McAfee's antivirus causes widespread damage

Here we go again with another one of them

by Michael Smith (Veshengro)

A bug ridden update, released by McAfee on Wednesday morning - April 21st 2010 - for its antivirus software, has inadvertently caused computers running the Microsoft Windows XP operating system to crash or to repeatedly reboot.

There has been report of major damage worldwide: hospitals have turned away non-trauma patients at A&E and postponed some elective surgeries. Police have resorted to writing reports by hand and turning off their patrol car terminals and the University of Michigan's medical school reported that 8,000 of its 25,000 computers crashed.

The damage occurs as the McAfee antivirus software mistakes a legitimate operating system component for a malware virus, in a similar way that a disease can cause the human immune system to turn on itself.

But this is hardly new. BitDefender had problems similar to that about a year or so ago and other expensive paid-for anti-virus software has had too. The same happened with ZoneAlarm or better, in the latter case, it was a patch from Windows that caused the problems.

Even with AVG there has been a problem – once, since I have used it, and I have been using it for many years - when it caused a problem due to a component that had gone "rogue", for lack of a better word.

It would appear, though, that many of the highly touted paid-for AV programs come up with such issues again and again, despite of their effectiveness claims.

I also still remember when friends and colleagues using Norton caught virus after virus while AVG FREE swatted them all. It is not always that you get what you pay for. Sometime the paid-for programs are no better, often worse, than free and especially open source, software. Not that AVG is open source, but...

© 2010

Mozilla rocks its own security boat, experts say do software testing too

As Mozilla rocks its own software security boat, Fortify tells companies to invest in software security testing

April 2010 - Reports are coming in that the Mozilla Foundation has warned browser users that its popular Firefox web browser contains a root certificate authority that doesn't seem to have a known owner.

This issue, says Fortify Software, highlights the fact that open source software must be tested for security vulnerabilities – and fixed -- before it is used in any business.

According to Richard Kirk, European director with the application vulnerability specialist, whilst this tilts the balance in favour of Microsoft’s Explorer, there are also known security issues with that web browser as well.

"In all software development, there is a trade-off between convenience and taking appropriate security measures, but it's situations like the one with Firefox that highlight the fact that open source software has - generally speaking - more issues than commercially-developed applications," he said.

"Having said that, there are tremendous cost savings, as well the widespread availability of plug-ins, that open source software brings to the better business table. This means that, with good security testing in place, a major company can still use open source and save money at the same time," he added.

Kirk went on to say that one important feature of open source software is that it can often be ruggedised, that is, made more suitable for commercial deployments, using a security testing process that ensures the software is more secure.

"The important thing to stress, however, is the need for software security testing to identify and remove vulnerabilities from applications, rather than simply trying to block attacks on software by securing the network," he added.

For more on the Mozilla root certificate issues: http://bit.ly/au4isp

For more on Fortify Software: www.fortify.com

Source: Eskenzi PR

Imperva Strengthens ThreatRadar Service with Cyveillance Anti-Phishing Data Feed

Combination of Comprehensive Data Feed and Leading Automated Defense Service Provides Proactive Protection Against Phishing Attacks

REDWOOD SHORES, CALIF. / ARLINGTON, VA., April 2010 – Imperva, the data security leader and Cyveillance, a world leader in cyber intelligence, today announced a partnership to shield organizations against growing phishing attacks. Under the agreement, Imperva integrated the Cyveillance Anti-Phishing Data Feed as part of its ThreatRadar service to further enhance its SecureSphere Web Application Firewall, enabling enterprises to deploy comprehensive reputation-based security through proactive detection of phishing threats before they become a problem.

Through its real-time Internet monitoring capabilities, Cyveillance is able to offer the industry’s most accurate, comprehensive and up-to-date phishing site detection data feed. Utilizing the Cyveillance Anti-Phishing Feed as an additional layer of security for its ThreatRadar service, Imperva is able to apply detailed policies to detect access to specific site content and deliver visual warnings as well as generate SecureSphere alerts. Alerts are viewed by the SecureSphere administrator who can then take action against the attack either blocking it or notifying a designated security professional.

