Latest Opera vulnerability proves that all Web browsers should be viewed as potentially insecure says Idappcom

25th January 2011 - Reports that the Opera Web browser has been hit by a zero-day vulnerability highlights the fact that all Web browser clients are, by their very nature, insecure, says Idappcom, the data traffic analysis and security specialist.

According to Anthony Haywood, the firm's chief technology officer, Opera is popular amongst users of smartphones and netbooks, owing to its relatively small footprint.

"Ironically, it's also been gaining traction on account of its less-than-mainstream status, which some experts have observed means that the software is less of a target by hackers and cybercriminals," he said.

"This reasoning appears quite sound, until you realise the world's Internet browser user base is now measured in hundreds of millions, which means that a client that accounts for a fraction of a percentage still means there are millions of users out there in cyberspace," he added.

Idappcom's CTO went on to say that the very fact a browser is low profile and has a select user base can actually make it attractive in the eyes of cybercriminals, as hackers can start exploring what appears to be virgin territory as far as vulnerabilities are concerned.

The most important thing to realise about Web browser client software, he says, is that it is designed to access a variety of Web sites, typically using Port 80 for regular HTTP access, and Port 443 for HTTPS access.
With so many IP ports available, this might sound a small IP profile to deal with from a security perspective, but the problem is that there are a growing number of non-standard applications that use Port 80 across the Internet, meaning that a Web browser client must be able to support these features, he explained.

Haywood says that this latest vulnerability - which some sources are reporting as a zero-day issue - allows potential attackers to execute arbitrary code remotely.

The flaw was discovered by French security researcher Jordi Chancel who disclosed it on his blog earlier this month, and classified the problem as an integer truncation error.

"Although technically complex, the flaw can cause Opera to crash, although the potentially silver lining here is that the address of the memory violation is reported to be unpredictable. This makes the vulnerability less easy to exploit from a hacking perspective," he said.
"Is Opera less or more secure than the other mainstream browsers? That depends on your perspective. The reality is that any software that uses Port 80 across the Internet has to be viewed as a potential security issue and users - especially IT managers - need to be aware of this fact," he added.
The bottom line to this latest browser flaw is that Internet software users need to install multiple layers of security defence, and ensure their software - and their security knowledge - is as up to date as possible."

For more on the latest Opera security flaw: http://bit.ly/grWcXz

For more on Idappcom: www.idappcom.com

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Imperva Strengthens Cloud Footprint With PartnerSphere Cloud Alliance Program

More Than A Dozen Major Industry Cloud Vendors Achieve Certification

Redwood Shores, Calif., January 25, 2011—Imperva, the leader in data security, today announced its PartnerSphere Cloud Alliance Program (PCA), designed to enable Managed Security Service Providers (MSSP), Hosting and Cloud Providers to deliver best-in-class data security for their cloud data centers.  The program sets parameters for select partners, helping MSSP customers identify cloud service providers whose technologies and services have been certified by Imperva.

“Growing interest in cloud-based security services has helped Imperva’s Service Provider partners dramatically grow 2010 revenue 90 percent over the previous year,” said Imperva VP of world-wide channels, Chris Cesio.  “With a formal program in place, enterprises using Cloud services will have a certified list of partners who properly and effectively deploy and manage Imperva’s market leading technology.  Our certification program provides our small, medium and large enterprise customers with easy and reliable access to advanced data security expertise through our partners, and allows them to offload daily management functions so that they can focus on their core competencies.”

The PCA program ensures that MSSP partners have been certified according to eligibility requirements, which include:

· Partner owns and operates a secure network operations center,

· Demonstrated ability, with certified sales and technical staff, to implement Imperva’s data security products,

· Staffed to deliver ongoing and reliable 24/7 support.

Today, Imperva’s certified PCA partners include:

- Firehost

- Incapsula

- Nexusguard

- NIS or Network Integration Services

- Rackspace

- Savvis

- Seccom Global

- SecureWorks

- Security On Demand

- Solutionary

These partners have deployed Imperva SecureSphere Web Application Firewall (WAF), which enables businesses to efficiently protect data transacted by Web applications. With a WAF, Imperva’s cloud partners provide instant, cost-effective protection against attacks targeting applications for large and small enterprises. 

Imperva is the global leader in data security. With more than 1,300 direct customers and 25,000 cloud customers, Imperva's customers include leading enterprises, government organizations, and managed service providers who rely on Imperva to prevent sensitive data theft from hackers and insiders. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring for databases, applications and file systems. For more information, visit www.imperva.com, follow us on Twitter or visit our blog.

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

BitDefender survey reveals internet pornography remains a major e-threat source

63% of the users looking for online adult content compromised their computers’ security more than once

BitDefender®, an award winning provider of innovative internet security solutions, has today announced results that reveal internet pornography remains a main source of e-threats. BitDefender’s study, which exposes data security risks and implications when accessing websites with adult content, confirms that 63% of the users attempting to find adult content on their computers compromised their security on multiple occasions. The study consisted of a survey concerning the psychological background of adult online content use and net research aiming to identify the ensuing malware and privacy related issues.

“This BitDefender survey confirms that users should think twice when accessing pornographic sites since this is an area that cyber criminals continue to exploit,” states Sabina Datcu, E-Threats Analysis and Communication Specialist and author of the survey. “Over 60% of respondents admitted that they have had malware-related issues more than once as a direct consequence of accessing adult content. The findings of this study should make users consider whether accessing these sites is worth compromising their systems, data and work.”

More than 72% of the 2,017 respondents interviewed in the study admitted that they had searched for and accessed adult content sites (78% men and 22% women). The study also uncovered that of the most accessed pornographic materials, 91% were videos that can be downloaded from different sources including torrents, websites and hubs. Real-time adult content sites, such as video-chats and adult dating, ranked second in respondents’ preferences with 72%.

The study went on to reveal that 69% of the interviewed participants declared that they usually access adult content websites from home, while 25% access them from work and only 6% from other locations (internet cafés, etc). The main motivations for accessing adult sites were the need to relax (54%) and curiosity (38%).

More details on this survey can be found at Malwarecity.com. For a full list of BitDefender 2011 features and benefits by product, please visit www.bitdefender.co.uk or follow BitDefender on Twitter for daily malware alerts.

BitDefender is the creator of one of the industry's fastest and most effective lines of internationally certified security software. Since its inception in 2001, BitDefender has continued to raise the bar and set new standards in proactive threat prevention. Every day, BitDefender protects tens of millions of home and corporate users across the globe - giving them the peace of mind of knowing that their digital experiences will be secure. BitDefender solutions are distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. More information about BitDefender and its products are available at the company's security solutions press room. Additionally, BitDefender's www.malwarecity.com provides background and the latest updates on security threats helping users stay informed in the everyday battle against malware. www.bitdefender.co.uk

Source: Media Safari

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Imperva Announces PartnerSphere Technology Alliance

Imperva Announces PartnerSphere Technology Alliance, Adds Two Key Partnerships
New program offers key partnerships with WhiteHat Security and NetOptics

Redwood Shores, Calif., January 25, 2010—Imperva, the leader in data security, today announced the new PartnerSphere Technology Alliance (link), a technology ecosystem dedicated to data security and compliance.  The PartnerSphere Technology Alliance offers organizations an end-to-end blueprint for data security, providing best-of-breed products that complement and extend Imperva SecureSphere Web Application, Database, and File Security Solutions.

“Our partner ecosystem is growing rapidly as the demand for a data security strategy increases,” said Imperva VP of Business Development, Farzad Tari.  “Our program recognizes the reality of today’s IT security landscape by partnering with leading technology providers in a formal, cohesive fashion, creating a partner ecosystem to protect structured and unstructured data.”

Imperva has partnered with industry-leading vendors in several categories including Vulnerability Assessment, SIEM, Business Software, Platform, Application Delivery, Identity Management, and Masking and Encryption. Together, Imperva and its technology partners offer fully complete solutions that address organizations’ top data security challenges.

With the creation of the PartnerSphere Technology Alliance, Imperva also announces two new partnerships with WhiteHat Security and NetOptics:

Imperva WAF Quick Start Program including WhiteHat Sentinel Website Vulnerability Management:

Imperva and WhiteHat Security have joined forces to offer a closed-loop process to identify and mitigate website vulnerabilities. Beginning today, Imperva’s Web Application Firewall Quick Start Program, a packaged professional services engagement for initial product installation and configuration, will include one WhiteHat Sentinel vulnerability assessment. As part of the Quick Start Program, WhiteHat Sentinel will conduct a website vulnerability assessment. All results are verified for accuracy, eliminating false positives.  Then an Imperva professional services consultant will import the verified WhiteHat assessment results into SecureSphere Web Application Firewalls to instantly remediate discovered vulnerabilities.

