nss Cybersecurity As a Service
nss Privileged Access Management
nss Data Security Management
nss IT & Security Management
nss MSP & ITSP Integrated Solutions
nss Password Management for MSPs
nss Identity Security
nss Vulnerability Assessment & Management
nss Application Security Testing for Enterprise
nss Link Load Balancing, Wifi & SDWAN
nss Backup & Recovery
nss Optical Networking
nss Document Security
nss Server Load Balancing, Secure GW, WAN Optimization
nss Email Archiving
nss PKI Solutions & Identity Services
nss Tiered Backup Storage
nss Simplify your data center
nss Physical / Virtual Backup & Disaster Recovery
nss Secure Critical Communications
nss SIEM & Log Management
nss Threat & Vulnerability Management Platform
PRODUCTS
PRODUCTS
Facebook Twitter Linkedin Youtube Rss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss
nss

Cyber Security Elements by NSS

News

Search
Custom search
15

Jan

Critical Infrastructure Providers Strengthen Cybersecurity by Implementing Standards-Based PKI

Recent headlines and mounting evidence suggest that cyberattacks on Critical Infrastructure (CI) systems are increasing as cybercriminals have identified electric utility grids as prime targets for disruption activities. As a result, CI cybersecurity has become a prime concern for governments and citizens alike. The paper focuses on the history of the electric industry, how cybersecurity standards have emerged, what those standards are and how they can be used by other CI sectors to strengthen security and reduce the risk of harmful cyberattacks.

PKI is a robust technology that provides a secure, scalable and cost-effective method to securely authenticate digital identities on large and complex networks such as those that manage business processes for the wholesale electric market. However, due to the many implementation details involved, if the technology is not executed correctly it can also produce a vulnerable system,” said Kee. “NAESB members have worked together to produce a standard for the Wholesale Energy Sector that is based on best practices, proven management techniques and advanced digital certificate technologies.

In the wake of increasing attacks, U.S. CIs are stepping up efforts to amplify their cybersecurity and strengthen their defenses. In fact, the white paper notes that in President Obama’s recent Executive Order, the National Institute of Standards and Technology (NIST) was directed to lead the effort to develop a cybersecurity framework that would consist of adopting industry best-practices wherever possible. “As part of NIST’s draft cybersecurity framework of best practices, guidelines and standards, the NAESB standard on PKI stands a good chance of being applied to other CI sectors,” says Lila Kee.

All CIs are managed, controlled and accessible via Internet-connected systems, making them vulnerable to cyberattacks. This white paper details how ISOs in the energy sector have recognized the value of cybersecurity frameworks, have adopted standards developed by NAESB and have demonstrated that standards can be developed using shared expertise from both the public and private sectors – setting a framework for all CI sectors.

“It has become increasingly clear that cybercriminals are targeting the critical infrastructure in an attempt to disrupt our way of life. For this reason, NAESB made it a priority to establish PKI standards in order to fortify our cybersecurity framework,” said Rae McQuade, President of NAESB. “In establishing these standards we hope to provide a strong cybersecurity strategy so that we may best protect the business practices related to the electricity market that are a critical part of the everyday lives of our citizens.”

To read GlobalSign’s white paper visit the page here

Read more
15

Jan

Sophos: Security Made Simple

We began producing antivirus and encryption products nearly 30 years ago. Today our products help secure the networks used by 100 million people in 150 countries and 100,000 businesses. Our products allow you to secure every end point of your network, from laptops to virtual desktops and servers, to web and email traffic and mobile devices.

All devices —managed easily through the cloud. What’s more, securing these devices is made possible through products that fit your precise needs. We ensure your network’s security by providing the one thing no one else can: Simplicity – arching the following three important IT security sections:

Network Protection

Who Needs This
Sophos UTM helps you consolidate your security without compromising its effectiveness. It’s security made simple, protecting your users everywhere while making security easier to deploy and manage.

What’s Protected

  • All computers, mobile devices and servers on a network
  • Branch offices and remote users connected with VPN
  • Email and web servers and even Wi-Fi users

Products

Enduser Protection

Who Needs This
Our endpoint protection will keep data in and malware out—all within your antivirus budget. And we protect your mobile devices and servers.

What’s Protected

  • All computers, mobile devices, and servers on a network.
  • Encryption for devices and file shares.
  • Mobile devices and laptops on the go.

Products

Server Protection

Who Needs This
Our antivirus protection delivers more effective, faster protection across your network of physical or virtual servers.

What’s Protected

  • Broad platform support for Windows, UNIX and Linux servers.
  • Small memory footprint won’t slow you down. Our antivirus agent has low performance impact, and is optimized for virtualization.
  • HIPS protection for Windows is easy to deploy and manage.

Products

Read more
15

Jan

Interview: Ralf Haubrich, Vice President Sophos CEEMEA

Where are business most likely to be vulnerable and how this can be fixed with Sophos products?

SMB Businesses have a limit of both personnel and financial resources. Security therefore must be simple to setup, configure and administer. Many SMB customers don’t have a security team. So we offer MSP and other methods of delivering simple security to customers at a reasonable cost.

What is the philosophy and the goals to which you aspire?

Sophos believes in keeping things and hence security simple. This starts with our UTM and Endpoint Security Products, making the administration and configuration simple. When security solutions are easy to use, our customers have a higher level of security. This is the vision that drives us as a company: Security made simple. We also don’t believe in scaring our customers, they are smart enough to understand the need for security.