“With this partnership, Imperva and Cyveillance have taken Web application firewalls to a new level, enabling enterprises to block phishing attacks at the gate—preventing a major headache for virtually every company worldwide,” explained Amichai Shulman, Imperva’s chief technology officer.

According to Cyveillance’s recent “2H 2009 Cyber Intelligence Report,” during the second half of 2009, 399 brands were first-time targets of phishing attacks, nearly double the amount of first-time targets than in the first half of the year. Averaging over 36,000 confirmed, unique attacks per month in the same period of 2009, phishing attacks continue to succeed despite advances made in consumer education and added protections implemented by security departments within the targeted organizations.

“We continue to see a large demand for our market leading early warning cyber threat feeds to enhance the efficacy of existing security solutions,” said Panos Anastassiadis, COO of Cyveillance. “We appreciate the opportunity to work with such a forward looking company and applaud Imperva for constantly enhancing its services and working to stay one step ahead of the online criminals. Our ability to accurately identify and confirm fraudulent phishing URLs is the perfect complement to the ThreatRadar service and uniquely positions Imperva to offer more comprehensive protection to their customers.”

For additional information on Cyveillance Anti-Phishing Data Feed and ThreatRadar, please visit: http://www.cyveillance.com/web/solutions/oem/anti-phishing.asp, and http://www.imperva.com/products/threatradar.html, respectively.

About Cyveillance

Cyveillance, a world leader in cyber intelligence, provides an intelligence-led approach to security. Through continuous, comprehensive Internet monitoring and sophisticated intelligence analysis, Cyveillance proactively identifies and eliminates threats to information, infrastructure, individuals and their interactions, enabling its customers to preserve their reputation, revenues, and customer trust. Cyveillance serves the Global 2000 and OEM Data Partners – protecting the majority of the Fortune 50, regional financial institutions nationwide, and more than 100 million global consumers through its partnerships with security and service providers that include Blue Coat, AOL and Microsoft. Cyveillance is a wholly owned subsidiary of QinetiQ North America. For more information, please visit www.cyveillance.com or http://www.qinetiq-na.com.

About Imperva

Imperva, the Data Security leader, enables a complete security lifecycle for business databases and the applications that use them. Over 4,500 of the world’s leading enterprises, government organizations, and managed service providers rely on Imperva to prevent sensitive data theft, protect against data breaches, secure applications, and ensure data confidentiality. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring from the database to the accountable application user and is recognized for its overall ease of management and deployment. For more information, visit www.imperva.com.

Source: Eskenzi PR

ICO's new data breach penalties kick off amidst a melee of data losses

ICO's new data breach penalties kick off amidst a melee of public sector data losses and censure actions.

April 2010 - In a fortnight that has seen two councils leak data and the Information Commissioner's Office slamming further three councils for failing to protect their data - you could be forgiven for thinking that the public sector is leaking data like a sieve.

But, says Credant Technologies, this is all a sign that the ICO is ramping up its investigations and rulings, in preparation for this week's introduction of a 100-fold increase in the maximum penalty for a data breach.

According to Sean Glynn, product manager with the data security specialist, with penalties of up to half a million pounds, it's clear that the ICO's office is girding its loins for what could be a spring and summer of discontent amongst IT managers, as their data insecurities are made public.

"As last week's data breach involving the loss of data on 9,000 teenagers from Barnet Council (http://bit.ly/8Y0Hw0) being stolen from the home of an employee, shows, having a good set of security policies in place does not help if you do not use technology to firmly enforce those policies," he said.

"And as the case of Stoke-on-Trent's council social work department apparently losing an unencrypted USB stick in the mud (http://bit.ly/bMjcZv) also shows, security policies are for naught if the staff don't stick to the council's policies," he added.

And if you look closely at the three effective censures that the ICO's office made last week against three councils - Highland (http://bit.ly/ao5lrp),  St. Albans (http://bit.ly/9rwk9I)  and Warwickshire (http://bit.ly/aqiJB0) - you'll see a common thread running through them: a lack of effective implementation of security policies, the Credant product manager went on to say.

In the case of Highland Council, where personal data on one family was released to another, you can see that staff at the sharp end let the side down. And in the St. Albans incident, where a laptop was stolen last summer, it was a similar lack of engagement by the staff concerned, who left the notebook on a desk without security it, he explained.