The Quick Start Program now allows customers to leverage the full benefits of the Imperva SecureSphere and WhiteHat Sentinel integration. Customers can immediately mitigate Web application vulnerabilities, eliminating the window of exposure inherent with manual remediation. Virtual patching also allows customers to design and implement code fixes on their schedule, avoiding emergency fix and test cycles.

“The combined Imperva and WhiteHat solution effectively detects vulnerabilities and protects against website attacks. This integration provides a complete and automated way for organizations to simplify the management of the Web application security lifecycle,” said Bill Pennington, Chief Strategy Officer, WhiteHat Security.  “WhiteHat Sentinel delivers ongoing accurate website vulnerability data that enables Imperva SecureSphere customers to deploy virtual patching with confidence.  Organizations can design and implement application code fixes on their schedule, without rushing to fix and test patches, eliminating disruption in their development cycle. This allows businesses to freedom to decide how and when to mitigate web application security vulnerabilities in production.”

Partnership with Net Optics provides unparalleled performance, visibility, and scalability to protect network and web applications in the demanding 10G environment 

Net Optics brings to the partnership a record of proven leadership in intelligent monitoring access by providing a fault tolerant architecture with high-speed intelligent load balancing. The company’s growing suite of innovative solutions enables customers to meet the challenge of monitoring, troubleshooting, and securing high volumes of network traffic, bandwidth-intensive applications, and cloud deployments. SecureSphere Stack, powered by Net Optics, provides a scalable, high-performance data security solution for up to 10Gbps of network traffic.

The new offering will employ the unique capabilities of Net Optics Director Pro™ Data Monitoring Platform to control, filter, and dynamically load balance traffic sent to monitoring appliances. Engineered for extremely high, business-critical traffic levels, Director Pro enables deep packet exploration at full 10Gbps wire speed and provides 24/7 passive network access without introducing a point of failure. The robust Director Pro works in conjunction with up to five SecureSphere X6500 appliances to maximize Web, Database, and File Security for the most demanding applications without affecting performance and availability. Director Pro not only reduces the complexity of managing an integrated network fabric, it streamlines scaling within the customer deployment and contributes the key capability of connecting inline to a 10G network. 

“Imperva’s selection of Net Optics will help customers overcome their toughest monitoring challenges in an ultra-high performance environment where security is critical,” said Bob Shaw, CEO, Net Optics. “The Imperva-Net Optics 10G solution will enable high availability, cost-effectiveness, and the enhanced security that’s vital to any organization and cloud service provider.”

Imperva is the global leader in data security. With more than 1,300 direct customers and 25,000 cloud customers, Imperva's customers include leading enterprises, government organizations, and managed service providers who rely on Imperva to prevent sensitive data theft from hackers and insiders. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring for databases, applications and file systems. For more information, visit www.imperva.com, follow us on Twitter or visit our blog.

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Lieberman Software President Calls ‘Lush’ Hack a Potential Brand Destroyer

The Web site of Lush, the natural ingredients cosmetic firm, was reportedly cracked and subverted by hackers. Unconfirmed reports suggest that customers' payment card details have already been used by fraudsters.

According to Phil Lieberman, president of privileged identity management software specialists Lieberman Software, whilst reports of the site hack only broke on the newswires late on Friday, forum postings suggest the hack has been subverting customer payment card details for some time.

"This appears to have been confirmed by Lush, which says that anyone who placed an online order between October 4 and last Thursday should contact their bank in case their payment card has been compromised," he said, adding that the BBC reports that customers are now complaining about fraudulent purchases.

This saga is a potential brand destroyer, says Lieberman, as the cosmetics firm could have handled the situation better. One needs only read the comments on the Lush Facebook page, Lieberman added, to see the anger and frustration of the company’s past customers. 

“The bare minimum response of companies who undergo similar attacks is usually to fully disclose of the scope of the breach, offer a frank apology, and provide a year’s worth of no-cost credit checks for impacted consumers,” said Lieberman. Instead, the company simply said it was aware of the problem.

"I agree with consumers who say that the retailer’s response has been inadequate,” he added. “The company should have responded earlier and with more appropriate action – especially since this organization has been in the industry for several decades and, while portraying itself as a small and laid-back company, is in reality a major chain with a multi-million pound turnover.”

Lieberman went on to say that the firm could face punitive fines from the Information Commissioner's Office, as well as an investigation under the PCI DSS security rules form the Payment Card Industry Security Standards Forum. Whilst it's unlikely that Lush will lose its ability to process card transactions as a result of the incident, the firm could find that its commission rates will rise - adding substantially to its cost of doing business in the wake of the fiasco.

"This looks like a prime example of how not to handle a serious data security incident. Not only has the retailer alienated large numbers of customers, but it could also pay big penalties on several fronts," he said.

"The real damage lies in the fact that the reputation of the company - which prides itself on customer service and an eco-friendly approach to its products - will take a battering. There are a lot of customers who will be tempted to buy elsewhere, and that is a stark reality," he added.

"Other firms who are concerned about their own Web site and card security arrangements would do well to sit up and take notice."

For more on the Lush cosmetics site security saga: http://bbc.in/dOI3dg

For more on Lieberman Software: www.liebsoft.com

Source: Eskenzi PR Ltd.

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

The Italian Job - the first ‘perfect storm’ cyber attack

Michael Cain’s team of bank robbers were arguably the first cyber attackers as they compromised the Italian traffic control system allowing them safe passage through the city of Rome in the iconic film, The Italian Job. Today, the threat is not only to bank detail loss or credit card detail theft but to a countries entire infrastructure in order to bring down or influence a particular political regime. Hence, governments are taking the ‘perfect storm’ scenario deadly seriously.

Says Colin Tankard, Managing Director, Digital Pathways, “ Such scenarios usually highlight known vulnerabilities in systems which have not been ‘patched’ or simply bad operating practices. Operating systems and applications are updated so frequently that often organisations cannot test the update quickly enough before the next update is released. They therefore fall behind and open themselves for exploit.

“Another problem is the growing trend towards outsourcing which leads to the opening of networks or the lowering of internal controls for access to data or systems which makes the task of introducing a hole in a system which can be used by an external party to launch an attack.

“Whilst we recognise that there will always be a high level of threat to any system the way to limit the damage is by understanding the threat, identifying exactly where the vulnerabilites are and categorising them by significance. “From this position, organisations can put in place solutions to address the issues and instigate a mechanism of audit which brings together all vulnerabilites and directs the initiative for securing the weakness either by updating the system or applying a security solution directly to the application.

“ In my opinion where we are today is in a situation where many organisations have addressed their security issues individually, as the need arises, and not holistically as a whole. This is where a ‘perfect storm’ could become a reality. What is vital is that security solutions are not piecemeal but properly instigated strategies that are able to grow with the ever-changing technology landscape and requirements of organisations.”

Source: Digital Pathways

Major European and US government websites Hacked and access for Sale

Researchers from Imperva's Hacker Intelligence Initiative (HII) have found dozens of .mil, .gov and .edu web sites which have been hacked and are up for sale due to SQL injection vulnerabilities. The list includes websites government sites including Defence and State sites in the USA and Europe.   Access to these sites is being sold at $55-$499 each; Noa Bar Yosef, Senior Security Strategist at Imperva provides an in-depth analysis below:

The list includes (with original hacker's typos):

!cid_image001_jpg@01CBB97D

The ‘traffic’ probably stands for the number of records within the Database tables.  The ‘goods’ in this case are probably the needed information for the ‘Level of Control.’ For ‘full site admin’ – probably the credentials and the URL of site administrator interface.

The hacker is also selling personally identifiable information (PII) from hacked sites, for $20 per 1K records:

!cid_image002_jpg@01CBB97D  For example, here they want to sell a list of UConn staff:   !cid_image003_jpg@01CBB97D

In the screenshot below, the hacker tries to show proof of accessing the administrator interface for a major university:

!cid_image004_jpg@01CBB97D

The victims' vulnerabilities were probably obtained by SQL injection vulnerability automatic scanner and exploited in automatic manner, as the hacker published his methods in a post in some hacker forum – see screen shot and explanation:

!cid_image005_jpg@01CBB97D

In the screen shot above we can see IRC "chat" between the SQLi "master" = @evil which issues the scanning commands and the exploiting "x0wner" which performs the commands.  In this specific case @evil issues command for to x0wner to obtain DB tables names ("!tbls") from vulnerable link ("www.site.gr/athlete.php?id=...") x0wner reports its findings  - the tables "activities","admin",…

Imperva is the global leader in data security. With more than 1,200 direct customers and 25,000 cloud customers, Imperva’s customers include leading enterprises, government organizations, and managed service providers who rely on Imperva to prevent sensitive data theft from hackers and insiders. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring for databases, applications and file systems.  For more information, visit www.imperva.com, follow us on Twitter or visit our blog.