Sophos delivers the vision through dedicated employees that have experience in the global security space and a dedicated channel that is continuously updated via technical and sales staff interested in its success. Our dedicated staff, channel, partners and customers are the key to our success. We are all ultimately on the same team!

How do you know that you have spent enough to make your business secure?

Good and tough question, there is no definitive answer here besides implementing as much as we can in a set budget. The more interesting question is, how do we create the security budget. This is where ISO27001/2 come in, creating a risk process that also looks at assessing what data and informational assets we have.

When a company knows what its assets are, then we can begin to assess the risk, vulnerability, exploits and also damages that could result. After this process, we then start to understand how and with which budget we can mitigate those risks.

What we can expect from Sophos cloud in the near future?

We are driven to adding, new and existing functionality into the Sophos cloud, adding features slowly to make sure we follow our vision of simple security. Every new step and verison brings more of the award winning in premise technology into a new delivery system (the cloud).

This doesn’t mean we will stop selling on premises based solutions. We are really excited about where the cloud is going, with great reports and an overall easy and simple administration console that has all the features a customer or partner could need based on our on-premise know-how.

How do you approach the partner landscape in Greece?

We’ve made it simple to partner with us—with a flexible and generous partner program, delivered by dedicated channel relationship managers. And of course in cooperation with motivated distribution partners like NSS in Greece. Even though we work with more than 12,000 partners you’ll feel supported every step of the way. Because we work hard to get to know you and your organization.

When you partner with us, we help you identify opportunities to retain and grow your customer base and increase profits. You’ll be rewarded with deal registration protection, attractive margins, and joint lead generation programs. We also support you with up-to-date training and certification, so your sales and technical teams are fully qualified in our latest solutions. Our approach is unique—we are 100% channel focused. We continuously invest in our partner relationships. And it’s our mission to help your organization flourish.

Read more
15

Jan

Jacarta interSeptor systems accommodate a variety of optional sensors. Have you thought of water leaks;

Once these are exceeded interSeptor will provide an alert. For other sensors (security, water, power, smoke and dry contact), interSeptor will provide an alert as soon as the sensor switches to an alarm condition.
There are currently five different optional sensors : smoke, water leak, power, security and dry contact sensors.

The interSeptor water detector uses a specially designed cable to detect the presence of moisture at any point along the length of the cable. The water detection unit will sound an audible alarm upon detection and also sends a signal to the interSeptor to start the alarm process. Want an example? You arrive at work on Monday to discover an inch of water across a critical floor space. Of course you are able to quickly install a leak detection system to protect against future instances of this, but what if a system had been in place already? Could you have saved time and money? Could critical equipment be saved? Could staff have spent more time on more important matters?

The answer to these questions is, of course, YES! There is an easy-to -install, leak detection system with:

      • Up to 30m leak detection cable
      • Hassle-free installation
      • Remote Web Access
      • Free technical assistance via phone and email
      • 60-day money-back guarantee
      • 2-year swap out warranty
Read more
15

Jan

Sophos Maintains Leadership Position in the 2013 Magic Quadrant for Mobile Data Protection

According to Gartner, Leaders are at the forefront of making and selling mobile data protection products that are built for enterprise business environments. The requirements necessary for leadership include a long-term road map that follows and/or influence Gartner, Inc’s vision of the developing needs of buyers in the market. Vendors in this quadrant lead the market by making their competitors’ sales staffs nervous and force competitors’ technical staffs to follow their lead. Their MDP products are well-known to clients and are frequently found on RFP shortlists.

To be positioned as a leader for the past nine years is a testament to our product teams who continue to deliver innovative encryption and data protection products,” said John Shaw, Vice President for enduser security products at Sophos. “An aggressive roadmap, coupled with our plans to make it even simpler for small and medium sized businesses to protect their data by encrypting drives, files, cloud storage and mobile files invisibly, positions us for even more success in the months and years ahead.

Sophos delivers leading solutions to help organizations protect critical assets. Sophos SafeGuard Enterprise protects data on desktops, laptops, removable media, file shares and to the cloud with proven, standards-based encryption—fully managed from one central console. Sophos also recently announced Sophos Mobile Control 3.5, the latest version of its award-winning mobile device management (MDM) solution, which now also supports iOS 7. Available both on-premise and as-a-service, Sophos Mobile Control 3.5 makes it simple for small and mid-market organizations to secure, monitor and control mobile devices.

Sophos was also positioned as a “Leader” in Gartner, Inc’s “2013 Magic Quadrant for Unified Threat Management.

Read more
15

Jan

Dirty Dozen spam sending nations – find where you finished in our Q3 SPAMPIONSHIP chart

Spammers versus spam senders

There’s a big difference, because spammers generally don’t send their own spam in bulk any more. That hasn’t worked for a decade or so, because if you send 10,000,000 unwanted emails as fast as you can from the same server, or even the same data centre, you make an easily-identified target. So 1,000,000 of the messages might get loose before either the data centre (if it cares, and reputable ones most definitely do) or the majority of your recipients, or both, say, “No more!” Not only are you blocked from sending the remaining 9,000,000 emails from your truncated campaign, you probably can’t use those same servers again for days, weeks, months, perhaps ever.

How spam is delivered

Enter the botnet, or robot network. That’s an unwitting collection of surreptitously co-operating zombie computers – in homes, at offices, in coffee shops, at the mall, by the beach – that regularly call home for instructions to servers that the criminals control. The crooks can send each bot in the network a list of email addresses, and then command the entire botnet to start a giant spam campaign. Using bots, those 10,000,000 spams can be sent, say, in 10,000 batches of 1000 emails at a time, presenting a much less obvious pattern to those who defend against spam. (And sticking those 10,000 bot-infected users with the cost of the bandwidth, if you don’t mind.)