The final censure against Warwickshire county council, says Glynn, was the result of two laptops and a USB stick in two unconnected incidents, that were stolen.

The common thread to all five - or six incidents, depending on your point of view - is that a conventional IT security approach has clearly failed, with security policy enforcement proving to be ineffectual in all cases.

But, he went on to say, if all the relevant data in the organisations had been encrypted - both at rest and on the move - then there is every strong chance that, whilst the hardware would have gone walkabout in most of the cases, the integrity of the data would have remained intact, which is what the ICO is now taking a keen interest in.

This isn't to say that enforcement of security policies and good program code security practices are not needed, but that encryption of private data - from whatever source - acts as an extra safety net for when things go wrong.

"With the new penalties kicking in this week onwards for breaches of the Data Protection Act in the UK and others being introduced recently in the US such as the Massachusetts State Data Breach Law - IT managers need to understand that, without a multi-layered approach to security - underpinned by effective encryption technologies - data leaks like those of the last week will go on taking place," he said.

And this is an issue that doesn't just affect public sector IT managers alone. Their counterparts in the private sector also need to wake up and smell the coffee as well," he added.

"It's now crystal clear that, if IT managers don't get their act together in short order, there could be some hefty fines and even more embarrassing public enforcement notices being dished out," he added.

For more on Credant Technologies: www.credant.com

Malware Warning

by Michael Smith (Veshengro)

Epsom, UK, April 17, 2010: AVG yesterday flagged up “YouTube Downloader Toolbar” for IE and Firefox as malware, adware and keylogger.

I would therefore seriously recommend that anyone who has this toolbar installed – it comes bundled with the “YouTube Downloader”, which in itself seems fine, immediately uninstall this one.

In addition to that my standard advice is for users not to install any such toolbars to their system, as many of them appear, in my tests, to be far from benign. Too many are set up to be ET, as in “phone home”.

Be careful, be aware, and use good security software. The latter does not have to be expensive. AVG can be had as a free version and it is that which flagged the toolbar in question.

© 2010

Novatel Wireless Launches NovaDrive Cloud-Based Storage Service

MiFi Customers Gain Access to Unlimited Storage, 256 bit Encryption and Remote Wipe if Lost or Stolen

Novatel Wireless, Inc., (Nasdaq:NVTL) a leading provider of wireless broadband solutions, announced recently the launch of NovaDrive powered by Nomadesk technology, a MiFi™ Trusted Partner. NovaDrive gives Novatel Wireless MiFi Intelligent Mobile Hotspot customers, as well as other mobile broadband users, the ability to share, synchronize, encrypt, back-up and store files to access from any laptop or web-based, hand-held mobile device. Novatel customers can download a free 30-day trial of NovaDrive at www.NovaDrive.net.

The MiFi platform represents the industry’s first Intelligent Mobile Hotspot, a new product category for mobile broadband that lets users put their world of content, services and connectivity in their pocket. Unlike existing router solutions that require an external broadband USB modem and serve only to provide connectivity, the MiFi platform creates a personal cloud of high-speed Internet connectivity that can be easily shared between multiple users and up to five Wi-Fi devices such as laptops, tablets,
cameras, gaming devices and multimedia players.

NovaDrive gives mobile users increased access to their data from any location, while providing an extra layer of security and unlimited storage.

With this launch, Novatel Wireless will offer existing MiFi customers and other broadband users a free downloadable NovaDrive account at www.NovaDrive.net.

Customers can sign-up to receive a personal file server with unlimited capacity, and all the other NovaDrive features, for approximately $50 per year, or a business file server, which provides unlimited storage and collaboration with an unlimited number of team members for $15 per month. For added protection, NovaDrive also supports
TheftGuard technology, where users can shred or restore data remotely in the event of theft and they can even locate the mobile device using GoogleMaps.

“This offering will provide our existing MiFi community, and other potential MiFi users, with premier cloud storage services seen in the market today,” said Rob Hadley, CMO, Novatel Wireless, Inc. “We are very happy to bring to market a cloud-based solution with unlimited storage capacity, 256-bit encryption, and added security service to store and share photos, videos, presentations and documents through any mobile device. We look forward to expanding this offering quickly to support the MiFi local storage which allows seamless access and synchronization to the SD removable storage on MiFi to and from the cloud.”

