News
Jan
“Our goal of ‘Security made simple’ can only be fully realized when every interaction Sophos has with customers and partners exceeds their expectations,” said Kris Hagerman, chief executive officer of Sophos. “Mary has an extraordinary track record in building dynamic and high-impact customer care and customer support organizations, and we are thrilled to welcome Mary to our management team.”
With Sophos Winfield will promote and lead a world-class customer support organization that leverages the latest technologies, methodologies and engagement channels to deliver the highest levels of customer satisfaction. Sophos already has one of the industry’s highest reputations for support quality and customer satisfaction. Winfield’s mission will be to enhance that reputation even further; her organization will serve as the focal point for the “voice of the customer” within Sophos and advocate for customers’ needs across all facets of the business.
Mary Winfield said, “I am excited to join the Sophos team. I believe the company is executing a winning strategy, with winning products and a commitment to customer excellence that sets the standard for the security industry. I look forward to helping the company make the most of every engagement with customers in our quest to make security simple“.
Imagine a system that can alert you when it starts to rain, not only warning to get out your umbrella, but also putting more trains on the Metro to cope with the extra passengers, monitoring the cafes to ensure there is sufficient coffee, or alerting when a vending machine needs restocking. A tool that gives you a sharp overview of vast and complex infrastructure, combined with the intelligence to review and comprehend what is happening – well, that’s not merely SIEM. That’s LogPoint.
SIEM – or Security Information and Event Management. Quite a mouthful. So what does it mean?
Metaphorically speaking, SIEM is the Information Technology version of Closed Circuit Television (CCTV). In short: a surveillance system of all data within an entire IT landscape in order to catch intrusions, provide insight into operations and report on functioning.
The First CCTV
Originally developed in the 1930’s to monitor rocket launches, CCTV began to be used to remotely monitor people and equipment in the 1970’s. A very basic instrument at the time, it could not record, replay, keep or store images.
Unless you were watching it live, the event would be missed.
Log Files
IT Systems create log files for every activity, be it purely informational, or failures, or even successes. Log Files can also trace who performed the activity, when was it done, etc. However, log files are stored locally on each system, and unless someone can review each and every system, it is almost impossible to find everything. Just like the first CCTV, unless you are watching these logs in real time, the event will be missed.
CCTV Evolves
CCTV evolved throughout the 80’s and 90’s, gaining the ability to record and replay videos of people and activity – and this could then be used for investigation and criminal prosecution within the courts. Slowly, CCTV cameras began to appear everywhere. Today, there are 207,431 CCTV cameras covering a large percentage of the city of London – a similar story for most European cities.
Log Management
This is the basis for the Log Management software from which SIEM has evolved – software that enables log collection from an entire infrastructure, storing them centrally, and time-stamping them for analysis. This offers better insight into how “the crime” happened and took place, who was involved, and how can it be prevented in the future. But this still isn’t SIEM as we know it today.
Modern CCTV
CCTV has developed at an amazing speed since the turn of the century. Not only can it now record and store data from hundreds of thousands of cameras, it can also recognize auto registrations and even faces – enabling real-time alerts that can:
• Be sent to emergency operators.
• Dispatch police – e.g., when specific people enters a city or area where they have been banned.
• Track and alert suspicious behavior and movements, such as with crowd control, loitering in street theft hot spots, or troublemakers entering a bar.
SIEM
Like the modern CCTV, LogPoint is the most advanced form of SIEM – capable of monitoring millions of log files every second, from every device in an infrastructure, detecting log patterns as they evolve.
LogPoint can:
• Regularly report on general activities.
• Identify bottlenecks and monitor the health of your IT infrastructure.
• Replay events to identify when, what and who was involved – providing evidence in criminal prosecution.
• Reveal how to prevent incidents from happening again.
• Alert administrators to security threats and system failures – before they even happen.
LogPoint, is the best SIEM, ever.
Jan
Easy to deploy and simple to manage, Sophos Cloud gives Sophos partners and IT managers at enterprises of all sizes the ability to manage and maintain endpoint security to protect all users, regardless of physical location, via the cloud-based service. The launch of Sophos Cloud is the first step in the company’s aggressive strategy of cloud-enabling its entire portfolio. In addition, Sophos will continue to innovate and extend its ‘on-prem’ security software, providing IT professionals choice in how to best manage IT security in their environment.
Kris Hagerman, chief executive officer for Sophos, said, “Sophos Cloud is the answer to the constant struggle IT teams face in protecting and securing their enterprises. These IT teams may be as small as a single person, but the constant threats and challenges they face could overwhelm an army. To come to their rescue, we’re thrilled to deliver Sophos Cloud – it will be one of our key strategic priorities as we execute on our vision of being the best in the world at delivering complete and powerful IT security to small and mid-market enterprises and organizations of any size looking to simplify their IT security operations“.