Why spam matters

I used the words “unwitting” and “surreptitious” above because, although some users may knowingly participate, the majority of botnet spam senders don’t even realise they’re doing it. That’s why we publish the SPAMPIONSHIP tables: not to lay wholesale accusations of cybercriminality against entire countries, but to raise awareness of something we’ve said a number of times recently, since it’s Cyber Security Awareness Month:

If you don’t make an effort to clean up malware from your own computer, you aren’t part of the solution, you’re part of the problem.

We’re not pointing fingers here at anyone who ever made a mistake and ended up infected by malware, but we do want you to be mindful of the consequences of inaction. For as long as you fail to do anything about spambot malware on your computer, you’re actually helping the crooks to make money, and putting the rest of us, no matter how modestly, in harm’s way.

The SPAMPIONSHIP tables

And with those firm-but-fair words behind us, here are the latest figures showing spam by volume on a country-by-country basis:

As you can see, the top of the table is surprisingly consistent, with the countries in the first five places having all been in the Dirty Dozen throughout the year. Of course, you probably expected to see India and China in the list: they each have populations exceeding 1 billion people, so it would be surprising not to see them near the top. Nor is is surprising that the USA is in the Number One spot yet again, this time sending nearly three times as much spam as second-placed Belarus. After all, the US has 30 times the population of Belarus, and internet access is much more strongly established, so you would expect a higher proportion of Americans to have their own computers and to use the internet regularly. It’s when we turn the SPAMPIONSHIP into a per capita comparison that things get interesting:

DD 2

Here, the numbers next to each country denotes the average spamminess per person compared to the USA. In other words, we divided each country’s spam total by its population, then divided every country’s spam-per-person value by the figure for America. Obviously, that makes US = 1.00, and tells us that the average computer in Belarus was eleven times more likely to send spam than if it were in the USA. Israelis, whose propensity for sending spam sneaks the Middle Eastern country into twelfth place on chart for the first time this year, were 1.8 times as likely as Americans to be spam senders. The per capita chart doesn’t do any favours to small countries, which tend to hide near the bottom of volume-only lists, even if their computers are awash with zombie malware. US neighbour The Bahamas, for example, made it to eighth spot, with double the likelihood of its computers spamming compared to the US. Luxembourg got up to fourth spot, with a spammishness 2.7 times than of the US, up from sixth in Q2 and seventh in Q3.

You can read the original article, here.

Read more
15

Jan

Oracle releases 127 security fixes, 51 for Java alone

The October 2013 CPU covers fixes for: Oracle Database Server, Oracle Enterprise Manager Grid Control, Oracle Supply Chain Products Suite, Oracle Siebel CRM, Oracle Industry Applications, Oracle Primavera Products Suite, Oracle and Sun Systems Products Suite, Oracle MySQL, Oracle Fusion Middleware, Oracle E-Business Suite, Oracle PeopleSoft Products, Oracle iLearning, Oracle Financial Services Software, Oracle Java SE and Oracle Virtualization. All of these updates are important, but arguably Java is the most important of all of them.

51 security vulnerabilities are addressed in Java this quarter, and 50 of them affect Java Applets or Java WebStart, the plugin that runs Java in your web browser. Worse yet, all but one are remotely exploitable without authentication. Some versions of Java update themselves, some rely on the operating system vendor and others are too old to support an auto-update mechanism. This does not make things easy.

Our advice?

1) Determine whether you have Java installed and enabled in your web browser. Visit java.com/en/download/installed.jsp and click “Verify Java version“. If your browser prompts you to install Java, close the tab; you’re Java-free. If it loads the applet, check your version. Be sure you are running Java 7 update 45 (1.7.0_45), Java 6 update 65 (1.6.0_65) or Java 1.5.0_55.
If you must have Java installed you ought to be running Java 7 (1.7). All previous versions are not officially supported and present a greater security risk.

2) If Java is installed and out of date, be sure to update it. Windows users can open the Java Control Panel, select the Update tab and choose Update now. Mac users can check for updates using the integrated Apple updater. Linux users should follow normal procedures for system updates provided by their distribution.

Java2

3) Most importantly, if you don’t need Java, get rid of it. Java can be useful for applications (Minecraft, payroll, mortgage calculators) and server-side applications (JBoss and more), but it doesn’t belong in your browser. If you’re not sure, I recommend disabling it. If you run across things that require Java, your browser will alert you with instructions.

You can read the original article, here.

Read more
15

Jan

Sophos announced the appointment of Mary Winfield as Senior Vice President

Our goal of ‘Security made simple’ can only be fully realized when every interaction Sophos has with customers and partners exceeds their expectations,” said Kris Hagerman, chief executive officer of Sophos. “Mary has an extraordinary track record in building dynamic and high-impact customer care and customer support organizations, and we are thrilled to welcome Mary to our management team.

With Sophos Winfield will promote and lead a world-class customer support organization that leverages the latest technologies, methodologies and engagement channels to deliver the highest levels of customer satisfaction. Sophos already has one of the industry’s highest reputations for support quality and customer satisfaction. Winfield’s mission will be to enhance that reputation even further; her organization will serve as the focal point for the “voice of the customer” within Sophos and advocate for customers’ needs across all facets of the business.

