Home » Archive by category Internet News (Page 907)

The Sysadmin’s Guide to Securing Your SaaS Apps

CircleID CircleID: As an admin, app security should be a top priority - but SaaS apps represent a difficult challenge in that regard. How can you protect your business from their risks, while enjoying all their rewards?

Within the average enterprise, there are 508 unique cloud applications in use. That number's overwhelming enough on its own without considering that 88% of those applications aren't enterprise ready, or the fact that one in five cloud applications has data sharing as a core functionality. Allowing your employees to use these apps freely is like installing a screen door on the side of a boat - sure, it might not sink your organization, but it's still a huge risk.

Of course, the challenge is that where SaaS apps are concerned, you as an administrator have very little control. People are going to rely on the functionality these apps offer in an effort to get their jobs done. That's inevitable.

The only thing you can control is whether or not your data is protected as they do so. At its core, that's tied to whether or not your users look upon you as a productivity enabler or just another obstruction. Let's talk about how you can be the former.

Talk To Your Users

If your users are employing third-party, consumer-grade SaaS apps in the workplace, then it's blindingly clear that they've some productivity need your business's standard tools aren't meeting for them. You have to find out what that need is - determine the functionality your users require in order to effectively do their jobs. I guarantee that for every single unsecure app your users employ, there's an enterprise-ready alternative just waiting to be implemented. And it's up to you to find them.

But that's only the tip of the iceberg.

Improve Your Authentication Process

There's a simple term I'd like you to familiarize yourself with: Single Sign On. Your end goal here is to make your entire SaaS application suite part of one platform, in a sense - to allow your users to access every single application they need to get their job done while only requiring them to authenticate once. On the surface, that may sound like a huge security breach waiting to happen.

Improperly-implemented, it most assuredly is. But here's the thing - single sign on can actually be incredibly secure if you make use of multi-factor authentication. Consider the following authentication process, which makes use of several 'security barricades,' but nevertheless remains secure:

An employee wishes to access their business's SharePoint repository via smartphone. When they attempt to access the system, it immediately recognizes the device they're using - it's been registered as 'trusted.'
Said employee is then prompted for their fingerprint. They use the fingerprint scanner on their smartphone.
Finally, they're prompted to enter a four-digit PIN or username/password.
Once they've done all this, they can access not only the SharePoint repository, but every other SaaS app employed by their organization until the authentication period expires (something which can be controlled by IT).
That's actually a pretty barebones process - you can makes things even more complex by introducing features such as access time and access location into the mix. But from the employee's perspective, it's pretty seamless. They simply log-in, swipe their fingerprint, enter their PIN, and they're done.

Better yet, the multiple checks and balances ensures that if someone does try to crack your system, they need to not only possess the employee's physical device (which can easily be reported as lost or stolen), but also their fingerprint and their login info.

Sure beats using RSA Tokens and Smartcard Readers, doesn't it?

Rethink Your Protocols

According to Search Cloud Computing, insecure access protocols are one of the most significant security risks facing SaaS applications in enterprise. With that in mind...what are you doing to protect your remote employees? Are you using Telnet or FTP? Have you neglected to set up a secure tunnel or VPN?

You'd best answer those questions before going further — because even if your applications are secure, they can still leak data over an unsecured connection.

Containerize Critical Applications

Given how many employees want to use their personal devices in the workplace, I'd strongly advise that you look into some form of containerization solution - some way to lock off business applications and accounts from personal ones on a user's smartphone. App-based containerization's actually come a long way in recent years, and there are several solutions on the market that are completely managed by IT, and rely solely on centralized security controls.

That means no on-device encryption for hackers to break through, and no need for you to worry about a consumer app leaking critical data from an enterprise app (though admittedly, this risk is relatively minor with SaaS applications compared to traditional mobility).

Keep Your Head Out Of The Clouds Where Security's Concerned

SaaS applications have become central to the workplace. As an administrator, it's your job to ensure that they don't represent a security risk. Because your employees are going to use them no matter what you do.
Written by Tim Mullahy, General Manager of Liberty Center OneFollow CircleID on TwitterMore under: Cloud Computing, Security

The post The Sysadmin’s Guide to Securing Your SaaS Apps appeared first on iGoldRush Domain News and Resources.

