Categories
Security

QuickBooks Desktop and FIPS encryption

If you’re a DoD contractor, you might have tried to use the Windows “FIPS mode” with QuickBooks Desktop. Unfortunately, QuickBooks does not run when Microsoft’s FIPS-compliant encryption libraries are enabled. This creates a potential problem for contractors who need to be compliant with NIST 800-171 requirements. Data-at-rest doesn’t necessarily need to be encrypted, as long…

Categories
Security

NIST 800-171 compliance in Mac-based offices

If you’re a Department of Defense contractor in New York City, MacMaven Consulting can help your company attain CMMC certification. For those companies using Macs and still searching for security expertise, here is some advice from the trenches: Hire a consultancy that has extensive experience in information security, ideally at large businesses. If a firm’s…

Categories
Networking Security

VPN remote access

Working from home is the new reality under the threat of COVID-19. While large enterprises have had remote access capabilities for years, most small businesses haven’t addressed this need. Given that 34% of Americans work at a small business, it’s likely that millions of Americans aren’t able to work remotely. If you’re a small business…

Categories
Security

Should I worry about information security?

Most of my long-term clients have made information security an integral part of their computing. We spend significant time on improving the security of their systems. When I visit a new client, I know what to expect. There are almost always significant deficiencies in security controls. 20% of my new clients have adware/malware that they…

Categories
Security

Mitigate spoofed email

You’ve probably noticed that fraudsters spoof email addresses in their phishing attacks and other scams. They are probably spoofing your company’s email addresses too, sending messages to your customers and employees. While spoofed email using your domain name can’t be eliminated entirely, it can be reduced and/or marked as spam. You can also increase the…

Categories
macOS macOS Server Security

YubiKey smart card login with Open Directory

  Yubico sells Mac-compatible USB authentication keys for two-factor authentication. Its YubiKeys support a slew of authentication mechanisms. I just started working with their FIPS-validated key for one of my clients. Yubico’s FIPS keys appear to be functionally equivalent to their YubiKey 4 series. (Yubico is currently selling the 5 series for those customers without a need…

Categories
Mac hardware Networking Security

Frequently encountered issues with Macs

  While my regular clients hire MacMaven for IT and information security work, I often get calls from new clients with computing problems. An analogy could be made with plumbing. A plumber’s big jobs involve installation of pipes, sinks, showers, etc. Oftentimes a plumber is called to deal with a clogged toilet. These are the…

Categories
Security

CISO vs Director of Information Security

Companies that require information security leadership typically hire someone in a CISO or Director of Information Security position. You might be wondering what the differences are between these security top dog roles. At their core, they have the same responsibility – to protect a firm’s data and systems. However, what a recruiter or job ad…

Categories
iCloud iOS devices macOS Security

Messages in iCloud considerations

  In the latest versions of iOS 11 and macOS High Sierra, you now have the option of storing your iMessages in iCloud. There are two benefits. First, your messages are synced across your devices. When you delete a conversation on one device, the conversation is deleted on all your devices. Second, your older messages…

Categories
Security

Don’t store passwords or other sensitive data in the Contacts app

In light of the recent Facebook data harvesting incident, I took a closer look at developer access to the Contacts app in macOS and iOS. The first time you open a third-party application that wants access access to your contact info, you’ll get a prompt asking for your permission. It’s bad enough that the app…