Mary Winfield said, “I am excited to join the Sophos team. I believe the company is executing a winning strategy, with winning products and a commitment to customer excellence that sets the standard for the security industry. I look forward to helping the company make the most of every engagement with customers in our quest to make security simple“.

Read more
15

Jan

Logpoint και SIEM. Adding more dimension to the modern CCTV system

Imagine a system that can alert you when it starts to rain, not only warning to get out your umbrella, but also putting more trains on the Metro to cope with the extra passengers, monitoring the cafes to ensure there is sufficient coffee, or alerting when a vending machine needs restocking. A tool that gives you a sharp overview of vast and complex infrastructure, combined with the intelligence to review and comprehend what is happening – well, that’s not merely SIEM. That’s LogPoint.

SIEM – or Security Information and Event Management. Quite a mouthful. So what does it mean?
Metaphorically speaking, SIEM is the Information Technology version of Closed Circuit Television (CCTV). In short: a surveillance system of all data within an entire IT landscape in order to catch intrusions, provide insight into operations and report on functioning.

The First CCTV
Originally developed in the 1930’s to monitor rocket launches, CCTV began to be used to remotely monitor people and equipment in the 1970’s. A very basic instrument at the time, it could not record, replay, keep or store images.
Unless you were watching it live, the event would be missed.

Log Files
IT Systems create log files for every activity, be it purely informational, or failures, or even successes. Log Files can also trace who performed the activity, when was it done, etc. However, log files are stored locally on each system, and unless someone can review each and every system, it is almost impossible to find everything. Just like the first CCTV, unless you are watching these logs in real time, the event will be missed.

Logpoint 1

CCTV Evolves
CCTV evolved throughout the 80’s and 90’s, gaining the ability to record and replay videos of people and activity – and this could then be used for investigation and criminal prosecution within the courts. Slowly, CCTV cameras began to appear everywhere. Today, there are 207,431 CCTV cameras covering a large percentage of the city of London – a similar story for most European cities.

Log Management
This is the basis for the Log Management software from which SIEM has evolved – software that enables log collection from an entire infrastructure, storing them centrally, and time-stamping them for analysis. This offers better insight into how “the crime” happened and took place, who was involved, and how can it be prevented in the future. But this still isn’t SIEM as we know it today.

Logpoint 2

Modern CCTV
CCTV has developed at an amazing speed since the turn of the century. Not only can it now record and store data from hundreds of thousands of cameras, it can also recognize auto registrations and even faces – enabling real-time alerts that can:
• Be sent to emergency operators.
• Dispatch police – e.g., when specific people enters a city or area where they have been banned.
• Track and alert suspicious behavior and movements, such as with crowd control, loitering in street theft hot spots, or troublemakers entering a bar.

Logpoint 3

SIEM
Like the modern CCTV, LogPoint is the most advanced form of SIEM – capable of monitoring millions of log files every second, from every device in an infrastructure, detecting log patterns as they evolve.
LogPoint can:
• Regularly report on general activities.
• Identify bottlenecks and monitor the health of your IT infrastructure.
• Replay events to identify when, what and who was involved – providing evidence in criminal prosecution.
• Reveal how to prevent incidents from happening again.
• Alert administrators to security threats and system failures – before they even happen.

LogPoint, is the best SIEM, ever.

Read more
15

Jan

Sophos Unleashes Strategy to Leverage the Cloud to Simplify Security and Enhance Protection

Easy to deploy and simple to manage, Sophos Cloud gives Sophos partners and IT managers at enterprises of all sizes the ability to manage and maintain endpoint security to protect all users, regardless of physical location, via the cloud-based service. The launch of Sophos Cloud is the first step in the company’s aggressive strategy of cloud-enabling its entire portfolio. In addition, Sophos will continue to innovate and extend its ‘on-prem’ security software, providing IT professionals choice in how to best manage IT security in their environment.

Kris Hagerman, chief executive officer for Sophos, said, “Sophos Cloud is the answer to the constant struggle IT teams face in protecting and securing their enterprises. These IT teams may be as small as a single person, but the constant threats and challenges they face could overwhelm an army. To come to their rescue, we’re thrilled to deliver Sophos Cloud – it will be one of our key strategic priorities as we execute on our vision of being the best in the world at delivering complete and powerful IT security to small and mid-market enterprises and organizations of any size looking to simplify their IT security operations“.

With the management console hosted by Sophos Cloud, there is no server set up and service can be deployed instantly, providing complete security coverage everywhere – simply. Sophos Cloud delivers all the essential endpoint protection a company needs without any of the complexity traditionally associated with security management. The service is also consistent with Sophos’ ongoing focus and commitment to be a “Channel First” company.

The ability to administer our security with Sophos Cloud allows us to better manage our resources and enables us to effectively utilize our time and money. The service was easy for us to implement, and it seamlessly integrated into our environment,” said David Fox, IT Consultant, Neptune Terminals.

Small and medium businesses are especially challenged regarding IT security. They are targets and must meet security best practices yet are resource constrained,” said Charles Kolodgy, Research Vice President for IDC.

“Sophos Cloud is a welcome addition. Its features can remove some of the complexity tied to security management thus allowing small and mid-market businesses to improve security without taxing their resources”. “As an organization that specializes in IT security and services, M3Corp has had a valuable partnership with Sophos for more than 4 years. Sophos Cloud will help us extend that partnership to quickly deliver cloud security that is easy to deploy and manage, while providing the most efficient and economical security solution to all of our customers throughout Brazil. M3Corp’s partnership with Sophos ensures that our customers will be fully protected from all types of threats,” states Antonio Mocelim, Sales Director, M3Corp.