Continue reading

MMX stung for $7.7 million by crappy .london contract

DomainIncite DomainIncite: Did MMX take a $7.7 million accounting hit to renegotiate a crappy .london gTLD contract? It looks a bit like that to me. Found in the company’s full-year 2016 financial results yesterday is the disclosure that it had to pay off an undisclosed gTLD partner after originally making “overly ambitious” predictions about its likely popularity. […]

Related posts:$33 million .org contract up for grabs
TLDH wins .london contract, gets hacked
It’s official: London to seek .london gTLD

The post MMX stung for $7.7 million by crappy .london contract appeared first on iGoldRush Domain News and Resources.

Continue reading

Domain Movers: Dave.com, EchoLook.com + More

dotWeekly dotWeekly: Welcome to Domain Movers. DotWeekly keeps track of corporate domain name transactions and reports the early findings to you. The follow is a mere sample of daily activity that takes place. I try to find a medium of what to share and what I do not include but be sure to know that there are A LOT more movements, registrations etc every day by companies.
Here are the latest:
The Huffington Post has done a rebrand and shortened up its … Read the rest
Domain Movers: Dave.com, EchoLook.com + MoreJamie Zoch

The post Domain Movers: Dave.com, EchoLook.com + More appeared first on iGoldRush Domain News and Resources.

