HP, End-Point, NetworkSecurity, Malware, Printer, SimonShiu, SecurityLab, HPComputers, BlackHat2018, ConnectionInspector, JetAdvantage, NSA, DoD, cryptographer

Who Thinks of HP for End-Point Security?

Honestly, that was my first thought when I started looking at the marketing material HP had put together for Black Hat 2018 this year.

HP has been promoting its efforts to provide security to its enterprise printers for the past couple of years and has done a great job at offering secure solution. They have even involved the security research community by introducing a first-of-its kind enterprise printer bug bounty program. 

But end-point security? HP makes printers. What do they know about protecting end-points like desktops or laptops?

Read More
By Jeff Man on Nov 7, 2018 1:50:00 PM
Digital Transformation, Agile Coaching, Agile Development, technology consulting, iterative, incremental, scrum, methodology, scrum master, scrum team, product owner, agilecrm, saas, crm, Digital Experience, Agile Adoption

3 Reasons Why Agile Adoption Should not be Your Goal

As Agile coaches, it is not uncommon for us to encounter companies that have made adopting Agile a priority in their organization but have come under scrutiny for not delivering any specific business value - despite what was promised. In many of these cases, we have seen these organizations revert back to their traditional ways of delivering projects, while others take a mix and match approach relegating Agile only to small co-located projects.

This pattern has caused me to step back and consider why this is happening.  In the end I think it’s because we are setting the wrong goal.


Read More
By Dipanjan Munshi on Nov 1, 2018 3:02:35 PM
Risk Assessments, Security, Privacy

Turn Down That Noise! Tuning into Cybersecurity for the Financial Sector

"Turn down that noise!" I suspect that at some point in your life you’ve uttered those words or perhaps had them spoken to you. In my case it was my parents telling me to turn down my music when I was a teenager. What I never understood was why they viewed my music as noise. To me, it was a symphony of sounds that I connected to in a variety of ways. I realized, as I got older, that noise was really just another term for “I don’t understand, like or connect with that.”

Sometimes it’s just about volume. Sometimes it’s about something else.

Read More
By Alain Espinosa on Oct 18, 2018 1:44:12 PM
Digital Experience, Design, Sprint, DesignSprint, dtp, process

When a Design Sprint isn’t a Sprint: Lessons Learned from Doing a Design Sprint in Slow-Motion

If you’re already familiar with Design Sprints, then you’re also familiar with one of the hardest parts of running one—getting everyone to dedicate an entire week to the process. If you’re unfamiliar with what a Design Sprint is, it's defined by the author of Sprint as a, “five-day process for solving problems and testing new ideas.” 

Read More
By Kevin Guenther on Oct 11, 2018 12:49:54 PM
Agile Development, Agile Coaching

4 Ways an Agile Coach Can Boost Your Agile Adoption

So, you’ve adopted Agile as your company’s method for project delivery. You packed up your books on traditional development best practices (lovingly referred to as waterfall or sequential) and put them in storage. You’ve invested sufficient time and money to ensure that every stakeholder has taken all the necessary training. You’ve setup all the required tools of the trade – installed white boards, hoarded bunches of post-it notes, identified space for stand up meetings, partitioned a large white wall with magnetic strips to show movement of work, etc. 

Things should be ticking along perfectly now. Right? Releases should be visible, you should be getting the maximum value out of your development teams, clients should be satisfied, and the quality of your product should be exceeding your customer’s expectations. Did you say, “Not really”? 

Read More
By Dipanjan Munshi on Sep 27, 2018 4:25:10 PM
Security, Cybersecurity, HPComputers, PrinterSecurity, ReinventSecurity, TechDay, #BugCrowd, #BugBounty, #TheFixer

HP Continues to Demonstrate its Commitment to Printer Security

In August 2018, Onliner Jeff Man attended the Black Hat Conference in Las Vegas, Nevada. While at Black Hat Jeff had the opportunity to connect with the team from HP and discuss the importance, and changing landscape of printer security.
 

In early 2017, HP invited a group of cybersecurity industry bloggers and podcasters to gather for an HP Print Security “Tech Day” at their headquarters in Palo Alto, CA. The purpose of the gathering was to introduce the group to HP’s printer security program (#reinventsecurity), foster discussion, and get feedback on the program. This event was the precursor to a major marketing campaign for HP to promote everything they’ve been doing in terms of making their printers more secure and also building printers with “cyber resilience”, meaning they have the capacity to detect malicious or accidental actions and even recover from the attacks. HP has worked diligently to improve the security of printers which in turn helps to create a more secure enterprise network.

Read More
By Jeff Man on Sep 20, 2018 3:57:53 PM
Security, Privacy, Leadership, Passwords, PasswordComplexity, PCI, SystemAdministrators, Authentication, Captcha

Password123! - Why Does Authentication Have to Be So Hard?

Password complexity and authentication has always been a subject of contention both for users and system  administrators. Many assume that forcing users to create more complex passwords, and changing them frequently,   will lead to greater system safety - in theory this may be true. Given human nature, things rarely go as planned and research has shown that forcing users to comply with these additional requirements has actually had a detrimental effect on system security.

Read More
By Security Consulting Team on Sep 13, 2018 11:28:04 AM
CCPA, GDPR, Privacy, Security, California, Regulators, Misconduct, Statutory Damages, Attorney General

The Name of the Game is Privacy, Especially in California: Part Three

In Part One of this blog we introduced the California Consumer Privacy Act of 2018 (CCPA) and highlighted some of the important points organizations need to look out for to be compliant. In Part Two we elaborated on the scope of the CCPA in terms of businesses covered and their obligations. In this final part we will discuss how the CCPA will be enforced and what you can do now to become CCPA compliant.

Read More
By Laura Sulymosi and Eugene Tyrrell on Sep 6, 2018 11:27:02 AM