ICT Review

Cool Stand – Product Review

2012-01-20T11:34:00.001-08:00

Review by Michael Smith (Veshengro)

The Cool Stand strikes me as a very innovative design especially in its simplicity and which I find works fine but... and here come my caveats:

As not all Laptops and Netbooks have a flat surface at near the very edge of the back, the place, however, where the Cool Stand must be affixed so as not to overbalance the computer.

While the hook and loop fastener used for affixing the Cool Stand works fine but if the Cool Stand is being removed frequently, as will be the case if and when the computer does lots of travelling, it will wear out. Also the fastener surfaces could become clogged with dust and other materials, especially if the Cool Stand is removed and carried in a bag, as, as said, will be the case if the computer goes on travels.

Having said that, however, if it does wear out such strips as have been used can be bought at hardware stores, haberdashery stores and some supermarkets, at least in the UK. The only difference being that those available are predominately white in color.

I received this device as per my request from the makers and although my laptop (a Fujitsu-Siemens Amilo) is not the ideal candidate for it due to the way the stand affixes to the bottom of the laptop on the back, as said above, and considering the fact that the connectors for head phone and microphone – important in my job – are in the front, it nevertheless worked out by using an wrist rest intended for a keyboard under the front of the laptop as can be seen from the photo.

Read the rest here…

Google Chrome claims to be fastest web browser

2011-12-22T10:23:00.001-08:00

by Michael Smith (Veshengro)

Google Chrome claims to be fastest web browser but this claim does not hold water, as far as my tests are concerned. The fastest browser that I have found is Opera and NOT Google Chrome. Chrome takes 10x longer to load than Firefox and also IE, and I found it to be very unstable and unreliable.

Firefox also tends to freeze, especially some of the recent builds, while, so far, Opera has remained stable. I do prefer Firefox, however, because of the many add-ons and the way it organizes the bookmarks.

While you find many Downloaders recommending Google Chrome, over Firefox even recently, and definitely over Opera, both of which are free in the same way as Chrome, Chrome really, at least not as far as I have found in use, does not stand up to their claims.

Chrome is also, and we must remember that, and thus it makes it no better, on Mozilla Firefox and, as is Opera.

There are people that I have encountered who claim that Google Chrome works great and is very fast (in comparison to what? Internet Explorer?) in my experience that has not been borne out and not just one one operating system and machine.

Firefox and Opera beats Chrome hands down in speed and reliability with Opera being faster to start and connect than even Mozilla Firefox.

Google Chrome now also claims aside from being the fastest web browser the safest and I would be very suspicious there with the latter as the former, as we have just discussed, does certainly not live up to findings.

I have never experienced as may false starts and issues with any other browser as I have with Google Chrome. From taking ages to start up, insisting to load the home page. Blank page is not an option, it would seem.

Whatever one may try loading pages on Google Chrome, as far as my systems are concerned, takes up to a minute to two – if it does not crash – and that with a high-speed broadband connection. Even Internet Explorer works better and faster than does Google Chrome.

As in so many fields, whether in the green one or the IT one, not every claim is true and lives up to its promises.

Hackers infect websites to dupe Internet users

2011-04-10T10:50:00.001-07:00

By Michael Smith (Veshengro)

The computer security firm Websense has issued a warning that hackers have infected a large number of websites with malicious code designed in such a way as to dupe Internet users.

Hundreds of thousands of legitimate websites have been booby trapped to redirect visitors to "lizamoon" addresses where they are greeted with bogus warnings that their computers have been compromised, so says Websense.

The ruse is designed to frighten people into downloading and installing fake anti-virus software, referred to as "scare-ware," portrayed as a Windows Security Center.

People who fall for the ploy, perhaps even paying for downloads, are actually installing malicious software that hackers can use to their advantage.

We have been here already a couple of years back and we are here, once again. People do not seem to learn.

The moral of the story: When a website tells you that your computer has been compromised by viruses, etc. do not believe the message. There is no website that does do that unless it is a security software site where you, actually, physically, have initialized a scan.

No website, let me reiterate that, has the facility to scan your computer for viruses, etc., and thus is not able to know whether or not your computer is comprised, and therefore any such message is a fake and should be ignored and you should leave that site pronto.

No anti-virus software is as good as a suspicious mind and I would advise that you treat each and every message that pops up on a website as suspicious and as a potential threat.

I further suggest that you (a) get yourself a safe browser – Firefox is a good one – and all add-ons that can make browsing safer. Firefox does have sensors on board that will tell you when it suspects a site to be unsafe, displaying behavior that may indicate that something is amiss and also places that have unsafe security certificates.

Let's be careful out there...

Origin Storage says Canadian health data theft highlights case for multi-layered drive security

2011-03-18T09:45:00.001-07:00

Basingstoke, 18^th March 2011 - Reports from Canada about the theft of a hospital hard drive containing photos and videos of patients shows how easy it is for data drives to go missing in public areas, says Origin Storage.

And, says Andy Cordial, the MD of the storage systems specialist, the drive theft incident at Misercordia Hospital in Edmonton, Alberta, shows that - no matter what security policies an organisation has in place surrounding data security - hard-pressed staff will often take the easy option and ignore procedure.

"So what is the solution? Clearly security policies surrounding the security of patient data were in place at this hospital, but they just weren't followed, so the answer has be to introduce multiple layers of security, which staff simply cannot circumvent, even if they want to," he said.

"Our own DataLocker range of PIN-protected portable hard drives (http://bit.ly/2vb6y9) is a good example of a multi-layered security system. Users can still have the benefit of AES encryption on the drive for security, but as an added measure, users must also know the passphrase of the security unit, without which they cannot access the data," he added.

According to Cordial, had the Edmonton hospital used such a device even if the thief walked off with the drive, the unit would have locked automatically, meaning that access to the data would have been prevented.

Using this approach to data security, says the Origin Storage MD, is an ideal way of bolstering the existing data security defences in an organisation, in situations where existing IT security policies cannot be fully applied.

Origin's observations amongst its many customers, he says, is that data needs protecting whether it is at rest or in transit and, whilst encryption offers an excellent form of protection, adding extra layers of security in portable or back-up situations makes a lot of sense.

"Had this incident happened in the UK, the Information Commissioners Office would have been on to the health body concerned very quickly indeed, and at the very least, publicly secured a written guarantee from managers that a change of security procedures – to prevent a recurrence - would take place,” he said.

“That means that management heads will roll if an infringement of the Data Protection Act occurred again. This sort of incident - and the consequential publicity plus investigations that result - has a curious habit of significantly grabbing managerial attention," he added.

"Using multi-layered technology can not only avoid a data loss for whatever reason, it can also avoid dragging your organisation's reputation through the mud, as has clearly happened with this hospital."

For more on Origin Storage: www.originstorage.com

For more on Edmonton hospital patient data disk theft: http://bit.ly/fNb5IX

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Venafi survey reveals enterprises plagued by epidemic of stolen and lost digital certificates

2011-03-17T06:01:00.001-07:00

78% of organisations have experienced downtime due to mismanaged encryption this year

London – March 16, 2011 – Venafi, the inventor of and market leader in Enterprise Key and Certificate Management (EKCM) solutions, today announced the shocking findings of its 2011 Venafi Encryption Key and Digital Certificate Management Report. The report reveals that organisations are deploying increasing numbers of digital certificates and encryption technologies, but that these security assets are also becoming lost, stolen and unaccounted for in epidemic proportions. Ironically, digital certificates and encryption keys are critical components of all information security programs, but they become dangerous liabilities when they go missing and find their way into the wrong hands.

Jeff Hudson, CEO of Vanafi said: “It is well documented that digital certificates played a key role in the Stuxnet attack that destroyed multiple centrifuges in an Iranian nuclear facility, and it is widely accepted that lost encryption keys can provide malicious insiders access to valuable corporate information revealed on high–profile whistle–blower sites such as WikiLeaks. Venafi compiled results from market and analyst report research, from a 471–respondent survey that included managers up to C–level executives from enterprise–class organizations within multiple industries, and from prior market surveys. The findings are shocking.”

Respondents surveyed reported the following:

51 percent stated they had experienced either stolen or unaccounted-for digital certificates, or that they were uncertain if their organisations had lost, stolen or unaccounted–for digital certificates in general.
54 percent stated they had experienced either stolen or unaccounted for encryption keys, or that they were uncertain if their organisations had lost, stolen or unaccounted for encryption keys in general.

Exacerbating the problem is the volume and diversity of encryption technologies and certificate authorities (CAs) organisations must deal with on a daily basis. The number of encryption assets in their inventories grows regularly, and scattered individuals and teams frequently manage them. According to the survey findings:

46 percent of organisations are managing at least 1,000 digital encryption certificates; 20 percent are managing more than 10,000.
83 percent of organisations are managing technologies from at least two different CAs; 18 percent are dealing with more than five.
88 percent of organisations have multiple administrators managing encryption keys; 22 percent have more than 10.
42 percent of organisations manage encryption technologies from at least four vendors; 8 percent are dealing with more than 10.

Fifty–nine percent of the respondents surveyed worked in organisations with more than 5,000 employees. Respondents' organisations spanned a wide range of industries, including high tech, telecommunications, banking/financial services, energy/oil and gas, government, aerospace, manufacturing and retail. Among the respondents was one of the world's largest food distributors and consumer retailers. To access the complete report, visit: www.venafi.com/market-data.

Learn More about Venafi and Customers at Infosecurity 2011

This announcement comes on the heels of the recently announced Venafi Encryption Director 6 product release. Director 6 is recognised by customers and analysts as the only security platform that can fully automate EKCM processes that allow organisations to automate discovery, monitoring, validation, management and security of the most commonly used encryption assets. During Infosecurity 2011, 19^th to the 21^st April 2011 in London, Venafi will be providing on–demand demonstrations of Director 6 in its booth (# AA52) during exhibition hours.

About Venafi

Venafi is the inventor of and market leader in Enterprise Key and Certificate Management (EKCM) solutions. Venafi delivered the first enterprise-class solution to automate the provisioning, discovery, monitoring and management of digital certificates and encryption keys—from the desktop to the datacenter—built specifically for encryption management interoperability across heterogeneous environments.

Venafi products reduce the unquantified and unmanaged risks associated with encryption deployments that result in data breaches, security audit failures and unplanned system outages. Venafi customers include the world's most prestigious Global 2000 organizations in financial services, insurance, high tech, telecommunications, aerospace, healthcare and retail. Venafi is backed by top-tier venture capital funds, including Foundation Capital, Pelion Venture Partners and Origin Partners. For more information, visit www.venafi.com.

There are no zombies in Denver, Colorado says SecurEnvoy

2011-03-17T06:00:00.001-07:00

16/3/2011 , London - An amusing incident involving a Denver, Colorado digital road sign that was hacked to display `Zombies Ahead' has been highlighted by SecurEnvoy as a classic demonstration of the need for transparent authentication.

"The Denver incident at the weekend - amusing though it was - centered on the fact that someone opened an unlocked control panel and reprogrammed the warning road sign," said Andrew Kemshall, technical director with SecurEnvoy, the pioneers of tokenless authentication.

"The $64,000 question, once the laughter has died down, is why the highways authority didn't use some form of security, and the answer is that conventional security with its tokens, often just gets in the way of people doing their job," he added.

But, says Kemshall, what if the highway staff were able to authenticate themselves to the road sign - and all manner of emergency highway equipment - using their smartphone?

Let's face it, he adds, almost everyone carries a mobile with them these days, and highway workers in the US are no exception, as they probably use them to communicate with their colleagues and, of course, their base.

But the director of technology with SecurEnvoy went on to say, what if that same mobile could act as an authenticator to many other electronic systems, and not just digital road signs?

It could, for example, allow managers on the highway to enter staff worksheets online, via the regular Internet, but authenticating themselves without the need for passwords and tokens. Just type in your ID to the Web site, and a mobile phone, key in the returned electronic token number, and away you go - securely.

Just as smartphones have revolutionised the security of lone worker employees - a legal requirement in many organisations - so the smartphone can also be used to securely authenticate users without the need for an easily-lost two-factor authentication (2FA) token.

"As we've seen amongst the banks, who are now moving to 2FA devices to enhance online banking security, IDs and passwords are no longer enough to secure online systems - unless you happen to be the memory man and can remember a 12 digit alphanumeric with upper and lower case digits," said Doe.

"This is what makes the Denver, Colorado Zombies road sign incident such a key example of what can happen when security fails because it is too cumbersome and if it’s happened in the US, how long before it happens here. If the workers had been able to use their mobiles to authenticate themselves, this saga wouldn't have occurred," he added.

"This incident may be funny, but it could have been quite nasty if the hacker hadn't been so humorous. All sorts of traffic panic situations could have occurred, and that really is not good."

For more on SecurEnvoy: www.securenvoy.com

For more on Zombie road signs in Denver, Colorado: http://bit.ly/elUaSz

Idappcom blames hacktivists for SpyEye DDoS enhancements

2011-03-17T05:58:00.001-07:00

14^th March 2011 - The blame for a DDoS - distributed denial of service - enhancement being added on the infamous SpyEye ebanking malware has been laid at the feet of the WikiLeaks hacktivists by Idappcom.

According to the data traffic analysis and security specialist, it was almost certainly the development - and propagation - of the LOIC DDoS utility by supporters of the Anonymous hacktivist group)

http://bit.ly/aPn34c) that spurred cybercriminals into adding the `feature' to SpyEye.

"What we have been witnessing in the black hat hackersphere these last few months is a mirror image of evolutions in the so-called white hat security arena," said Anthony Haywood, Idappcom's chief technology officer.

"The development of the Low Orbit Ion Cannon DDoS utility showed that it is possible for a few concerted Internet users to stage a powerful DDoS attack on major sites such as MasterCard (http://bit.ly/fP0oJr) and this, in turn, made the cybercriminals behind SpyEye realise its potential and add the `feature' the online banking trojan," he added.

The Idappcom CTO went on to say that, had the Anonymous/WikiLeaks DDoS utility not been developed, then the world - on both sides of the white/black hat hacker divide - would have remained largely ignorant of what a powerful weapon a DDoS utility is.

SpyEye, he explained, is a form-grabbing trojan horse malware that operates in a similar manner to Zeus but has been marketed by cybercriminals as a lower-cost alternative darkware application that heists banking credentials from infected users' PCs.

The irony of the DDoS enhancement to SpyEye, Haywood says, is that it will push the price of SpyEye rentals to cybercriminals, and so increase the revenue stream for the developers of the trojan.