With the management console hosted by Sophos Cloud, there is no server set up and service can be deployed instantly, providing complete security coverage everywhere – simply. Sophos Cloud delivers all the essential endpoint protection a company needs without any of the complexity traditionally associated with security management. The service is also consistent with Sophos’ ongoing focus and commitment to be a “Channel First” company.
“The ability to administer our security with Sophos Cloud allows us to better manage our resources and enables us to effectively utilize our time and money. The service was easy for us to implement, and it seamlessly integrated into our environment,” said David Fox, IT Consultant, Neptune Terminals.
“Small and medium businesses are especially challenged regarding IT security. They are targets and must meet security best practices yet are resource constrained,” said Charles Kolodgy, Research Vice President for IDC.
“Sophos Cloud is a welcome addition. Its features can remove some of the complexity tied to security management thus allowing small and mid-market businesses to improve security without taxing their resources”. “As an organization that specializes in IT security and services, M3Corp has had a valuable partnership with Sophos for more than 4 years. Sophos Cloud will help us extend that partnership to quickly deliver cloud security that is easy to deploy and manage, while providing the most efficient and economical security solution to all of our customers throughout Brazil. M3Corp’s partnership with Sophos ensures that our customers will be fully protected from all types of threats,” states Antonio Mocelim, Sales Director, M3Corp.
Availability
Sophos Cloud is currently available. Online 30-day trials are available by visiting: www.sophos.com/cloud
Jan
This list was conceived to put a spotlight on the professionals driving one of the most important customer segments in the industry today. These executives were nominated by peers, colleagues, customers and partners because of the strong relationships they have built with midmarket customers, for their leadership, strategic thinking and solution excellence they demonstrate. Valentine was also named a “top disrupter,” a listing of the 25 executives who shook up the IT industry this year.
Kris Hagerman, chief executive officer for Sophos, said, “Mike has been with Sophos for less than a year, but he’s already making an enormous impact. As the architect and driver of our “Channel First” sales strategy, Mike has enabled Sophos to make major strides to work better and more closely with the channel than ever before. Mike is well-known by the channel as a great leader, recruiter and winner. We’re thrilled to have Mike at Sophos leading our global sales team, and this validation from CRN and our partners provides added evidence that we’ve become the leading choice for delivering complete IT security without complexity.”
Commentary from the Sophos Channel
“Our partnership with Sophos allows us to provide comprehensive security solutions for clients, datacenters, and the cloud. We are excited about the leadership and direction Mike brings to Sophos,” said Stephen Perciballi, Security Category Leader, Datacenter Group, Softchoice.
“Sophos’ commitment to the channel is impressive. It has an outstanding partner program and excellent IT security value proposition with award-winning security solutions that are simple to implement and simple to use. Combined with its determination to help partners like us grow our business, Sophos is delivering on his channel first promise,” said Jez Turner, Sales Director, Foursys. Foursys is a specialist in IT security solutions, with over 16 years’ experience and more than 900 customers in the UK.
Jan
At RSA, Schiappa managed a business unit with annual revenue over $500M, and he had responsibility for engineering, product management, product marketing, an anti-fraud command center, and data center operations. At Sophos he will have full product responsibility for the company’s broad portfolio of end user security offerings, including endpoint, mobile, server protection, and encryption and data protection products.
Kris Hagerman, chief executive officer for Sophos, said, “I’m pleased to welcome Dan to Sophos. He has deep experience in the IT security landscape, and his background, drive and passion make him the perfect fit to accelerate our end user security strategy of delivering world-class on-premise and cloud-managed security solutions to protect our customers across their broad diversity of endpoints. We continue to add some of the brightest minds to Sophos as we look to become the world leader in delivering complete security without complexity for organizations around the world.”
Prior to EMC, Schiappa was at Microsoft, where he held several GM positions, including Windows security, Microsoft Passport/Live ID, and the company’s online display advertising platform. He also led strategy and corporate development for the Entertainment and Devices division. As head of Microsoft’s security division, Dan led a 400-person product team responsible for developing the security infrastructure for Windows Vista/7 and Windows Server operating systems. Also during his tenure, he was the key business leader for Microsoft’s BitLocker and Rights Management services. Prior to Microsoft, Dan was the CEO of Vingage Corporation, a video server startup acquired by L3 Mobilevision, and was an executive at PictureVision, an online digital imaging startup acquired by Kodak. Dan also held key technical roles at Informix Software and Oracle Corporation.
Schiappa said, “Sophos is poised to lead the charge for a more effective and simpler approach to securing users and data. The cloud will enable IT professionals and our partners to accelerate security deployment and simplify management in an ever changing landscape of malware, targeted attacks, and other security threats. And the continued innovations in end user and data protection will better safeguard enterprises of all sizes, whether they choose cloud or more traditional on-premise management. It’s an exciting time to be at Sophos, and I’m thrilled to be part of the team.”
