of concern? Let me know how you educate and alert people in your organization about shared sensitive data, either in the comments below or on Twitter (@awolber).

Also see



Source link

0
Continue Reading

Technology

How leaders across industries see 5G helping their businesses

istock 1137013136

Verizon’s 5G Business Report found that everyone’s excited about 5G, but the reasons behind the buzz differ between industries.

Getty Images/iStockphoto

A report from Verizon on business leaders’ opinions of 5G finds that 5G adoption is well underway across industries, but the reasons for excitement and the ways in which businesses plan to deploy 5G tech vary greatly. The report surveyed 700 business tech decision-makers, and found that 55% had heard, read, or seen a lot about 5G, and 80% believe it will create new opportunities for their companies. The belief in 5G benefits for business extends to believing that 5G will benefit their individual industries and roles, with 79% saying they agreed with both statements.

There was some split between IT leaders and C-level executives on whether 5G is a top priority: 54% of IT leaders said it was, while only 39% of the C-suite agreed. Another large difference appeared between business leaders and the general public: As mentioned above, 55% of business tech decision-makers said they had heard a lot about 5G, while only 23% of US adults said the same. This could indicate a knowledge gap that drags 5G progress down, or otherwise slows customer adoption of the new technology. Regardless, business leaders seem eager to incorporate 5G into their organizations, both internally and externally. 

SEE: TechRepublic Premium editorial calendar: IT policies, checklists, toolkits, and research for download (TechRepublic Premium)

The report breaks businesses down into five categories: Sports, entertainment, and media; government and the public sector, healthcare, manufacturing, and retail. 5G applications for each industry vary, and survey responses did as well. 

In the entertainment, sports, and media industries, most of the excitement comes from the sheer amount of bandwidth that 5G will be able to deliver. Eighty-four percent of respondents said they believed 5G would eliminate “miles of cables and wiring,” and the same amount said they were excited by high-bandwidth connections allowing for multiple broadcast or video streams. Those numbers were paired with the likelihood of adoption, with 80% saying they were likely to use 5G to eliminate wiring and 74% planning to take advantage of increased bandwidth to increase streaming capabilities.

The public sector sees 5G value in real-time video surveillance and public safety programs. Seventy-four percent said they see that technology as valuable, though only 58% said they were likely to roll that sort of technology out in the next two years. Public sector decision-makers were also excited by the prospect of increasing data transfer speeds to emergency services to reduce response time and smart city sensor networks to improve water availability, air quality, and energy-efficiency monitoring.

In the healthcare world, remote health monitoring technology leads as the most valuable tech, with 81% saying they find its potential valuable. Seventy-five percent said they’re planning to implement such technology. Other healthcare uses include using 5G mobile networks for telemedicine visits, real-time medical image sharing, and real-time wearable devices.

SEE: Future of 5G: Projections, rollouts, use cases, and more (free PDF) (TechRepublic)

Manufacturers were most excited by real-time supply chain tracking, with 88% intrigued by the prospect and 82% saying they were likely to employ such technology. Artificial intelligence (AI) designed to support worker safety also ranked high, with 83% saying it would be valuable, and 74% planning to implement it in the next two years.

Retail was most interested in real-time data processing that would “maximize efficiency from point of sale to product delivery,” with 82% planning to use similar programs, and the ability to analyze foot traffic to dynamically plan displays to maximize product positioning efficiency. Augmented reality (AR) shopping also proved high on the interest list with 75% saying they planned to use augmented reality apps, and 73% saying they were likely to use AR for product visualization.

In summing up the report Verrizon Business CEO Tami Erwin said the data points to 5G being seen as a serious transformative element. “Over the last year, 5G has become top-of-mind for businesses as they manage through condensed digital transformation timelines. These findings underscore the critical role 5G will play in economic recovery and growth, and we stand committed and ready to help our partners make that transition quickly and seamlessly,” Erwin said.

Also see

Source link

0
Continue Reading

Technology

iPhone SE Plus Rumoured to Be in the Works, Price and Specifications Leak

iphone se plus aaple lab leak 1611729402117

iPhone SE Plus is reportedly in the works, a new leak suggests. Apple introduced the iPhone SE (2020) last year and the tech giant could be working on a new model in the affordable ‘SE’ series. The iPhone SE Plus pricing and specifications have leaked online alongside a render that hints at the design of the upcoming phone. Apple may introduce the iPhone SE Plus around the same time as the iPhone SE (2020) last year, in April.

