Find news and information for the executive corporate security director, CSO, facility manager and assets protection manager on issues of policy, products, incidents, risk management, threat assessments and preparedness.
Issue link: http://sdi.epubxp.com/i/941796
ARM processors, which are found in just about all computing devices (read more about these threats at www.securityinfowatch.com/12389895). By keeping informed, closely moni- toring and taking action when discov- ered, you can ensure your organization and customers significantly improve their cyber posture. at is an integral part of being the trusted advisor your customer counts on. ■ » Rob Simopoulos is a co-founder and partner at Launch Security (www. launch-security.com), which brings simple, organized and effective cybersecurity programs to SMBs. Simopoulos has been an entrepreneur in the security industry for decades, receiving numerous awards and recognition by security industry publications and organizations. He can be reached at RobS@Launch-Security. com, or at 888-508-9221 x 101. 34 Security Dealer & Integrator / www.SecurityInfoWatch.com February 2018 Wi-Fi Alliance Enhances WPA2 Upcoming WPA3 will feature more robust security The Wi-Fi Alliance has introduced enhancements and new features for Wi-Fi Protected Access (WPA2) to ensure Wi-Fi certified devices continue to implement state-of-the-art security pro- tections. While not specifically cited, these improvements are speculated to be in direct response to KRACK. "WPA2 provides reliable security used in billions of Wi-Fi devices every day, and will continue to be deployed in Wi-Fi certified devices for the foreseeable future," the group said in a press release. "Wi-Fi Alliance will continue enhancing WPA2 to ensure it delivers strong security protections to Wi-Fi users as the security landscape evolves." Building on the widespread adoption and success of WPA2, Wi-Fi Alliance also announced a suite of features to simplify Wi-Fi security configuration for users and service providers – all while enhancing Wi-Fi network security protections. Four new capabilities for personal and enterprise Wi-Fi networks will emerge in 2018 as part of Wi-Fi Certified WPA3. Two of the features will deliver robust protections even when users choose passwords that fall short of typical complexity recommendations, and will simplify the process of configuring security for devices that have limited or no display interface. Another feature will strengthen user privacy in open networks through individualized data encryption. Finally, a 192-bit security suite, aligned with the Commercial National Security Algorithm (CNSA) Suite from the Committee on National Security Systems, will further protect Wi-Fi networks with higher security requirements such as in government, defense and industrial markets. "Security is a foundation of Wi-Fi Alliance certification programs, and we are excited to introduce new fea- tures to Wi-Fi Certified security solutions," said Edgar Figueroa, president and CEO of Wi-Fi Alliance. To learn more about the new security enhancements, visit www.wi-fi.org. boost overall company valuation with the additional revenue streams – which distinguishes integrators from their competitors. e good news is that many cloud- based solutions oen have the abil- ity to push out update and new patch releases without much interaction by the customer or integrator. ese systems are traditionally charging a monthly fee, but in most cases the fees include these types of updates. Cloud-based solutions may also be beneficial for smaller integrators who do not have a help desk or other direct technical support. Keep Informed KRACK certainly will not be the last major vulnerability found; in fact, early 2018 has already produced Melt- down and Spectre – security vulner- abilities affecting Intel, AMD and If you are a systems integrator and your business model involves selling and installing devices without a main- tenance program that includes updates and patches, you may be leaving your customers at risk. As a trusted advisor and partner to these customers, it is important to guide them and help them understand the importance of the patch manage- ment process. Most will already be able to relate because of widespread media coverage of cybersecurity attacks. ere is also an opportunity for integrators to provide cybersecurity as a managed service. Integrators can include device update management and patching for the solutions as well as other related services for a monthly fee or include the offering in the tiered pricing they may already have. A proactive approach to incor- porating this as a service may help Cybersecurity