Technology expert Evan Schuman takes an authoritative look at the faults and foibles of enterprise IT.
In many ways, lawyers, CIOs and CISOs have the same mission: protect the enterprise from forces that want to do harm. But those two professions often approach the task in such polar opposite ways that they fight each other instead of the bad guys.
Gaining visibility into anything IT-related is always difficult, but the age-old nemesis, shadow IT, remains a major problem — especially as the enterprise environment has changed.
If coders lied as often as ChatGPT, they would be fired immediately. Stunningly, some enterprise execs seem to be just fine with that — as long as AI continues to code quickly and for so little money.
Using generative AI to code is dangerous for a variety of reasons, but its efficiencies will tempt corporate leaders — especially CIOs and business execs — to use it anyway. A senior AWS executive at Amazon argues the decision doesn&rsquo....
As we’ve seen with other highly-hyped technologies — such as the Web back in ‘95 and blockchain more recently — companies can get ahead of themselves when they jump into investments based on things other than strategic goals. ....
A compliance fight between Microsoft and German regulatory authorities has gotten white hot, though it looks as though any penalties might bypass the company and take aim at its customers.
Biometrics are supposed to be a fundamental pillar of modern authentication. Unfortunately, for a wide range of reasons and in a variety of ways, many biometric implementations are wildly inaccurate.
As the COVID-19 pandemic slowly fades — and the rush to cloud solutions it hastened now seems less critical to business success — a question arises: Has anyone on your team recently run an ROI analysis to see whether the cloud truly save....
This goes beyond simply not trusting location data for cybersecurity authentication. Geolocation is now used for a wide range of business reasons — but it shouldn’t be.
The US Federal Reserve and the US Senate are both looking to lessen restrictions on retailers — ostensibly to rein in card fees. What they actually are doing is inviting more fraud.
The European Union is cracking down on cryptocurrencies. That could have massive implications for enterprise IT.
Microsoft is backing off its support for some AI-driven features, including facial recognition. Although it's good Microsoft is acknowledging discrimination and accuracy issues, it had years to fix the problems and didn’t.
There are disturbing reports that some major financial institutions are no longer crediting back all fraudulent transactions, even when the victim has filed a police report. This move by these financial institutions will soon come back to bite them. ....
C-level execs argue a fine game about caring about their employees — but those platitudes somehow never make it into the HR meetings about bonus benchmarks.
What if smartphone sound-recognition could be tweaked to do core IT and operational chores? This would be an option to customize the phone to listen for sounds specific to your company.
It’s not often that you see two cybersecurity vendor CEOs agree on an issue — and yet get into a very public insult-fest with each other. Then again, this did start at RSA, so anything is possible.
A June report from an analytics firm has Amazon knocking Walmart out of its No. 1 retailer slot by 2024. Walmart bet on a store-based approach years ago, but consumers changed their habits and Walmart is soon to pay the price.
Given that one of the uglier threats to enterprise cybersecurity involves re-purposed third-party code and open-source code, you might think that Google addressing the issue would be a big help. Think again.
The US Department of Justice last week reversed its own policy, telling prosecutors not to prosecute anyone who has engaged in “good-faith security research.”
Apple has changed its self-repair program and has gone out of its way to make the program a horrible option for its intended audience: consumers. But it might make a lot of sense for enterprise IT wanting to do iOS device repairs.
The recent corporate pushback against working from remote locations (referred to, unfortunately, as work from home) is both self-destructive and bizarre.
In a case involving LinkedIn, a US appellate court has come to an obvious conclusion: scraping publicly-visible online data and content doesn't violate The Computer Fraud and Abuse Act. What does it mean? That's where things get interestin....
Have you recently been on a video call, muted and then said something nasty about a client — or maybe even the boss? Were you confident the mute button was protecting your secret? You shouldn't have been.
Craig Federighi, Apple’s senior vice president of software engineering, acknowledged Apple has dramatically slowed down auto updates — by as much as a month.