Availability
Sophos Cloud is currently available. Online 30-day trials are available by visiting: www.sophos.com/cloud

Read more
15

Jan

Mike Valentine Named a Top IT Mid-Market Executive by CRN

This list was conceived to put a spotlight on the professionals driving one of the most important customer segments in the industry today. These executives were nominated by peers, colleagues, customers and partners because of the strong relationships they have built with midmarket customers, for their leadership, strategic thinking and solution excellence they demonstrate. Valentine was also named a “top disrupter,” a listing of the 25 executives who shook up the IT industry this year.

Kris Hagerman, chief executive officer for Sophos, said, “Mike has been with Sophos for less than a year, but he’s already making an enormous impact. As the architect and driver of our “Channel First” sales strategy, Mike has enabled Sophos to make major strides to work better and more closely with the channel than ever before. Mike is well-known by the channel as a great leader, recruiter and winner. We’re thrilled to have Mike at Sophos leading our global sales team, and this validation from CRN and our partners provides added evidence that we’ve become the leading choice for delivering complete IT security without complexity.

Commentary from the Sophos Channel
Our partnership with Sophos allows us to provide comprehensive security solutions for clients, datacenters, and the cloud. We are excited about the leadership and direction Mike brings to Sophos,” said Stephen Perciballi, Security Category Leader, Datacenter Group, Softchoice.

Sophos’ commitment to the channel is impressive. It has an outstanding partner program and excellent IT security value proposition with award-winning security solutions that are simple to implement and simple to use. Combined with its determination to help partners like us grow our business, Sophos is delivering on his channel first promise,” said Jez Turner, Sales Director, Foursys. Foursys is a specialist in IT security solutions, with over 16 years’ experience and more than 900 customers in the UK.

Read more
15

Jan

Sophos Appoints Dan Schiappa General Manager of End User Security Group

At RSA, Schiappa managed a business unit with annual revenue over $500M, and he had responsibility for engineering, product management, product marketing, an anti-fraud command center, and data center operations. At Sophos he will have full product responsibility for the company’s broad portfolio of end user security offerings, including endpoint, mobile, server protection, and encryption and data protection products.

Kris Hagerman, chief executive officer for Sophos, said, “I’m pleased to welcome Dan to Sophos. He has deep experience in the IT security landscape, and his background, drive and passion make him the perfect fit to accelerate our end user security strategy of delivering world-class on-premise and cloud-managed security solutions to protect our customers across their broad diversity of endpoints. We continue to add some of the brightest minds to Sophos as we look to become the world leader in delivering complete security without complexity for organizations around the world.

Prior to EMC, Schiappa was at Microsoft, where he held several GM positions, including Windows security, Microsoft Passport/Live ID, and the company’s online display advertising platform. He also led strategy and corporate development for the Entertainment and Devices division.  As head of Microsoft’s security division, Dan led a 400-person product team responsible for developing the security infrastructure for Windows Vista/7 and Windows Server operating systems.  Also during his tenure, he was the key business leader for Microsoft’s BitLocker and Rights Management services.  Prior to Microsoft, Dan was the CEO of Vingage Corporation, a video server startup acquired by L3 Mobilevision, and was an executive at PictureVision, an online digital imaging startup acquired by Kodak.  Dan also held key technical roles at Informix Software and Oracle Corporation.

Schiappa said, “Sophos is poised to lead the charge for a more effective and simpler approach to securing users and data. The cloud will enable IT professionals and our partners to accelerate security deployment and simplify management in an ever changing landscape of malware, targeted attacks, and other security threats. And the continued innovations in end user and data protection will better safeguard enterprises of all sizes, whether they choose cloud or more traditional on-premise management.  It’s an exciting time to be at Sophos, and I’m thrilled to be part of the team.

Read more
15

Jan

Smartphone PINs skimmed with microphone and camera

A new program, dubbed PIN Skimmer by its University of Cambridge creators, can correctly guess a high proportion of PINs using the device’s camera and microphone. When selecting from a test set of 50 4-digit PINs, PIN Skimmer correctly infers more than 30% of PINs after 2 attempts, and more than 50% of PINs after 5 attempts on android-powered Nexus S and Galaxy S3 phones. When selecting from a set of 200 8-digit PINs, PIN Skimmer correctly infers about 45% of the PINs after 5 attempts and 60% after 10 attempts. The university team discovered that PIN Skimmer could identify PIN codes entered on number-only softpads by using the camera on the device to monitor the user’s eye movements as they enter their code. Also, the microphone could be used to detect “touch events” – the clicking sound made as the user enters their PIN on the touch screen.

The paper, written in order to raise awareness of side-channel attacks on smartphones, took the approach that the device had already been infected with malware that was then attempting to snaffle the PIN. The university team then set out to see how effective an attack could be and, also, how PIN length may affect the likelihood that the code could be correctly guessed. Mimicking a typical piece of malware, stealth was a key feature in the design. The researchers ran image processing algorithms remotely to minimise battery drain, something that could alert the user that an unauthorised program was running.

An API exposed by the Android operating system was used to disable the LED that switches on in some handsets when the camera is in use. Photos and video taken by PIN Skimmer were saved to the phone but the file sizes were limited to 2.5MB to reduce detection. A real piece of malware could likely hide such files from view completely. Likewise, the research team hypothesised that the sending of data back to the remote server could also be hidden from the user.