Jan
The firmware can be downloaded now from our Downloads page.
Jan
A new program, dubbed PIN Skimmer by its University of Cambridge creators, can correctly guess a high proportion of PINs using the device’s camera and microphone. When selecting from a test set of 50 4-digit PINs, PIN Skimmer correctly infers more than 30% of PINs after 2 attempts, and more than 50% of PINs after 5 attempts on android-powered Nexus S and Galaxy S3 phones. When selecting from a set of 200 8-digit PINs, PIN Skimmer correctly infers about 45% of the PINs after 5 attempts and 60% after 10 attempts. The university team discovered that PIN Skimmer could identify PIN codes entered on number-only softpads by using the camera on the device to monitor the user’s eye movements as they enter their code. Also, the microphone could be used to detect “touch events” – the clicking sound made as the user enters their PIN on the touch screen.
The paper, written in order to raise awareness of side-channel attacks on smartphones, took the approach that the device had already been infected with malware that was then attempting to snaffle the PIN. The university team then set out to see how effective an attack could be and, also, how PIN length may affect the likelihood that the code could be correctly guessed. Mimicking a typical piece of malware, stealth was a key feature in the design. The researchers ran image processing algorithms remotely to minimise battery drain, something that could alert the user that an unauthorised program was running.
An API exposed by the Android operating system was used to disable the LED that switches on in some handsets when the camera is in use. Photos and video taken by PIN Skimmer were saved to the phone but the file sizes were limited to 2.5MB to reduce detection. A real piece of malware could likely hide such files from view completely. Likewise, the research team hypothesised that the sending of data back to the remote server could also be hidden from the user.
Additional network charges is another problem connected with transmitting data. Many smartphone users are on tariffs that charge them additional fees should they use more than a pre-determined amount of data within any monthly period. To that end the report suggested that a real-life Trojan would probably report back to its control centre only when it detected a free WiFi connection within range. The researchers discovered that, contrary to what you may have expected, longer PINs were actually easier to crack than shorter ones. This unexpected result was put down to the fact that longer PINs actually gave the program more information to work with which increased its accuracy.
One of the co-authors of the report, Professor Ross Anderson wrote: Our work shows it’s not enough for your electronic wallet software to grab hold of the screen, the accelerometers and the gyro; you’d better lock down the video camera, and the still camera too while you’re at it. (Our attack can use the still camera in burst mode.)
As for mitigating the risks posed by such an attack, Anderson suggested that questions need to be asked as to which resources should remain accessible during PIN entry, though he did note how disabling some functions, i.e. the speakers, could cause extreme problems to the usability of the device: For instance when a call comes in, the user needs to hear the ring tone while unlocking his phone; otherwise he may assume the caller has hung up.
Instead, he suggests that whitelists may be the answer – denying use of all resources during PIN entry, unless explicitly authorised. Another option, according to Anderson, would be a more widespread adoption of biometrics in smartphones but that is not without its own issues.
You can read the original article here.
Jan
“This certification is a critical step toward the future development of LogPoint. It will enable us to pursue significant opportunities with government authorities, in the security and intelligence sector as well as with major corporations globally,” says Jesper Zerlang, CEO of LogPoint. “We are extremely excited about the partnership with Boeing that will elevate the LogPoint platform to the Tier 1 in the market and place us among the best enterprise SIEM security solutions”
Boeing will assist LogPoint prepare the SIEM platform for the Common Criteria for Information Technology Security Evaluation, with the goal of obtaining Evaluation Assurance Level 3 certification before mid-2014. This certification is often a requirement for cybersecurity contracts in NATO countries and throughout the world. Obtaining it will make LogPoint the only Danish cybersecurity company to meet the standard – and one of few globally.
“We are experiencing a dramatically increasing demand for improved network security as the number of successful network attacks globally are sadly rising. An effective SIEM-solution is one of the cornerstones of efficient enterprise network security, not only to improve security monitoring and early breach detection, but also to answer an increasing demand for regulatory compliance in many countries around the world”, says Jesper Zerlang.
The LogPoint SIEM-platform are currently deployed with more than 250 organizations in Europe, including large- and midsized enterprises in all industry sectors as well as public authorities ranging from municipalities to government authorities. LogPoint is present with offices in the Scandinavian countries as well as Germany and the UK and are currently expanding to a number of other European markets. LogPoint is partner centric and deploy its solution through a network of certified partners, ISP’s and system integrators throughout Europe.
LogPoint is a European, Copenhagen-based IT security company that delivers IT security SIEM solutions for enterprise networks. The LogPoint technology is an advanced Security Information and Event Management (SIEM) platform that provides real-time monitoring and incident management for security-related events from network, security devices, systems and applications as well as log management, analytics and compliance reporting.