Millions of people risk losing their unprotected, critical data every day. As the amount of unprotected data stored on multiple devices increases, it becomes harder to synchronize and easier to lose. Keeping data secure, synchronized, backed up and available can be expensive and require in-house IT expertise. When customers are working on the road, NovaDrive allows individuals and business teams to secure, sync, share and backup data with no limits or change in behavior. NovaDrive acts just like a hard drive, storing important documents in one place with remote access. Users simply drag and drop their docs into the mobile file server, and files are immediately encrypted, backed up and available for file sharing.

Source: Novatel

Durex India data breach - they should have used protection

Durex India data breach - they should have used protection says Imperva

Reports that a Web site selling Durex condoms in India has suffered a data breach - with customers details being publicly available on the Internet - appears to be the result of business logic flaws, says Imperva.

“Web application hackers are focusing more and more on attacks that target vulnerabilities in the business logic, rather than in the application code,” explained Imperva CTO Amichai Shulman. “Business logic attacks often remain undetected. In fact, most business logic vulnerabilities are hard to anticipate and detect using automated test tools, such as static code analyzers and vulnerability scanners. Often, attack traffic resembles normal application traffic. Attacks are usually not apparent from code and are too diverse to be expressed through generic vulnerability scanner tests.”

"With the new Data Protection Act penalties just days away from being implemented by the Information Commissioner's Office in the UK, and other regulators around the world adopting similar `get tough' policies, it looks like data breaches need to look beyond basic vulnerabilities such as SQL injections," said Shulman.

"As we've said in our various reports on the subject of Web site attacks, it's always amazing that companies don't think their site defences will be probed by increasingly sophisticated hackers, let alone inquisitive Internet users," he added.

According to Shulman, the Durex Indian Web site security lapse was almost certainly the result of a simple logic attack using a technique known as parameter enumeration.

Organisations that fail to take seriously security for their Web sites and allied Internet services, he explained, will inevitably suffer from attacks of this type, which can be an expensive option on the regulatory front, as well as when lawsuits come knowing at their door.

"And the fall-out from this saga is that the company has now been severely embarrassed internationally, and that's before any legal or regulatory action is involved," he said.

"Companies need to wake up and smell the coffee when it comes to Web site security. A failure to make a modest investment at the development and implementation stages can result in considerably more cost - and damage to reputation - in the longer term," he added.

For more on the Durex Indian data loss incident: http://bit.ly/b3lcns

For more on Imperva: www.imperva.com

Source: Eskenzi PR

IronKey and ActivIdentity team to deliver authentication for mobile workers

IRONKEY AND ACTIVIDENTITY TEAM TO DELIVER CAC/PIV AUTHENTICATION ON IRONKEY ENTERPISE DEVICES FOR MOBILE WORKERS

IronKey, the leader in secure and managed portable computing solutions, and ActivIdentity Corporation (NASDAQ: ACTI), a global leader in strong authentication and credential management, in February 2010 announced that they have teamed to deliver a comprehensive solution that enables government agencies and enterprises to utilize Common Access Card (CAC) and Personal Identity Verification (PIV) credentials as a second factor when authenticating to an IronKey multifunction security device.

Integration with the ActivIdentity ActivClient™ smart card middleware enables a second factor when authenticating to an IronKey device. This provides not only strong authentication, but significantly streamlines IronKey activation, making it even easier to deploy the devices. Many U.S. Government agencies, including those of the Department of Defense (DoD), rely upon ActivIdentity for their CAC/ PIV authentication solution. By working with ActivIdentity, IronKey becomes interoperable with all ActivIdentity CAC/PIV implementations in the U.S. Government, DoD, and elsewhere. In addition to using the CAC/PIV smart card to unlock an IronKey device, once the CAC/PIV smart card has been removed from the associated PC, the IronKey device is automatically locked.

“We are pleased to team with IronKey to deliver proven technology that will add strategic value to our customers,” said Jerome Becquart, vice president of products and services at ActivIdentity. “We believe our combined solution will not only help to solve current challenges for our customers but also create future growth opportunities as the market evolves.”