Additional network charges is another problem connected with transmitting data. Many smartphone users are on tariffs that charge them additional fees should they use more than a pre-determined amount of data within any monthly period. To that end the report suggested that a real-life Trojan would probably report back to its control centre only when it detected a free WiFi connection within range. The researchers discovered that, contrary to what you may have expected, longer PINs were actually easier to crack than shorter ones. This unexpected result was put down to the fact that longer PINs actually gave the program more information to work with which increased its accuracy.

One of the co-authors of the report, Professor Ross Anderson wrote: Our work shows it’s not enough for your electronic wallet software to grab hold of the screen, the accelerometers and the gyro; you’d better lock down the video camera, and the still camera too while you’re at it. (Our attack can use the still camera in burst mode.)

As for mitigating the risks posed by such an attack, Anderson suggested that questions need to be asked as to which resources should remain accessible during PIN entry, though he did note how disabling some functions, i.e. the speakers, could cause extreme problems to the usability of the device: For instance when a call comes in, the user needs to hear the ring tone while unlocking his phone; otherwise he may assume the caller has hung up.

Instead, he suggests that whitelists may be the answer – denying use of all resources during PIN entry, unless explicitly authorised. Another option, according to Anderson, would be a more widespread adoption of biometrics in smartphones but that is not without its own issues.

You can read the original article here.

 

Read more
15

Jan

LogPoint partners with Boeing to obtain EAL Level 3 certification for the LogPoint SIEM-platform

“This certification is a critical step toward the future development of LogPoint. It will enable us to pursue significant opportunities with government authorities, in the security and intelligence sector as well as with major corporations globally,” says Jesper Zerlang, CEO of LogPoint. “We are extremely excited about the partnership with Boeing that will elevate the LogPoint platform to the Tier 1 in the market and place us among the best enterprise SIEM security solutions”

Boeing will assist LogPoint prepare the SIEM platform for the Common Criteria for Information Technology Security Evaluation, with the goal of obtaining Evaluation Assurance Level 3 certification before mid-2014. This certification is often a requirement for cybersecurity contracts in NATO countries and throughout the world. Obtaining it will make LogPoint the only Danish cybersecurity company to meet the standard – and one of few globally.

“We are experiencing a dramatically increasing demand for improved network security as the number of successful network attacks globally are sadly rising. An effective SIEM-solution is one of the cornerstones of efficient enterprise network security, not only to improve security monitoring and early breach detection, but also to answer an increasing demand for regulatory compliance in many countries around the world”, says Jesper Zerlang.

The LogPoint SIEM-platform are currently deployed with more than 250 organizations in Europe, including large- and midsized enterprises in all industry sectors as well as public authorities ranging from municipalities to government authorities. LogPoint is present with offices in the Scandinavian countries as well as Germany and the UK and are currently expanding to a number of other European markets. LogPoint is partner centric and deploy its solution through a network of certified partners, ISP’s and system integrators throughout Europe.

LogPoint is a European, Copenhagen-based IT security company that delivers IT security SIEM solutions for enterprise networks. The LogPoint technology is an advanced Security Information and Event Management (SIEM) platform that provides real-time monitoring and incident management for security-related events from network, security devices, systems and applications as well as log management, analytics and compliance reporting.

You can read the original article here.

Read more
15

Jan

SMBs Need Help To Better Understand Cyber Attack Threats

Of 2,000 respondents surveyed globally, 58 percent confirmed that management does not see cyber attacks as a significant risk to their business. Despite this, IT infrastructure and asset security incidences, as well as wider security related disruptions, were found to have cost these SMBs a combined average of $1,608,111 over the past 12 months.

The research, sponsored by Sophos, also identified that the more senior the position of the decision maker in the business, the more uncertainty there was surrounding the seriousness of the potential threat.

“The scale of cyber attack threats is growing every single day,“ said Gerhard Eschelbeck, Chief Technology Officer for Sophos, “yet this research shows that many SMBs are failing to appreciate the dangers and potential losses they face from not adopting a suitably robust IT security posture.”

According to the research, there are three main challenges preventing the adoption of a strong security posture: failure to prioritize security (44 percent); insufficient budget (42 percent); and a lack of in-house expertise (33 percent). In many SMBs there is also no clear owner responsible for cyber security, which often means it falls into the purview of the CIO.

“Today in SMBs, the CIO is often the “only information officer”, managing multiple and increasingly complex responsibilities within the business,” said Eschelbeck. “However, these “OIOs” can’t do everything on their own and as employees are demanding access to critical apps, systems and documents from a diverse range of mobile devices, it would appear security is often taking a back seat.”

The study also reveals uncertainty around whether ‘Bring Your Own Device’ policies (BYOD) and the use of the cloud are likely to contribute to the possibility of cyber attacks. Seventy-seven percent of respondents said the use of cloud applications and IT infrastructure services will increase or stay the same over the next year, yet a quarter of those surveyed indicated they did not know if this was likely to impact security.

Similarly, 69 percent said that mobile access to business critical applications would increase in the next year, despite the fact that half believe this will diminish security postures.
 
“Small and midsize organizations simply cannot afford to disregard security,” said Larry Ponemon, president of the Ponemon Institute. “Without it there’s more chance that new technology will face cyber attacks, which is likely to cost the business substantial amounts. CIOs are under pressure to implement new technology that informs agile and efficient ways of working, but this should not take precedence over security. The industry needs to recognize the potential dangers of not taking cyber security seriously and create support systems to improve SMB security postures.”