"Idappcom's in-depth research into darkware-driven side of Internet traffic, makes us realise what a breakthrough the DDoS enhancement to SpyEye really is. We already know that the development team behind the Zeus trojan has also been working on SpyEye since last October (http://bit.ly/h4IW6l) so it can only a matter of time before Zeus gets this enhancement as well," he said.

"This development really is bad news for those users of the Internet who access their banking system online, as it breathes new life into SpyEye, and prolongs the agony of online banking cybercrime," he added.

"It's to be hoped that the citizen evangelists realise the immense mistake they made in developing such a powerful cybercrime weapon as the LOIC utility, and that the genie really is now well and truly out of the bottle."

For more on the SpyEye DDoS enhancements: http://bit.ly/gly9nV

For more on Idappcom: www.idappcom.com

ISACA’s EuroCACS Conference Demystifies the Cloud

2011-03-17T05:57:00.001-07:00

Event for IT Professionals Will Take Place 20-23 March, Manchester

London, England, (8^th March 2011)—Global business and information technology (IT) leaders will meet at the European Computer Audit, Control and Security (EuroCACS) Conference in Manchester from 20-23March to share the latest guidance on key IT security and governance issues facing enterprises today. Hosted by ISACA, a global association of 95,000 IT professionals, EuroCACS will examine topics such as virtualisation, outsourcing, governance, risk and compliance, social computing, social networking and human factors, and cloud computing.

EuroCACS will feature 12 sessions that help attendees demystify the cloud.

Urs Fischer, CISA, CRISC, owner of Urs Fischer IT GRC Consultancy, will examine the benefits that cloud computing can offer from the perspective of cutting costs—a key motivation for the migration from in-house services. Mike Small, information security management advisor, will outline the changes to identity and access management that will exist in the cloud environment, and Peter Wood, CEO, First Base Technologies LLP, will share how to improve information security in the cloud.

Robert Stroud, CGEIT, vice president, CA Technologies will be looking into his ‘crystal ball’ to discuss the impact of new technology and emerging trends, including the affect cloud-computing is likely to have on the future of IT.

Prof. John Walker, CISM, managing director of Secure-Bastion Ltd, will address the challenges and risks involved in implementing cloud-based solutions in his session titled ‘Cloud Computing and the Extended Perimeter: New Age Risk Management’. Walker is confident that cloud-based solutions can match, and even exceed, those in place in-house today, within the areas of operational ownership, reducing cost and increasing efficiency.

“Cloud computing provides opportunities of scale, with the ability to switch into and out of services as dictated by operational need,” said Walker. “With the appropriate governance structures in place, cloud computing can add substantial value to an enterprise by allowing for flexibility and potentially reducing costs substantially.”

To learn more about the emerging opportunities and technologies that are available to drive the business, visit www.isaca.org/eurocacs. For a complimentary white paper titled Cloud Computing: Business Benefits With Security, Governance and Assurance Perspectives, visit www.isaca.org/cloud.

About ISACA

With 95,000 constituents in 160 countries, ISACA^® (www.isaca.org) is a leading global provider of knowledge, certifications, community, advocacy and education on information systems (IS) assurance and security, enterprise governance and management of IT, and IT-related risk and compliance. Founded in 1969, the nonprofit, independent ISACA hosts international conferences, publishes the ISACA^® Journal, and develops international IS auditing and control standards, which help its constituents ensure trust in, and value from, information systems. It also advances and attests IT skills and knowledge through the globally respected Certified Information Systems Auditor^® (CISA^®), Certified Information Security Manager^® (CISM^®), Certified in the Governance of Enterprise IT^® (CGEIT^®) and Certified in Risk and Information Systems Control™ (CRISC™) designations.

ISACA continually updates COBIT^®, which helps IT professionals and enterprise leaders fulfill their IT governance and management responsibilities, particularly in the areas of assurance, security, risk and control, and deliver value to the business.

Follow ISACA on Twitter: http://twitter.com/ISACANews

Metro Bank Provide Innovative Approach to Banking and Security with Trusteer

2011-03-17T05:56:00.001-07:00

London, 8th March, 2011 – Metro Bank, the first new high street bank in the UK for 100 years, today announced it has enlisted the Trusteer Rapport secure browsing service to ensure its customers are protected and secure in their online transactions with the bank, from the start. Having experienced exponential growth since its launch in July, a key consideration in Metro Bank’s selection of Trusteer is that it is a proven security technology that can scale in a rapid growth environment moving from protecting a several thousand customers one day to millions the next.

Metro Bank brings a fresh approach to banking in the UK.

As a new entrant to the industry, Metro Bank has the perfect opportunity to benefit from the latest technology and business practice. One such area is online banking where it believes it is important not only to secure customers accessing their bank accounts online, but also when they spend online on other websites, with the mindset that providing adequate protection for all of its customers’ online financial transactions is paramount.

Craig Donaldson, CEO, Metro Bank PLC, explains further, “When we launched in July, we wanted to differentiate our services from other high street banks. We take the security of our customers very seriously and that means we have the best security components available. By adding Trusteer to our armory and offering it as a complimentary service to our customers, we can ensure that not only do we provide an unparalleled customer service experience, but also that our customers’ money is completely safe and secure”.

“By selecting Trusteer, Metro Bank has plugged into the biggest financial attack database on the internet and can immediately leverage the experience of the most attacked brands in the world to protect their customers against malware and phishing attacks,¨ said Mickey Boodaei CEO of Trusteer. “When it comes to being able to detect, analyze, and remove financial threats from customers' computers trusteer has proven over and over again that it’s the fastest and most comprehensive technology in the market today.”

Security Begins At Home

Unfortunately, in today’s threat environment, traditional protection methods (firewalls and antivirus software) are inadequate as criminals are continually striving to find ways to circumnavigate them. Zeus is one such example with its ability to morph making it hard for traditional technology to detect. Providing additional security measures helps everyone bank safely online, even those who are not technically savvy, which helps keep costs down. The strength of Trusteer is that it protects customers at their own PC providing a trusted secure access point to the bank, meaning they can transact securely and provides confidence that everyone is protected – bank and customers.

Trusteer Secures Online Banking

When a Trusteer user browses to sensitive websites such as internet banking, Webmail, or online payment pages, the service immediately locks down the browser and creates a secure tunnel for safe communication with the web site. This prevents malware from injecting data and stealing information entered and presented in the browser. Trusteer also removes malicious financial malware it discovers on protected machines. The service is directly connected to the bank and to a 24x7 fraud analysis service. Attempts to steal money from customers are immediately detected by the bank and are blocked using various layers of protection.

Trusteer Secures Online Spending

When a customer uses their bank card to make an online purchase from a computer protected by Trusteer, the Rapport service automatically detects the action and then prevents fraudsters from intercepting the card number and protects any other personal information entered by the user into the webpage.

About Metro Bank PLC

Metro Bank was co-founded by Vernon Hill and Anthony Thomson. It is based on the successful Commerce Bank model that was established by Vernon Hill in the US in 1973. A UK management team worked with Vernon Hill to help bring this model to the UK market.

Metro Bank operates retail hours, not banking hours. It will be open seven days a week (8am- 8pm Monday to Friday, 8am - 6pm Saturday, 11am - 4pm Sunday and bank holidays), every day of the year apart from Good Friday, Easter Sunday, Christmas Day and New Year’s Day.

Metro Bank PLC. Registered in England and Wales. Company number: 6419578. Registered office: One Southampton Row, London, WC1B 5HA. ‘Metrobank’ is the registered trade mark of Metro Bank PLC.

In relation to acceptance of deposits and provision of investment and insurance services, Metro Bank PLC is authorised and regulated by the Financial Services Authority ('FSA'). In relation to consumer credit business, Metro Bank PLC is licensed and regulated by the Office of Fair Trading and not by the FSA. Most relevant deposits are protected by the Financial Services Compensation Scheme. For further information about the Scheme refer to the FSCS website www.fscs.org.uk.

All Metro Bank products are subject to status and approval.

Metro Bank PLC is an independent UK bank - it is not affiliated with any other bank or organisation (including the METRO newspaper or its publishers) anywhere in the world. Please refer to Metro Bank using the full name.

Metro Bank is led by a talented team of UK Executives:

Craig Donaldson, Chief Executive Officer, formerly Managing Director of Retail Banking at Royal Bank of Scotland
Paul Marriott-Clarke, Managing Director, Retail Banking, formerly Managing Director, Network South, Retail, HBOS
Darren Schindler, Managing Director, Commercial Banking, formerly CEO, Oak Capital Group
Aisling Kane, Chief Operations Officer, formerly Director of UK Operations at Anglo Irish Bank
Mike Brierley, Chief Financial Officer, formerly Director, Business Risk at Barclaycard
Mike Hudson, Chief Risk Officer, formerly Group Head of Risk at Hitachi Capital

Its non-executive directors are:

Stuart Bernau, former Retail Director, Nationwide Building Society
Keith Carby, Co-founder, J Rothschild Assurance
Howard Flight, Founder, Guinness Flight Asset Management
Ben Gunn, former Chief Executive of Friends Provident Life & Pensions
Vernon Hill, Founder of Commerce Bank
Eugene Lockhart, former CEO of Midland Bank and MasterCard International and former President, Global Retail Banking at Bank of America
Graeme Hardie, Senior Adviser on Retail Markets to the Financial Services Authority (FSA)
Anthony Thomson, Chairman, Financial Services Forum

About Trusteer

Trusteer is the world’s leading provider of Secure Web Access services. The company offers a range of services that detect, block and remove attacks launched directly against endpoints such as Man in the Browser, Man in the Middle and Phishing. Trusteer services are being used by leading financial organizations and enterprises in North America and Europe, and by tens of millions of their employees and customers to secure web access from mobile devices, tablets and computers to sensitive applications such as webmail, online payment, and online banking. HSBC, Santander, The Royal Bank of Scotland, SunTrust, Fifth Third, ING DIRECT, and BMO Financial Group are just a few of the companies using Trusteer’s technology. Trusteer is a privately held corporation led by former executives from RSA Security, Imperva, and Juniper. Follow us on www.Twitter.com/Trusteer. For more information about our services, please visit www.trusteer.com.

Source: Eskenzi PR

BitDefender warns Facebook scammers are targeting Twitter

2011-03-17T05:54:00.001-07:00

Evidence suggests authors are looking to replicate their Facebook success

BitDefender^®, an award winning provider of innovative internet security solutions, offers evidence supporting the close connection between the Twitter scam reported by the Sophos naked security blog and a similar Facebook scam.

The BitDefender online threats team traced one of the URLs used to spread the #howlong Twitter attack and based on the advanced statistics provided by bit.ly managed to discover that several Facebook scams such as ‘See your first status’, ‘See who viewed your profile’ and ‘Your top stalker’ had been disseminated from the same user account. This previously tested recipe turns out to be a success among microblogging fans, which confirms that scammers are not necessarily creative but highly profit oriented. Crucially, it also confirms that scams on Facebook are performed by the same people that send scams on Twitter.

Statistics illustrate the proportions of this phenomenon both in point of geographical distribution and click count. For example, two of the malicious URLs used in this scam gathered more than eight thousand clicks. While this may not be an impressive figure in itself, users should be aware that the most frequent scenario is for each Facebook scam wave to use more than two hundred URLs to spread.

George Petre, BitDefender Threat Intelligence Team Leader states, “The similarities between the two scams indicate that their authors did not go to too much trouble when creating them, but that they clearly had efficiency in mind. Considering that social networks are a common layer of all platforms, scam authors may have found the perfect medium in which to cleverly maximise impact and any revenue they may be able to make.”

For the full report please visit Malware City. For a full list of BitDefender 2011 features and benefits by product, please visit www.bitdefender.co.uk or follow BitDefender on Twitter for daily malware alerts.

About BitDefender®
BitDefender is the creator of one of the industry's fastest and most effective lines of internationally certified security software. Since its inception in 2001, BitDefender has continued to raise the bar and set new standards in proactive threat prevention. Every day, BitDefender protects tens of millions of home and corporate users across the globe - giving them the peace of mind of knowing that their digital experiences will be secure. BitDefender security solutions are distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. More information about BitDefender and its products are available at the company’s security solutions press room. Additionally, BitDefender’s www.malwarecity.com provides background and the latest updates on security threats helping users stay informed in the everyday battle against malware.

Analyst report outlines the importance of metadata to prevent data leaks

2011-03-17T05:52:00.001-07:00

When it comes to securing and managing data,
It’s all about the metadata

New Analyst Report Outlines the Importance of Metadata Technology to Manage the Digital Information Explosion and Prevent Future Data Leaks

NEW YORK – March 7, 2011 - Varonis Systems Inc., the foremost provider of comprehensive data governance software, today announced the findings of a Technology Spotlight issued by analyst firm IDC, which outlines the emergence of metadata framework technology as a now critical component for managing and securing unstructured and semi-structured data within an organization.

The report, titled “Leveraging Metadata Framework Technology to Take Control of the Information Explosion,” highlights how the widespread use of collaborative content technologies is fueling the aggressive growth of unstructured and semi-structured data. While collaboration produces highly valuable information, it also introduces significant risk due to increasingly complex and dynamic access control requirements.

“Digital integrity is a critical business differentiator for any organization. The high-profile data breaches in the last three years demonstrate that organizations who fail to protect sensitive data will incur serious regulatory and legal liabilities, along with revenue and market share declines,” said Vivian Tero, program director, Governance, Risk & Compliance Infrastructure at IDC. “Visibility, actionable intelligence and automation are critical to managing the explosion of unstructured and semi-structured content in distributed systems.”

Varonis^® Metadata Framework™ technology is designed to nonintrusively collect critical metadata about unstructured and semi-structured data. Varonis customers have the ability to completely standardize unstructured and semi-structured data protection and management for their file systems, NAS, SharePoint Sites and Exchange mailboxes and public folders with the Varonis Metadata Framework technology that forms the foundation of Varonis software. Organizations can effectively and automatically manage data access control, ownership, classification, entitlements and authorization processes on the platforms that host unstructured and semi-structured data. The Varonis Metadata Framework enables organizations to expand digital collaboration boundaries safely while at the same time significantly increase IT workforce productivity for daily data protection and management tasks.

“The findings of this technology spotlight underscore the need for organizations to have metadata framework technology in place that automates the process of answering the following questions: Who has access to data, who is using their access, who shouldn't have access, who owns the data, and what data is sensitive?’” said Yaki Faitelson, chief executive officer, president and co-founder of Varonis Systems. “With IT departments already stretched thin, the days of manually verifying data entitlements and remediating compliance violations are not only impractical and time consuming, but also detrimental to a company’s bottom line.”