“This is a great example of two world-class technology leaders coming together to benefit their common customers – ActivIdentity for CAC/PIV authentication, and IronKey for secure, portable, centrally managed storage,” said Steve Ryan, senior vice president of business development at IronKey. “Our relationship with ActivIdentity enables us to deliver a sophisticated authentication solution that, when combined with an IronKey device, strengthens security, reduces organizational risk, and provides convenience for IronKey government customers.”

For more information, please visit www.ironkey.com

IronKey is the global leader in providing secure and managed portable storage, authentication, and trusted virtual computing solutions for mobile workers. IronKey multi-function portable security devices, management software and associated services are designed to meet the security, performance, and privacy standards of the most demanding enterprise and government customers. IronKey solutions range from IronKey Basic, the world’s most secure USB flash drive, to the IronKey Enterprise Virtual Desktop solution for carrying a secure operating system and virtual desktop environment on a pocket-sized device. IronKey works with industry leaders in virtualization, storage and security, including Lockheed Martin, McAfee, MokaFive, RSA, RingCube and VeriSign to extend the applications of its secure mobile computing platform. IronKey products are FIPS 140-2, Level 3 validated. Thousands of customers use IronKey, including Fortune 500 companies, enterprise organizations in financial services, healthcare and legal markets, as well as government agencies, including FEMA, NATO and DHS.

ActivIdentity Corporation (NASDAQ: ACTI) is a global leader in strong authentication and credential management, providing solutions to confidently establish a person’s identity when interacting digitally. For more than two decades the company’s experience has been leveraged by security-minded organizations in large-scale deployments such as the U.S. Department of Defense, Nissan, and Saudi Aramco. The company’s customers have issued more than 100 million credentials, securing the holder’s digital identity. ActivIdentity is headquartered in Silicon Valley, California. For more information, visit www.actividentity.com.

Source: Eskenzi PR

Cyber-Ark Expands RSA Secured Partner Program Certification Status

Cyber-Ark Privileged Identity Management Suite, Inter-Business Vault and Sensitive Document Vault Now Formally Interoperable with RSA enVision Platform and RSA SecurID System

Cyber-Ark® Software, the leading global software provider for protecting critical applications, identities and information, today announced it has expanded the company’s RSA Secured® Partner status, certifying interoperability between Cyber-Ark’s Privileged Identity Management Suite, Inter-Business Vault® and Sensitive Document Vault™ with the RSA enVision® platform. This collaboration with the RSA Security Division of EMC (NYSE: EMC) further expands Cyber-Ark’s leadership position through the power of privileged identity control alongside collection, alerting and analysis of log data for security information and event management (SIEM) – providing joint customers with greater control over powerful privileged accounts.

The management of IT and administrative accounts has come under increased scrutiny by auditors, compliance and risk officers at highly regulated organizations. These powerful, privileged accounts are often the most compromised at the beginning of the fraud chain and used for malevolent purposes – providing wide ranging access to critical information and applications. Through its interoperability partnership with RSA, Cyber-Ark is providing customers with a greater ability to control, monitor and audit access to sensitive data and systems by these shared accounts.

“We are pleased to team up with Cyber-Ark to help meet the unique needs of the enterprise by providing joint customers with a leading identity management solution that has proved to enable a clear path for security and information event management,” said Ted Kamionek, vice president, business development & technical alliances at RSA. “This inventive collaboration provides another critical step forward in helping to best protect the organization’s information, identities and infrastructures.”

Cyber-Ark’s Privileged Identity Management Suite allows organizations to secure, audit, control and manage privileged identities - those shared and administrative accounts found in servers, firewalls, databases, routers and workstations, including clear-text application identities embedded in scripts, configuration files and applications. Through its ability to interoperate with both the RSA enVision platform and RSA SecurID system, joint customers can now:

  • Personalize and log all access to shared administrative accounts, helping in SIEM-based analysis and forensic processes;

  • Enforce strong authentication via RSA SecurID when insiders or partners need to access both privileged accounts or highly-sensitive information;

  • Forward anomaly alerts and notifications whenever employees or partners access highly sensitive information stored in the Cyber-Ark Digital Vault.

