PayPal seem to think that SMS text messages are a secure two-factor authentication method. Sadly, they are greatly mistaken. This article explains why and what to do about it.
Generate certificates for Node-RED that are trusted by all modern browsers. This will let you access Node-RED (and other services) over an encrypted HTTPS link.
📖 Kb | 📎 Development, Development, it-security, it-security | 🔖 node-red, node-red, security, security
Node-RED is increasingly used in situations that require reasonable security. Up to now, however, the information required to secure it correctly has been fragmented. This article aims to give an end-to-end outline to enable anyone to secure their installation.
📖 Posts | 📎 Blogging, Development | 🔖 security, security threats, threat management, vulnerabilities, web
📖 Posts | 📎 Enterprise, IT Security, Microsoft | 🔖 enterprise architecture, enterprise systems, governance, government, microsoft, nhs, office 365, presentation, security, solutions architecture
Here is a presentation that I did recently for NHS CIO’s and CCIO’s. It is all about how NHS England has followed a journey to cloud services and the IT Security & Information Governance issues we had to deal with along the way. It tries to also show other NHS organisations how they might work towards similar aims. Security and governance in the cloud from Julian Knight
📖 Posts | 📎 General | 🔖 anti virus, cyber security, enterprise systems, patching, security, security threats, software, threat management, vulnerabilities, whitelisting
Individuals and enterprises do not understand the value of their Information nor how to protect it. This article attempts to reveal simple and practical ways to protect IT assets and outlines some of the latest thinking and tools from industry experts.
One of the issues with Linux is that I can’t use it under all circumstances. In particular I usually have to work with Windows at work. So I need cross-platform tools, especially now that I also make extensive use of a smartphone/PDA. So here is a timely post – with the number of people in UK government departments carelessly loosing private or secret information, how do we keep this stuff secure while still being accessible from different platforms?
Thought I would add a quick update on using FreeOTFE under Windows and PocketPC. I tried it under Windows on a different PC and it does indeed work OK though it is nowhere near as polished as TrueCrypt. I’ve also tried again a few times on a PocketPC with limited success and I think I know what is happening. Firstly, you must install FreeOTFE for PPC into system memory and not on a storage card – not terribly surprising really.