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

A constant patch and review process is essential to defend a company's IT resources

Idappcom says that a constant patch and review process is essential to defend a company’s IT resources more effectively

London, January 2011 - Commenting on the latest annual Secunia security vulnerability report, Idappcom says that blaming third-party apps for security problems on PCs is the incorrect way of approaching the perennial problem of the way software applications interact with each other.

According to Anthony Haywood, CTO with the data traffic analysis and security specialist, the problem of inter-application security issues has been around ever since the Windows API was first seen way back in 1985.

"A lot has changed in the last 26 years, not least the number of function calls which the WinAPI now supports, having increased massively since the original 450 seen in Windows 1.0," he said.

"Against this backdrop, it's interesting to see our colleagues at Secunia reporting that vulnerabilities in third-party products are the weakest link in software installations. More than anything, this confirms something our researchers have noted for some time, namely that software patches and updates need to be installed on a very timely basis, and allied to a highly effective range of IT security software at all times," he added.

Haywood went on to say that the report, which also predicts that network vulnerabilities will continue to be a problem in the year ahead, does an excellent job in detailing the issues that a good IT security manager and his/her team needs to address.

It all comes down to due diligence and risk analysis, a series of processes that needs to be updated and reviewed on a continual basis, rather than treating it as an annual `tick and check' project to be carried out like a stocktaking exercise, he explained.

Having said that, the Idappcom CTO noted that the report's conclusions - which include the fact that there often is a delay between flaws being exploited and the IT team in an organisation `getting around' to patching the flaw on a remediated basis - need to be addressed.

And it's for this reason that Haywood recommends that organisations look to automated patching software, which can now be sourced on a freeware basis for several operating systems.

"It's interesting to note that Secunia has developed its own auto-update application - PSI 2.0 - which is free of charge and is actually a reduced feature version of the pay-for edition," he said.

"The good news is that the message about the requirement for timely patches appears - at last - to be getting through to the software vendor community, especially Adobe, which now has an auto-update mechanism for Acrobat, Flash and Reader, developed apparently after lobbying from users," he added.

"When allied to a competent security advisory service like our own, IT security managers can rest easy in their beds, sure in the fact that their IT resources are as well defended as it is possible to be with the resources that are now available."

For more on the Secunia annual vulnerability report: http://bit.ly/ihKTel

For more on Idappcom: www.idappcom

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Zeus latest evolution in malware trends - targets online payment providers

Confirming our previous observations here at Trusteer, the Zeus malware continues to evolve, diversifying away from its target bank sites and their customers, and over to sites with user credentials that allow assets that have a financial value.

The move mirrors the evolution of card fraud in the 1980s and 1990s, when fraudsters initially targeted banks for cash advance fraud, then, as the banks developed their internal anti-fraud resources, moved over to quasi-cash platforms such as foreign currency purchases and then over to retail and e-tail sales outlets.

The parallels between card fraud evolution and the evolution of Zeus is reflected in the attack vectors against a few websites our researchers have identified as being targeted.

Money Bookers (www.moneybookers.com) is an online payment provider allowing you to make online payments without submitting your personal information each time. We have found 26 different Zeus configurations targeting Money Bookers. This usually indicates that fraudsters have a solid business around this target. For comparison, this number doesn’t fall short of some of the highly targeted banks and brands in the world. For those of you who don’t know what a Zeus configuration file is – it’s basically a set of instructions that Zeus gets on which websites to target and what to do with them (steal login credentials, tamper with HTML webpages, etc). Different configurations represent different work efforts of targeting online websites.

Another interesting target we have found is Web Money (www.wmtransfer.com). This is another online payment solution that claims to have more than 12 million active users.  Web Money is targeted by 13 different Zeus configurations, with the last one released January 16th, indicating that this is hot target for fraudsters. As with all the other online payment providers, Zeus steals login information and other sensitive information of Web Money users.

Another popular target is Nochex (www.nochex.com). A UK based online payment company specializing in smaller online businesses. Nochex is targeted by 12 different Zeus configurations with the last one released in January 16th.

While these three examples represent online payment providers which have been targeted for months, there are new comers as well. One example is netSpend (www.netspend.com). This website has been recently started to be targeted by Zeus. netSpend is a prepaid card provider. You add money to your account and use you netSpend account to pay online.

The last example for today is e-gold (www.e-gold.com). The e-gold portal is a one that provides a money-like currency and wire transfer services. This website has been indicted in the past for violating money laundering regulations. According to Wikipedia (http://en.wikipedia.org/wiki/E-gold) “e-gold has been perceived by the United States government as the medium of choice for many online con-artists, with pyramid schemes and high-yield investment programs ("HYIPs") commonplace.”. This website is targeted by 16 different Zeus configuration. Could it be that fraudsters are targeting other fraudsters?

The genuine login page for e-gold (https://www.e-gold.com/acct/login.html) asks the user for the account number, passphrase and uses CAPTCHA technology to help prevent automated attacks.

On a Zeus-infected machine (with an e-gold targeting configuration), the malware injects an additional element into the login page that requests the alternate password - plus the email associated with the account, which can then presumably be tapped for back-door access to the account,.

The following screenshot shows the login page after it has been tampered with by Zeus (the injected fields are identified using a red rectangle):

!cid_image001_jpg@01CBB88A

We believe this trend of targeting online payment providers will continue as more retailers allow these alternate payment methods with their Web sites.

The latest UK figures on card fraud in the UK from KPMG (http://bit.ly/dIUzxE)  show that card fraud soared by 16 per cent in 2010 when compared to the previous year, with one of the largest frauds worth a hefty £103 million.

The story is a similar one in the US, although research from Bank Info Security (http://bit.ly/cvdRUo) found that only 48 per cent of fraud is detected at the point of transaction.

So what can be done to counter the problem of Zeus-enabled credential fraud against a diversified range of online payment providers?

We believe that customers of all sites where purchases are involved need to protect their PC or access terminal, using secure browsing services and solutions that specialize in protecting online payments and online banking.

Users should also avoid using public access computers, as well as computers you do not own and therefore have direct control over.

Retailers and payment providers, meanwhile, need to assess the risk associated with their customers' endpoint devices. They should, we believe, reject transactions from accounts used over insecure endpoints.

For more information see http://www.trusteer.com/blog

Source: Eskenzi PR Ltd.

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

According to ISACA 40% of Global Executives Block Move to the Cloud

IT Governance Institute Survey Also Reveals Outsourcing, Social Media and GEIT Trends

Rolling Meadows, IL, USA (January 2011)— Forty percent of C-level executives have stated that they are not planning to adopt cloud computing, according to the fourth Global Status Report on the Governance of Enterprise IT (GEIT, conducted by the nonprofit, IT Governance Institute (ITGI), ISACA’s research affiliate.  Respondents who do not plan to use cloud computing at all in the near future list security (47%) and privacy concerns (50%), followed closely by legacy infrastructure investments (35%), as barriers to adoption.  The 2011 study polled 834 executives from 21 countries, divided almost evenly between business executives (CEOs, CFOs and COOs) and IT executives (CIOs and heads of IT).  Of the executives who use or plan to use cloud computing for IT services 60 percent was non-mission critical and 40 percent would also trust the cloud for mission-critical IT services. Organizations are also actively employing outsourcing, with 93 percent fully or partially outsourcing some of their IT activities.

“Emerging technologies such as cloud computing and outsourcing can be managed effectively by integrating good governance over IT. Organizations need to adopt new service delivery models to stay competitive, and this is fueling a strong commitment to enterprise IT governance across the C-suite,” said Ken Vander Wal international vice president.  “Assessing the value of current investments, building consensus among stakeholders and mitigating risk with third-party providers all require a comprehensive governance framework for organizations to be sure they are doing the right things and doing things right.”

The ITGI study and three past editions are available as free downloads from www.isaca.org/ITGI-Global-Survey-Results.  The study analyzes the degree to which the concept of GEIT is accepted by the C-suite and determines GEIT maturity levels, recognized frameworks, required/preferred certifications, and impact of current special-interest, GEIT-related topics.

Of the C-level executives surveyed, 95 percent consider governance of enterprise IT important. This reveals an almost universally shared perception of IT as a critical contributor to overall business strategy, no matter where the organization is on the path of GEIT maturity.

Key findings include:

· Value creation of IT investments is one of the most important dimensions of IT’s contribution to the business (mentioned by more than nine out of 10 respondents). But challenges exist: increasing IT costs and an insufficient number of IT staff are the most common IT-related issues experienced by respondents in the past 12 months.