IDC forecasts that the total digital universe volume will increase by a factor of 44 in 2020. According to the report, unstructured data and metadata have an average annual growth rate of 62 percent. More importantly, high-value information is also skyrocketing. In 2008, IDC found that 22 to 33 percent of the digital universe was high-value information (data and content that are governed by security, compliance and preservation obligations). Today, IDC forecasts that high-value information will comprise close to 50 percent of the digital universe by the end of 2020.

Drivers for a metadata framework include:

· Data loss is rising: IDC research notes that organizations average 14.4 unintentional data losses a year, mostly through employee negligence. Organizations need to ensure that controls are in place to mitigate the risks of data leakage, theft, loss and integrity arising from excessive access rights and permissions and non-existent audit trails. Excessive and/or out of date privilege and access rights were considered as having the most financial impact on the organization.

· IT is drowning in the data deluge: IT budgets are, on average, growing at less than one-fifth the forecasted annual growth rates of digital information, according to IDC. At the same time, manual approaches to managing and protecting information have become unwieldy, error-prone and ineffective. IT needs automated analysis of the permissions structure to determine which containers require ownership, and analysis of actual access activity to identify likely data owners.

· Stale data impacts the bottom line: Inactive and orphaned folders can be as high as 70 to 85 percent of the data in distributed systems. The majority of organizations have no process to identify the owner of files, and many are unable to determine which individuals and roles are authorized to access the data.

· Impact on the cloud: Without adequate information on the security and compliance profile of the data – including data ownership, access controls, audits and classification – cloud computing initiatives are amorphous and imprecise. CFOs and CIOs will be hesitant to move critical data and processes into the cloud without visibility on access and ownership, traceability and data segregation.

· Automation is key to success: Too often, users have access to significant amounts of data that isn’t relevant to them. Organizations therefore need to ensure that users and roles are aligned to correct groups, and that these groups enable access to the appropriate data containers.

About the Varonis® Metadata Framework™

Four types of metadata are critical for data governance:

User and Group Information – from Active Directory, LDAP, NIS, SharePoint, etc.
Permissions Information – knowing who can access what data in which containers
Access Activity – knowing which users do access what data, when, and how
Sensitive Content Indicators – knowing which files contain items of sensitivity and importance,

and where they reside

The Varonis Metadata Framework non-intrusively collects this critical metadata, generates metadata where existing metadata is lacking (e.g. its file system filters and content inspection technologies), pre-processes it, normalizes it, analyzes it, stores it, and presents it to IT administrators in an interactive, dynamic interface.

The Technology Spotlight paper is adapted from "IDC Worldwide Governance, Risk, & Compliance Infrastructure 2010-2014 Forecast: Increased Regulatory Oversight, Privacy, Cloud Computing and Smart Cities Drive Emerging GRC Obligations 2010" by Vivian Tero; IDC doc #222214. The paper is available online at varonis.com/metadata.

Free 30-day Trial Aids with Data Leak Prevention

Enterprises can receive a free, 30-day trial of Varonis DatAdvantage to help them with their data governance assessments by visiting go.varonis.com/go/17982 Within hours of installation, customers can conduct an automated permissions audit, generate reports, and see which users are accessing the data and how.

About Varonis Systems
Varonis is the leader in unstructured and semi-structured data governance for file systems, SharePoint and NAS devices, and Exchange servers. The company was named "Cool Vendor" in Risk Management and Compliance by Gartner, and voted one of the "Fast 50 Reader Favorites" on FastCompany.com. Varonis has over 3,000 installations worldwide. Based on patented technology and a highly accurate analytics engine, Varonis' solutions give organizations total visibility and control over their data, ensuring that only the right users have access to the right data at all times. Varonis is headquartered in New York, with regional offices in Europe, Asia and Latin America, and research and development offices in Hertzliya, Israel.

Varonis, the Varonis logo, DatAdvantage and DataPrivilege are registered trademarks of Varonis Systems in the United States and/or other countries and Data Classification Framework and Metadata Framework are under a registration process in the United States and/or other countries. All other product and company names and marks mentioned in this document are the property of their respective owners and are mentioned for identification purposes only.

Source: Eskenzi PR Ltd. for Varonis Systems

DES Launches New DESlock+ Enterprise Server

2011-03-17T05:50:00.001-07:00

· DES revolutionises key and policy encryption management by moving deployment into the cloud

Taunton, UK, 4^th March 2011 – Data Encryption Systems Limited (DES), the UK-based leader in software copyright protection, data encryption and winner of Computing Security's Encryption Product of the Year 2010, has today announced the release of its new DESlock+ Enterprise Server.

The new DESlock+ Enterprise Server brings cloud-based management to endpoint encryption, allowing centralised control of encryption keys and policy beyond the perimeter of corporate networks. Companies will be able to extend encryption security policy to include home and mobile networks by allowing users to send updates on key management through the cloud, meaning data can be updated and accessed from anywhere. David Tomlinson, Managing Director for DES, comments:

“End-point encryption is mostly targeted at mobile workers using laptops and USB flash drives, as it allows users to protect their data even from remote locations, ensuring they are meeting data protection and compliance requirements at all times. However end-point encryption still often relies on users connecting to a corporate network to manage their encryption keys and software policy, which can cause an issue for users who are seldom in the office.

Previously DESlock+ Enterprise Server has allowed for management of endpoints via the internet, however setup and configuration through this method is complex, slow and expensive. By moving the deployment component into the cloud all connections from client and server become outgoing, making it easy and cost effective for any organisation to remotely manage endpoint encryption, meeting regulatory conditions and completing security audits along the way.”

Cloud-based management is a game-changing technology for software products with complex and variable configurations, anti-virus being an ideal example. Encryption, however, poses a different set of problems; most importantly not wanting to store encryption keys on an internet web-server. DES’s new patent-pending solution splits part of the Enterprise Server off, moving the deployment component into the cloud to create a Proxy Server. This Enterprise Proxy behaves in a similar way to an email server, with client updates synched out for collection by the end-user, and status responses synched back for collection by the Enterprise Server. With communications protected by SSL encryption, the data posted through the Enterprise Proxy is protected with 1024 bit RSA and 256 AES. Tomlinson explains:

“Our technology is genuinely revolutionary, and our patent pending status confirms this. No one else is doing this at the moment and it can transform the way key management is handled for remote workers. The Enterprise Proxy is hosted in a 3 tier data centre in London, but for anyone not wishing to use this service, it may be hosted on their own web-server, with their own ISP or even run on the same computer as the Enterprise Server. Our Enterprise Server and its Proxy component can therefore offer users the convenience and cost-benefits of a cloud-based management service, without the risks created by moving encryption keys and databases off-site. The DESlock+ Enterprise Server offers customers the ability to maintain control of remote stations and staff, as well as the advantage of simplistic deployment. Our new system changes the rules for managing endpoint encryption.”

To compliment DES’s new feature enhancements, the Enterprise Server management console has been significantly improved. Now browser-based and available to multiple users, it may be used by Administrators with full access to Encryption policy settings and encryption keys or help-desk users who are limited to user recovery and remotely resetting passwords, which allows more flexibility with day-to-day management. Other key features include:

· Web-Based User Interface – A multi-user interface available from most web browsers from any point on the network

· Internet Connection – Client updates and status responses are encrypted and transmitted over the web

· Licence Management – Multiple organisational units and group licences can be managed from a single interface

· Encryption Key Management – Keys may be added, removed or erased remotely, with updates targeting users and/or workstations

· Encryption Policy Management – The product facilitates the full remote control of software features and endpoint encryption policy

· Assured Security – DESlock+ is CESG CCTM accredited and FIPS 140-2 level 1 validated

This update coincides with DES’s move to a per-user licensing structure, which extends to users’ home PC’s at no extra cost. This means that staff using home computers for work may be supplied with a corporate install to be managed centrally as part of an enterprise-wide data security program. Tomlinson concludes:

“We have launched the Enterprise Server in response to the recent remote working phenomenon and are delighted that it provides a complete data protection solution that goes beyond the traditional corporate network. This is just part of an overall drive that DES has undertaken to move with business and provide solutions that meet the needs of mobile workers. We have also recently added 2 new features for the DESlock+ Standard Edition, including removable media encryption and portable encryption, as well as moving to a per user licensing structure, giving more flexibility to mobile workers at an unbeatable price. I believe it is with innovation such as this that DES will continue to lead the market for data protection and security.”

To find out more, please visit www.des.co.uk.

About Data Encryption Systems (DES)

Since 1985, Data Encryption Systems has been the UK’s most successful manufacturer of software protection dongles, software copyright protection systems, and secure handset reprogramming accessories. Data Encryption Systems markets and supports products used by tens of thousands of businesses worldwide to protect applications, copyrighted materials, medical records, government files and other confidential and personal information. The company’s flagship product, DESlock+, has been awarded SC Magazine’s Best Buy for three successive years and was also the winner of Computing Security's Encryption Product of the Year 2010.

Malware on the Decline? Or Is Evasion on the Rise?

2011-03-17T05:48:00.001-07:00

PandaLab’s recent malware findings report indicates that the number of infected clients has decreased in February in relation to January. The data for this research was gathered from their antivirus tool. On the face of it this is a surprising fact as security researchers are continuously discussing an epidemic of client-side threats where there is a consistent increase in malware and their variants. However, looking closely at malware we see that hackers are investing in evasion techniques to bypass security controls, such as anti-virus. More so, as hackers are releasing new variants of client-side threats at such a rapid rate, anti-malware detection tools are faced with the nearly impossible task of keeping up-to-date with all new - and old- variants.

For instance, in our labs we have witnessed quite a few Trojans which were not detected by some common AVs for over a week. Other types of malware are used to sting victims very quickly so even if an AV detects the threat, it is already too late. Take for example the re-emergence of - what Imperva has dubbed - the "Boy in the Browser" (BitB) Trojan. This Trojan, once executed on the victim's machine, re-routes the victim's traffic to pass through an attacker controlled server. The BitB does this by tampering with the mapping of hostname to network address mechanism. Once this persistent change to the configuration file is performed, the exploit code is then removed from victim's machines. As a consequence, even if that user updated their latest AV content the next time they switched on their computer, no AV mechanism would detect this modification as the malware is not even installed on the machine.

We believe that although these results show a drop in malware, in reality, client-side malware will just continue to increase making the task of ensuring security on the client's machine all the more implausible. Ultimately, consumer infection has become a business problem. This means that businesses need to start dealing with this growing threat. While providers should urge consumers to be prudent, they must learn how to interact with infected consumers and create a safe business environment for them regardless of the general threat. These solutions include identifying account takeover, defeating phishing campaigns, detecting infected clients, interacting with infected clients and even sandboxing client sessions

For more information see the Imperva Blog http://blog.imperva.com/

Fraudsters Use Bogus Support Calls to Try and Hijack Peoples PCs

2011-03-17T05:47:00.001-07:00

Submitted by Mickey Boodaei, Trusteer CEO

With nearly 100 banks that offer Trusteer’s Rapport for secure web access we are now reaching 20 million installations. Our large install base and the level of trust people have developed in our brand provide us with a unique view of new types of fraud as users contact our free 24x7 support center to get advice. One of these recent interesting incidents described here remind us that fraud can take many shapes and forms

We recently received a report from a concerned Rapport user who said she had a phone call from someone claiming to be from Microsoft Windows Solutions saying that, because of error messages from her computer, he was tasked to help fix any problems she had. In fact he was not from Microsoft and tricked her into letting him connect to her PC and then tried to con her into buying bogus security products.

The recipient of the call initially thought the call was genuine and allowed the caller to remote access her computer - and show her the "viruses which had infected my system."

"When he tried to sell me some software I ended the call and did not give him any personal details, credit card or otherwise. Nevertheless, I'm worried that my computer may be vulnerable to future attack", she told our help desk, asking for assistance.

According to our Rapport user, the telephone caller led her to a Web site that allowed her to download a free remote access application that allowed him to access her computer.

"He then showed me a long list of files - all viruses, he said, and some very dangerous. I told him that I had good security on my computer", she said, adding I could not understand how that could happen.

"He said he was transferring me to his supervisor who would solve these problems. The supervisor showed me yet more virus files, which he said were located in a hidden part of the computer and he couldn't therefore clean it up without Windows 7 being installed (I run Vista) and some new security software," she said.

Whilst it does not appear the scam artists behind this call infected our Rapport user, they then tried to sell her a £300 security application, which they could offer her much more cheaply.

"As he rang off, he warned me that my computer was in very bad shape and would crash any day. The call lasted around 20 minutes and I feel like such an idiot to have been taken in for that length of time, and very nervous that they had all the time in the world to infect my computer," the Rapport user told our researchers.

Well, the good news is that our support team was able to work with this lady and ensure that her machine was not infected.

We searched our support database for similar incidents and indeed we do see users coming in with similar reports from time to time. From that we can conclude that this is indeed a common method of fraud that users should be aware of and avoid. It’s easy to think that you’d never fall for this type of fraud. But keep in mind that these fraudsters are very experienced and good in what they do. If it’s not you than it could be your friend, your parents, or your spouse who may be taken in by this sort of plausible-sounding `security support calls.

We’ve recently added an awareness center to our Rapport secure web access software. The awareness center gives you information about recent scams and security alerts that you should be aware of. It’s incorporated into the Rapport console and you can choose whether to visit it yourself or set it to pop up an alert when a new report is available. We believe this tool could be useful in keeping you in the know and providing you with tips on how to avoid new types of threats.

Every little bit helps. As the popular supermarket slogan says, and this is no less true in the IT security space.

Say safe when using the Internet.

For more information see http://www.trusteer.com/blog

ISACA expert claims virtualisation dates back to 1960s

2011-03-17T05:46:00.001-07:00

London, UK 2^nd March 2011 - A leading IT security expert claims that, despite all the media hype, virtualisation is actually not a new technology, and dates all the way back to the 1960s. Professor John Walker, member of the Security Advisory Group of ISACA’s London Chapter and CTO of Secure-Bastion, said that, although it’s not a new technology, it has recently come to the forefront again and offers organizations many benefits to the enterprise IT environment.

Professor Walker, gave an online presentation in which he said that whilst virtualisation's benefits include reduced server sprawl and a quicker build time, there are clear security issues.

As with any system, or application configuration, he said, control is vital to security, and its professionals should remember that this security principal applies to the on-line and off-line images alike.

