<img src="https://secure.leadforensics.com/71120.png" style="display:none;">

Kalki Blog

Header_about.png

You don't have to be high-tech to use 2 Factor Authentication

Posted by Stacy Willis on Apr 20, 2016 7:00:00 AM

What is it?

Let's start with the definition of authentication. Essentially the process of authentication involves proving you are who you say you are. There are three ways of authenticating:

Read More

Topics: Security technology

Understanding Vulnerabilities and Patches

Posted by Kyle Balicki on Sep 8, 2015 10:19:45 AM

We’ve all seen articles that read “vulnerabilities found, data at risk” (you’ve probably even seen a bunch of them from us!) and know that they mean something about viruses or hacking. But we do we really understand what a “vulnerability” is and how it impacts us? And if not, how do we go about fixing these vulnerabilities and protecting ourselves? Let’s get a better of understanding of what vulnerabilities are and how we go about fixing them.

Read More

Topics: Security technology

The Basics: Identity and Access Management

Posted by StacyNease4Fbhds on Jul 31, 2015 10:34:17 AM

Identity and Access Management (IAM), is a very important process for an organization to have in place. IAM can provide your business with organization, efficiency and safer business systems. Organizations need to manage access to information and applications across both internal and external systems. They must also provide this access for a growing number of identities both outside and inside the organization without jeopardizing security and releasing valuable information.

So what makes up IAM? IAM is comprised of people, processes and products combined with the goal to manage identities and access to the organization’s resources. The organization must ensure that all information is correct in order for the IAM framework to operate successfully. The primary goal of the IAM framework is to provide the right people with the right access at the right time. It is all about efficiency.

Access management is comprised of the following uses authentication, authorization, user management and a central user repository to achieve its goal.

Authentication

Authentication is the process for proving a person's identity. When we think of authentication, think of the times where you've been asked to show photo I.D. Once the user is authenticated, the system will remember who they are for the remainder of their time interacting with the system. In most IAM solutions, the authentication module provides single sign-on service so that the user does not need to sign on multiple times.

Authorization

Authorization is the act of determining whether or not the user is allowed to access or use something. It is what allows the use of role-based access control. This means a user has certain privileges based on the role they hold within the company; for example, a manager of a bank will have access to different things than a teller will. Authorization is only possible once authentication has been completed (i.e. I can only tell if a user has access to something once I know for sure who that user is).

User Management

User management provides several functions such as password management, management of roles for employees and group management. The administrator will set privileges for employees to access specific areas by setting master passwords for that area. This will allow the administrator to keep close tabs on who has what privileges to certain areas. For example, the administrator will allow only those working in the finance area of the business to access financial records and files.

Central User Repository

A central user repository stores information about users’ identities in a central location and send that information to any applications that need it. This allows for multiple applications to function of the same set of access controls (so you don’t have to re-create access controls for every single application at your business).

It is critical for businesses to have identity and access management systems in place for a variety of reasons. IAM can improve security, simplify life for employees, reduce complexity and control access to internal systems.

Read More

Topics: Security technology

Threat Detection: The Basics

Posted by Kyle.Balicki on Jul 22, 2015 9:29:52 AM

With technology advancing every day, cyber-attacks are becoming more and more advanced. It is important to locate where risks are in your business, and expose them before they expose you. One way to limit risk is to invest in threat detection software. Threat detection is software that protects your personal information by scanning your system and locating risks such as viruses.

Read More

Topics: Security technology, Cyber security

5 Reasons you should be using Office 365 today!

Posted by StacyNease4Fbhds on Jun 16, 2015 8:57:39 AM

Find out why we like Office 365 so much… and learn why you will too!

Read More

Topics: Security technology, Cloud Security

Attacks on Fortune 100 Social Media Outlets

Posted by Kyle.Balicki on Jan 21, 2015 9:52:15 AM

Recently, cyber security experts have urged Fortune 100 companies to rethink their social media strategies after revealing that there was a widespread outbreak of unauthorized accounts, content based threats and account theft taking place. On average, a firm typically has upwards of 330 accounts on various media platforms and that many of them were false or made up by hackers and scammers.

Read More

Topics: Breach, anti-malware, Security technology, identity theft, Policies and Procedures

Too Many Data Protection Vendors Is A Loss

Posted by Kyle.Balicki on Jan 14, 2015 9:11:37 AM

It can be said that if one data backup, replication, archival and recovery provider is good, more must certainly be even better, right? It could be a smart choice to have a backup for a backup, just in case the first one experiences an issue or ends up shutting down entirely. This however, is not at all true based on several findings and key information. When it comes to data protection vendors, one is great because they have sole possession and they have a key understanding of what is going on and one solid system and process is being used. Having two is still okay, but having three or more is more than likely worse than having nothing at all.

Read More

Topics: Human Resources, Security technology, Cyber security, Policies and Procedures

Startup Security Companies To The Rescue

Posted by Kyle.Balicki on Jan 13, 2015 9:33:23 AM

In the past, the number one rule has always been “Don’t talk about security” or “Need to know basis regarding security”. Today, security is a mainstream topic that is taking over news headlines globally as technology becomes more and more advanced and data breaches and hacks are occurring more frequently. Security innovation has since become a mainstream focus and a strategic imperative for business. This is both good news and bad news for information security firms. The plus side, is that a companies C-suite finally understands why security innovation is an important factor. The negative side to this, they will now expect more of it from you. The question that is currently being asked, where do you begin? and what do you do?

Read More

Topics: Security Credentials, TechStartups, small business, Security technology, Cyber security, Policies and Procedures

FBI Warns Healthcare Sector Vulnerable to Cyber Attacks

Posted by Kyle.Balicki on Jan 12, 2015 11:59:54 AM

Recently, the FBI has issued a warning to healthcare providers that their cyber security systems are lacking or not as good compared to other sectors which makes them highly vulnerable to attackers and hackers that are searching for personal medical records and health insurance data. Healthcare data is highly valuable to hackers in the black market as oppose to credit card numbers and data because it tends to contain details that can typically be used to access bank accounts or contain prescriptions for controlled substances. The overall demand for medical information is very strong on criminal marketplaces due in large part because it takes victims longer to realize the information has been stolen and report it, and because of the different ways the information can be used.

Read More

Topics: Breach, Risk assessment, Security technology, Cyber security

As The Cloud Grows, So Does Crime

Posted by Kyle.Balicki on Jan 7, 2015 11:06:16 AM

Each day, more and more information, from family photos and videos to important financial information, is moving into the cloud. The cloud is making it easier for households and businesses to distribute information. As more information is being placed into the cloud, hackers are following. It is very easy to see why hackers would be making this move as the cloud computing systems contain lots of valuable and critical information. This information ranges anywhere from personal financial data and valuable corporate data to government information and even pictures and videos that were not meant to be seen by the general public. All of this information has been scoped out and targeted by hackers.

Read More

Topics: Breach, Security technology, identity theft, Cyber security