“The Cyber-Ark Privileged Identity Management Suite provides native auditable ‘personalization’ of users accessing powerful privileged, IT administrative accounts across the enterprise, providing RSA enVision customers with real visibility into the world of privileged account utilization,” said Richard A. Weeks, vice president of business and channel development for Cyber-Ark Software. “This collaboration improves the overall organizational infosecurity posture for our customers by locking down those privileged accounts most often associated with insider breaches and providing instant identity correlation during incident response or forensic analysis.”

The RSA Secured Partner Program is one of the largest and longest-running technology alliance programs of its type, bringing over 1,000 complementary solutions across more than 300 organizations together. RSA SecurID®, RSA® Access Manager, RSA® Adaptive Authentication, RSA® Digital Certificate Solutions, RSA® Hybrid Authenticators, RSA® enVision, RSA® Federated Identity Manager and RSA® Key Manager Suite certification programs bring added assurance to customers that their solutions are certified as interoperable to help them achieve faster time to deployment and lower overall cost of ownership. The RSA Secured Partner Program reflects RSA’s commitment to driving inventive collaboration across the industry and support standards-based interoperability with its information-centric security solutions to help protect information, identities and infrastructures. For more information, please visit www.rsa.com/rsasecured.

Cyber-Ark® Software is a global information security company that specializes in protecting and managing privileged users, applications and highly-sensitive information to improve compliance, productivity and protect organizations against insider threats. With its award-winning Privileged Identity Management (PIM) and Highly-Sensitive Information Management software, organizations can more effectively manage and govern application access while demonstrating returns on security investments. Cyber-Ark works with more than 600 global customers, including more than 35 percent of the Fortune 50. Headquartered in Newton, Mass., Cyber-Ark has offices and authorized partners in North America, Europe and Asia Pacific. For more information, visit www.cyber-ark.com.

Source: Eskenzi PR

360 IT Event organisers welcome new open source web address security

The organisers of 360°IT - The IT Infrastructure Event have welcomed a new web address security system developed by the OpenDNSSEC project and which seamlessly integrates secure domain names into existing Internet hosting platforms without organisations having to change their infrastructures.

"What this open source initiative - which is entering beta test this week - does is to secure the data used to translate domain names (e.g. 360itevent.com) to computer addresses by adding to it a cryptographic signature created by a securely held key," said Natalie Booth, the 360°IT Event Director.

"Then, when the information is retrieved as a result of a DNS query, the cryptographic signature is also returned, allowing the distant software to validate the DNS lookup procedure," she added.

According to Booth, whose company is organising this September's 360°IT – The IT Infrastructure Event, the open source software has been developed by several major Internet leaders, including Nominet, NLNetLabs, Kirei, SURFnet, and SIDN. What this technology does is to allow site owners and operators - regardless of their size - to sign their Web site addresses and signal to Internet users that their site is both legitimate and secure, she explained.

With cloud security and other Internet-based services rapidly entering the business frame, she went on to say that it is crucially important that Web site owners and operators are able to create a secure software-based DNS signing system, as businesses must be able to trust the underlying protocols that make up the modern Internet.

By allowing site owners and operators to download the OpenDNSSEC software, the open source initiative is paving the way for a new generation of Internet software and browser add-ins that uses this important new technology.

"With the cloud forming the centre-piece for our educational show programme at this September's 360°IT Event, it is critical that businesses of all sizes have confidence in the basic systems that drive today's World Wide Web," she said.

"360°IT welcomes the release of the open beta of this BSD licensed software and expects to see a flurry of software arriving in the coming months that advances what looks like being a major evolution in Internet security," she added.

For more on the OpenDNSSEC initiative: http://bit.ly/90jm4L

For more on 360°IT: http://www.360itevent.com

360°IT is the event dedicated to the IT community addressing the needs of IT professionals responsible for the management and development of a flexible, secure and dynamic IT infrastructure.

With high level strategic content, product demonstrations and technical workshops, 360°IT will provide an essential road map of current and emerging technologies to deliver end to end solutions.

360°IT will facilitate vendor and end user collaboration to create the IT infrastructure necessary to achieve key business objectives - improving service, reducing cost and managing risk whilst gaining competitive advantage and growth.