IT professionals, he went on to say, should take care to ensure that new builds are tracked, and that, again, as with conventional systems and applications, virtualised environments need to be patched up and fixed.

"They also suffer from vulnerabilities," he told his audience.

Professor Walker also detailed his ”ring security strategy,“ which defines the virtual environment as the operating system block and three rings: ring 0, ring 1-2 and user applications.

Despite the potential security headaches associated with virtual networks, Professor Walker said that VLANs have become a great security enabler for the enterprise and that VM environments are ideal platforms for IT testing.

VM systems are also ideal tools for the mobile security tester, he went on to say, adding that this is because they support the running of multiple operating systems, multiple applications and multiple tools.

"And if you break it, you just recopy the image," he explained.

The cloud, however, changes a number of things. Professor Walker said that the advent of cloud computing has seen¾and will continue to see¾the use of virtualisation advance.

The question is, he added, are VM applications getting too expensive?

For more details of Professor's Walker's presentation and a recording: http://bit.ly/gxRJTz

For further guidance on virtualisation, ISACA’s white paper, Virtualization: Benefits and Challenges, and a complimentary Virtualization Security Checklist are available as a complimentary downloads from www.isaca.org/virtualization.

About ISACA

Follow ISACA on Twitter at http://twitter.com/ISACANews

Source: Eskenzi PR

400 percent increase in USBs left at the dry cleaners

2011-03-17T05:43:00.001-07:00

CREDANT TECHNOLOGIES RESEARCH SHOWS CONSUMERS LEFT BEHIND MORE THAN 17,000 USB STICKS AT DRY CLEANERS IN 2010

Company Sees 400 Percent Increase in USBs Left Behind in Clothes to be Dry Cleaned

LONDON, U.K, and ADDISON, Texas—March 1, 2011—CREDANT Technologies, the trusted data protection experts, recently conducted a survey of dry cleaners and laundrettes in the U.K. and discovered more than 17,000 USB sticks were left behind in 2010 in clothes left to be dry cleaned. This is a 400 percent increase from 2009. More than 500 dry cleaners and laundrettes from around the U.K. participated in the research survey.

Tweet this: #CREDANT announces results of UK launderette research; 17K USBs left behind, putting potentially proprietary and sensitive data at risk

“The numbers of USB sticks forgotten in trousers and shirt pockets is staggering and is a direct result of growth in ‘IT consumerisation,’ as consumers today carry more and more mobile devices than ever before, such as smart phones, laptops, iPads, USB sticks and other portable devices,” said Sean Glynn, vice president of marketing, CREDANT Technologies. “Inevitably, unsuspecting consumers leave the USB sticks behind, creating a potential risk for their employers if these devices have proprietary information on them and end up in the hands of criminals.”

IT consumerisation refers to the incremental use of personal, consumer electronics and web services in an enterprise environment, particularly mobile technology that can be used to store personal and private data. USBs are the cheapest and most convenient means of storing private data; however, they are most likely also the most easily lost devices. With so many thousands of USBs left in dry cleaners alone, the probability increases that valuable corporate data resides on them, presenting a potential security risk for a consumer’s employer. In the U.K., the Information Commissioner’s Office (ICO) was given the power to issue fines of up to £500,000 in April 2010 for breaches of the Data Protection Act (DPA). Four major fines have been issued since then, with two local authorities falling victim this month—Ealing Council for £80,000 and Hounslow Council for £70,000.

“The public sector is looking to make savings of £81billion over the next four years, and at the very least, this could be one way to make up some of the deficit,” said Glynn. “There remains one thing more important even than the potential £8.6 billion in revenues that could be generated if we were to assume that each of these USB sticks contained sensitive information, and were not encrypted. This type of assertive action from the ICO would make the corporations and organisations that regularly access and use potentially sensitive information finally put the policies, technologies and protections in place that can mitigate this risk.”

Glynn continued, “Such technologies are available today in the market, offering the centralised detection, encryption, auditing and compliance reporting that organisations need to ensure the protection of their data. With the best intentions in the world, the reality is devices are often left behind and the information they contain could be devastating if disclosed—over and beyond the ICO fines. Organizations need to plan for this when developing their security strategies.”

Research Methodology

CREDANT conducted outreach via phone to more than 500 dry cleaners and launderettes in the U.K. during December 2010 and January 2011 and extrapolated these figures based on 4,500 dry cleaners in the UK.

About CREDANT Technologies

CREDANT Technologies is the trusted expert in data protection. CREDANT’s data security solutions mitigate risk, preserve customer brand and reduce the cost of compliance, enabling business to “protect what matters.” CREDANT has been recognized by Inc. magazine as the #1 fastest growing security software company in 2008 and 2007; was selected by Red Herring as one of the top 100 privately held companies and top 100 Innovators; and was named Ernst & Young Entrepreneur of the Year® 2005. Austin Ventures, Menlo Ventures, Crescendo Ventures, Cisco Systems (NASDAQ:CSCO), and Intel Capital (NASDAQ:INTC) are investors in CREDANT Technologies. For more information, visit www.credant.com.

Source: Eskenzi PR

Use your smartphone to log into cloud and secure systems at your peril says Lieberman Software CEO

2011-03-17T05:42:00.001-07:00

Research by a US university undergraduate that has revealed that Google Android apps are sending user credentials in the clear comes as no surprise to Phil Lieberman, CEO of Lieberman Software. "According to newswire reports, Dan Wallach's research has revealed that several Android apps - including an approved Facebook application - are sending all data but the password ‘in the clear.’ This is absolutely typical of open source software, since there is little incentive for the software developer to use secure protocols unless the destination system requires this,” he said.

"And this is the biggest issue with open source software. Whilst the economic imperative to go open source is clearly very strong, companies that use open source, such as Android, which is based on Linux code, also need to ensure their software is robust on the security front, and this process costs money," he added.

Lieberman, whose company specialises in privileged identity management and security solutions, went on to say that Android apps are an interesting case as, unlike most open source software, the apps are usually designed to run on as as-is basis, so adding security to the IP transmission side is not always as easy task.

Lieberman said: “I would go one step further and state that this disclosure is but, one early warning shot about the use of cloud computing and new platforms such as Android and Windows Mobile 7. The other element is the stark reality that computer science graduates rarely, if ever, receive any training on how to write secure applications. So it should come as no surprise that many applications created by these same people are insecure. Depending on the platform provided by a vendor, the core security available to the developer (given that they know what they are doing), can also be woefully inadequate. As a consequence, developers of applications frequently find themselves needing to add layer upon layer of additional technology which may beyond their expertise and budget. Because security is frequently an "out of sight, out of mind" problem, it does not get addressed/funded until someone complains or something bad happens.

With apps for other smartphone platforms - such as BlackBerry and iOS - for the iPhone, iPad and iPod touch - there are vetting procedures in place to ensure that a third-party application does not get offered without some sort of assurance that it is robust from a security perspective.

At the end of the day, however, Lieberman says it is difficult to guarantee that a smartphone app is as secure as a desktop application, for the simple reason that few smartphone users in a corporate environment have access to smartphone app security checking.

This is why, he explained, Lieberman Software is so big on privileged account security, since using an account that has high user privileges on a smartphone - especially across public access WiFi channels, which can easily be eavesdropped - is a high risk activity.

Lieberman said: “So this story is a great lesson that it is time for developers to hit the books on how to secure their applications, and platform vendors need to complete their security and encryption suites to make it “easy” for developers to write secure applications.”

"Yes, it is convenient to access a Web interface to a computer system using a smartphone whilst on the move, but his is why privileged identity management systems exist. Carefully controlling what any user can do - or cannot do - is at the heart of a good security system," he said.

"I suspect you will find many other examples of smartphone apps that have a security hole in them. The sad fact is that, until smartphone-transmitted someone's credentials are ransacked to commit a serious cybercrime, we don't get to hear about this until it's too late," he added.

For more on the latest Google Android security issues: http://bit.ly/gmdt8I

For more on Lieberman Software: www.liebsoft.com

Source: Eskenzi PR

Security Concerns over Cloud Storage

2011-02-26T08:56:00.001-08:00

Many more businesses are moving their data storage requirements to cloud service providers but are they making provision for the securing of that data, asks Managing Director of data security company Digital Pathways, Colin Tankard.

“ The responsibility for securing your data being stored in the cloud remains with you, as it would if you held it on your own server. I wonder how many businesses understand this? ” says Tankard.

Using the cloud offers great benefits especially in terms of cost reduction. However, as businesses face increasing pressure regarding issues of compliance and privacy the need to ensure robust data security increases expotentially.

“I think some businesses may well be put off using the cloud because of the security issue but there are good solutions out there in the form of robust encryption products.

“Digital Pathways, for example, offers its clients the Vormetric data security product for Amazon web services which offers rapid deployment, is granular, offers separation of duties, is simple and portable.

“One thing is certain, employing the best data security is an absolute must for all businesses situations but especially if you are going to use the cloud” concludes Tankard.

Source: Joy Moon. PR Consultant for Digital Pathways

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Lieberman Software warns on new hacking trend of malware-driven pervasive memory scraping

2011-02-26T08:53:00.001-08:00

Reports are coming in of a new trend in hacking techniques. Known as ‘pervasive memory scraping,’ the technique relies on the fact that certain areas of Windows memory are only occasionally overwritten, meaning that data from software that has been closed down on the PC, can still remain for some time after.

According to Lieberman Software the red flag was raised recently by the SANS Institute about this new hacker technique. Since then hackers have used the technique to grab personally identifiable information (PII) from users' PCs.

“The SANS Institute is reported to have spotted evidence of this type of attack methodology on an increasing basis. This means that, where a Windows PC user loads a secure application to view data, views that data and then closes the application, there is a chance that the data may continue to reside in the computer's memory for some time after," said Phil Lieberman, CEO of Lieberman Software.

“Put simply, this means that, even if the secure software checks for the presence of trojans and similar credential scanning malware - and locks down the malware whilst it is loaded - once the application is closed, the contents of the computer memory can still be subsequently lifted by a remote scanning piece of malcode,” he added.

The solution to this is quite simple said Lieberman. Users must either use a secure Web browser with a memory sandbox feature - meaning all trace of the viewed data disappears along with the browser as it closes - or that secure data should not be loaded on to the computer in the first place.

Secure/sandbox browser sessions, he explained, are easy to set up and use, but their functionality and interaction with third-party applications on the host computer is severely restricted.

This means, said Lieberman, that the only real solution to the problem of pervasive memory scraping is to store and control private data on a centrally-managed basis.

Using this methodology, he added, ensures that private information is stored and accessed using a data-centric, policy-based protection basis across all endpoints.

"It also, unlike secure/sandbox Web browsing, means that there is minimal impact on the user experience and operational processes in the course of regular business operations," he said.

“The fact that the SANS Institute has expressed concern about this security issue should be a red flag in itself. IT security managers need to be aware of this problem, and how to remediate it without it costing the earth, and causing efficiency issues within their organisation,” he said.

For more on the Pervasive Memory Scraping security issue: http://bit.ly/ijhU2m

For more on Lieberman Software: www.liebsoft.com

Source: Eskenzi PR Ltd.

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

95% of parents found children accessing internet pornography

2011-02-26T08:52:00.001-08:00

Survey reveals that while most respondents use parental controls, teenagers often succeed in uninstalling or unlocking this software

BitDefender^®, an award winning provider of innovative internet security solutions, has today announced the results of a new study that shows 95% of parents have noticed that their children had accessed internet pornography, especially during homework time. According to the study, the average age of a child starting to look for adult content sites is just over 11 years old.

The BitDefender study is based on interviews with 1,570 parents from five different countries, focusing on their children’s internet usage habits and their own habits, especially those related to sexually explicit materials. The study also found that while 97% of respondents used parental control software to block access to adult websites, 12% of the teenage sons or daughters succeeded in uninstalling or unlocking this software.

“One of the most interesting findings from this study is related to parental control. Even if the parents understood the necessity of such a piece of software and the need to monitor their teenagers’ activity on social networks and on the internet in general, children will always find a way to access adult content,” said Sabina Datcu, BitDefender E-Threats Analysis and Communication Specialist and author of the study. “BitDefender believes this sends a clear message to parents - it’s more important than ever to take steps to protect children from exposure to sexually explicit materials found on the internet.”

62% of adults admitted that they themselves had searched for and accessed adult content sites. Moreover, 87% said they would allow their children to look for sexually explicit materials if the children were 19 years old or older.

BitDefender’s Internet Security 2011 software includes parental control features to help monitor and control what websites children can visit. More details of the survey can be found on MalwareCity.com. For a full list of BitDefender 2011 features and benefits by product, please visit www.bitdefender.co.uk or follow BitDefender on Twitter for daily malware alerts.

BitDefender is the creator of one of the industry's fastest and most effective lines of internationally certified security software. Since its inception in 2001, BitDefender has continued to raise the bar and set new standards in proactive threat prevention. Every day, BitDefender protects tens of millions of home and corporate users across the globe - giving them the peace of mind of knowing that their digital experiences will be secure. BitDefender security solutions are distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. More information about BitDefender and its products are available at the company’s security solutions press room. Additionally, BitDefender’s www.malwarecity.com provides background and the latest updates on security threats helping users stay informed in the everyday battle against malware.

Source: Media Safari

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Parallels to leverage Scality RING technology in its "Parallels Automation for Cloud Infrastructure"

2011-02-26T08:50:00.001-08:00

Orlando, FL - February 2011 - Cloud storage pioneer Scality announced an OEM partnership that will see Scality RING provide the underlying Cloud Storage technology in Parallels' newly announced "Parallels Automation for Cloud Infrastructure". Parallels' cloud infrastructure solution enables service providers to rapidly and profitably deliver the infrastructure needed for cloud computing and cloud storage services to SMBs and developers - in particular, enabling service providers to compete with established cloud players.

Scality CEO Jérôme Lecat said: "Once a new technology has been deployed and proven, the key to success is speeding up adoption, and this is where Scality RING is today. After deployment with seven service providers in Europe during 2010, Scality needs partners who can accelerate adoption of our ground-breaking technology for the Hosting Service Provider market.

"Parallels is the perfect fit, thanks to the company's experience in distributed storage and its understanding of the needs of these customers. Parallels Automation for Cloud Infrastructure provides the ultimate level of manageability for service providers who want to offer a complete suite of Cloud Services, ranging from computing and virtualization to storage. As a trusted partner with extended experience of service providers, Parallels will leverage our technology to deliver the perfect product for its customers," he added.