You can read the original article here.
Jan
Of 2,000 respondents surveyed globally, 58 percent confirmed that management does not see cyber attacks as a significant risk to their business. Despite this, IT infrastructure and asset security incidences, as well as wider security related disruptions, were found to have cost these SMBs a combined average of $1,608,111 over the past 12 months.
The research, sponsored by Sophos, also identified that the more senior the position of the decision maker in the business, the more uncertainty there was surrounding the seriousness of the potential threat.
“The scale of cyber attack threats is growing every single day,“ said Gerhard Eschelbeck, Chief Technology Officer for Sophos, “yet this research shows that many SMBs are failing to appreciate the dangers and potential losses they face from not adopting a suitably robust IT security posture.”
According to the research, there are three main challenges preventing the adoption of a strong security posture: failure to prioritize security (44 percent); insufficient budget (42 percent); and a lack of in-house expertise (33 percent). In many SMBs there is also no clear owner responsible for cyber security, which often means it falls into the purview of the CIO.
“Today in SMBs, the CIO is often the “only information officer”, managing multiple and increasingly complex responsibilities within the business,” said Eschelbeck. “However, these “OIOs” can’t do everything on their own and as employees are demanding access to critical apps, systems and documents from a diverse range of mobile devices, it would appear security is often taking a back seat.”
The study also reveals uncertainty around whether ‘Bring Your Own Device’ policies (BYOD) and the use of the cloud are likely to contribute to the possibility of cyber attacks. Seventy-seven percent of respondents said the use of cloud applications and IT infrastructure services will increase or stay the same over the next year, yet a quarter of those surveyed indicated they did not know if this was likely to impact security.
Similarly, 69 percent said that mobile access to business critical applications would increase in the next year, despite the fact that half believe this will diminish security postures.
“Small and midsize organizations simply cannot afford to disregard security,” said Larry Ponemon, president of the Ponemon Institute. “Without it there’s more chance that new technology will face cyber attacks, which is likely to cost the business substantial amounts. CIOs are under pressure to implement new technology that informs agile and efficient ways of working, but this should not take precedence over security. The industry needs to recognize the potential dangers of not taking cyber security seriously and create support systems to improve SMB security postures.”
The study targeted SMBs in the United States, United Kingdom, Germany and Asia-Pacific (Australia, India, China and Singapore) to better understand how such organizations are managing security risks and threats. Key findings of the study include:
- Fifty-eight percent of respondents say management does not see cyber attacks as a significant risk.
- One-third of respondents admit they are not certain if a cyber attack has occurred in the past 12 months. Forty-two percent of respondents said their organization had experienced a cyber attack in the past 12 months
- Respondents in more senior positions have the most uncertainty about the threats to their organizations, indicating that the more removed the individual is from dealing on a daily basis with security threats, the less informed they are about the seriousness of the situation and the need to make it a priority.
- CISOs and senior management are rarely involved in decisions regarding IT security priorities. While 32 percent say the CIO is responsible for setting priorities, 31 percent say no one function is responsible.
- Forty-four percent of respondents report IT security is not a priority. As evidence, 42 percent say their budget is not adequate for achieving an effective security posture. Compounding the problem, only 26 percent of respondents say their IT staff has sufficient expertise.
- Respondents estimate that the cost of disruption to normal operations is much higher than the cost of damages or theft of IT assets and infrastructure.
- Mobile devices and BYOD are much more of a security concern than the use of cloud applications and IT infrastructure services. However, these concerns are not preventing extensive use and adoption of mobile devices, especially personal devices.
Uncertainty about their organization’s security strategy and the threats they face varies by industry:
- Respondents in financial services have more confidence, which can probably be attributed to the numerous data protection regulations.
- The technology sector is also more security aware, which is probably due to the IT expertise that exists in these organizations.
- Retailing; education and research; and entertainment and media have the highest level of uncertainty about their organization’s security strategy and the threats they face.
Recommendations:
- Organizations need to concentrate resources on monitoring their security situation in order to make intelligent decisions. While assessing where they stand on the security continuum, organizations need to focus on monitoring, reporting and proactively detecting threats.
- Establish mobile and BYOD security best practices. Carefully plan and implement a mobile strategy so that it doesn’t have an impact on the overall security posture.
- Organizations should look for ways to bridge the gap created by a shortage of information security professionals. Consider ways to free-up time for in-house resources, including a move to cloud technologies, security consulting and easy-to-manage solutions.
- Measure the cost of cyber attacks, including lost productivity caused by downtime. Work with senior management to make cyber security a priority and invest in solutions that restore normal business activity more quickly for a high return on investment.
