This week’s security snacks:
- OneDrive Gets an MFA-Protected “Personal Vault!”
- How VPNs Create Security Vulnerabilities
Storing very sensitive information within your OneDrive account? Worried about the data being leaked or stolen? Microsoft just introduced a “Personal Vault.”
Let’s face it, the availability of cloud base storage to store data including thousands of selfies, cat videos and other important information is one of the great things that cloud computing has brought us.
The issue is though in this online world, where to I save those items that you used to have a special folder for when they were on paper. So, you could file the items away for safe keeping and not leave lying around for people?
Microsoft have addressed this with the addition of a feature they are calling “Personal Vault”. To put it simply, this is a folder contained within OneDrive that requires multi-factor authentication (MFA) to access. The next time you save that file with the passwords and bank account details into your cloud account, only after using a password that was, shall we say, less than secure, at least your data will be safe.
The new feature is currently rolling out in a small subset of countries.
Visit the HackerNews site for more information:
Once the shining star of enterprise network security, VPNs are now seen as a necessary but aging solution that leave security holes all over the place.
Rolling back the time to twenty years ago, we were at the dawn of a new era. Companies across the globe, from SME’s to multinationals, were opening the door for their employees to access…THE VPN.
Virtual private networking became the de facto approach to remote working, with users accessing company resources on-demand from the comfort of their own home. Very little changed over the coming years with the exception of improved RDS style solutions from Microsoft and Citrix, and the ability to deliver more security. Two-factor authentication became the norm and the world was focused on protecting the perimeter firewall.
Fast forward to the world of today and it’s all about SaaS, PaaS, always-on, mobile, BYOD, always connected infrastructure. That infrastructure is often housed in a noisy datacenter shared with hundreds of thousands of other customers’ data. It is without a doubt a different world.
The challenge is though for companies to adapt their security strategy. Trusting the internal network is no longer the smartest thing to do. Security penetration points are now located at every point where a user connects to the Internet. Every network account and device should be given granular access to only necessary parts of the network.
Critical new concepts and technologies are arising, such as zero-trust architecture, software-defined permiters, and micro-segmentation. Those are just a few examples. The new landscape is vitally important to understand at time when the news reports major ransomware payments and data breaches almost daily.
It’s a brave new world out there! Embrace it carefully so you can be sure you don’t cut yourself on the bleeding edge while trying to get there as fast as you can.
For more details, Threatpost has excellent article on the death of the VPN and security challenges: https://threatpost.com/death-enterprise-vpn/145907/.