Amir Sharif, Vice President of Virtualization and IaaS at Parallels, said: "We were introduced to Scality by a customer, who had already deployed it. After conducting a deep analysis, we were impressed by the maturity of the technology and its market viability. Scality enables us to deliver a fully integrated Cloud Storage solution to our customers."

Parallels Automation for Cloud Infrastructure is the industry's only infrastructure cloud solution that supports all key hosting processes like provisioning, billing and self-service management. Unlike competitor products, Parallels Automation for Cloud Infrastructure can be managed through an integrated management panel enabling IT professionals to self-create, self-scale, and self-manage virtual datacenters.

The Scality RING platform creates a series of nodes that are built using off-the-shelf servers. Each node on the RING controls its own segment of the overall storage pool. By monitoring other segments and constantly replicating - as well as load-balancing - the data, the storage becomes self-healing in the event of a drive or segment of the pool failing for whatever reason. Scality technology is used by service providers to deploy Storage-as-a-Service offerings, by email providers to store emails for millions of users, and by web service providers managing billions of files with very high performance expectations, either for Web 2.0 or business applications.

Scality is the developer of RING, a software platform enabling cloud storage to easily scale up to exabytes using commodity server hardware with direct attached storage.

Scality delivers the performance and reliability of a SAN- or NAS-based architecture without the hassles of volume management at one third to half of the cost.

Scality is used by Service Providers to deploy Storage-as-a-Service offerings, by Email Providers to store emails for millions of users, and by web services managing billions of files with very high performance expectations, either for Web 2.0 or business applications. Scality RING is based on a patented object storage technology, which delivers high availability, ease of operations and total control of your data.

For more information please visit www.scality.com or follow Scality on Twitter: @Scality.

Parallels is a global leader in virtualization and automation software that optimizes computing for consumers, businesses, and Cloud services providers across all major hardware, operating systems, and virtualization platforms. Founded in 1999, Parallels is a fast-growing company with more than 700 employees in North America, Europe, and Asia. For more information, please visit www.parallels.com.

Source: Omarketing, for Scality

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Connectria selects Scality to launch a public cloud storage service

2011-02-26T08:48:00.001-08:00

Scality's first 'Storage as a Service' customer in North America

San Francisco, February 2011 - Scality announced that Connectria - one of the longest-standing, most experienced, enterprise-class hosting businesses in North America - has selected Scality RING as the core technology of its new Storage as a Service offering.

Rich Waidmann, founder and CEO of Connectria, said: "At Connectria, we are relentless in our pursuit of excellence, because many businesses depend upon us and, as our customers, they deserve the best - we have made this philosophy a cornerstone of our business since 1998 and it's held us in good stead. With that in mind, that we are happy to become Scality's first Storage as a Service customer in North America says everything you need to know about how we view Scality and Scality RING."

Serge Dugas, chief sales & marketing officer for Scality, said: "After a year of successes in EMEA markets, 2011 is poised to be a very strong year in North America for Scality. We are proud to have been selected by Connectria after a thorough review of storage infrastructure solutions by Connectria's Rusty Putzler, vice president - engineering."

Scality is the developer of RING, an application centric cloud storage system, enabling cloud storage to easily scale up to exabytes using commodity server hardware with direct attached storage.

Scality delivers the performance and reliability of a SAN- or NAS-based architecture without the hassles of volume management at one half of the cost.

For more information please visit www.scality.com or follow Scality on Twitter: @Scality.

Connectria Hosting (www.connectria.com) is a profitable and growing global provider of cloud, managed and complex hosting services. Packaged or customized solutions are available for technologies including OS, virtualization, database, email/collaboration and application/web servers. Connectria's hosting expertise represents one of the industry's widest range of supported platforms from a variety of vendors, including Microsoft, IBM, Oracle, HP, Dell, SUN, Citrix, VMware and Open Source (e.g. Linux/LAMP, MySQL).

A privately held company, Connectria has built its business through reinvesting profits and without any debt or equity financing. Connectria operates world-class Data Centers, Network Operations Centers, and Engineering Centers located in St. Louis, Missouri and Philadelphia, Pennsylvania. From these facilities, Connectria operates as a virtual extension of its clients' IT organizations.

Source: Omarketing, for Scality

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Flash disk security is very different to magnetic drives says Origin Storage

2011-02-26T08:42:00.001-08:00

Reports that certain types of flash disks lack a secure deletion facility highlights the fact that solid state storage devices are very different in their architecture than magnetic drives, says Andy Cordial, managing director of storage systems specialist Origin Storage.

"A lot of companies have made the understandable mistake of presuming that flash drives are a slot-in replacement for magnetic drives, when in fact nothing could be farther from the truth," he said.

"And as prices have fallen, a lot of firms have gone for solid state drives (SSDs) to tap into the advantages of rapid boot times, especially or relatively smaller capacity flash drives," he added.

Cordial says that researchers at the University of California have discovered that the electronic data shredding procedures - aka data sanitisation - do not always work the same on SSDs as on magnetic drives .

This, he explained, is due to the complex electronics on some of the latest generation of SSDs, which intercepts a data delete request and often only deletes the header, rather than the full data clusters that go to make up a given file on a magnetic drive.

This means, the Origin Storage MD says, that so-called `disk doctor'

programs, which allow data retrieval on a sector-by-sector basis, without resorting to requiring header data, as an operating system normally does, can effectively undelete supposedly sanitised data files on an SSD.

The bottom line, says Cordial, is that `conventional' data overwrite commands which have worked well on magnetic drives since the earliest days of PCs in the 1980s, cannot be relied upon to function in the same manner with a flash drive.

"As the university researchers found, the erase procedures provided by manufacturers should be verifiable as well, so that users could easily check post-sanitisation that their data had been removed," he said.

"We could have told the researchers that. This is why we recommend SSDs for specific applications and magnetic drives for other uses. It's also why, where high levels of security are required, we recommend magnetic drives with additional levels of security, such as PIN/password entry system on our Data Locker Pro series ," he added.

For more on the SSD delete research findings: http://bit.ly/h0mgmM

For more on Origin Storage: www.originstorage.com

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

New Financial Trojan OddJob Keeps Online Banking Sessions Open after Users “Logout”

2011-02-26T08:40:00.001-08:00

We have found a new type of financial malware with the ability to hijack customers’ online banking sessions in real time using their session ID tokens. OddJob, which is the name we have given this Trojan, keeps sessions open after customers think they have “logged off”’, enabling criminals to extract money and commit fraud unnoticed. This is a completely new piece of malware that pushes the hacking envelope through the evolution of existing attack methodologies. It shows how hacker ingenuity can side-step many commercial IT security applications traditionally used to defend users' digital - and online monetary - assets. We have been monitoring OddJob for a few months, but have not been able to report on its activities until now due to ongoing investigations by law enforcement agencies. These have just been completed.

Our research team has reverse engineered and dissected OddJob's code methodology, right down to the banks it targets and its attack methods. Trusteer has already warned Financial Institutions that OddJob is being used by criminals based in Eastern Europe to attack their customers in several countries including the USA, Poland and Denmark.

The most interesting aspect of this malware is that it appears to be a work in progress, as we have seen differences in hooked functions in recent days and weeks, as well as the way the Command & Control (C&C) protocols operate. We believe that these functions and protocols will continue to evolve in the near future, and that our analysis of the malware's functionality may not be 100 per cent complete as the code writers continue to refine it.

OddJob's most obvious characteristic is that it is designed to intercept user communications through the browser. It uses this ability to steal/inject information and terminate user sessions inside Internet Explorer and Firefox.

We have extracted OddJob’s configuration data and concluded that it is capable of performing different actions on targeted Web sites, depending on its configuration. The code is capable of logging GET and POST requests, grabbing full pages, terminating connections and injecting data into Web pages.

All logged requests/grabbed pages are sent to the C&C server in real time, allowing fraudsters to perform session hijacks, also in real time, but hidden from the legitimate user of the online bank account.

By tapping the session ID token - which banks use to identify a user's online banking session - the fraudsters can electronically impersonate the legitimate user and complete a range of banking operations.

The most important difference from conventional hacking is that the fraudsters do not need to log into the online banking computers - they simply ride on the existing and authenticated session, much as a child might slip in unnoticed through a turnstile at a sports event, train station, etc.

Another interesting feature of OddJob, which makes it stand out from the malware crowd, is its ability to bypass the logout request of a user to terminate their online session. Because the interception and termination is carried out in the background, the legitimate user thinks they have logged out, when in fact the fraudsters remain connected, allowing them to maximise the profit potential of their fraudulent activities.

All matching is case-insensitive, and, using this process of pattern matching, fraudsters using OddJob are able to cherry pick the sessions and targets they swindle to their best advantage.

The final noteworthy aspect of OddJob is that the malware's configuration is not saved to disk - a process that could trigger a security analysis application – instead; a fresh copy of the configuration is fetched from the C&C server each time a new browser session is opened.

The good news is that Trusteer's Rapport secure web access software- which is now in use by millions of online banking customers - can prevent OddJob from executing.

It's important to note that OddJob is just one of several pro-active malware applications that our research team sees on a regular basis, but its coding methodology indicates a lot of thought on the part of the coders behind the fraudware.

Careful analysis and research is needed to reverse engineer and dissect fraudulent applications like OddJob, but our message to banks and their online banking users is unchanged. They need to maintain constant vigilance, apply software updates, maintain an awareness of new threats and deploy complementary security solutions that can defend against evolving attack methods.

For more information see http://www.trusteer.com/blog

Source: Eskenzi PR Ltd.

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

US worries over Internet `kill switch' highlights need for contingency planning say Infosecurity Europe organisers

2011-02-26T08:38:00.001-08:00

London, UK, February 2011 - As US IT security experts and liberty organisations discuss the ramifications of the recent effective shutdown of the Internet in Egypt - and whether President Obama should have access to an Internet `kill switch' - the organisers of Infosecurity Europe show are saying that the saga highlights the need for IT contingency planning.

According to Claire Sellick, Event Director for Infosecurity Europe, the lessons coming out of the Egypt net shutdown - and the fact that the US government is now talking about having access to a similar `shutdown button' for the US side of the Internet - should act as a red flag to IT managers in organisations of all sizes.

"What we are seeing here is a rising awareness of the Internet's reliance on key physical elements such as main server centres and major routing stations, and how closing down these elements can effectively paralyse a nation's access to the Internet," she said.

"The headache that this causes on the security front is, what effect would a shutdown on, for example, of one or more of the US Internet main switches, or the Amsterdam Internet Exchange (AMS-IX), have on your organisation, and the answer is that the effects could be very severe," she added.

Sellick went on to say that a number of UK ISPs rely on peering links with US and European exchanges for a lot of their Internet traffic, so if a foreign exchange shutdown were to occur, it could have severe repercussions for some UK hosted Web sites and company intranet/Internet traffic.

The key word here, she explained, is `some' as not all Internet hosting and service providers in the UK are equal in terms of their reliance on foreign exchange resources.

For example, she says, whilst most of the UK's Internet traffic is routed via the London Telehouse switches, a growing minority is also being routed via Manchester's MANAP switch, meaning that a serious issue with one switch would mean users of the other switch could continue business as usual.

It all comes to Internet routing diversity, the Infosecurity Europe event director said, adding that, whilst experts in the US are now realising that there can never be a `kill switch' for the US Internet, they also realise it is still possible to lock down large portions of the North American Internet grid.

"And the effects of this could range from catastrophic to a minor inconvenience, depending on which hosting or internet service provider your UK organisation uses, and whether you have IP route diversity systems in place," she said.

"Of course, gaining access to information on these topics is a not as easy as you might think. Fortunately, help is at hand in the shape of the free educational seminar programs we are planning for the Infosecurity Europe show, which takes place at Earls Court, London 19-21 April 2011 www.infosec.co.uk," she added.

For more on President Obama's Internet kill switch: http://bit.ly/gGePS3

For more on the Infosecurity Europe show: www.infosec.co.uk

Infosecurity Europe, celebrating 16 years at the heart of the industry in 2011, is Europe’s number one Information Security event. Featuring over 300 exhibitors, the most diverse range of new products and services, an unrivalled education programme and visitors from every segment of the industry, it is the most important date in the calendar for Information Security professionals across Europe. Organised by Reed Exhibitions, the world’s largest tradeshow organiser, Infosecurity Europe is one of four Infosecurity events around the world with events also running in Belgium, Netherlands and Russia. Infosecurity Europe runs from the 19th – 21st April 2011, in Earls Court, London. For further information please visit www.infosec.co.uk

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

CREDANT TECHNOLOGIES LAUNCHES BETA PROGRAM FOR CLOUD ENCRYPTION SOFTWARE

2011-02-26T08:36:00.001-08:00

CREDANT Removes Major Roadblock to Cloud Adoption through Unique Data Encryption Approach

London, February 2011: CREDANT Technologies, the trusted experts in data protection, today announced immediate availability of the beta program for its cloud encryption software for virtual desktop infrastructure (VDI) private cloud infrastructures. The new CREDANT cloud security platform provides enterprise customers with the ability to more rapidly embrace cloud infrastructure by removing the primary roadblock to adoption – data security. With this launch, CREDANT enables organizations to control and enforce security whether corporate data is located in private, hybrid or public cloud infrastructures. The CREDANT cloud security platform provides the only cloud data security approach to enable granular encryption, access control and key management that allows enterprises, including the cloud provider itself.

Tweet this: #CREDANT launches cloud encryption software beta. Register here to participate: http://bit.ly/e3sTii (new url is www.credant.com/cloudsecurity)

CREDANT, the comprehensive provider of endpoint, mobile, and cloud data protection, is breaking down the security barriers for clients moving to cloud computing models. CREDANT’s approach, new to the field of cloud security, is to protect data itself rather than protecting specific volumes, drives, or devices. Its encryption technology is the only automated, centrally managed, policy-based solution on the market, providing real-time protection and peace of mind for enterprise and governmental customers with sensitive data. Competitive solutions are either unworkable in cloud infrastructures or are highly labor intensive and have so far failed to meet the needs of enterprise customers wishing to move to the cloud.