- Organizations in all sectors are regularly breached and regulations are often simply the beginning of properly securing a network. Consider consolidated security management to gain a more accurate picture of threats that will help focus on problem areas.
A full copy of the Ponemon Institute study: The Risk of an Uncertain Security Strategy, is available here.
Jan
In an increasingly complex security environment Sophos works with partners to make security simple to deliver, implement and manage. Over the last 12 months Sophos has created a more flexible and generous partner programme, providing partners with protection for deal registrations, attractive margins and joint lead generation initiatives. The programme also provides up-to-date certification, to ensure partner sales and technical teams are fully trained across Sophos’s latest solutions to help drive partner businesses forward. Delivered by dedicated channel relationship managers, Sophos gets to know partner businesses to ensure they feel supported every step of the way.
James Vyvyan, Regional Vice President, UKI, Sophos said: “We’re delighted to have won ‘Security Vendor of the Year’. Sophos is committed to a ‘channel first’ strategy and we believe that by taking the time to understand our partners’ business model, we can work together to provide the solutions that best suit their customers’ IT security needs.”
Sophos also won two awards in CRN’s DACH awards on 13 November: Security Vendor of the Year and Channel Champion of the Year 2013.
Commentary from the Sophos Channel
“Many of the innovations Sophos has introduced are unique to the market. These unique solutions make it possible for us to differentiate ourselves from other security consultants and better meet our clients’ needs,” said Mark Robinson, Director, Globelink Infrastructure & Network Security.
“The Sophos Partner Programme empowers proactive and enthusiastic partners like ourselves to achieve the levels of technical and sales accreditation required to represent Sophos at the highest level,” said Paul Cox, Managing Director, Quadsys.
“We’ve worked closely with Sophos for more than 12 years and feel the relationship is stronger now than it has ever been. The sales, technical, financial and management teams at Sophos and Foursys are all working really closely together, which means we get it right and we both put customer service at the top of the agenda,” said Paul Prior, Managing Director, Foursys.
“WD is using enterprise-class components to build a new family of network appliances for small businesses,” said Bill Evans, general manager of WD’s business storage solutions group. “The WD Sentinel S-series network appliances are engineered with Intel Xeon processors, pre-populated with WD Se datacenter 3.5-inch hard drives for rapid deployment, and feature dedicated 2.5-inch boot drives for maximum reliability. No other vendor offers a comparable network storage plus server in an equally small form factor. With a small footprint and quiet fan, an S-series appliance can be deployed anywhere.”
Proven Components from Intel, Microsoft, and WD
Built by WD, powered by an Intel Xeon processor and running Windows Server 2012 R2 Essentials, the WD Sentinel S-series is based on proven technologies from industry leaders. Unlike competitors’ proprietary operating systems, the S-series is a fully configured native Windows Server on which customers can deploy thousands of Windows applications.
“Windows Server 2012 R2 Essentials gives customers the benefit of built-in, groundbreaking, low-cost storage technologies, and WD’s Sentinel S-series hardware helps small businesses take advantage of these technologies,” said Jamie Hamilton, Director of Marketing, OEM Division at Microsoft Corp. “We are pleased to work with WD to tackle the small business, first-server opportunity. WD’s hardware engineering expertise, previous success with network storage products based on Windows Storage Server, and leadership in offering an R2 version of Windows Server 2012 Essentials puts WD in a good position to serve this industry.”
Reliable Enterprise Grade Components
The WD Sentinel S-series include WD 3.5-inch datacenter-class hard drives for enhanced data security. Businesses gain enterprise-class reliability with dual dedicated boot drives (optional on WD Sentinel DS5100), dual gigabit Ethernet ports, and dual external DC-in power adapter ports. This engineered redundancy, along with a bezel lock for physical security, all add to the reliability of this ultra-compact network storage plus server that can be deployed virtually anywhere.
Affordable First Server for Any Small Business
The WD Sentinel S-series is a complete, fully-configured solution with automatic backup and restore software for up to 25 users and 50 computers, all at a very affordable price that starts at $2,560 U.S. MSRP. By combining a single solution for both storage and server requirements, the S-series appliances are a great solution for any small business looking for their first server.
“Finally, a network storage vendor has delivered a low-cost, turn-key solution that meets my customers’ requirements—with no assembly required,” said Kevin Royalty, Microsoft MVP and Managing Partner of Total Care Computer Consulting in Centerville, Ohio. “Small business customers want a packaged solution with balanced disk, processor, memory, and operating system that is engineered and tested as a unit. The DS5100 and DS6100 appliances are ideal as a ‘first server’ due to the high-performance Intel Xeon processor, Windows Server, high-capacity enterprise-class disk storage, and tiny footprint.”
Availability
WD Sentinel S-series appliances are available today at CDW, PC Connection, and Insight, and through select VARs, resellers, and distributors worldwide. The WD Sentinel DS5100 is pre-populated in capacities of 4 or 8 TB. The WD Sentinel DS6100 is available with capacities of 8, 12, or 16 TB.