A tipster called @aaple_lab has leaked key specifications and pricing of the rumoured iPhone SE Plus. The phone is expected to be priced around $499 (roughly Rs. 36,300), which is $100 more than the launch price of the iPhone SE (2020). A render leaked alongside shows a wide notch on top of the display and a single rear camera. There is no physical home button on the iPhone SE Plus, a big change from the iPhone SE (2020) that has thick bezels and a physical home button. The tipster claims that the phone may launch in Black, Red, and White colour options.

Coming to the specifications, the iPhone SE Plus is tipped to feature a 6.1-inch IPS display and could be powered by either Apple A13 Bionic or Apple A14 Bionic chip. The rear camera is tipped to sport a 12-megapixel iSight sensor, whereas the selfie camera is tipped to feature a 7-megapixel resolution sensor. Camera features include six portrait light effects, OIS, and Smart HDR 3. The phone is tipped to come with an IP67 rating for dust and water resistance.

The tipster vaguely suggests that the Touch ID could be integrated into the Home button. This could be a reference to the Power button on the side, but it’s not very clear.

There is no clarity on when this rumoured iPhone SE Plus will launch, but if we were to speculate, it could launch sometime in April — around the same time the iPhone SE (2020) was launched last year. Apple has made no official announcements about the phone yet.

For the latest tech news and reviews, follow Gadgets 360 on Twitter, Facebook, and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel.

1611729935 235 iPhone SE Plus Rumoured to Be in the Works Price

Raya and the Last Dragon Trailer: Disney Promises a Fantastical Southeast Asia Adventure

Related Stories



Source link

0
Continue Reading

Technology

Google releases alarming report about North Korean hackers posing as security analysts

1611704673 istock 1166333977

Google said the attackers were targeting security researchers by using fake LinkedIn and Twitter profiles and asking to collaborate.

Image: iStock/iBrave

Google unveiled a new report from its Threat Analysis Group on Monday highlighting the work of a group of cyberattackers associated with the government of North Korea that sought to impersonate cybersecurity researchers in an effort to target those “working on vulnerability research and development at different companies and organizations.” Adam Weidemann, a member of the Threat Analysis Group, wrote that the attackers used a variety of fake blogs, Twitter accounts and LinkedIn profiles to make themselves look legitimate and communicate with researchers and analysts they were hoping to go after. 

SEE: Social engineering: A cheat sheet for business professionals (free PDF) (TechRepublic)

ZDNet noted that the malware associated with the attack was tied to a notorious North Korean government-backed organization called the Lazarus Group.

“The actors have been observed targeting specific security researchers by a novel social engineering method. After establishing initial communications, the actors would ask the targeted researcher if they wanted to collaborate on vulnerability research together, and then provide the researcher with a Visual Studio Project,” Weidemann wrote. 

“Within the Visual Studio Project would be source code for exploiting the vulnerability, as well as an additional DLL that would be executed through Visual Studio Build Events. The DLL is custom malware that would immediately begin communicating with actor-controlled C2 domains.”

Weidemann added that some security researchers were hit with attacks after visiting some of the fake blogs built by the those behind the campaign. 

SEE: Bad actors launched an unprecedented wave of DDoS attacks in 2020 (TechRepublic)

Some shared a YouTube video that claims someone had exploited CVE-2021-1647, a recently patched Windows Defender vulnerability. While many of the comments noted that it was fake, Twitter accounts connected to the campaign sought to deny these comments and tried to convince others it was real. 

All of the Twitter and LinkedIn accounts named in the Google report have been taken down by both websites. But Weidemann noted that the attackers also used Telegram, Discord, Keybase, and email to contact their targets. 

The blog includes a list of the accounts and blogs, and tells anyone who communicated with them to check their systems in case they were breached. 

The report caused a bit of a stir within the cybersecurity community, as one would expect. Multiple cybersecurity experts took to Twitter to say they had either been contacted by or communicated with the accounts named in the report.

WARNING! I can confirm this is true and I got hit by @z0x55g who sent me a Windows kernel PoC trigger. The vulnerability was real and complex to trigger. Fortunately I only ran it in VM.. in the end the VMDK I was using was actually corrupted and non-bootable, so it self-imploded https://t.co/dvdCWsZyne

— Richard Johnson (@richinseattle) January 26, 2021

Chloé Messdaghi, chief strategist with Point3 Security, said she was contacted by four of these attackers and noted that experts with any amount of notoriety or government ties have to be careful at all times. 