· There is a correlation between the position of the head of IT in the enterprise’s hierarchy and the pro-active nature of the IT department. Overall, 70 percent of respondents noted that the head of IT is a member of the senior management team, but this figure increases to 80 percent for those enterprises where IT has a proactive role.

· Governance of enterprise IT (GEIT) is a priority with most enterprises—only five percent indicated that they do not consider it important. Two-thirds of respondent enterprises have some GEIT activities in place, the most common being the use of IT policies and standards, followed by the employment of defined and managed IT processes. The main driver for activities related to GEIT is ensuring that IT functionality aligns with business needs, and the most commonly experienced outcomes are improvements in management of IT-related risk and communication and relationships between business and IT.

· Outsourcing is highly prevalent across the board, but especially in larger enterprises and those where IT is considered important or very important to the delivery of the business strategy or vision.

· Sixty percent of respondents use or are planning to use cloud computing for non-mission-critical IT services, and more than 40 percent use or are planning to use it for mission-critical IT services. For companies that do not have plans to use cloud computing the main reasons are data privacy and security concerns.

· The global economic downturn has had an effect on IT activities, the primary response initiatives being: (1) a reduction in contractor staff, (2) a reduction in permanent staff and (3) a consolidation of the infrastructure.

· The use of Facebook or Twitter at work is not highly prized; only one out of five respondents believes that the benefits of employees using social networking outweigh the risks.

More information about these topics will be presented at ISACA’s EuroCACS 2011, to be held on 20-23 March in Manchester.  ISACA’s EuroCACS is the hot-topic event for IT audit/assurance, security, control and governance professionals in the region, covering issues such as: governance concerns for ERP, how to make IT audit more relevant, wireless network security, cloud computing, and security concerns for service-oriented architecture.  Additional information is available at www.isaca.org/EuroCACS.

“The overwhelming consensus about the importance of IT governance is encouraging. As 2011 IT initiatives get underway against an economic backdrop that continues to be volatile, the ability to balance and manage value creation, risk management and optimization of resources will be critical,” said Roger Southgate, Past President ISACA London and Independent Governance and Risk Consultant.

This year’s study shows that top tactics used to battle the economic downturn were a reduction in contractor and permanent staff numbers and infrastructure consolidation. According to the Global Status Report on GEIT, GEIT processes can ensure that this focus is balanced with a view on investments that can generate cost savings and ultimately become self-funding.

Successfully implementing GEIT depends on effective change management, communication, scoping and identification of achievable objectives. The outcomes encompass shorter-term benefits such as reduced cost and longer-term benefits such as enhanced management of IT-related risk, improved relationships between business and IT, and increased business competitiveness. The top outcomes cited in this year’s study are improved management of IT-related risk (mentioned by 42 percent of respondents) and better communication and relationships between business and IT (37percent).

For additional information, visit www.isaca.org/ITGI-Global-Survey-Results.

The IT Governance Institute® (ITGI®) (www.itgi.org) is a nonprofit, independent research entity that provides guidance for the global business community on issues related to the enterprise governance of IT assets. ITGI was established by the nonprofit membership association ISACA (www.isaca.org) in 1998.

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Trustmarque Solutions Hosts Exclusive Client Council

  • Experts gathered to discuss the impact and fall out from the Comprehensive Spending Review on public sector organisations
  • A key challenge cited for both Central Government and the wider public sector is that investments to improve ICT infrastructure are harder to prioritise than in the private sector

York, UK: 14th January 2011.  Value Added Reseller (VAR) Trustmarque Solutions recently hosted a roundtable where 12 experts gathered to give their views on current ICT issues faced by public sector organisations and the consequences of the budget cuts laid out in the Comprehensive Spending Review.  Representatives included Trustmarque public sector clients the Royal Borough of Kensington and Chelsea, Hampshire Health Informatics Service, HQ Land Forces and South London & Maudsley NHS Foundation Trust as well as other participants including Digital Systems Knowledge Transfer Network (KTN), Trustmarque Solutions, Pink Elephant, Campaign4Change, Computer Weekly, The British Computer Society and First Base Technologies.

Key questions debated and discussed focused on: How will investments be funded if a department has no additional ICT budget to invest? How will services be shared in departments that are operating to individual mandates? How will resources be shared if security levels change in a non-linear fashion?  Technology topics under discussion included Cloud Computing and the idea of taking more services online, creating a modern IT infrastructure and the benefits of consolidation, virtualisation and hosted solutions, security and risk management and of course doing more with less and optimising the IT environment.

The fact that many public sector organisations have acquired a wide range of equipment and applications that have lengthy life spans and which continue to run today, 30 or 40 years after they were introduced continues to be a significant challenge. Ian Osborne, Director Digital Systems KTN stated:  “What we are finding is that while there is considerable appetite to consolidate, update, reduce costs and carbon emissions etc., for many migrating to a virtualised, commodity and modern infrastructure is simply not a practical option as there is limited budget available to invest in new technologies. This puts considerable stress on the need to update existing systems which will underpin the government programme to reduce the deficit.”

Ian Osborne went on to say: “Organisations want to deliver more services online to reduce cost and energy usage, with almost 70 percent of UK citizens online sharing resources and infrastructure that is required to achieve this. Most organisations only use about 10 percent of their server capability.  Something has got to give. The only way we can move forward in the ‘Big Society’ vision is to change our server usage.” 

David Hardy, South London and Maudsley NHS Foundation Trust said that his challenge was to sweat existing assets, finding software and systems with unnecessary functional duplication and realising the additional benefits that are frequently tucked away out of sight. Other cost cutting and efficiency measures undertaken include server virtualisation, migration to Voice over IP for internal telephony, migrating from legacy WAN technologies and consolidating comms suppliers. ICT are enabling the rest of the business to access savings via video conferencing, remote working and provisioning hot desk functionality via thin client and VoIP.

Lee McKenzie of HQ Land Forces commented: “It is all about making the most of reducing budgets and getting more out of the money that we have already spent by seeing how we can optimise our existing infrastructure. McKenzie went on to say that one of the key things stopping his organisation from moving to new platforms and technologies such as the Cloud is that it has hundreds of overlapping applications covering 27 different services, therefore he concluded: “We would need to consolidate before we can even think about moving to the Cloud.”

With the recent departure of Government CIO John Suffolk in mind, David Bicknell of Campaign4Change stated: “Currently, although there has been much discussion about G-Cloud in the past year, there is no central Government ICT strategy in place. That is still under discussion and what public sector organisations need right now is greater certainty and strong leadership with a clear vision and strategy they can believe in. I certainly believe that there is an opportunity for smaller and medium-sized organisations to break the procurement mould. There are new reformers out there who should be rewarded for their innovation, not thwarted by some civil servants who prefer to keep the status quo.”

The conversation moved on to risk mitigation, data protection and security, and Peter Wood from the British Computer Society and First Base Technologies felt that awareness of security in government had positively soared: “Nowadays there are fines for councils and public sector organisations if computers are found to be unencrypted.  However public sector funding for security investment and infrastructure is still tied.” He added: “Where Cloud is concerned many councils have to use a UK data centre and there are some very sensitive areas such as Child Support and Social Services that would need robust security processes in place before outsourcing to the Cloud.”

David Marriott Lodge, Trustmarque Solutions added: “Cloud offers scalability within certain boundaries – we can definitely see the benefit of Cloud but it has to start with understanding what you have and how you are using it before you can start outsourcing to a third party provider. Plus it presents a cultural barrier which organisations need to overcome. The majority of software we sell is still on-premise, the uptake on change is slow – one of the main issues is that organisations want things to be simple and they want to keep everything in one place.”

Mark Penny of Trustmarque Solutions felt that the one of the primary challenges facing public sector procurement in the current economic climate was the perceived need to prioritise price ahead of value. “Rarely does price advantage equate to best overall value,” said Penny. “Whilst tendered frameworks enable customers to procure their project output requirement or shopping list at the lowest possible price, there is far greater value to be had by working closely with genuine value-added resellers such as Trustmarque to significantly reduce the output requirement itself! Engaging your reseller earlier in the process is the only reliable means of realising substantial cost savings.”

Barry Goodall, Royal Borough of Kensington and Chelsea summed up what he felt the road ahead for public sector organisations looked like: “Today and for the foreseeable future it is all about continual change. Change is the norm, so you had better get used to it – in fact to not only survive but thrive you need to embrace it. I can only describe it as a journey that we are all on, where the end destination is unknown.”

