GIXtools project

Recent global malware outbreaks WannaCry and NotPetya exposed how much enterprises struggle with patching. Staying current with the latest security patches involves testing, preparing and deploying the updates and enterprises are lagging behind as each product has its own update schedule.

It is easy to wag fingers about how it shouldn’t take IT more than 60 days to deploy an update, but consider the current workload. On top of the regularly scheduled monthly updates from Microsoft and Adobe, some organizations may need to deal with the latest Cisco patches. Organizations are still working on closing the SMB vulnerability, especially the out-of-network updates for Windows XP and other unsupported systems. Enterprises with iOS devices need to prioritize the latest update to address a serious security flaw in its WiFi chip.

To read this article in full or to leave a comment, please click here

Hurricanes. Tornadoes. Earthquakes. Fires. Floods. Terrorist attacks. Cyberattacks. You know any of these could happen to your business at any time. And you’ve probably got a disaster recovery (DR) plan in place to protect your enterprise’s data, employees and business.

But how thorough is your DR plan? When was it last updated and tested? Have you taken into account new technologies and services that can make it easier to recover from disaster? The following are 7 things your IT disaster recovery plan should include.

1. An analysis of all potential threats and possible reactions to them

Your DR plan should take into account the complete spectrum of “potential interrupters” to your business, advises Phil Goodwin, research director of data protection, availability and recovery for research firm IDC. (IDC is part of IDG, which publishes CSO.)

To read this article in full or to leave a comment, please click here

One common pitfall of all password managers is that you have to remember a master password. If you forget it, you lose access to all the others. True Key offers an alternative to this burden by allowing you to log in to the app using something unique to you. Depending on your device, that could be your fingerprint, your face, or a second device. You can even combine authentication methods for stronger security.

Once you’ve created an account and master password and installed the browser extension, True Key brings you up to speed with a helpful welcome wizard. The tour starts by displaying a couple dozen popular website logos. You pick one and it takes you that site, explaining that all you have to do is log in and True Key will capture your credentials and store them in your vault. When you return to a site, True Key logs you in automatically.

To read this article in full or to leave a comment, please click here

Sticky Password may not be as familiar as LastPass or 1Password, but it boasts features that rival both of them, albeit in a much less polished package. It doesn’t quite rise to the top tier of password managers, but it’s more than capable of getting the job done.

When you download Sticky Password—there’s no web version of the app—it will prompt you to create a master password. Unlike some other password managers, Sticky Password doesn’t offer a way to recover or reset this password if you forget it, so commit it to memory. You’ll also be asked if you want Sticky Password to sync your data over its cloud network or your own Wi-Fi network. With this unique option, your devices sync only when they’re all connected to your wireless network, so your data never goes out over the internet. It’s a nice added layer of security.

To read this article in full or to leave a comment, please click here

LastPass remains something of a gold standard for password managers. One of the first full-featured tools of its kind, this combination vault, form-filler, and password generator ticks off all the boxes in our password manager checklist.

After you sign up and install the LastPass browser plugin, it captures your login credentials when you visit a website for the first time. When you return to a site, a small icon appears in its login fields showing how many accounts you have stored. Clicking it opens a drop-down menu revealing each account so you can select the appropriate one. You can also select an auto-login option for each account to have LastPass sign you in automatically whenever you visit that site.

To read this article in full or to leave a comment, please click here

Keeper is a no-nonsense password manager that puts the security of your login credentials above all else. However, it’s lack of automated features may limit its appeal for some.

When you sign up for Keeper, you’re prompted to create a master password and select a security question. The latter will be used, along with a verification code and—if enabled—two-factor authentication, to access your data if you forget your master password.

Next, Keeper walks you through a four-step “quick start” checklist: creating your first record, installing the browser extension, uploading your first file, and enabling two-factor authentication. As you complete each step, the checkmark next to the relevant items turns green.

To read this article in full or to leave a comment, please click here