Archive
Heads up – Potential #StoreFront and .NET Security update KB2729452 issue – #Citrix, #StoreFront, #CloudGateway
Heads up out there! I’ve not verified this myself but it’s worth ensuring that you plan for an uninstallation in the event it’s true!
New security threat at work: Bring-your-own-network
Computerworld –ย Even as IT pros wrestle with the bring-your-own-device (BYOD) trend, corporate security is being further complicated by another emerging trend: bring your own network (BYON).
BYON is a by-product of increasingly common technology that allows users to create their own mobile networks, usually through mobile wireless hotspots. Security professionals say BYON requires a new approach to security because some internal networks may now be as insecure as consumer devices.
Jim Kunick, an attorney with the Chicago law firm Much Shelist, said BYON represents a more dangerous threat to data security than employees who bring their own smartphones or tablets into the office. “The network thing blows this up completely, because it takes the data out of the network the company protects,” he said. “There’s no way to ensure the security of that data. People are running corporate apps and processing corporate and client data using networks that may or may not be secure.
“I mean, no one is sure the Boingo network is secure,” he said.
Continue reading here…
//Richard
Mastering the BYOD trend: The ultimate guide
Have a look at this BYOD guide and get inspired! ๐
“Let’s face it: The BYOD trend is a big deal.
IT admins have questions about the influx of personal smartphones and tablets in the enterprise. They worry about it. And they often need help figuring out what to do about bring your own device (BYOD) management, security and application delivery.
It takes a combination of technology, policy and organization-wide strategy to maximize the benefits of a BYOD program and minimize the risks. This comprehensive guide explains the basics and offers helpful, in-depth tips for admins stuck at any level of a BYOD program.”ย
Continue reading here!
//Richard
Microsoft Security Newsletter โ September 2012
Ok, didn’t have the time to search where online the newsletter is located so I just copied some of it into this post. I think that there where some interesting posts/articles around “BYO”, Cloud etc. So browse and enjoy! ๐
| Welcome to September’s Security Newsletter! |
This month’s newsletter focuses on personal devices in the workplace, often times referred to as “Bring Your Own Device,” or BYOD. BYOD is a very hot topic these days as organizations grapple with the challenge of managing the risks involved in allowing corporate data to be placed on personal devices such as smart phones. At face value, BYOD has the potential to be a win-win proposition. However, depending on how BYOD is implemented and managed, it could be a Pandora’s box.The primary challenge is that some of the devices employees decide to bring to work may not have basic security or management capabilities. This challenge is compounded by the risks associated with connecting to social networks and by the diverse ways organizations and people are choosing to connect and share data today โ such as the utilization of cloud services. We recently conducted a study to find out more about how personal devices are being used in the business environment. Our study found that:
BYOD does have distinct advantages. From the standpoint of the IT department, BYOD is generally seen as a cost-cutting measure because the burden of supplying the equipment is shifted to the employees. Some organizations subsidize BYOD policies with a per diem to offset the costs for users, but it still results in lower costs for the organization by relieving IT of its traditional role of maintenance and support. Another advantage of BYOD is that individuals tend to upgrade and embrace new platforms and technologies much faster than businesses. The organization benefits from being able to take advantage of cutting edge tools and features without the pain of deploying new hardware to the entire company. From the user’s perspective, BYOD means using devices and applications that are more familiar. Empowering users with the ability to choose which hardware and platforms they use creates more satisfied and productive workers. It also allows them to carry a single mobile device instead of one for work and another for personal use. The list of smart personal devices capable of connecting to private and public networks is rapidly and constantly expanding. For chief information security officers (CISOs) and chief security officers (CSOs), managing an ever growing list of devices and applications isn’t a sustainable model. Some of the security professionals I have talked to are shifting their focus to managing the data instead of the devices. They have concluded that device security is only a proxy for data security; if they can’t effectively manage the security of the devices that employees bring to work, they will focus on managing the security of the data itself. I think the industry recognizes the importance of securing personal devices and are making steps toward better management controls in the future. If you are interested in learning more about BYOD, I encourage you to read these blog posts recently published on the topic:
|
Vulnerability in Citrix Receiver with Online Plug-in for Windows could result in arbitrary code execution
Severity: Medium
Description of Problem
A vulnerability has been identified in the Citrix Receiver with Online Plug-in for Windows that could potentially allow an attacker to execute arbitrary code on the client device in the context of the currently logged in user.
This vulnerability is present in all versions of the Citrix Receiver for Windows up to and including version 3.2 and all versions of the Citrix Online Plug-in for Windows up to and including version 12.1.
For more information click here!
//Richard
The IT Melting Pot! 