The study targeted SMBs in the United States, United Kingdom, Germany and Asia-Pacific (Australia, India, China and Singapore) to better understand how such organizations are managing security risks and threats. Key findings of the study include:

  • Fifty-eight percent of respondents say management does not see cyber attacks as a significant risk.
  • One-third of respondents admit they are not certain if a cyber attack has occurred in the past 12 months. Forty-two percent of respondents said their organization had experienced a cyber attack in the past 12 months
  • Respondents in more senior positions have the most uncertainty about the threats to their organizations, indicating that the more removed the individual is from dealing on a daily basis with security threats, the less informed they are about the seriousness of the situation and the need to make it a priority.
  • CISOs and senior management are rarely involved in decisions regarding IT security priorities. While 32 percent say the CIO is responsible for setting priorities, 31 percent say no one function is responsible.
  • Forty-four percent of respondents report IT security is not a priority.  As evidence, 42 percent say their budget is not adequate for achieving an effective security posture.  Compounding the problem, only 26 percent of respondents say their IT staff has sufficient expertise.
  • Respondents estimate that the cost of disruption to normal operations is much higher than the cost of damages or theft of IT assets and infrastructure.
  • Mobile devices and BYOD are much more of a security concern than the use of cloud applications and IT infrastructure services. However, these concerns are not preventing extensive use and adoption of mobile devices, especially personal devices.

Uncertainty about their organization’s security strategy and the threats they face varies by industry:

  • Respondents in financial services have more confidence, which can probably be attributed to the numerous data protection regulations.
  • The technology sector is also more security aware, which is probably due to the IT expertise that exists in these organizations.
  • Retailing; education and research; and entertainment and media have the highest level of uncertainty about their organization’s security strategy and the threats they face.

Recommendations:

  • Organizations need to concentrate resources on monitoring their security situation in order to make intelligent decisions. While assessing where they stand on the security continuum, organizations need to focus on monitoring, reporting and proactively detecting threats.
  • Establish mobile and BYOD security best practices.  Carefully plan and implement a mobile strategy so that it doesn’t have an impact on the overall security posture.
  • Organizations should look for ways to bridge the gap created by a shortage of information security professionals.  Consider ways to free-up time for in-house resources, including a move to cloud technologies, security consulting and easy-to-manage solutions.
  • Measure the cost of cyber attacks, including lost productivity caused by downtime.  Work with senior management to make cyber security a priority and invest in solutions that restore normal business activity more quickly for a high return on investment.
  • Organizations in all sectors are regularly breached and regulations are often simply the beginning of properly securing a network.  Consider consolidated security management to gain a more accurate picture of threats that will help focus on problem areas.

A full copy of the Ponemon Institute study: The Risk of an Uncertain Security Strategy, is available here.

Read more
15

Jan

Sophos wins CRN Security Vendor of the Year Award

In an increasingly complex security environment Sophos works with partners to make security simple to deliver, implement and manage. Over the last 12 months Sophos has created a more flexible and generous partner programme, providing partners with protection for deal registrations, attractive margins and joint lead generation initiatives. The programme also provides up-to-date certification, to ensure partner sales and technical teams are fully trained across Sophos’s latest solutions to help drive partner businesses forward. Delivered by dedicated channel relationship managers, Sophos gets to know partner businesses to ensure they feel supported every step of the way.

James Vyvyan, Regional Vice President, UKI, Sophos said: “We’re delighted to have won ‘Security Vendor of the Year’. Sophos is committed to a ‘channel first’ strategy and we believe that by taking the time to understand our partners’ business model, we can work together to provide the solutions that best suit their customers’ IT security needs.”

Sophos also won two awards in CRN’s DACH awards on 13 November: Security Vendor of the Year and Channel Champion of the Year 2013.
Commentary from the Sophos Channel

“Many of the innovations Sophos has introduced are unique to the market. These unique solutions make it possible for us to differentiate ourselves from other security consultants and better meet our clients’ needs,” said Mark Robinson, Director, Globelink Infrastructure & Network Security.

“The Sophos Partner Programme empowers proactive and enthusiastic partners like ourselves to achieve the levels of technical and sales accreditation required to represent Sophos at the highest level,” said Paul Cox, Managing Director, Quadsys.

“We’ve worked closely with Sophos for more than 12 years and feel the relationship is stronger now than it has ever been. The sales, technical, financial and management teams at Sophos and Foursys are all working really closely together, which means we get it right and we both put customer service at the top of the agenda,” said Paul Prior, Managing Director, Foursys.

Read more
15

Jan

WD Introduces New Ultra-Compact Network Storage Plus Servers, WD Sentinel DS5100 and DS6100

“WD is using enterprise-class components to build a new family of network appliances for small businesses,” said Bill Evans, general manager of WD’s business storage solutions group. “The WD Sentinel S-series network appliances are engineered with Intel Xeon processors, pre-populated with WD Se datacenter 3.5-inch hard drives for rapid deployment, and feature dedicated 2.5-inch boot drives for maximum reliability. No other vendor offers a comparable network storage plus server in an equally small form factor. With a small footprint and quiet fan, an S-series appliance can be deployed anywhere.”  

Proven Components from Intel, Microsoft, and WD
Built by WD, powered by an Intel Xeon processor and running Windows Server 2012 R2 Essentials, the WD Sentinel S-series is based on proven technologies from industry leaders. Unlike competitors’ proprietary operating systems, the S-series is a fully configured native Windows Server on which customers can deploy thousands of Windows applications.