The solution will enable businesses and governmental organizations to deploy private cloud infrastructures as part of their long-term roadmap to full cloud utilization by putting data security in the control of the enterprise—not the cloud administrator. By enabling the IT security organization to control encryption of critical data on cloud platforms centrally, and in a way that is fully integrated with other data protection and encryption solutions already in place, organizations can safely embrace private, hybrid, and public cloud computing models with the knowledge that their data is safe from co-tenants, hackers, and malicious insiders. The CREDANT cloud security platform:

· Effectively eliminates the risk of an insider (either within the organization or working for an outsourced provider) accessing or stealing sensitive data;

· Provides granular access to decrypted information to the authorized user only while; administrators (local and third-party) access only the system and not the protected data; and,

· Enables seamless management of data security on physical infrastructure, mobile devices, removable media, private clouds, virtual desktop infrastructures, and hybrid/public cloud models, in a way that is transparent to users.

· Prevents unprotected data leakage to removable media while enabling secure usage and control of removable storage.

“CREDANT’s robust key management technology and data-centric encryption technology allows us to solve one of the core Cloud security problems in a fundamentally different way ,” said Chris Burchett, Chief Technology Officer and co-founder, CREDANT Technologies. “The complexity of managing cloud infrastructures requires a new model for data security, and our new offering defines the path for organizations to more rapidly and securely adopt cloud models by removing the risks of data theft and insider attack wherever the data resides. This isn’t just about security – it’s about accelerating the transformation to the cloud for our customers.”

The CREDANT is the first of a series of releases targeting data security in the cloud. It provides simple, centrally managed security for data in private cloud infrastructures utilizing VDI. This new solution offers a far more secure and business-aligned approach to protect data, and is built upon CREDANT’s extensive expertise as the world’s largest endpoint data security specialist. The beta program is now available; organizations can register to participate by visiting www.credant.com/cloudsecurity.

CREDANT Technologies is the trusted expert in data protection. CREDANT's data security solutions mitigate risk, preserve customer brand, and reduce the cost of compliance, enabling business to "protect what matters." CREDANT has been recognized by Inc. magazine as the #1 fastest growing security software company in 2008 and 2007; was selected by Red Herring as one of the top 100 privately held companies and top 100 Innovators; and was named Ernst & Young Entrepreneur of the Year® 2005. Austin Ventures, Menlo Ventures, Crescendo Ventures, Intel Capital (NASDAQ:INTC), and Cisco Systems (NASDAQ:CSCO) are investors in CREDANT Technologies. For more information, visit www.credant.com.

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Beware the Enemy Within

2011-02-12T06:36:00.001-08:00

The recent dismissing of staff members engaged in data breaches at Vodafone once again highlights the absolute necessity for companies to ensure that data is properly secured says Colin Tankard, Managing Director, Digital Pathways.

“In this instance the data breach was from within the organisation itself, says Tankard. “So often we tend to think of the external bad boys – the teenager in his darkened room! Not the disgruntled employee, the contractor or competitor trying to outbid you to a contract.

“What companies must do is control who has access to data and by what route it is accessed. The important thing is to link only the valid user using the valid application to the data and controlling what they can do with the data i.e. copy, email or delete it etc.

“The struggle many companies have is to apply this to their applications which can be complex and often requires a re-design of the application itself. This is not the case with today’s security technology as we are able to encrypt any form of data, link that encryption to the application and the user, transparently to the application – hence requiring no modifications to the programme or to the users working practice.

“This ensures the data is protected wherever it resides, even when it is backed up or moved off site to a data centre or cloud. Then it is only available to authorised entities who themselves can only use the information in an approved way.

“Data breaches are no longer simply seen as being an irritating misdemeanor but are highly damaging to reputation and costly due to legislation and fines. Flexible and robust data security is no longer restricted to financial data but now covers all personal/private information that is held by every business.

“ In my opinion where we are today is in a situation where many organisations have addressed their security issues individually as the need arises and not holistically as a whole. What is vital is that security solutions are not piecemeal but properly instigated strategies that are able to grow with the ever-changing technology landscape and requirements of organisations.

‘If your companies data security is less than it should be I would recommend you take stock now.”

Source: Joy Moon PR Consultant

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Infosecurity Europe welcomes plans for rapid takedown of infected Web sites

2011-02-12T05:20:00.001-08:00

London, UK 11^th February 2011 - The organisers of Infosecurity Europe have welcomed news that the UK’s Internet registry is considering plans to rapidly take down those Web sites and Internet domains that it considers infected or have clear criminal/hacking intent. Infosecurity Europe will be held at Earls Court, London 19-21 April 2011 www.infosec.co.uk

Claire Sellick, Event Director with the increasingly popular information security show, which takes place in London each spring, said that infected Web sites are now a serious threat to Internet users, whether they are employees working for a major corporation or SoHo workers, working on a single PC from a home office.

"The problem to date has been the electronic paper chase required for interested parties to complain - through various channels - that a site is causing infections or malware-laded links to visitors, and then for the hosting provider - often acting on their own principles - taking down the site, usually after several weeks of investigation," she said.

"If, as seems likely, Nominet adopts the plan, then a decision will be taken to take a site offline in very short order, where the intent is clearly criminal or the site appears to act as a conduit for malware," she added.

According to the Infosecurity Europe Event Director, Nominet's plans - which are quite revolutionary given the egalitarian nature of the Internet - have been proposed after discussions with the Serious Organised Crime Agency.

Despite the suggestion coming from the police agency, Sellick said that the fact that Nominet is now asking its membership and the Internet industry in general, is a very positive move.

It reflects, she said, the growing importance that the Internet has in modern business life, and the fact that it has almost become an essential utility in the same way that energy and water suppliers are central to modern life.

If the plans are adopted, she says, then the move will make the Internet a safer place to do business, although it is important to realise that the global nature of the Web means that until other national registries adopt similar measures, there will still be the issue of infected sites to content with.

The good news that will result from the adoption of the proposals, adds Sellick, is that it will effectively devalue a UK-registered Web site in the eyes of cybercriminals, who will be less inclined to hack into the pages and load their own rogue data, knowing full well the site will be offline in a short space of time.

"Crime has a habit of seeking the path of least resistance and cybercrime is no exception. Reducing the risk of a UK business Web site from being misused is always going to be welcome, even against the backdrop of the Wild West that the Internet has become in some areas," she said.

"For this reason, we welcome the Nominet proposals, as they will help to make the Internet a safer place. There will still be cybercriminals on the Net, of course, but businesses can come to Infosecurity Europe in April to learn how to better defend their digital assets in the fast-changing world of IP communications," she added.

Infosecurity Europe takes place at London Olympia, between the 19th and the 21st of April, 2011.

For more on the Nominet proposals: www.nominet.org.uk/news/latest/?contentId=8215

For more on the Infosecurity Europe show: www.infosec.co.uk

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

ISACA’s EuroCACS Examines Data Protection, Cloud Computing and Social Networking

2011-02-12T05:18:00.001-08:00

ISACA’s EuroCACS Examines Data Protection, Cloud Computing and Social Networking

20-23 March 2011, Manchester, UK

Rolling Meadows, IL, USA (10th February 2011)—David Smith, the deputy commissioner and director of data protection for the United Kingdom Information Commissioner’s Office will discuss the challenges posted by personal privacy expectations from customers and regulators—and how IT professionals can strengthen public confidence in data protection—in his keynote presentation at ISACA’s European Computer Audit, Control and Security Conference (EuroCACS). This year, the event will be held 20-23 March in Manchester—one of the top 20 places to visit according to the New York Times’ “41 Places to Go in 2011.”

EuroCACS is an annual event drawing hundreds of global leaders in IT security, assurance and governance. Hosted by ISACA, a nonprofit association serving 95,000 IT professionals, the conference will feature 44 sessions divided into 12 streams:

· Client Computing

· Cloud Computing and Virtualization

· Computer Forensics

· Governance, Risk and Compliance

· Information Architecture

· Managing IT Investment

· Outsourcing

· Privacy, Information Protection and Loss Prevention

· Regulations and Compliance

· Risk Management

· Social Computing, Social Networks and Human Factors

· Sustainability

“EuroCACS is a great place for delegates to get the latest guidance on the issues that keep them awake at night. Attendees will learn valuable tips and solutions to add value to their enterprises,” said Peter Thompson, President, ISACA Northern England Chapter.

Summary of Select Streams:

Cloud Computing and Virtualization

Cloud computing is something of a buzz term in the IT and business communities. Many maintain that it is the long-sought-after solution to cost and security concerns within an organization; others are resolutely unconvinced. Economic pressures have forced organizations to re-evaluate their IT solutions with specific regard to availability, scalability, efficiency and cost, so it is particularly important to assess the potential business benefits, risks and assurance considerations. Sessions in this stream will address the legal, security and governance issues surrounding the cloud.

Privacy, Information Protection and Loss Prevention

Contemporary data security is perhaps the most pressing of all challenges facing IT professionals today—a fact that has resulted in unanimous agreement that a new type of security culture must be created. But what alterations must be made to reflect the current information security zeitgeist? Examining the latest security trends is the logical starting point, paying close attention to, for example, hacker tools, exploits, legislation, cybercrime news, and what private data encompasses and where it resides, all of which are conducive to achieving the IT culture required for the 21^st century. By adopting frameworks such as ISACA’s Business Model for Information Security (BMIS), organizations can implement a new level of security requirements; one such example is the UK Government, which adopted the concepts of BMIS and will be featured in a EuroCACS session. Sessions in this stream will feature security case studies, the latest threats and trends, guidance to prevent data leakage and more.

Regulations and Compliance

Evaluating compliance is a difficult job, and this stream reveals the most effective ways of completing it. Sessions include Emerging Standards in Software Security Assurance; Essentials of XBRL: The Emerging Financial Reporting Standard; PCI DSS 2.0: What the Standard Means for Companies; PCI DSS 2.0 Compliance: A Practical Approach; and Automating Security Configuration: Applying the US DoD Standard.

Social Computing, Social Networks and Human Factors

With the advent of social-networking and increased consumerisation, the workplace has now become an extension of an employee’s private life—albeit a slightly restrictive one. Social networking web sites have created many marketing and communication opportunities; however, there are also significant risks involved. This stream will delineate the pros and cons of social computing and social networks, and attempt to direct its attendees toward achieving an appropriate level of control within the business environment. Sessions will discuss the risks and benefits of social media, how to create an effective policy, and how to control the uncontrollable.

Six optional pre- and post-conference workshops are also available. For additional information, visit www.isaca.org/eurocacs.

Follow ISACA on Twitter at http://twitter.com/ISACANews.

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Imperva warns on the real insider security threat

2011-02-12T05:14:00.001-08:00

10^th February 2011 - The recently published 2011 CyberSecurity Watch Survey claims to show that 21 per cent of attacks on organisations are caused by insiders.

And, says Amichai Shulman, chief technology officer with data security specialist Imperva, the report also points out that the percentage of those viewing the insider attacks as more costly is up this year (33 per cent) on the 25 per cent reported last year.

"The report is also very interesting as it defines an insider as being an employee or contractor with authorised access, as well as noting that these types of attacks are becoming more sophisticated, where the user employs different Rootkits and hacking tools" he added. This is a significant shift, as so far insider attacks used to rely on very simple techniques and tools (available with any work station).

The Imperva CTO went on to say that there is a greater problem here that flies in under the radar, and does not seem to be included in the statistics.

This, he explained, centres on the threat of the individual who has no deliberate intention to cause the company any damage. Rather, the insider threat is mostly caused by an employee that collects information rightfully over time and the information is not removed when the employee leaves the company.

The danger here, says Shulman, is when the employee re-uses that data at their next place of employment, or, as sometimes happens, the data `leaks' from the employee's own computer.

Imperva's own street survey of over 1,000 UK employees found that 85 per cent of employees carry corporate data in their home computers or mobile devices, he said.

And, he added, 79 per cent of those surveyed revealed that their organisation does not have - or the employee is unaware of - any policy to remove company data from their laptop or other portable device when they leave the company.

Against this backdrop, Shulman recommends that, whilst companies scurry around to defend their digital assets against the apparent insider threat, they need to also need to defend against those members of staff who plan to take data with them when they move on to another organisation.

"Approaching a review of a company's security policies and controls from this angle means that the process is not as futile as some professionals think it is, but rather assesses and prioritises the largest risks in a logical manner," he added.

For more on the CyberSecurity Watch Survey: http://bit.ly/hMnzR2

For more on Imperva: www.imperva.com

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Tufin unveils new functionality & updated PCI DSS 2.0 compliance reporting

2011-02-12T05:13:00.001-08:00

TUFIN TECHNOLOGIES UNVEILS enhanced firewall operations management functionality and UPDATEd pci dss 2.0 compliance reporting

New Permissive Firewall Policy Optimization Features Enable Security Teams to Instantly Identify and Remediate Potential Policy Risks

London Feb. 9, 2011–Tufin Technologies, the leading provider of Security Lifecycle Management solutions, today unveiled version 5.3 of its award-winning Tufin Security Suite (TSS), which features enhancements that further accelerate Tufin’s market lead and significantly raises the bar for what any organization should expect from firewall operations, compliance and change automation solutions. Tufin will demonstrate its new release next week at the RSA Conference 2011 in San Francisco, in its Booth No. 2551.

The Tufin Security Suite is made up of two core products: SecureTrack, Tufin’s firewall operations, compliance and auditing product; and SecureChange Workflow, Tufin’s security change automation solution. Enhancements to SecureTrack include:

Enhanced Automatic Policy Generator (APG). SecureTrack’s Automatic Policy Generator enables administrators to instantly create a firewall rule base through analysis of firewall traffic logs. TSS 5.3 includes an enhanced, interactive interface as well as new features that enable security teams to rapidly diagnose and remediate excessively permissive security policy rules, including:

Permissiveness Score: APG now reviews security policies for firewalls, routers or other network devices and assigns a permissiveness score to every rule. With the permissiveness score, security teams can instantly identify and address potential risks.
Permissive Rule Optimization: APG provides specific recommendations on how to optimize overly permissive rules. Since there is a tradeoff between the degree of permissiveness and the number of rules generated, security managers can adjust the optimization level before and after the analysis.

Zone Manager. SecureTrack’s new Zone Manager provides a central interface for defining and managing network zones. All SecureTrack features access the zone manager, making it faster and easier than ever before to define reports and queries in SecureTrack. It is also possible to export zone definitions for use in other management systems.

PCI DSS Support for Industry Standard--Version 2.0. SecureTrack’s Payment Card Industry Data Security Standards (PCI DSS) Audit Report now supports the latest version of the industry standard, version 2.0. The automated report helps organizations address the requirements relating to firewall auditing, network security, data safety, access control, and accountability.