Source: Eskenzi PR

Cyber-Ark Expands RSA Secured Partner Program Certification Status

Cyber-Ark Privileged Identity Management Suite, Inter-Business Vault and Sensitive Document Vault Now Formally Interoperable with RSA enVision Platform and RSA SecurID System

London – March 2010 – Cyber-Ark® Software, the leading global software provider for protecting critical applications, identities and information, today announced it has expanded the company’s RSA Secured® Partner status, certifying interoperability between Cyber-Ark’s Privileged Identity Management Suite, Inter-Business Vault® and Sensitive Document Vault™ with the RSA enVision® platform. This collaboration with the RSA Security Division of EMC (NYSE: EMC) further expands Cyber-Ark’s leadership position through the power of privileged identity control alongside collection, alerting and analysis of log data for security information and event management (SIEM) – providing joint customers with greater control over powerful privileged accounts.

The management of IT and administrative accounts has come under increased scrutiny by auditors, compliance and risk officers at highly regulated organizations. These powerful, privileged accounts are often the most compromised at the beginning of the fraud chain and used for malevolent purposes – providing wide ranging access to critical information and applications. Through its interoperability partnership with RSA, Cyber-Ark is providing customers with a greater ability to control, monitor and audit access to sensitive data and systems by these shared accounts.

“We are pleased to team up with Cyber-Ark to help meet the unique needs of the enterprise by providing joint customers with a leading identity management solution that has proved to enable a clear path for security and information event management,” said Ted Kamionek, vice president, business development & technical alliances at RSA. “This inventive collaboration provides another critical step forward in helping to best protect the organization’s information, identities and infrastructures.”

Cyber-Ark’s Privileged Identity Management Suite allows organizations to secure, audit, control and manage privileged identities - those shared and administrative accounts found in servers, firewalls, databases, routers and workstations, including clear-text application identities embedded in scripts, configuration files and applications. Through its ability to interoperate with both the RSA enVision platform and RSA SecurID system, joint customers can now:

  • Personalize and log all access to shared administrative accounts, helping in SIEM-based analysis and forensic processes;

  • Enforce strong authentication via RSA SecurID when insiders or partners need to access both privileged accounts or highly-sensitive information;

  • Forward anomaly alerts and notifications whenever employees or partners access highly sensitive information stored in the Cyber-Ark Digital Vault.

“The Cyber-Ark Privileged Identity Management Suite provides native auditable ‘personalization’ of users accessing powerful privileged, IT administrative accounts across the enterprise, providing RSA enVision customers with real visibility into the world of privileged account utilization,” said Richard A. Weeks, vice president of business and channel development for Cyber-Ark Software. “This collaboration improves the overall organizational infosecurity posture for our customers by locking down those privileged accounts most often associated with insider breaches and providing instant identity correlation during incident response or forensic analysis.”

The RSA Secured Partner Program is one of the largest and longest-running technology alliance programs of its type, bringing over 1,000 complementary solutions across more than 300 organizations together. RSA SecurID®, RSA® Access Manager, RSA® Adaptive Authentication, RSA® Digital Certificate Solutions, RSA® Hybrid Authenticators, RSA® enVision, RSA® Federated Identity Manager and RSA® Key Manager Suite certification programs bring added assurance to customers that their solutions are certified as interoperable to help them achieve faster time to deployment and lower overall cost of ownership. The RSA Secured Partner Program reflects RSA’s commitment to driving inventive collaboration across the industry and support standards-based interoperability with its information-centric security solutions to help protect information, identities and infrastructures. For more information, please visit www.rsa.com/rsasecured.

Cyber-Ark® Software is a global information security company that specializes in protecting and managing privileged users, applications and highly-sensitive information to improve compliance, productivity and protect organizations against insider threats. With its award-winning Privileged Identity Management (PIM) and Highly-Sensitive Information Management software, organizations can more effectively manage and govern application access while demonstrating returns on security investments. Cyber-Ark works with more than 600 global customers, including more than 35 percent of the Fortune 50. Headquartered in Newton, Mass., Cyber-Ark has offices and authorized partners in North America, Europe and Asia Pacific. For more information, visit www.cyber-ark.com.

Source: Eskenzi PR