With the threat of Russian cyberattacks still with us, companies need to be on a war footing when it comes to security.
Time is of the essence when a data breach occurs. The tricky part is figuring out exactly when a company first knows about a breach, and how long it has before making it public.
CVS Pharmacy has a widely used app and site to schedule various vaccinations, including for COVID-19. The problem? It has a glitch that allows customers to schedule appointments that are then cancelled without explanation.
One of the best authentication methods today relies on behavioral analytics, especially when it’s used as part of continuous authentication. But it is getting a bit trickier to do so reliably.
It’s not simply about getting easy permission to go when it's time to part ways; it’s about IT making sure any decisions don’t complicate that eventual departure.
Ever since its layoffs last summer and a plunge in quality, Rackspace lets customers in — but won’t let them out. A cautionary tale of a business that had to fight like heck to escape.
Much of mobile security advice these days is for users to be careful, not click on suspicious links nor open suspicious emails or attachments. But the growing popularity of no-click attacks sidesteps these defenses — and Google has drilled into....
Apple has a complicated relationship with privacy. It loves to tout its efforts, especially as a differentiator with Google. But actually delivering privacy? That’s a different story.
It’s a sad fact of mobile authentication: the industry tends to initially support the least effective and secure options. Take the recent case of the sleeping woman in China, for instance.
The mobile app security headaches continue. This time it's spyware found by mobile security firm Zimperium that not only steals data, but can silently control mic and camera — and secretly delete security apps. Fun times.
Apple, Google, and especially Visa this month have given us yet another example of how security and convenience are at odds in the mobile world. Convenience seems to have won out.
Another day, another revelation that mobile vendors might not always have users’ needs in mind, but they sure are helpful to cyberthieves.
A security researcher found that an open area for typing in a phone number has unintentionally turned AirTags into God’s gift to malware criminals.
I’ve always been impressed by how clever Apple can get when trying to protect its repair revenue. A new report from MacRumors doesn’t disappoint.
While Google has announced plans to reset permissions for older, rarely used Android apps, Apple’s app-tracking-transparency efforts in iOS have fallen short of the company’s grand vision.
Apple has unveiled plans to use its extensive powers to fight child pornography. Even though it has good intentions, the company's actual plan has given people dozens of reasons to oppose the move.
As if IT needs more reminders that apps in app stores may not be secure, a Netherlands security firm has found a new Android dropper app dubbed Vultur. It offers, and delivers, legitimate functionality, then shifts into malicious mode when it detects....
When it comes to keeping everyone in the company on the same page, IT could be doing more. That's especially true when making sure mobile devices are secured.
When spyware from an Israeli firm was discovered on a number of iPhones used by journalists, critics hit Apple over security and privacy concerns. But in this case, it doesn't look like the company did anything wrong.
It's deeply unsurprising that newly-released information from the Attorney General's office for Arizona — released when a judge agreed to unseal some of the data — shows Google trying to hide privacy settings and tracking users ....
In cybersecurity, one of the challenging issues is figuring out when a security hole is a big deal or is trivial. Apple now has a hole that pushes the definition.
Google is moving — slowly — to make multi-factor authentication default, pushing FIDO-compliant software embedded within the phone, and even has an iOS version. Nice touch.
A university study found that a frequently-heralded smartphone claim by both companies is non-existent. This raises a serious question: Don’t they have to prove something works before shouting it from the highest virtual rooftop? Doesn’t ....
Remember all of the security corner-cutting forced on us in March 2020 as companies scrambled to deal with the pandemic? It's time now to go back and fix things.
Given that law enforcement can leverage a hole in Mozilla open-source code that Apple used to permit accessories to be plugged into an iPhone’s lightning port, IT and enterprise security pros need to view mobile device security differently.
One of the best tech support programs in the industry has been Dell's ProSupport program, which routinely answers within 10 seconds and offers excellent techs who truly try to help. It also offers a next-day onsite repair program that's imp....