In addition to the latest advances in SecureTrack, Tufin’s SecureChange Workflow change automation tool is also updated to include an out-of-the-box API for integration with the popular BMC Remedy Change Management system. The enhanced API enables SecureChange Workflow to automatically update the enterprise change management system in order to comply with organizational change policies.

“As the leader in Security Lifecycle Management, Tufin has a broad customer base which works closely with us to identify product updates to keep up with their changing, complex firewall management and compliance needs,” said Ruvi Kitov, CEO and Co-Founder, Tufin Technologies. “With this new release, SecureTrack addresses the latest in firewall compliance and automation requirements as demanded by enterprises. Coupled with our recent announcement of next-generation firewall support, SecureTrack is today’s most comprehensive solution for firewall management.”

Availability and Pricing

The latest version of SecureTrack and SecureChange Workflow is available immediately. Pricing starts at $20,000.

™ is the leading provider of Security Lifecycle Management solutions that enable companies to cost-effectively manage their network security policy, comply with regulatory standards, and minimize IT risk. Tufin’s award-winning products SecureTrack™ and SecureChange™ Workflow help security operations teams to manage change and perform reliable audits while dramatically reducing manual, repetitive tasks through automation. Founded in 2005 by leading firewall and business systems experts, Tufin serves more than 700 customers in industries from telecom and financial services to energy, transportation and pharmaceuticals. Tufin partners with leading vendors including Check Point, Cisco, Juniper Networks, Palo Alto Networks, Fortinet, F5, Blue Coat, McAfee and BMC Software, and is committed to setting the gold standard for technological innovation and dedicated customer service.

For more information visit www.tufin.com, or follow Tufin on:

· Twitter at http://twitter.com/TufinTech

· Facebook at http://www.facebook.com/Tufintech

· LinkedIn at http://www.linkedin.com/companies/tufin-technologies

· The Tufin Channel on YouTube at http://www.youtube.com/user/Tufintech

· The Tufin Blog at http://www.tufin.com/blog

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Trusteer Secure Web Access prevents attacks that exploit smart phones

2011-02-12T05:10:00.001-08:00

Trusteer Secure Web Access Protects Enterprises from Smart Phone and Tablet-Based Attacks

Performs Security Assessment of Mobile Devices and Controls Access to Web Applications to Prevent Data Theft and Security Breaches

NEW YORK, Feb. 9, 2011 – Trusteer, the leading provider of secure web access services, today announced Trusteer Secure Web Access which enables organizations to protect their web applications, network and data from attacks that exploit insecure mobile devices. Trusteer Secure Web Access detects smart phones and tablets infected with, or at risk of infection from malware and prevents them from connecting to protected web resources. In addition, it provides real-time alerts to enterprises on the security status of each device that attempts to connect to resources and applications.

According to the RSA 2011 Cybercrime Trends Report, the number one trend this year will be mobile malware and the exploitation of mobile phones to commit fraud. The explosive growth of mobile devices as a general purpose computer “on the go” has made them an attractive target for cybercriminals to exploit. However it is not just consumers and their banks that must consider the risks of mobile malware. The consumerization of IT has laid the bridge for the crossover of consumer technology into the enterprise. Organizations are providing their employees with mobile devices, or employees are using their own personal devices to conduct work-related activities – potentially opening up a backdoor for malware to make its way onto the corporate network.[1]

Transparent Security for all Mobile Platforms

Tablets and mobile devices, most of which are not managed by corporate IT departments, are easily infected with malware and may be vulnerable to attack. Allowing these mobile endpoints to connect to enterprise resources via the web can expose sensitive corporate information to criminals and lead to network security breaches. Trusteer Secure Web Access ensures tablets and mobile devices requesting a connection to secure web applications are free from malware and security vulnerabilities. It supports all leading tablets and mobile devices including iPad, iPhone, Android, BlackBerry and more.

To enforce enterprise policies on mobile devices, Trusteer Secure Web Access assesses the security posture of each device requesting access to secure resources before it can connect to applications or the network. Trusteer evaluates whether the service is installed on the device, if any malware is present, and whether it has any unpatched vulnerabilities. Only devices that meet security policy requirements are allowed to connect to enterprise resources. In addition, the status of each device is logged and transmitted in real-time to the enterprise IT department. Trusteer Secure Web Access also allows organizations to define and apply access control policies based on the security status of the device, such as blocking access to all or only select resources.

“IT departments are under pressure from the executive suite all the way to the departmental level to allow employees to use tablets and mobile devices to connect to secure web resources,” said Mickey Boodaei, CEO of Trusteer. “The Trusteer Secure Web Access Service is an elegant, quick and easy to deploy solution for enterprises that want to minimize the threat associated with mobile device connectivity to business applications.”

“Many CISOs face a huge challenge when it comes to managing smartphones, and realize that they need to quickly and securely embrace this ever more popular endpoint or they could see their data and systems trashed by malware ridden devices,” said Nigel Stanley, Practice Leader- security, Bloor Research. “Secure access services are one way in which users can be encouraged to use their own smartphones while protecting the company network and hopefully make this one less thing a CISO need worry about”.

Availability and Pricing

Trusteer Secure Web Access is available immediately from Trusteer and its business partners worldwide. Pricing starts at $35 / £25 per device per year.

About Trusteer

Source: Eskenzi PR

[1] RSA 2011 Cybercrime Trends Report: http://blogs.rsa.com/sos/cybercrime-trends-for-2011-podcast-210/

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Venafi launches 1st universal automated management of all key certificates & keys

2011-02-12T05:08:00.001-08:00

Venafi Announces Director 6, First Platform to Automate Management of Widest Range of Encryption Key and Certificate Technologies Across the Enterprise

Venafi Encryption Director 6 Platform Allows Global 2000 Enterprises to Eliminate Unquantified and Unmanaged Risk, Improves Security and Compliance, and Increases System Availability

London – February 9, 2011 – Venafi, the inventor of and market leader in Enterprise Key and Certificate Management (EKCM) solutions, today unveiled Venafi Encryption Director 6™ (Director 6). Director 6 provides out-of-the box automated management capabilities for the widest range of digital certificate and encryption key technologies used by today’s enterprises, including symmetric keys, SSH keys, asymmetric keys and digital certificates. Recognized by Gartner as a “Cool Vendor,” Venafi provides the only platform that allows organizations to automate discovery, monitoring, validation, management and security of the most commonly used encryption assets. Designed specifically for the enterprise, Director 6 provides interoperability across heterogeneous environments, rapid scalability, and orchestration capabilities that improve security and compliance and increase critical system uptime. In addition to the already-available Certificate Manager™ product, the SSH Key Manager™ and Symmetric Key Manager™ products are being added to the Director 6 platform as separate offerings.

With over eight years experience delivering best-of-breed encryption management solutions to the world’s largest organizations in financial services, insurance, high tech, telecommunications, aerospace, healthcare, retail and other industries, Venafi delivers a true enterprise platform with management functionality that spans organizations’ diverse infrastructures, independent of the managed encryption asset or the complexity and size of the environment. Director 6 is a third-generation architecture that enables easy-to-deploy interoperability, scalability and orchestration across multiple encryption types, operating environments, certificate authorities (CAs), HSMs, applications, directories and other enterprise systems.

“Security, privacy and compliance are driving organizations to deploy encryption technologies at an almost hyper-aggressive pace. Unfortunately, encryption assets can turn into liabilities if managed improperly. One expired certificate can shut down critical systems, and one compromised key can open the gates to sensitive information and compliance violations,” said Richard Stiennon, noted author, speaker and principal analyst at IT Harvest. “Security and compliance initiatives are only going to be as effective as the people managing them, and those managers need to be equipped with powerful tools that allow them to do their jobs. Organizations that rely on encryption keys and digital certificates need to deploy solutions that will allow them to retain control over the thousands of keys and certificates deployed.”

“Venafi is recognized by our customers as the only security vendor that can fully automate EKCM processes and scale to their requirements,” said Jeff Hudson, CEO of Venafi. “Our innovative technology platform gives organizations the ability to solve the rapidly expanding encryption key and certificate security management problem, which has been highlighted by recent sophisticated attacks and breaches like the WikiLeaks and Stuxnet incidents. In addition, we enable our customers to achieve compliance with new regulations and standards. Recent studies show that key and certificate inventories are growing every year by more than 70 percent, and that 85 percent of those organizations surveyed admit to inadequate management of these critical security assets. Director 6 provides advanced management, access control and automation capabilities that significantly reduce the unquantified and unmanaged risk.”

Venafi Encryption Director 6 includes the following:

· SSH Key Manager™

· Certificate Manager™

· Symmetric Key Manager™

· Agent-based Onboard Discovery and Monitoring

· Advanced Management Partitioning across Firewall Boundaries

· Enhanced Operational Network Validation and Alerting

· Expanded Analysis and Reporting of Consolidated Key and Certificate Management Logs

· Actionable Key and Certificate Management Dashboard

Customers to speak at RSA Conference

During RSA Conference 2011, Monday, Feb. 14 through Thursday, Feb. 18, Venafi will be providing on-demand demonstrations of Director 6 in its booth (# 1843) during exhibition hours. Register to attend the RSA Conference case-study session where two Venafi customers—a Fortune 250 financial services payment-processing company and a Fortune 100 high-tech products and services company—will share their experiences in managing encryption keys and certificates across their large enterprise environments. For a free exhibition floor pass, visit the RSA Conference 2011 website and use code EC11VNF.

Product Availability

Venafi Encryption Director 6, with available products Symmetric Key Manager™, Certificate Manager™ and SSH Key Manager™, will ship in the second quarter of 2011. For more information on Director 6 visit www.venafi.com/Director6.

Venafi is the inventor of and market leader in Enterprise Key and Certificate Management (EKCM) solutions. Venafi delivered the first enterprise-class platform to automate the provisioning, discovery, monitoring and management of digital certificates and encryption keys—from the desktop to the datacenter—built specifically for encryption management interoperability across heterogeneous environments. Venafi products reduce the unquantified and unmanaged risks associated with encryption deployments that result in data breaches, security audit failures and unplanned system outages. Venafi customers include the world's most prestigious Global 2000 organizations in financial services, insurance, high tech, telecommunications, aerospace, healthcare and retail. Venafi is backed by top-tier venture capital funds, including Foundation Capital, Pelion Venture Partners and Origin Partners. For more information, visit www.venafi.com.

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Safer Internet Day - The role of Security within Social Networks

2011-02-09T10:24:00.001-08:00

Amichai Shulman – CTO and co-founder of Imperva

Last week researchers unveiled a “dating database” consisting of 250,000 users. This was not just any ordinary dating site where one registers to and agrees to post their information. Rather, the dating profiles were based on public information that the researchers gathered from Facebook profiles. Many people at this point cried out “Privacy!”. However, let us take a step back and remind ourselves that it is these users who were not concerned to publically publish their data in the first place! By consenting to Facebook’s term of services, they are actually agreeing to relinquish their information to a public website. With this in mind, it may be safe to say that if a user indicates their religion, or ethnicity, on Facebook they do so because they want other users to know this information and are willing—even implicitly—to take the chance that a (hypothetical) racial classification application will have access to it as well. It may also be safe to say that people who post a named defamation of their boss on their wall—or their friend’s wall —are willing to take the chance that their boss may see the post. That is the essence, or rather lack thereof, of privacy.

In terms of social networks, it is security which we need to be wary of. Security controls the way in which people use the information of others. It is a way to ensure that people cannot invoke functionality on behalf of other users, and that delinquents cannot use the system to distribute malware. It is a way to make it difficult to hack into someone’s account using a brute-force attack. Security enables us to integrate social networking applications into our business environment without affecting the integrity and confidentiality of business data.

In today’s social networking platform, security is the threat. Web 2.0 vulnerabilities are quickly translating into massive worm out breaks. One such example is the notorious Koobface worm which is still propagating even though researchers have been attempting to contain it for the last few years. Even basic best practices, such as the use of SSL for authentication purposes, are not closely followed.

Nevertheless, we are starting to feel the winds of change. Recently, Facebook made changes to account SECURITY to reduce account hijacking incidents. Just a few weeks ago a new authorization scheme was put in place that requires one to identify their friends in case of an alleged account take-over. As social networks attempt to increase their user base, penetrate the business environment, and roll out new services (such as Facebook’s new webmail) we should expect social platforms to invest more resources in improving the SECURITY posture of the platform. These measures will provide improved protection against application layer attacks, stronger authentication and account control features, and better malware detection systems.

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

`What are the banks not telling us about card fraud?’ asks Lieberman Software

2011-02-09T10:21:00.001-08:00

[Or isn't it strange the number of major bank hacking cases where the defendant(s) plead guilty...]

Reports that a Russian hacker has pleaded guilty of ripping off WorldPay, the online transaction processor, to the tune of $10 million, have met with a grim smile by Lieberman Software, the identity management specialist.

According to Phil Lieberman, the firm's president, the methodology used by the 27-year-old hacker is a potential worst-case scenario that he and his team warn potential and existing clients about.

"Not only did this guy manage to hack into WorldPay's systems back in 2008, but he then altered the parameters of the merchant accounts and boosted their online daily limits. From there he withdrew large amounts of cash from ATMs as he travelled the world," he said.

"The case is a fascinating one as, by pleading guilty, it's unlikely we'll ever find out how this team of hackers managed to stiff the former RBS card processing division for an incredibly large sum of money," he added.

When you think about it, the only way that Yevgeny Anikin could have increased the withdrawal limits on the merchant accounts was by gaining access to an internal management account with the card processor, he went on to say.

The whole affair smacks of a lack of security on privileged accounts, which is an area of security in which we specialise, he explained.

As with all major card frauds of this type, however, this case involves the hacker ringleader pleading guilty, thereby preventing the actual processes used by the fraudsters(s) being revealed in an open court.

"We've been through our fraud records and are finding it difficult to come up with a major card fraud case involving hacking where the fraudster(s) have pleaded not guilty, and the case has gone to court," he said, adding that time after time, the fraudsters mysteriously plead guilty, are sentenced and the financial institution gets away without revealing the chinks in their electronic armour.

What are the possibilities of that happening? he asked.

"Quite low, actually, especially when you realise that this case was heard in a Siberian court, in a country where all sorts of unusual results come out of the courts, such as political rivals of President Putin mysteriously being incarcerated for years on end," he said.

"The bottom line is that you don't have to be conspiracy theorist to piece together what is happening: the card processing system is far from being infallible, and the banks are going to great lengths to avoid exposing how insecure their systems really are in an open court," he added.