SEE: Governors hear about the dangers of a lackluster cybersecurity response, need for FBI coordination (TechRepublic)

“They want people with government connections, and they work to climb that ladder of contacts to figure out who they can reach. We don’t know who they’re targeting or why, but for me it’s been an ongoing thing for a year, where people I know will get in touch and say ‘Hey I went to this site and your name is on there, but just letting you know that I think it might be malicious,'” Messdaghi said. 

“As someone they’ve targeted, I’m glad Google is coming out with this alert. There are so many people throughout the world seeking private intel, and if you don’t know who you’re talking to, work on the assumption that the name and picture you’re being offered is likely not valid. The accounts of these four attackers are suspended, but really that means nothing. They’ll just make up another name and be back.” 

threat-actor-to-chloe-messdaghi.jpg

A message from one of the attackers to Chloé Messdaghi, chief strategist with Point3 Security.

Image: Chloé Messdaghi

She noted that many researchers have the urge to give back to the cybersecurity community but have to be wary about who they’re associated with. 

Katie Nickels, director of intelligence for Red Canary, said for anyone working in this field, there is always heightened threat of being targeted, not just by adversaries who might not like their research and analysis but also by adversaries who are intent on gaining advanced knowledge of vulnerabilities, exploits, and other methods of attack. 

“While we are knowledgeable about ways to protect ourselves, sometimes we forget that we are ripe targets and get complacent just like anyone else. This campaign was interesting because it preyed upon the desire of researchers to collaborate, including with people we do not know, to advance our work,” Nickels said. 

SEE: 2020 sees huge increase in records exposed in data breaches (TechRepublic) 

“One concerning part of this attack is that the adversaries managed to draw researchers into seemingly legitimate websites and compromise their machines via drive-by downloads. Clicking unverified links on Twitter and elsewhere is commonplace for all but the most cautious individuals.”

SafeGuard Cyber CEO Jim Zuffoletti said attacks like this are on the rise because attackers are moving into channels of communication that “are invisible to security teams,” adding that the distributed nature of work since the onset of the COVID-19 pandemic made it imperative that security teams put better controls in place for social and chat apps. 

Others said it was well known within the cybersecurity community that there were people eager to exploit the culture of sharing for nefarious reasons. 

But Andrea Carcano, co-founder of Nozomi Networks, said what was new about the attack was the boldness of the attackers and their willingness to risk sophisticated zero-day exploits to target researchers. 

Carcano explained that some of the attacks were fairly obvious and would have been caught, but the scariest one involved the researcher who was infected by simply visiting a web page with some technical documentation. 

Carcano and Paul Bischoff, lead researcher with Comparitech, both suggested researchers open projects in secure environments or on other devices besides your actual machine. Bischoff also said to beware of any Twitter accounts with lots of numbers and to use a script blocking extension “to prevent any drive-by downloads that might occur as a result of visiting a malicious page.”

SEE: How asset management companies are vulnerable to ransomware and phishing attacks (TechRepublic) 

“You know you’ve made it when cybercriminals are trying to gain access to your social media accounts or research,” joked James McQuiggan, security awareness advocate at KnowBe4.  

“People are sociable and for the most part like to meet other people. With social media, it’s easier with tweets, connections and chats. However, we take a risk when we accept that LinkedIn connection or that follow on Twitter that the person at the end of the request is who they say they are.” 

McQuiggan said it was key to make sure to look through someone’s profile before accepting any friend or follow requests and to be wary of anyone who immediately sends you links to unknown websites. 

Some cybersecurity experts, like Vdoo Vice President of Security Shachar Menashe, said they take extra precautions by using encrypted email services and other endpoint protections. 

“It does bother me more than other attacks because if successful, these attacks could be used to attack others, which is an abuse of our hard work trying to secure these very same systems,” Menashe said. 

Saryu Nayyar, CEO of Gurucul, said Google most likely “only scratched the surface of these campaigns” and predicted that there are many more similar accounts being used for similar activity.  

“It is a reminder that security practitioners and researchers need to be on guard themselves,” Nayyar said. “Their knowledge and skill make them difficult targets, forcing malicious actors to put a lot of effort and resources to compromise them. But for a rival state actor, an expert in the field is worth the expense.”

Also see



Source link

0
Continue Reading

Trending