“Windows Server 2012 R2 Essentials gives customers the benefit of built-in, groundbreaking, low-cost storage technologies, and WD’s Sentinel S-series hardware helps small businesses take advantage of these technologies,” said Jamie Hamilton, Director of Marketing, OEM Division at Microsoft Corp. “We are pleased to work with WD to tackle the small business, first-server opportunity. WD’s hardware engineering expertise, previous success with network storage products based on Windows Storage Server, and leadership in offering an R2 version of Windows Server 2012 Essentials puts WD in a good position to serve this industry.”

Reliable Enterprise Grade Components    
The WD Sentinel S-series include WD 3.5-inch datacenter-class hard drives for enhanced data security.  Businesses gain enterprise-class reliability with dual dedicated boot drives (optional on WD Sentinel DS5100), dual gigabit Ethernet ports, and dual external DC-in power adapter ports. This engineered redundancy, along with a bezel lock for physical security, all add to the reliability of this ultra-compact network storage plus server that can be deployed virtually anywhere.

Affordable First Server for Any Small Business
The WD Sentinel S-series is a complete, fully-configured solution with automatic backup and restore software for up to 25 users and 50 computers, all at a very affordable price that starts at $2,560 U.S. MSRP.  By combining a single solution for both storage and server requirements, the S-series appliances are a great solution for any small business looking for their first server.

“Finally, a network storage vendor has delivered a low-cost, turn-key solution that meets my customers’ requirements—with no assembly required,” said Kevin Royalty, Microsoft MVP and Managing Partner of Total Care Computer Consulting in Centerville, Ohio. “Small business customers want a packaged solution with balanced disk, processor, memory, and operating system that is engineered and tested as a unit. The DS5100 and DS6100 appliances are ideal as a ‘first server’ due to the high-performance Intel Xeon processor, Windows Server, high-capacity enterprise-class disk storage, and tiny footprint.”

Availability
WD Sentinel S-series appliances are available today at CDW, PC Connection, and Insight, and through select VARs, resellers, and distributors worldwide. The WD Sentinel DS5100 is pre-populated in capacities of 4 or 8 TB. The WD Sentinel DS6100 is available with capacities of 8, 12, or 16 TB.

WD Sentinel

Read more
15

Jan

WD and Baidu Partner on Cloud Service Integration

WD’s My Cloud personal cloud drives, available now in China in capacities of 2 TB, 3 TB and 4 TB, enable consumers to organize, centralize and secure the digital content from all of their computers and mobile devices and access those files from any device and from anywhere in the world. WD’s My Cloud EX4 high-performance four-bay network attached storage (NAS) solution, available now in China in 0 TB, 8 TB, 12 TB or 16 TB1 capacities, provides creative professionals, prosumers and workgroups a reliable way to save, share, back up, stream and manage massive amounts of digital data. The Baidu Yun service is a leading public cloud storage service provider with more than 100 million users. Consumers and businesses store content on Baidu Yun for easy access and sharing from any computer or mobile device.

The collaboration between WD and Baidu will enable Chinese customers to manage their Baidu Yun account and easily transfer files between their My Cloud or My Cloud EX4 device and Baidu Yun using WD’s My Cloud mobile apps for iOS and Android operating systems. Baidu and WD customers will also be able to back up their local content to Baidu Yun, as well as backup their Baidu Yun account to their local storage using WD SmartWare™ Pro software.

“The growth of Baidu and its public cloud storage and services in China has been spectacular; it’s a pleasure to collaborate with them,” said Jim Welsh, executive vice president, Branded Products and worldwide sales. ”The integration of Baidu Yun with our personal cloud and external storage platforms gives our mutual customers the best of all worlds – the ability to keep content safe at home, while backing  up and sharing with friends on Baidu Yun.”

“Baidu aims to provide the best way for people to access their valuable content, regardless of their location,” said Hou Zhenyu, chief architect of Baidu Yun. “WD is a leader in high-capacity local storage, and integrating our public cloud storage service with WD’s platform gives our customers a compelling hybrid cloud storage solution – the best of both public cloud storage and personal cloud storage.”

You can read the original article here.

Read more
15

Jan

Array Networks Ranked Second in Market Share in India for Application Delivery Networking

In comments that support Array’s ranking in the new report, IDC analysts note that the company’s WAN optimization solution has “increased its chances of cracking bigger deals and positioning themselves as an end-to-end solution provider in the ADC space.”

According to IDC, drivers of Array’s leading position in the India market include the ability to close deals in the lucrative government and banking and financial services industry (BFSI) markets, as well as the ability to offer holistic ADC and WAN solutions with custom costing to potential customers. Although Cisco still leads – due to volume WAN optimization sales – Array is mounting a challenge by way of continued growth in the WAN optimization space.

Mr. Shibu Paul, Country Manager at Array Networks said, “IDC is a respected authority tracking the markets Array serves, and the local IDC team in India has a superior understanding of vendors, partners and customers in the application delivery networking space. The Array team has been working tirelessly to serve our customers, assist our partners and enhance our offerings, and I am extremely pleased to see our efforts paying off as reflected in the new IDC market report.”

“In addition to growing traction in the enterprise based on its suite of application delivery networking solutions, Array is also opening up new opportunities with its line of software appliances which can be hosted on any virtualized server to break price barriers and make solutions more affordable to SMBs,” said Manoj Iyer, IDC’s market analyst for enterprise networking in India. “With the ability to support a broad range of customers and a go-to-market strategy focused on educating partners its load balancing, WAN optimization, enterprise mobility, high availability, BYOD and application acceleration solutions, Array is well positioned to further increase their market share in the application delivery networking market.”

You can read the original article here.

Read more