Jan
WD’s My Cloud personal cloud drives, available now in China in capacities of 2 TB, 3 TB and 4 TB, enable consumers to organize, centralize and secure the digital content from all of their computers and mobile devices and access those files from any device and from anywhere in the world. WD’s My Cloud EX4 high-performance four-bay network attached storage (NAS) solution, available now in China in 0 TB, 8 TB, 12 TB or 16 TB1 capacities, provides creative professionals, prosumers and workgroups a reliable way to save, share, back up, stream and manage massive amounts of digital data. The Baidu Yun service is a leading public cloud storage service provider with more than 100 million users. Consumers and businesses store content on Baidu Yun for easy access and sharing from any computer or mobile device.
The collaboration between WD and Baidu will enable Chinese customers to manage their Baidu Yun account and easily transfer files between their My Cloud or My Cloud EX4 device and Baidu Yun using WD’s My Cloud mobile apps for iOS and Android operating systems. Baidu and WD customers will also be able to back up their local content to Baidu Yun, as well as backup their Baidu Yun account to their local storage using WD SmartWare™ Pro software.
“The growth of Baidu and its public cloud storage and services in China has been spectacular; it’s a pleasure to collaborate with them,” said Jim Welsh, executive vice president, Branded Products and worldwide sales. ”The integration of Baidu Yun with our personal cloud and external storage platforms gives our mutual customers the best of all worlds – the ability to keep content safe at home, while backing up and sharing with friends on Baidu Yun.”
“Baidu aims to provide the best way for people to access their valuable content, regardless of their location,” said Hou Zhenyu, chief architect of Baidu Yun. “WD is a leader in high-capacity local storage, and integrating our public cloud storage service with WD’s platform gives our customers a compelling hybrid cloud storage solution – the best of both public cloud storage and personal cloud storage.”
You can read the original article here.
Jan
In comments that support Array’s ranking in the new report, IDC analysts note that the company’s WAN optimization solution has “increased its chances of cracking bigger deals and positioning themselves as an end-to-end solution provider in the ADC space.”
According to IDC, drivers of Array’s leading position in the India market include the ability to close deals in the lucrative government and banking and financial services industry (BFSI) markets, as well as the ability to offer holistic ADC and WAN solutions with custom costing to potential customers. Although Cisco still leads – due to volume WAN optimization sales – Array is mounting a challenge by way of continued growth in the WAN optimization space.
Mr. Shibu Paul, Country Manager at Array Networks said, “IDC is a respected authority tracking the markets Array serves, and the local IDC team in India has a superior understanding of vendors, partners and customers in the application delivery networking space. The Array team has been working tirelessly to serve our customers, assist our partners and enhance our offerings, and I am extremely pleased to see our efforts paying off as reflected in the new IDC market report.”
“In addition to growing traction in the enterprise based on its suite of application delivery networking solutions, Array is also opening up new opportunities with its line of software appliances which can be hosted on any virtualized server to break price barriers and make solutions more affordable to SMBs,” said Manoj Iyer, IDC’s market analyst for enterprise networking in India. “With the ability to support a broad range of customers and a go-to-market strategy focused on educating partners its load balancing, WAN optimization, enterprise mobility, high availability, BYOD and application acceleration solutions, Array is well positioned to further increase their market share in the application delivery networking market.”
You can read the original article here.
Learn How Balance and MAX Routers Team Up for Unbreakable VPNs
The Balance lineup uses Peplink SpeedFusion technology to integrate seamlessly with MAX cellular routers and deliver unstoppable VPNs in a wide variety of applications. To see how, visit our updated Balance and Unbreakable VPN pages. Filled with helpful deployment diagrams and technology highlights, they’re a great way to learn more about fast, reliable, and affordable Peplink solutions for retail, enterprise, public safety, and much more.
You can read more here.
Jan
1. Always secure your smartphone with a password
One of the most basic security tips, but one which is sometimes completely overlooked! Having no access protection at all is just foolish. Swipe patterns are ok, but greasy finger-trails could reveal too much. A four-digit PIN is an improvement but using a strong passcode is the ideal phone protection.
2. Ensure that your device locks itself automatically
If you set up password-protection on your phone but then leave it unlocked on your desk for 15 minutes, you won’t have achieved very much. Most smartphones allow you to set them up to automatically lock themselves after a period of inactivity. Make sure you choose the shortest timeout you are comfortable with. Two to five minutes is better than ten to thirty, even if it does feel slightly inconvenient.
