Insights

Last evening, Patrick Kelley was interviewed by 11Alive/NBC News on the topic of Apple's new feature "NameDrop". Watch the interview here. Here are the short notes: Functionality: NameDrop, introduced with iOS 17, allows iPhone users to share contact details by holding their iPhones close to each other. An animation appears, followed by the option to share or receive contact information​​. Safety and Privacy Concerns: Viral Facebook posts have inaccurately claimed NameDrop poses a safety threat, especially to children. However, these concerns are largely unfounded. The feature includes several safeguards: it requires explicit confirmation to share or receive contact details, and the iPhone must be unlocked using Face ID, Touch ID, or a passcode​​. Disabling the Feature: Users who wish to disable NameDrop can do so through the Settings app. The process involves navigating to General > AirDrop and toggling off the "Bringing Devices Together" feature. However, disabling this also impacts…

Holiday fishing trips take on a new meaning when scammers try to phish you instead. Between getting the turkey thawed and the potatoes mashed before your family arrives, cybersecurity is probably the last thing on your mind… creating the ideal environment for scammers to take advantage of an inattentive click on a link. With the prevalence of technology, we have become desensitized to the vigilant scrutiny necessary to avoid becoming part of the ever-growing populace of the scammed. (https://www.aarp.org/pri/topics/work-finances-retirement/fraud-consumer-protection/2022-holiday-shopping-scams-report.html) To keep your holidays full of merriment and free from fraud, keep these best practices in mind: Remember that scams can come in many forms, including phone calls, texts, and emails. Scrutinize the phone number, name, or email address. Do you know it? Are you expecting it? Does it pertain to something you're aware of (E.g., a purchase, vendor, meeting, etc.)? Before clicking on any links, mouse over them - does…

One of the easiest ways for cybercriminals to compromise your information is by gaining unauthorized access to your email and cloud accounts. Both Gmail and iCloud are primary targets due to their widespread use and the plethora of information stored within them. At Critical Path Security, we're here to ensure that your data remains uncompromised. We recommend that all our clients regularly monitor their accounts for suspicious logins and ensure that two-factor authentication (2FA) is enabled. To help in this endeavor, we've simplified the process for you with a step-by-step guide for both Gmail and iCloud. Checking Gmail for Suspicious Logins: Login to Your Account: Visit Gmail and log in. Access Google Account: On the top-right corner, click on your profile picture and select "Manage your Google Account." Navigate to Security: From the left pane, select "Security." Review Recent Activity: Under the "Your devices" section, you can see the devices…

Establishing a Strong Password Policy Protecting your network starts with a robust password policy. With Microsoft Active Directory, you can utilize Group Policy to dictate various password criteria like complexity, duration, and size. Locate the default domain password policy at: Group Policy object (GPO) -> Computer configuration -> Policies -> Windows Settings -> Security Settings -> Account Policies -> Password Policy. Since Windows Server 2008, you can implement detailed policies for specific organizational units through Active Directory Administrative Center (DSAC) or PowerShell. NIST's Password Recommendations The National Institute of Standards and Technology (NIST) provides Digital Identity Guidelines, which emphasize: Password Complexity and Length: Contrary to forcing numerous symbols, NIST suggests promoting lengthy passwords or passphrases, ideally up to 64 characters. Password Duration: Instead of regular password changes, NIST now advises changing passwords only if a security threat is perceived. Avoid Easily Guessable Passwords: Steer clear of simple patterns, default passwords,…