Adapt security approach
Look to micro-segmentation software that is adaptive and intelligent, to replace manual management of firewall rules and policy. Decouple security from the infrastructure to gain a continuous enforcement pipeline that adapts to new hardware, with strong versioning that proceeds in lockstep with product releases, monitoring, and infrastructure configuration.
Secure organization data
For data at rest, data in motion, and data in transit, everything should be encrypted, universally. Automation and the right secrets-management infrastructure can enable frequent rotation of SSL certs and keys. Every time you commit to the code base, run a set of very basic security tests via your favorite continuous integration tool. Use automated tests to ensure common security mistakes do not leak to production.
Perform red team exercises as an attempt to gain access to a system by any means necessary. Try to mimic the same processes that a motivated attacker would follow to map out an organization’s infrastructure, perform reconnaissance at key physical installations, and then test the physical, cyber and social defenses all at once through a staged exercise.
Change is constant, still, knowledge with control is the key to reducing the risks it poses.
Value of Agile Security
This was the prototype of Mobile Universal Authenticator. The goal was to enable passwordless phone authentication for Windows Desktop and one custom system but with the possibility of extension. A user was able to grant access to belonging Windows Desktop machine and selected system via mobile-only and without providing username/password credentials.
The project got implemented on Apple (iOS) iPhone devices. The whole solution got based on FIDO Specification, including the latest cryptography technics (SHA512 Hash Algorithm).
Corporate GIS Punch-In
The project was to implement a secure and extendable capability of employee punch-in. The application was detecting when employees enter the Company parking area and provide them with the capability to perform remote punch-in.
The project got implemented on Apple (iOS) iPhone devices, and as the technology, we have used Google Maps and the latest cryptography technics (SHA512 Hash Algorithm).