3. Install security software
Your smartphone is a computing device and should be protected accordingly. Look for an app like Sophos Mobile Security that includes malware prevention, remote data wipe, privacy review of apps and an automatic security advisor to alert you to potential risks when you change a device setting. If you’re in charge of securing your organisation’s phones and tablets, then choose a mobile device management solution like Sophos Mobile Control.
4. Only download apps from approved sources
The Google Play Store and Apple’s App Store take security pretty seriously. They are very careful about what apps they make available and will withdraw apps that raise concerns after release. Read user reviews of apps before installing them – if there are any security concerns then someone else may well have mentioned them.
5. Check your apps’ permissions
Apps. Image courtesy of Shutterstock.Many apps require more than the basic default permissions. For instance, you can reasonably expect an SMS app to send and receive text messages just as a mapping app will request your GPS location. But something like a calculator that needs network access or an alarm clock that wants to read your contact database should be treated with extreme caution!
6. Don’t miss operating system updates
Updates to your OS often include system vulnerability patches, so it’s important to install them. You might want to be advised of updates rather than having them automatically installed, as early adopters sometimes experience teething problems – but the forgetful among you may prefer that to missing updates altogether.
7. Be wary of any links you receive via email or text message
Now you can pick up email on your phone, exercise caution when clicking on links. And phishing scams are not limited to email – a text message can incite you to click on a dodgy link or ask for personal information. Even simply replying to unknown SMS or email senders can raise the crooks’ interest in you, leading to more pressure to respond.
8. Encrypt your smartphone
Even if you’ve secured your smartphone with a password, a thief could still plug your device into a computer and gain access to all of your personal information. Using encryption on your smartphone can help to prevent such data theft.
9. Turn off automatic Wi-Fi connection
WiFi. Image courtesy of ShutterstockOne of the great things about modern mobile phones is their ability to connect to the internet in many ways, but continually probing for wireless networks gives away information about your identity and location, and blindly connecting to unencrypted access points can let your phone leak all sorts of useful things for malicious actors to intercept and act upon. So tell your phone to forget networks you no longer use, so as to minimise the amount of data leakage and configure your phone to automatically turn on/off wireless in certain places using a location-aware smartphone app.
10. Turn off Bluetooth and NFC when not in use
Bluetooth and NFC (near field communication) are great in terms of connectivity, allowing you to use accessories such as wireless keyboards and headsets or make payments with a wave of your smartphone. But it does open a door for the bad guys to gain access to your device and access your data, so you should either switch these features off or put your device into “not discoverable” mode whenever possible. Also, be careful when pairing devices – never accept requests from unknown devices.
You can read more here.
Jan
“While many security experts are aware of the high level trends, few have recognized their significance,” said James Lyne, global head of security research at Sophos. “If 2013 has taught us anything, it is that traditional security controls are struggling. These new behaviors are forcing the industry to adapt and change, and widely held best practices must be reconsidered.”
The threat report highlights new security concerns ranging from stealthy malware tools that offer dynamic camouflage and provide attackers with long-term persistent access to users’ data, to the proliferation of connected devices that represent new and often ill-protected targets. Many new “Internet of Things” devices are becoming commonplace in our homes and everyday infrastructure, offering shadier cybercriminals the potential to impact our daily lives, rather than just the traditional theft of financial information.
“These trends are set to continue in 2014 as threats become even smarter, shadier and stealthier,” said Lyne.
In 2014 Sophos predicts greater focus from cybercriminals on high quality and convincing phishing and social engineering to compensate for harder-to-exploit operating systems like Windows 8.1; embedded devices (such as POS systems, medical systems and new “smart” infrastructure) will open old wounds as security mistakes eliminated in the modern PC environment are carelessly re-implemented; attacks on corporate and personal data in the cloud will continue to grow as providers struggle to refine the security strategy in this new computing platform; and malware for mobile is set to become as sophisticated as its PC relatives.
“It is clear in 2014 we need to be watching not just the evolution of existing attacks, but be prepared for dangerous new threats emerging that we haven’t previously dealt with,” said Gerhard Eschelbeck, CTO at Sophos. “As the industry adapts and enhances protection mechanisms to cover new devices and threats, this is increasingly becoming an issue for every member of society, not just for government and business.”
A full copy of the Security Threat Report 2014 containing more information and statistics on cybercrime in 2013, as well as top tips and predictions on emerging trends, can be downloaded here.
You can read the original article here.
As well as providing excellent daylight surveillance coverage, JCAM-IR also has infra-red capability to enable a comprehensive 24-hour surveillance operation to be implemented.
JCAM-IR Image Quality
Crucial to the successful implementation of any security surveillance strategy is the image quality of the cameras being used. JCAM-IR is an HD 2MP fixed lens camera that can stream video with a resolution of up to HD1080p at up to 30fps. Facial recognition can be achieved in normal light conditions up to a distance of 10m. JCAM-IR has a darkness/low light range of 10m.