Trustmarque launched its Work Smart Cost Savings Campaign on 1st September 2010, which is designed to help public sector organisations squeeze out costs and stretch budgets further to deliver optimum value on their IT investments. Since then Trustmarque has effectively worked with a number of local councils, the MoD and NHS Trusts to drive down their IT costs and improve best practices within the business. For more information visit www.trustmarque.com/worksmart

Trustmarque has been providing value added services to customers since it was founded in 1987 and is now one of the UK’s largest Value Added Resellers.  Trustmarque brings together years of knowledge plus a strong track record of delivering successful IT enabled projects for customers that realise positive business outcomes.  Trustmarque delivers solutions across six key areas: Business Solutions, Information Security, Infrastructure Services, Technology Optimisation Solutions, Managed Licence Services and Unified Communications.

Trustmarque is also a Microsoft Large Account Reseller (LAR) with Microsoft Gold Certified Partner status, as well as partnering with many other major vendors in the IT market, such as: Adobe, Business Objects, CA, Citrix, McAfee, Novell, Nuance, Sophos, Symantec, Trend, VMware and Websense to name but a few.

Trustmarque Solutions has worked with The CarbonNeutral Company (formerly Future Forests) leaders in the field of carbon management and climate change solutions to become a CarbonNeutral® company.

Source: C8 Consulting Ltd

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

SOURCEFIRE OUTPERFORMS ALL COMPETITORS IN TUNED-DETECTION FOR SECOND

CONSECUTIVE YEAR ACCORDING TO NSS LABS COMPARATIVE TEST

Independent Test Verifies Sourcefire’s Leading Performance and Protection

Wokingham, UK, 13th January 2011 -- Sourcefire, Inc. (Nasdaq: FIRE), the creator of Snort® and a leader in intelligent cybersecurity solutions, today announced that the Sourcefire Intrusion Prevention System (IPS) protected against 98 percent of all attacks and established a new industry record in NSS Labs’ recent independent tests. The results highlight Sourcefire IPS technology as the industry best - offering the most effective tuned detection of any Intrusion Prevention System tested.

"To combat today's evolving threats, organisations require security solutions that can be tailored to their unique environments and needs, which is why our evaluation process places significant focus and resources on the effectiveness of tuning detection," said Rick Moy, president, NSS Labs, Inc. "The Sourcefire 3D 4500 IPS, tuned by Sourcefire engineers, achieved the highest level of protection for the second year in a row. It should remain one of the top choices for organisations looking to leverage a network IPS."

For the second consecutive year, Sourcefire’s IPS took the top spot in tuned detection of any product tested and, once again, earned NSS Labs’ highest “Recommend” rating.  The Sourcefire 3D 4500 Sensor, promoted by Sourcefire as a 2 Gbps IPS, actually achieved 3.2 Gbps of throughput, equating to 161 percent of its vendor-stated performance—the highest percentage of all IPS models tested.  Additional highlights of Sourcefire’s test results include:

· Industry best 98 percent tuned security effectiveness

· Industry best 99 percent tuned detection of target-initiated attacks

· Industry best 98 percent tuned coverage for vulnerabilities reported between 2004 and 2010

· 100 percent anti-evasion coverage

“Focusing on customising and tuning our IPS is one of the critical ways we protect our business from threats that target our applications, systems and users,” said John South, chief security officer at Heartland Payment Systems, one of the nation’s largest payments processors. “Sourcefire offers a premier IPS solution that enables us to protect against threats to our specific environment through IPS customisation coupled with automated tuning capabilities. NSS Labs’ findings further validate the effectiveness of Sourcefire’s technology.”

“The results of this test from NSS Labs highlight the importance of Intrusion Prevention technology in today’s dynamic enterprise networks. We are proud to lead the industry for a second consecutive year in blocking more attacks than any other IPS vendor,” said Matt Watchinski, Senior Director of Vulnerability Research at Sourcefire. “This year’s test reaffirms the importance of selecting an IPS solution that not only protects against current threats, but has the ability to adapt to new attacks, as well.”

Designed to address the challenges faced by IT professionals in selecting and managing security products, NSS Labs reports offer unbiased, actionable information based on real-world test data. Using its real-world testing methodology, NSS Labs compared 13 enterprise IPS solutions against 1,179 live exploits and six anti-evasion categories representing another 75 tests, in the industry’s most comprehensive test to date. All devices were tested twice, once using default policy settings and then again after being configured and tuned by each vendor’s technical experts. Ratings were then awarded based on the product’s security effectiveness, performance and total cost of ownership (TCO). Each product earned a rating of either “Recommend,” “Neutral,” or “Caution” based on its composite test results. Only the top technical products earned a Recommend rating, regardless of their market share, brand recognition or the company’s size.

Sourcefire Individual Test Report Available Now

The Sourcefire Individual Test Report from NSS Labs can be found at: http://sourcefire.mktoweb.com/NSSLabs.html

The full group report can also be purchased at www.nsslabs.com.

Join Sourcefire and NSS Labs Webcast: Selecting an Enterprise IPS

Tuesday, January 25, 2011, 11am EST / 8am PST / 4pm GMT

Featuring Vik Phatak, CTO of NSS Labs and Jason Brvenik at Sourcefire

https://sourcefire.webex.com/sourcefire/onstage/g.php?t=a&d=797995461

About NSS Labs, Inc.

NSS Labs, Inc. is the leading independent, information security research and testing organisation. Its expert analyses provide information technology professionals with the unbiased data they need to select and maintain complex security products for their organisations. Pioneering intrusion detection and prevention system testing with the publication of the first such test criteria in 1999, NSS Labs evaluates firewall, unified threat management, anti-malware, encryption, web application firewall and other technologies on a regular basis. The firm’s real-world test methodology is the only one to assess security products against live Internet threats. NSS Labs tests are considered the most aggressive in the industry. Founded in 1991, the company has offices in Carlsbad, California and Austin, Texas. For more information, visit www.nsslabs.com.

Sourcefire, Inc. (Nasdaq:FIRE), is a world leader in intelligent cybersecurity solutions.  Sourcefire is transforming the way Global 2000 organisations and government agencies manage and minimise network security risks. Sourcefire’s IPS, Real-time Network Awareness and Real-time Adaptive Security solutions equip customers with an efficient and effective layered security defense – protecting network assets before, during and after an attack. Through the years, Sourcefire has been consistently recognised for its innovation and industry leadership by customers, media and industry analysts alike – with more than 50 awards and accolades. Today, the name Sourcefire has grown synonymous with innovation and network security intelligence. For more information about Sourcefire, please visit http://www.sourcefire.com.

SOURCEFIRE®, Sourcefire IPS™, SNORT®, RAZORBACK™, the Sourcefire logo, the Snort and Pig logo, SECURITY FOR THE REAL WORLD™, SOURCEFIRE DEFENSE CENTER®, SOURCEFIRE 3D®, RNA®, RUA®, DAEMONLOGGER™, CLAMAV® and certain other trademarks and logos are trademarks or registered trademarks of Sourcefire, Inc. in the United States and other countries. Other company, product and service names may be trademarks or service marks of others.

Source: C8 Consulting Ltd

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

BitDefender offers free removal tool for malware that steals FTP and e-banking passwords

Bitdefender

Free new disinfection tool against Backdoor.Lavandos.A available on MalwareCity.com for all computer users

BitDefender®, an award winning provider of innovative internet security solutions, has announced the release of a free removal tool for the Backdoor.Lavandos.A malware that discreetly steals FTP and e-banking passwords. Primarily used by Russian and Ukrainian institutions, Lavandos will also steal personal data from accounts on the infected computer.

Shortly after infection Backdoor.Lavandos.A will generate, for each browser found on the ‘hijacked’ PC, a ‘setupapi.dll’ in the installation root folder for Mozilla® Firefox®, Opera® and Internet Explorer®. This will enable easy manipulation of browser functions in order to import certificates or to accept a self-signed certificate as being trusted. Users infected with Backdoor.Lavandos.A are at risk of disclosing sensitive information related to e-banking as well as having their FTP accounts stolen by cybercriminals involved in malware distribution.

“What is particularly interesting about this e-threat is the fact that its driver component will not remain written on the disk longer than necessary,” said Catalin Cosoi, Head of the BitDefender Online Threats Lab. “Instead it will be stored in the Windows® Registry immediately after completing its task, ensuring it keeps a low profile.”

BitDefender customers have been protected since day zero via generic packer routines already included in the signature database. For those not protected by a BitDefender product, the free Lavandos removal tool can be downloaded from the Downloads section of MalwareCity.com, a BitDefender initiative for the software security community and a free resource for those interested in their online security.

To stay up-to-date on the latest e-threats, sign-up for BitDefender’s RSS feeds here. For a full list of BitDefender 2011 features and benefits by product, please visit www.bitdefender.co.uk or follow BitDefender on Twitter for daily malware alerts.