Continue reading

Domain Shane’s Daily List of Domains at Auction for Monday April 26th

Domain Shane Domain Shane: When you don’t have to pay your bills with money you made from domain investing you have a distinct advantage over full time pros.  But they get it right back by spending the entire day dedicated to their craft.  They are able to spend the time to hunt down names. Make sure that all their domains are listed properly on platforms.  And participate live at the auctions.   Night workers like me are half assing that part.   But we are also using the best years of our working lives to build a career or another business.  We have the security of always having money to pay the bills and fall back in case domain investing doesn’t work out.   And you can be like me and make incredible money in both domain investing and another job.  With all financial pressure taken off.  It allows me to let the domains roll.  It gives me patience.  When I first started in this industry  I was forced to sell domains to buy more.  To buy better names.  Now I have enough names and websites that I can buy $50 to $100K worth of additional names with the monthly income and proceeds from sales. But remember it took 9 years to get there.  9 years of 2 to 3 hours a day, every single year.  So while it seems like a lot of money now.  It was many years of small gains leading to big gains.  My other job allowed that.  Pressure to produce from my own wants but not from the holder of my mortgage.
As long as I avoid the stupid buys like .ws, my portfolio now becomes more and more valuable every year.  All you part timers can do the same thing.  It just takes a while.  Years.  But you can make a little money and have a good time doing it while you build.  How?  Simple. Don’t ask anyone to tell you.  Don’t be lazy. Read.  The manual has already been written in the blogs each day.  In the sales results.  Read Travis’ recap each day and see what names sell.  Go to Namebio and see what sold each day.   Get a feel of what a good name looks and feels like and buy them.  Most good names will sell on Namejet.  You won’t get anywhere near what you would sell to an enduser but they should sell.  If you are REALLY good you can learn the skills of Josh that writes here.  He is able to find low priced names that don’t sell on Namejet  yet sell on a consistent basis.  And at a percentage that pays for all the other purchases with money left over to expand the portfolio. He has a real gift that is hard to teach.  It’s also the most dangerous strategy because the skill level required to differentiate the junk from the names that will sell, is high.  Get it wrong and you’ll spend thousands on bad names that will crush your pocketbook.  Another reason to keep your dayjob.   Here are today’s names   Click for Current Price
Quote Of The Day  “Failure is the opportunity to begin again, only more intelligently -Henry Ford“
Domain Of The Day: PureFood.com    21 years old.   Getting some great bids.    Clean, healthy food is all the rage
Godaddy Domains That I Like With Multiple Bids
FreeVideoGames.com     Free thing domains seem to be timeless
LivingHouse.com     1999 domain.    All the great home tech wasn’t even around when this was originally registered
LittleBee.com    Good brand for so many things. Kids line comes to mind
Branna.com   Nice sounding brand.  Has people, places, and things that use the name. 21 years old
91i.com  Of the next three NNL.coms.  Can you tell which one will sell for the most money?  You might be surprised
Teenet.com   The dot com.au is Australia’s largest online tee time maker
DeepStorage.com  Probably going to be used for backup. 19 years old.
DraftResource.com  Tap in to the billion dollar fantasy sports market
NameValuator.com     Obvious use.  One of you might want to start the new Estibot.com
DomainValuator.com      This one is better for SEO
VoltMax.com   Something electric related
DailyTube.com  Most bids on the board today
Kurvy.com   K makes it cool.   Nothing wrong with curvy, I mean Kurvy
Instaheal.com  Everyone wants now.  Even in healing
RestorationDental.com     Dental is either preventative early or restoration later. Not much going on in between
Domains That I Like With One or No Bids
DR9.com LLN never does a well as NNL. I guess never is a big word. End early this morning
8ON.com Met reserve at under $400
FireSplash.com No bids but gets 77 visits a month
SaveTheBeach.com You can save the beach for $12
GrabThisDeal.com Memorably and descriptive. And one bid
EndlessLeads.com Has a few bids. Endless is a lot
SugarCard.com Just two easy to say and spell words. Not a lot of value but maybe worth $12
JetNorth.com Same here
BeaverCleavage.com No value but sure is fun to say
EscrowLite.com A quick and fast escrow
Some Nice 6N.com Domains
Other Godaddy Domains With Bids
Namejet Auction
Atheist.org      22 year old no God name
GWTW.com Usually can’t go wrong with a 21 year old LLLL.com
Gadia.com   Hoping there would be no bidders but there are a few
OrganicGreen.com  Two hot keywords.  And they go together pretty well
Ali Zandi has a nice list of names coming up for Auction at Namejet if you’d like to take a gander
CBNS.com  Great name but tough reserve to hit
ScreenRepairs.com  Great name for phone screen repair company
YourHair.com   Each year this has less value for me
IGMN.com   Reserve under $500 so it will sell
GoldenLion.com  I didn’t think Golden Lion was a five figure name but once I Googled it I realize its an upgrade name for thousands of entities.
Authentic.org   Verification company should want to own this one
Sedo Great Domains Auction
EGSN.com    Met reserve at $265.  Worth a bit more than that IMO
Food.House    Kudus to Sedo for putting the renewal price on the auction.  No reserve
Have a name at auction and need more exposure? Send me an email. I Charge $10 per name per day. We may be able to help. If you have an auction you want to promote, email us for details.*All names chosen by me, Shane . (ie you click through and purchase a name you like) or an occasional paid listing. Everything I say is based on my own research or is opinion. Do your own due diligence. That means look it up yourself if you don’t think the stats or my opinion is correct. I hand choose my names but I am paid to make this list by the auction houses, individuals that are auctioning names, and Godaddy affiliate links. Keep that in mind and only buy names that YOU think are good
The post Domain Shane’s Daily List of Domains at Auction for Monday April 26th appeared first on DSAD.

The post Domain Shane’s Daily List of Domains at Auction for Monday April 26th appeared first on iGoldRush Domain News and Resources.

Continue reading

Hey, you! Listen to the ICANN board webcast more private sessions

DomainIncite DomainIncite: ICANN’s board of directors is to live stream two sessions during an upcoming retreat, and if you’re at all interested in ICANN you really ought to tune in. The webcasts are part of an ongoing pilot program designed to increase transparency at the very top of ICANN’s policy-making reverse-hierarchy. The public, listen-only sessions seem to […]

Related posts:ICANN to publish board meeting transcripts
In rare public session, ICANN approves sexual harassment policy
Kleinwächter joins ICANN board

The post Hey, you! Listen to the ICANN board webcast more private sessions appeared first on iGoldRush Domain News and Resources.

Continue reading