JCAM-IR Alerts
When motion is detected by JCAM-IR, videos can be recorded and snapshots (of before and during the event) sent by email. Videos can be saved to the camera’s on-board Micro SD card (user supplied) or, alternatively, to a networked PC. Camera recording and snapshots can also be activated manually or by an event triggered by an optional attached Jacarta Go-Probe sensor (water leak, door open, smoke, etc.).
You can download the brochure here.
We all believe (and hope) that ‘it won’t happen to us’ but how many horror stories of you heard where an unnoticed leak has turned into a flood, a briefly un-manned room has resulted in theft, or a faulty piece of equipment has led to ruined stock, lost data or hardware? SMS Alarm General is an extremely cost-effective way of helping to prevent these initially minor events becoming catastrophic for you or your business.
Up to 2 x Go-Probe sensors and 1 x Temperature sensor can be monitored by the Alarm General and it is also possible to link the Alarm General to alarm panels such as fire, security, generator, UPS, fire suppression, air-conditioning, etc. SMS Alarm General can be used to help protect all types of premises: Offices, data centres, shops, warehouses, industrial units, homes, holiday villas – the list is endless!
How Does SMS Alarm General Work?
The SMS Alarm General solution consists of a quad-band modem, integrated Jacarta configuration and alerting software module, and the capacity to connect up to 2 x Go-Probe sensors and 1 x Temperature sensor. Once a user-supplied SIM card is inserted and the sensors connected, configuration of alarm messages and contact telephone numbers can be carried out by sending text messages to the Alarm General. The Alarm General will reply to acknowledge each of the messages, confirming that the required instruction has been carried out.
Once configured, SMS Alarm General will continually monitor the condition of the sensors and alert the configured mobile phone numbers when an alarm condition is detected. Up to 5 numbers can be alerted. In addition to the alerts, Alarm General can send you a daily status text, and you can remotely check the status of your sensors at any time by sending a text message to the Alarm General.
You can download the brochure here.
This isn’t entirely surprising as the FBI had issued a warning on Christmas Eve to media organizations about a new wave of phishing attacks associated with the infamous SEA. Skype has more than three million followers on Twitter, which indicates that, had the attackers wanted to send out malicious links or other dangerous content, this could have been a whole lot worse.
What I would like to know is why on earth a company social media profile with over three million followers would not be using two-factor authentication. Earlier this year Twitter rolled out an improved two-factor solution seemingly in response to previous attacks by the SEA. WordPress offers two-factor authentication and Facebook has supported two-factor authentication for a couple of years now, all in an attempt to prevent this exact type of attack.
Microsoft, would you care to explain why you apparently are not using it? We believe it is the responsibility of organizations with a large number of followers to do whatever they can to secure their profiles. We suppose this can be a lesson to the rest of us. Take advantage of the safety net of two-factor authentication whenever possible. While it may be less than perfect, so are you.
You can read the original article here.
The Federal Communications Commission reports that mobile phone theft constitutes 30-40% of all robberies across the United States, a crime that cost US citizens $30 billion in 2012. In the Senator’s own state of California such thefts are even more prevalent, accounting for over 50% of street robberies, Los Angeles alone has seen a 12% increase in smartphone thefts over the last year. If the kill switch legislation is passed, carriers will be able to remotely send a message to any device that has been reported as either lost or stolen. That message would trigger the device to ‘brick’ itself, effectively making it useless, and a far less appealing option for would-be thieves. With a few exceptions, most phones do not offer any form of remote deactivation at this time which makes them especially appealing to thieves who can snatch and sell them on in a very short period of time.
One manufacturer that does offer deactivation is Apple, though Gascón would like to see such a feature become the default rather than an option: “Apple should be commended for leading the way and making efforts to safeguard their customers, but it is still too early to tell how effective their solution will be. Until Activation Lock is fully opt-out, it appears many iPhone owners will not have the solution enabled. This leaves iPhone users at risk as thieves cannot distinguish between those devices that have the feature enabled and those that do not”.
Gascón, along with New York Attorney General Eric Schneiderman, have asked mobile phone manufacturers to propose methods of curtailing the theft of smartphones. Having presented the tech companies with a June 2014 deadline, Gascón said: “I appreciate the efforts that many of the manufacturers are making, but the deadline we agreed upon is rapidly approaching and most do not have a technological solution in place. Californians continue to be victimized at an alarming rate, and this legislation will compel the industry to make the safety of their customers a priority”.
The bill will be formally introduced in January 2014.
The readers who wish to protect their Android devices in case of loss or theft can install Sophos’s free Antivirus and Security app which includes the following features:
- Supports remote commands for Wipe, Lock, Alarm, Locate, Reset passcode and Message to finder
- Reporting of the device location before the battery runs out
- Notification if the SIM card is replaced
You can read the original article here.