BitDefender is the creator of one of the industry's fastest and most effective lines of internationally certified security software. Since its inception in 2001, BitDefender has continued to raise the bar and set new standards in proactive threat prevention. Every day, BitDefender protects tens of millions of home and corporate users across the globe - giving them the peace of mind of knowing that their digital experiences will be secure. BitDefender solutions are distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. More information about BitDefender and its products are available at the company's security solutions press room. Additionally, BitDefender's www.malwarecity.com provides background and the latest updates on security threats helping users stay informed in the everyday battle against malware. www.bitdefender.co.uk

Source: Media Safari

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Avecto Achieves Record-Breaking Growth and Widespread Industry Recognition in 2010

Boston, MA and Manchester, UK, Jan 2011: Avecto the world leader in Windows privilege management, today announced record-breaking year end results for 2010 with annual revenue up by 300%. Additionally, worldwide sales of new Privilege Guard licences quadrupled, the company signed its first $1M customer, launched 24/7 customer support, expanded strategic partnerships to include HP, CSC and IBM and its award winning Privilege Guard solution was voted ‘Best Security Product’ by Windows IT Pro industry experts.

Tony Bolland, Avecto CEO said “2010 was a great year for Avecto, and despite tough market conditions globally, we achieved exceptional customer adoption and widespread industry recognition.  Windows 7 has now reached just over 20% of the worldwide market and, as the roll-out of this latest Microsoft operating system (OS) continues, organizations need to plan for the security features of Windows 7 and strive to achieve the least risk Windows 7 desktop. We are committed to delivering the highest levels of customer service and support, and ensuring that Privilege Guard continues to exceed market expectations.”

When Oxford University Press (OUP), the largest university press in the world, implemented their policy of least privilege using Privilege Guard as part of their Windows 7 deployment, Gavin Wilson, Senior Support Analyst from OUP stated, "Avecto have provided us with excellent support, not just for the product, but they have gone beyond implementation and given us some of the best advice we have ever experienced. We are confident we made the right decision in choosing them to help roll-out our least privilege strategy”. Jeff Douglas, senior advisor for Infrastructure Services at National Government Services, noted "Privilege Guard support has been the best part of our experience!"

Avecto’s Privilege Guard has been adopted by organizations in all major industry verticals including  Banking and Finance, Government, Defence, Pharmaceutical, Education, Publishing, Energy, Telecoms and Aerospace, as well as many more, enabling customers to give their Windows desktop users the flexibility they require while optimizing the security posture of the internal networks through granular privilege management.  

Avecto is the leader in Windows privilege management, helping organizations to deploy secure and compliant desktops and servers. With its award winning Privilege Guard technology, organizations can now empower all Windows based desktop and server users with the privileges they require to perform their roles, without compromising the integrity and security of their systems.

Customers of all sizes rely on Avecto to reduce operating expenses and strengthen security across their Windows based environments. Our mission is to enable our customers to lower operating costs and improve system security by implementing least privilege. Avecto is building a worldwide channel of partners and system integrators and is headquartered in Manchester, UK. For more information, visit www.avecto.com.

Source: Avecto

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Trustmarque Solutions Helps The North West Ambulance Service Take Control Of Its Software Assets

· North West Ambulance Service (NWAS) implements ongoing Software Asset Management (SAM) with Trustmarque’s Snow Hosted Managed Service 

· NWAS now has the opportunity to re-harvest any unused licences, avoiding  un-necessary future purchases

York, UK: 4th January 2011.  Value Added Reseller (VAR) Trustmarque Solutions announced today that it has created an effective licence position (ELP) for NWAS for four major vendors using a Snow Hosted Managed Service.

As a result, NWAS can now accurately obtain the licensing position of all its installed software. The hosted service has enabled the Trust to monitor its entire estate across Cheshire & Mersey, Lancashire, Cumbria and Greater Manchester Areas. Commenting on the implementation, Kate Cushion, IT Security Manager at NWAS said:

“Since deploying Snow Inventory via the Hosted Managed Service the North West Ambulance service is now aware of the licensing position of four major vendors and we are working towards that same knowledge for all vendors that are in use within NWAS. Moving forward, using Snow is continuing to help NWAS to proactively manage our licensing due to ease of use and the metering data it provides.”

The Licence Management element of Snow is exceptional compared to that of many other software asset tools, many of which merely act as “sniffers” providing meaningless licence information that can be a nightmare to manage. Trustmarque’s Snow specialist consultant, however, has provided training, knowledge transfer and a policy and procedure review to enable NWAS to continue using Snow, ensuring ongoing software compliancy.”

Since implementing Snow, NWAS has a better understanding of how software is being used by the Trust and it can make informed decisions when reviewing software licensing budgets. NWAS now has the opportunity to re-harvest any unused licences and avoid unnecessary purchases, and can remain confident that it is software licence compliant should it face a vendor audit. 

Formed in 2006 by combining a number of smaller NHS ambulance services, the NWAS NHS Trust serves the Greater Manchester, Cheshire & Mersey and Cumbria & Lancashire areas making it the largest NHS Ambulance Service in England.

However, merging these NHS trusts from across a large area left the NWAS with a problem; it lacked a comprehensive view or adequate control over the software licensing systems for the whole NHS trust. Whilst a Software Asset Management (SAM) tool was in place, NWAS found that it was failing to meet its requirements for both asset discovery and metering of applications. Alongside this, the tool was not proving to be user friendly which was compounded by a lack of support from the tool’s suppliers.

NWAS required a Software Asset Management tool which could effectively discover, monitor and report on the Trust’s software use across a wide number of systems.  NWAS approached Trustmarque and based on Trustmarque’s expertise in the Snow Software Inventory Tool, the decision was made to implement this software and host it off site at Trustmarque’s York data centre.

Initially NWAS chose to analyse four vendors and Trustmarque then produced the Effective Licence Position (ELP) for each vendor. Trustmarque advised on how this compliance view was achieved and in addition gave recommendations on how to avoid the situation recurring.  The Training and ongoing support provided by Trustmarque has enabled staff to get the most from the new SAM tool. During the SAM review the licensing agreements for the NHS in England changed and Trustmarque will be working with NWAS to help it understand its new position and what is required moving forward. 

David Marriott-Lodge, Services and Solutions Director at Trustmarque comments, “It’s fantastic to see a public sector organisation investing in software asset management. Many organisations are still unsure of the value in SAM but it’s clear from this example that it can be extremely effective. With the added pressure of the recent spending review it’s vital that public sector organisations establish what software they are actually using and the licensing requirements of their vendors. There are many organisations who are paying large sums of money for licences they do not need.”

Earlier this year, Trustmarque gained a place on the government IT framework for Commoditised IT Hardware and Software (CITHS), previously known as Catalist.  Trustmarque is one of just ten companies to be awarded a framework agreement for a position on the prestigious software supplier list with preferred adviser and provider status to both central (civil) government and the wider public sector.

The Trustmarque Work Smart Cost Savings Campaign was launched on 1st September 2010 and is geared towards helping public sector organisations drive out costs. For more information visit www.trustmarque.com/worksmart.

Trustmarque has been providing value added services to customers since it was founded in 1987 and is now one of the UK’s largest Value Added Resellers.  Trustmarque brings together years of knowledge plus a strong track record of delivering successful IT enabled projects for customers that realise positive business outcomes.  Trustmarque delivers solutions across six key areas: Business Solutions, Information Security, Infrastructure Services, Technology Optimisation Solutions, Managed Licence Services and Unified Communications.

Trustmarque is also a Microsoft Large Account Reseller (LAR) with Microsoft Gold Certified Partner status, as well as partnering with many other major vendors in the IT market, such as: Adobe, Business Objects, CA, Citrix, McAfee, Novell, Nuance, Sophos, Symantec, Trend, VMware and Websense to name but a few.

Trustmarque Solutions has worked with The CarbonNeutral Company (formerly Future Forests) leaders in the field of carbon management and climate change solutions to become a CarbonNeutral® company.

Source: C8 Consulting Ltd

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Mobile Users Three Times More Vulnerable to Phishing Attacks

Trusteer recently gained access to the log files of several web servers that were hosting phishing websites. Analyzing these log files was an interesting exercise. Specifically, they provide visibility into how many users accessed the websites, when they visited them, whether they submitted their login information, and what devices they used to access the website. Here are a few interesting findings from these logs:

1) Mobile users are the first to arrive

2) Mobile users accessing phishing websites are three times more likely to submit their login info than desktop users

3) Eight times more iPhone users accessed these phishing websites than Blackberry users

1) Mobile users are the first to arrive

As soon as a phishing website is broadcast through fraudulent email messages the first systems to visit it are typically mobile devices.

This makes sense since mobile users are "always on" and are most likely to read email messages as soon as they arrive. Meanwhile, desktop users only read messages when they have access to their computer. Also most fraudulent emails call for immediate action. For example, they usually claim that suspicious activity has been detected in the user’s account and that immediate action is required. Most victims who fall for this ploy will visit the phishing site quickly.

The first couple of hours in a phishing attack are critical. After that many attacks are blocked by phishing filters or taken down. Hence Mobile users are more likely to be hit by Phishing just because they're "always on".

Here are some mobile user-agent fields spotted in the log files:

iPhone

Mobile Safari: Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_0 like Mac OS X; en-us) AppleWebKit/532.9 (KHTML, like Gecko) Version/4.0.5 Mobile/8A293 Safari/6531.22.7

iPad

Mobile Safari: Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B367 Safari/531.21.10

Android

Mobile Safari: Mozilla/5.0 (Linux; U; Android 2.2; en-gb; HTC_Desire-orange-LS Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1

BlackBerry

Blackberry Browser: BlackBerry8520/5.0.0.681 Profile/MIDP-2.1 Configuration/CLDC-1.1 VendorID/123

Mobile Safari: Mozilla/5.0 (BlackBerry; U; BlackBerry 9780; en-GB) AppleWebKit/534.1+ (KHTML, like Gecko) Version/6.0.0.294 Mobile Safari/534.1+

Symbian

Symbian Browser: Mozilla/5.0 (SymbianOS/9.3; Series60/3.2 NokiaE72-1/031.023; Profile/MIDP-2.1 Configuration/CLDC-1.1 ) AppleWebKit/525 (KHTML, like Gecko) Version/3.0 BrowserNG/7.2.3.1

2) Mobile users accessing phishing websites are three times more likely to submit their login info than desktop users

Most users who access phishing websites do not submit their personal information. Some submit fake information. However, compared with desktop users, mobile users are three times more likely to submit private information once they access a phishing website. Why do mobile users trust phishing websites more? One explanation could be that it's harder to spot a phishing website on a mobile device than on a computer. As a research experiment, we compared the user experience of accessing a phishing website on a Blackberry and an iPhone. Here’s what we found:

BlackBerry:

It's very difficult to tell whether an email is fraudulent since the “From” field doesn't include the sender's address but rather the name of the sender (such as ACME Bank). Some users could interpret that the device "trusts" the sender more because it is just shows the name and not the full address. Although email addresses can be spoofed, if the entire address is visible and appears “phishy”,  certain users will not click through the link in the message.

In HTML mail (the most common format for fraudulent messages) when a link is embedded as a href such as <a href="http://www.acmebank.com">Click Here to Login</a> hovering over the link will not reveal the actual address. When the user clicks on the link the BlackBerry device presents the following message: "Continue to" with the real address appended. Due to the limited screen size, if the URL is long enough and well crafted (e.g. starts with www.acmebank,com.vdgrtgrt ...) it is hard to detect that the URL is not legitimate.

Once the BlackBerry switches to the browser and starts loading the phishing website the top bar shows the website name created by the fraudster (e.g. Welcome to ACME Bank) and the real address is not presented. If the phishing website is a good clone of the authentic bank’s website (and most are) there is no easy way of determining that the website is fraudulent.

iPhone:

The experience on this device is similar to the BlackBerry until the user clicks on a link. iPhone devices don't ask the user if they want to open the URL. They automatically load the page. Unlike the BlackBerry, the iPhone does have an address bar. However, due to size limitations only the beginning of the URL is shown. Here again, if the URL is well crafted (e.g. www.acmebank,com.vdgrtgrt ...) it's hard to detect that the URL is not legitimate.

Based on our findings, it is equally difficult to spot phishing websites on BlackBerry and iPhone devices.

3) Eight times more iPhone users accessed these phishing websites than Blackberry users.

!cid_image001_png@01CBAC04

According to Comscore's October 2010 U.S Mobile Subscriber Market Share (http://www.comscore.com/layout/set/popup/layout/set/popup/Press_Events/Press_Releases/2010/12/comScore_Reports_October_2010_U.S._Mobile_Subscriber_Market_Share) report BlackBerry devices (RIM) are still the market share leader in the US with almost 36% compared to iPhones (Apple) with 26%.

Then why are more iPhone users accessing phishing websites? One explanation could be that Blackberry users, many of which are issued their device by a business, are more educated about Phishing threats and thus less likely to click these links, and have better protection on their mail servers. Although we don’t have any data to validate this theory, if in fact the iPhone is more commonly used in the private sector then this is a very plausible reason for these findings. Also, the message that Blackberry devices present when a user clicks on the link in a Phishing email may discourage a certain percentage of victims from proceeding to the phishing website. Another possibility is that the Comscore market share numbers are inaccurate, and the iPhone has a greater market share than currently documented.

Recommendations:

Mobile users – never click on links in email messages, since it is difficult to determine who sent the message, what the destination address is, and what consequences may occur (phishing, malware, scam, etc.)

Banks – When customers access a web application using a mobile device, we recommend presenting them with a noticeable welcome message that reminds them to:

· Never click on links in email messages or on the web that claim to take them to the bank’s website.

· Always type the bank's address in their browser.

· Download a secure mobile browser (Trusteer offers one) that can protect them against mobile threats.

For more information see http://www.trusteer.com/blog

Source: Eskenzi PR Ltd.

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Healthcare Focus Just What the Doctor Ordered for BridgeHead Software in 2010

Healthcare Storage Virtualization (HSV) specialist grows 40 per cent in 2010 as hospitals in North America and EMEA respond to BridgeHead's unique healthcare data and storage management offerings

Woburn, MA, US and Ashtead, UK - January 11th, 2011 - BridgeHead Software, the Healthcare Storage Virtualization (HSV) company, announced today that its year-over-year income had increased 40 per cent for fiscal year 2010, which ended on September 30. BridgeHead attributed its dynamic 2010 growth to its singular focus on developing and delivering data and storage management offerings that meet the unique needs of the healthcare market.

Just 24 months ago, as the world faced a severe financial crisis, BridgeHead Software underwent a re-organization. Both operations and products were realigned to focus specifically on the healthcare market - a natural strategic evolution given that BridgeHead had already exhibited expertise and a track record of success in this area. This new focus on healthcare has paid off for BridgeHead; the company has grown organically and sustained five consecutive quarters of profitability.

By specializing in healthcare, BridgeHead has been able to capitalize on the US HITECH Act, which provides federal funds for hospital adoption of electronic health records (EHRs), as well as pro-actively developing solutions for the backup and archiving of MEDITECH's health care information system (HCIS) software release. The vertical focus on healthcare has also enabled BridgeHead Software to renew its appeal to NHS trusts in the UK, despite its exclusion from the National Programme for IT (NPfIT) vendors list, and make headway into European public healthcare.

This year, BridgeHead introduced the concept of Healthcare Storage Virtualization (HSV), offering hospitals a new approach to understanding and overcoming some of the difficulties around data and storage management. In essence, HSV enables software applications to be separated from the allocation and management of the physical storage hardware on which the application data resides. This gives healthcare organizations more choice, flexibility and control over the way data is accessed, protected and managed. Ultimately, HSV enables better utilization of existing and future hardware resources and, more importantly, the efficient use of critical electronic patient data. A newly released whitepaper entitled - "Healthcare Storage Virtualization: A New Way of Thinking About Your Data and Storage Management Challenges" is currently available for download.

"Over the course of FY 2010, BridgeHead has reaped the benefits of its reinvention as the Healthcare Storage Virtualization company. In changing our company strategy, we've invested heavily across every division, including the recruitment of new personnel both in our UK and US offices. One of our primary initiatives has been on product development to ensure that we deliver a valuable suite of solutions to hospitals that overcome their specific data and storage management challenges," said BridgeHead founder and CEO Tony Cotterill. "The number of hospitals buying and implementing our technology is a strong validation of BridgeHead's vision: to support the Electronic Health Record and empower healthcare IT to meet their growing storage needs without compromising on current hardware brand or media type."

How BridgeHead Solves Hospital Data and Storage Management Challenges

As it works to solve the data management challenges unique to healthcare organizations, BridgeHead Software has zeroed in on many of the storage pain points that bedevil hospitals all over the world.

Hospitals face a massive upsurge in data growth fueled by the adoption of Electronic Health Records (EHRs) as well as proliferation of DICOM images generated by increasingly prevalent scanning devices. This data tsunami has swamped many hospitals' disaster recovery strategies. As they struggle to manage and control rising healthcare data by purchasing more storage hardware, these same hospitals have also watched their IT budgets ebb away. Because BridgeHead's products and services help hospitals navigate this flood of storage, the company has experienced a rising demand for its healthcare-specific offerings.

Over the past year, BridgeHead has added a significant number of new healthcare customers both in North America and EMEA, expanding its footprint within its existing base. For many of these hospitals, BridgeHead's HSV architecture is providing a long-term roadmap for an effective healthcare disaster recovery (HDR) strategy as well as a blueprint for bringing data management and storage costs under control.

In the United Kingdom, BridgeHead Software has enjoyed increasing levels of interest from the NHS. David Brown, Head of ICT for recent customer The Rotherham NHS Foundation Trust, expressed support for BridgeHead's healthcare-centric approach to storage and data management.

"Clearly for us, and other Trusts, data protection, security, management and storage is absolutely critical to underpin our wider IT initiatives," he explained. "This is why our

relationship with BridgeHead Software has become so important. BridgeHead specializes only in the healthcare market, so they are well placed to understand our data, our hospital environment and our industry; and we're delighted with their progress to date. Over the course of this project, we have been really impressed by the wide range of solutions they offer in backup, disaster recovery and archiving, for both clinical and administrative data. Their knowledge of healthcare makes them a hugely valuable partner - plus, as their products are vendor agnostic, integration with existing systems is not an issue."

BridgeHead Software's largest customer footprint resides in the US where operations run out of Woburn, in the Greater Boston area. As one of BridgeHead's long-standing customers, Mark Middleton, Director of IT Infrastructure at CHRISTUS, commended the company on its expertise regarding data protection from its backup and disaster recovery solutions. "BridgeHead's technology manages all the disk and tape storage media, dynamically allocating volumes and managing the sophisticated archive retention cycles we have set up. This ensures that we are meeting our recovery point and time objectives and data availability commitments in the event of operational failure, disaster, or corruption."

Teaming With Storage Industry Leaders

Over the past 12 months, BridgeHead Software has forged new partnerships with leading storage hardware vendors Dell, Oracle and Iron Mountain while continuing to build on its existing relationships with partners MEDITECH, DB Technology and Perceptive. Dell, Iron Mountain and Oracle have combined their hardware with BridgeHead's software solutions to create comprehensive data and storage management offerings designed specifically for the healthcare industry.

Dell and BridgeHead's joint Medical Archive solution combines the strength of Dell's hardware offerings with the pedigree of BridgeHead's healthcare data management software to create a holistic and fully interoperable enterprise solution for hospitals looking to take control of their digital patient and administrative information. The underlying technology for the joint solution consists of BH MediStore® and BH OfficeStore® from BridgeHead and the DX6000 Object Storage Platform from Dell.

Brett Roscoe, worldwide marketing lead for Dell Enterprise Storage, commented, "We continue to see an exponential growth of storage in healthcare where more and more information is being stored digitally. Organizations require integrated hardware and software solutions that enable them to efficiently store, manage and discover their digital content. Working with Bridgehead Software, we are able to offer customers our storage platform with an industry-leading medical archiving solution from a proven information management leader."

Iron Mountain, the information management company, and BridgeHead's healthcare archiving solution, offers hospitals the opportunity to overcome some of their data management challenges by migrating older content to the Iron Mountain cloud. This significantly relieves the pressure on the hospital's current infrastructure, allowing it to redeploy existing storage assets in a more efficient and effective way (and delaying the need for a storage refresh) while helping with the creation of a "working" and robust backup and disaster recovery strategy - archiving static data into the cloud can reduce the primary backup stream by approximately 80 per cent. And all this with the flexibility, predictability and scalability that comes as part of a cloud solution.

"Hospitals need to have flexibility in their data backup processes to intelligently and cost-effectively handle the needs of the organization for today and in the future," said Ken Rubin, senior vice president and general manager, Healthcare Services for Iron Mountain. "The combined strength of BridgeHead's healthcare data management expertise and Iron Mountain's cloud archiving and disaster recovery capability answers this need. Not only will customers benefit from archiving data to the Iron Mountain cloud with BridgeHead, they can also leverage the solution for offsite backups. Instead of creating backup tapes that must then be removed from a tape library and transported to an offsite location, BridgeHead customers can transfer these backups electronically to redundant, geographically separated databunkers via the Iron Mountain cloud."

BridgeHead Software also worked with Oracle to create HEAT (Healthcare Enterprise Archive Topology), an intelligent archive management architecture that delivers cost effective, long-term data quality and retention for compliance management of healthcare data. Based on an HSV approach, HEAT enables hospitals to combine storage management software from BridgeHead with Oracle's Sun Fire x86 X4270 M2 systems and Oracle's Sun storage and tape systems, including the Sun ZFS Storage Appliance product line and StorageTek SL48 or SL500 Modular Library System to optimize data access and preservation while automating storage management and controlling both capital and operational costs.
Storage and Healthcare Experts Join the Team

To support its focus on the healthcare market, BridgeHead made several strategic additions to its executive leadership team. Michael Ball, PhD, was appointed to the newly created position of senior vice president, North America, and is based at US headquarters in Woburn, MA. Dr. Ball has more than 25 years of marketing and business development experience in the healthcare and IT industries. He comes to BridgeHead from InfoMedics where he was vice president of marketing and professional services for four years.

BridgeHead also appointed two senior executives to new positions in its Ashtead, UK headquarters: Tony Tomkys, director of sales, EMEA, and John McCann, director of marketing.

A seasoned sales professional with over 27 years of experience in IT, Tomkys aims to further increase BridgeHead's UK customer footprint in the NHS and private healthcare sector and will drive pan-European initiatives. He joins BridgeHead Software from CommVault, where he was Business Director for Public Sector. Before that, he held a range of positions from direct sales through to channel management and marketing at companies such as Steria, Morse, HP, Unisys and Apple.

As BridgeHead's director of marketing, John McCann is tasked with overseeing the creation and execution of worldwide marketing strategies that support business growth. With over 15 years experience specializing in B2B IT marketing, McCann came to BridgeHead from Micro Focus where he managed field marketing for the U.K. and Northern Europe. Prior to that, he held positions at software vendors Borland and ADP.

Product Upgrades and Introductions

In addition to rolling out its Healthcare Storage Virtualization architecture, BridgeHead also introduced enhancements and additions to its three core product lines in 2010.

BH MediSafe provides the foundation for an effective healthcare disaster recovery (HDR) strategy. By understanding the profile of healthcare data, BridgeHead is able to provide a product set that can more effectively protect healthcare data - not only rapidly changing primary, dynamic data, but also the large volumes of rarely accessed and static tertiary data that hospitals create. A newly released whitepaper entitled - "Healthcare Disaster Recovery: Why Disaster Recovery is Different in Healthcare" is currently available for download.

BH MediStore leverages BridgeHead's underlying and common storage virtualization and data management services to provide a comprehensive solution for managing the clinical and administrative aspects of healthcare data and thereby underpins the electronic health record (EHR). BH MediStore manages and stores: DICOM data for the storage of medical images, scanned documents, and unstructured data files.

A 2010 addition to the MediStore line, BH PACStore®, manages long-term storage and retrieval of PACS imaging data to create a robust, flexible and cost effective enterprise DICOM storage infrastructure. With BH PACStore, healthcare organizations can automatically retain PACS data in a highly protected geographically dispersed fashion and use the most cost effective storage systems dependant on the content's age and value.

BH OfficeStore is a comprehensive solution for the long-term archiving and secure maintenance of all hospital office data, regardless of its original location. By archiving existing content and providing an ideal location for all new user-generated unstructured content, BH OfficeStore relieves the pressure on primary storage and reduces the cost of data ownership.

"In the year to come, BridgeHead Software looks forward to supporting its existing healthcare clients as they move closer towards a full Healthcare Storage Virtualization architecture and implement more of our products," said Cotterill. "At the same time, BridgeHead will be filling out its product offerings both through continued enhancement to our existing products and through the acquisition of products that complement our own."

Healthcare Data Management Thought Leadership

BridgeHead continues to evolve and grow its position as a healthcare data management thought leader. The company published the BridgeHead Software 2010 International Data Management Healthcheck, which measured IT spending by healthcare organizations.

BridgeHead Software, the Healthcare Storage Virtualization (HSV) company, offers a scalable, future-proof platform to overcome rising data volumes and increasing storage

costs while delivering peace of mind around the access, availability and protection of critical electronic patient data. Trusted by more than 1,000 hospitals worldwide, BridgeHead Software solves healthcare organization's backup, recovery and archiving challenges. BridgeHead's HSV solutions are designed to operate with any hospital's chosen software applications and storage hardware, regardless of vendor. This presents healthcare organizations with greater choice, flexibility and control over the manner in which data is accessed, protected and managed. The net effect? Better utilization of hardware resources and, more importantly, the efficient distribution, availability and use of vital healthcare data.

To learn more about BridgeHead Software, visit: http://www.bridgeheadsoftware.com

Follow BridgeHead Software on Twitter at http://www.twitter.com/BridgeHeadHSV

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.