"Of course, if I'm wrong, I'll be perfectly happy to discuss this issue with WorldPay or any other financial institution whose systems have been hacked and defrauded - and where the criminals have pleaded not guilty."

For more on the Russian $10 million card fraud case: http://bit.ly/h6K5xl

For more on Lieberman Software: www.liebsoft.com

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

DES Offers Free Encryption

2011-02-09T10:19:00.001-08:00

DES raises the bar for cost effective data security with new features and licensing model

Taunton, UK, February 2011 – Data Encryption Systems Limited (DES), the UK-based leader in software copyright protection, data encryption, secure messaging and data storage solutions and winner of Computing Security's Encryption Product of the Year 2010, has today announced that it is offering its market leading encryption solution, DESlock+ Personal Edition, to home users for free. The company has also introduced 2 new features for the DESlock+ Standard Edition, including removable media encryption and portable encryption, as well as moving to a per user licensing structure, giving more flexibility to mobile workers.

Paul Jackson, Head of Business Development at Sigma Software Distribution, one of the UK’s main distributors of DESlock+, comments: "Companies need to account for every penny and by adding extra features to the standard product and reorganising its licence structure, DES has really taken this on board. DESlock+ would be a great choice for a company with mixed requirements as it caters for mobile workers while still offering a cost-effective solution for desktop workers. It's great to see a company that thinks about its customers requirements and aligns its offering to suit these needs."

DESlock+ has previously been licenced on a per system basis, meaning the licence was registered to an individual system. This has now changed and licences will now be registered to the actual user. As a result, anyone with a licence for the DESlock+ PRO or DESlock+ Standard Edition will be able to put a copy of the software on their own home PCs for business use, giving them DESlock+ security at home as well as in the office, at no extra cost.

David Tomlinson, Managing Director for DES, comments: “We always try to think about how people actually work when we design our products and today it’s clear that people are no longer confined to the office. With laptops, hot-desking, portable media and USBs, the mobile working revolution is here and here to stay. We have therefore adapted our offering to align with evolving business needs.”

The DESlock+ Personal Edition is the only free FIPS 140-2 approved encryption product available on the market. It helps to protect organisations from data breaches by offering extremely powerful encryption for emails, files and folders, virtual discs and archives. The product includes a Desktop Shredder for the safe destruction of sensitive information and works using DESlock+’s unique key sharing technology, which allows the safe transfer and sharing of information.

The DESlock+ Standard Edition is aimed at business desktop computers and includes all the features listed above for the Personal Edition, along with Policy-driven Removable Media Encryption. This allows administrators to ensure that any data written to a USB disk or Flash drive is encrypted. DESlock+ Go, a portable encryption system which allows protected USB sticks to be used on unprotected systems where required, has also been introduced into the Standard version. These new features give desktop users more freedom to move information outside of the office.

The DESlock+ PRO Edition is aimed at protecting laptops and desktops in less secure locations. DESlock+ Pro includes the features of the Standard Edition as well as Full disk Encryption (FDE), providing total cover against unexpected events and compliance with various directives and regulations.

Tomlinson continues: “By offering customers removable media encryption and portable encryption with the standard licence, and combining this with a per user licence structure, workers can take encrypted work home with them and work on their own PC. We also offer full disk encryption as part of our PRO licence and are actually giving away free personal licences, so there really is something for everyone. We will also be making some more product announcements in the next few weeks as we launch our Enterprise Server to help with improved management, so watch this space.”

DES’s Enterprise Server is due for the release towards the end of February. The Enterprise Server will allow remote control administrators to manage users encryption keys through the internet through its centralised management software. This is yet another step undertaken by DES to ensure that home and mobile working remains secure and does not present a gap in compliance.

For those customers interested in purchasing a DESlock+ licence, or downloading a free version of its Personal Edition, please visit the website: www.des.co.uk. The website also provides customers with an overview of specific industries and directives with its series of compliance guides, to help organisations to better understand their security requirements.

Since 1985, Data Encryption Systems has been the UK’s most successful manufacturer of software protection dongles, software copyright protection systems, secure handset reprogramming accessories. Data Encryption Systems markets and supports products used by tens of thousands of businesses worldwide to protect applications, copyrighted materials, medical records, government files and other confidential and personal information. The company’s flagship product, DESlock+, has been awarded SC Magazine’s Best Buy for three successive years and was also the winner of Computing Security's Encryption Product of the Year 2010.

Source: C8 Consulting Ltd

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Tufin introduces next generation firewall management solution

2011-02-09T10:16:00.001-08:00

TUFIN TECHNOLOGIES INTRODUCES the industry’s first COMPREHENSIVE Firewall MANAGEMENT AND AUDITING solution FOR NEXT-GENERATION FIREWALLS

Tufin Extends the Scope of its Firewall Operations Management Solution Tufin Security Suite 5.3 to Support Palo Alto Networks Market-Leading Next-Generation Firewalls

RAMAT GAN, Israel & London Feb. 2011–Tufin Technologies, the leading provider of Security Lifecycle Management solutions, today announced it is the first firewall management company to offer comprehensive support for next-generation firewalls from market leaders such as Palo Alto Networks.

The latest update of SecureTrack – Tufin’s firewall operations, auditing and compliance product – introduces the industry’s first solution that provides network security teams with seamless, comprehensive management and auditing capabilities for both next-generation and network-layer firewalls. Palo Alto Networks customers can now benefit from improved management, policy analysis and reporting found in the Tufin solution.

Announced today, Tufin’s support of Palo Alto Networks firewalls will be jointly demonstrated next week at the RSA Conference 2011 in San Francisco – in Tufin’s Booth No. 2551, and in Palo Alto Networks’ Booth No. 2145.

“Tufin SecureTrack has enabled us to streamline our existing firewall rule sets, and has helped us enhance our compliance program with comprehensive reporting of changes,” said Craig Hanrahan, Sonus Networks senior manager of IT infrastructure. “With Palo Alto Networks, having one device do as much as it does keeps us from the complexity of multiple devices, and its AppID keeps us from having to create a bunch of application rules or worrying about every port. Tufin’s new support of Palo Alto Networks is helpful because it supports all the log types of Palo Alto Networks. The visibility we gain with Tufin into the effects of rules changes and managing these changes within Palo Alto Networks will help us down the road, as well.”

Palo Alto Networks' next-generation firewalls are unique in the industry in their ability to see and control applications, users and content – not just ports, IP addresses and packets. Palo Alto Networks' next-generation firewalls enable enterprises to create granular, business-relevant security policies and safely control applications instead of the block-or-nothing approach offered by traditional port-blocking firewalls.

The new Tufin SecureTrack makes it easier to manage next-generation firewalls and meet auditing and compliance requirements. In a wide variety of views, policy analysis queries, and compliance audit reports, SecureTrack uniquely enables security teams to identify firewall policy rules according to advanced, application-layer identification technology.

“Tufin SecureTrack is a highly complementary management layer to our core value proposition, which is to help organizations gain visibility and control of applications, users, and content within their networks,” said Punit Minocha, Palo Alto Networks VP of Business and Corporate Development. “Our mutual customers can gain more robust operations management, auditing and compliance for their network infrastructure.”

SecureTrack’s comprehensive support for Palo Alto Networks also includes:

· Support for both physical and virtual systems, including shared objects between virtual systems.

· Support for Palo Alto Networks Panorama central management system’s global rules and objects that are shared among multiple physical or virtual firewalls.

· Real-time change tracking of Palo Alto Networks’ content updates.

“Palo Alto Networks has realized significant growth and has been a shining star in the network security industry over the years,” said Shaul Efraim, Tufin VP of Products, Marketing and Business Development. “We saw strong demand from customers and channel partners for support for Palo Alto Networks in our Tufin Security Suite. We are committed to supporting customers and channel partners, and quickly responded to this need to enhance our award-winning Security Lifecycle Management Security Suite.”

Availability and Pricing

SecureTrack support for next-generation firewalls, including Palo Alto Networks, is available immediately. Pricing starts at $20,000.

About Tufin Technologies

Tufin™ is the leading provider of Security Lifecycle Management solutions that enable companies to cost-effectively manage their network security policy, comply with regulatory standards, and minimize IT risk. Tufin’s award-winning products SecureTrack™ and SecureChange™ Workflow help security operations teams to manage change and perform reliable audits while dramatically reducing manual, repetitive tasks through automation. Founded in 2005 by leading firewall and business systems experts, Tufin serves more than 700 customers in industries from telecom and financial services to energy, transportation and pharmaceuticals. Tufin partners with leading vendors including Check Point, Cisco, Juniper Networks, Palo Alto Networks, Fortinet, F5, Blue Coat, McAfee and BMC Software, and is committed to setting the gold standard for technological innovation and dedicated customer service.

For more information visit www.tufin.com, or follow Tufin on:

· Twitter at http://twitter.com/TufinTech

· Facebook at http://www.facebook.com/Tufintech

· LinkedIn at http://www.linkedin.com/companies/tufin-technologies

· The Tufin Channel on YouTube at http://www.youtube.com/user/Tufintech

· The Tufin Blog at http://www.tufin.com/blog

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Infosecurity Europe 2011 Hall of Fame nominations now open

2011-02-06T01:01:00.001-08:00

London UK, February 2011 – The time is ripe to elevate the greatest movers and shakers in the world of information security as nominations for the Infosecurity Europe 2011 ‘Hall of Fame’ open.

For the last 3 years the medal of honour of the information security world has been presented to speakers of high renown with the ‘Hall of Fame’ at Infosecurity Europe. Voted for by fellow industry professionals the recipients of this most prestigious honour stand at the vanguard of the technological age. Possessing a wisdom that can only be gained through experience at the frontiers of the industry, any inductee to the Hall of Fame is guaranteed to impress, as the adorned walls of previous shows testify.

Previous speakers have included some of the world’s leading thinkers in information security. To whet your appetite the winners of 2010 featured Prof Fred Piper, Lord Erroll, Eugene Kaspersky, Charlie McMurdie, Stephen Bonner and Ed Gibson, all of whom delivered thrilling speeches to a captivated audience. To view all previous speakers, along with a short biography, you can visit the Infosecurity website: www.infosec.co.uk/page.cfm/Link=769/nocache=true

The 2011 Hall of Fame will be conducted in the Keynote theatre where the eventual speakers, whittled down by two stages of nominations, will address other industry professionals in what always proves to be a compelling and exhilarating event.

The conditions that must be met, to ensure that the nominees are cut above the rest, are as follows.

They must:

· Be an internationally recognised and respected Information Security practitioner or advocate

· Have made a clear and long-term contribution to the advancement of Information Security

· Have provided intellectual or practical input that has shifted the advancement of Information Security

· Be an engaging and revolutionary thought leader in Information Security

The Hall of Fame has proven to be the highlight of previous shows and this year is no different. Setting the standard for other industry professionals and defining contemporary issues, the Hall of Fame speakers aim to challenge conventional thought with a mix of pragmatism and provocation. It really is the must see event of the year.

To nominate speakers, voters can go to www.infosec.co.uk/fame and make up to five nominations, accompanied by a short reason for their chosen speaker.

Infosecurity Europe, celebrating 16 years at the heart of the industry in 2011, is Europe’s number one Information Security event. Featuring over 300 exhibitors, the most diverse range of new products and services, an unrivalled education programme and visitors from every segment of the industry, it is the most important date in the calendar for Information Security professionals across Europe. Organised by Reed Exhibitions, the world’s largest tradeshow organiser, Infosecurity Europe is one of five Infosecurity events around the world with events also running in Belgium, Netherlands and Russia. Infosecurity Europe runs from the 19^th – 21^st April 2011, in Earls Court, London. For further information please visit www.infosec.co.uk

Source: Infosecurity PR/Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Huddersfield NHS laptop loss highlights need to protect data

2011-02-04T08:40:00.001-08:00

Credant says latest NHS laptop loss highlights need to protect data on portable elements of integrated IT systems

3^rd February 2011 - Reports that Huddersfield health officials have launched a high-level enquiry after a laptop containing 1,500 patient records was stolen, has been met with incredulity by Credant Technologies.

According to Sean Glynn, the endpoint data protection specialist's vice president, unlike most NHS laptop thefts, the notebook was not used as a portable and/or standalone device, but apparently formed an integral part of Calderdale Royal Hospital's electromyography scanning system.

"This probably means that the health trust didn't apply its usual risk management procedures to the device, since it ostensibly formed part of the EMG patient scanning system. The data on the system should, however, have been encrypted, if only to prevent prying eyes looking at the patient records, especially since this was a scanner looking for a potentially serious clinical condition," he said.

"What the case highlights is the fact that patient data within the NHS needs to be protected at all times, preferably using encryption, but also, where the IT system has components - such as a laptop in this case - much higher levels of security clearly need to be employed," he added.

And, he went on to say, since the EMG scanner was located in a public place, namely a hospital, with members of the public wandering in and out, the laptop should have been both physically and electronically secured, to prevent theft.

This, says the Credant vice president, clearly didn't happen, meaning that that the trust's patient data and IT security policies were broken on several fronts.

"It's no wonder that the local press in Huddersfield is reporting that the health trust has launched a full investigation. This wasn't a routine case of a laptop being stolen due to a member of staff's carelessness," he said.

"Managers should have performed a full risk analysis, and defended both the scanner’s portable component - in this case a valuable laptop - and even more importantly, the confidential patient data it contained. This is a serious lapse of NHS security policies," he added.

Glynn noted that Credant's summer 2010 research into portable data security threats - and which took in the views of 277 IT security professionals - showed that laptop and other portable data-carrying devices are the security equivalent of a ticking time bomb.

"With 11 per cent of respondents to that survey having experienced a data breach early last year, it's clearly a case of not if, but when, a laptop is likely to be stolen in a public-facing environment," he said.

"The fact that the laptop was probably classed as a medical scanner component, rather than a portable device, did not matter a jot to the thief. A laptop is a laptop, and laptops can - and do - go walkabout with annoying frequency," he added.

For more on the Huddersfield NHS laptop fiasco: http://bit.ly/fOEGol

For more on Credant: www.credant.com

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Innovative software solutions to reduce business energy and printing costs

2011-02-04T08:38:00.001-08:00

New green technology from Avanquest to offer SoHo and SMBs a cost effective alternative to improve environmental efficiency

Avanquest Software Publishing, a leading developer and publisher of business and consumer software for the global PC market, has added two new editions to its Green Technology software range. Energy Saver Eco and Print Saver Eco provide businesses and individuals with easy and cost effective solutions to reduce energy consumption bills and save on printer ink costs.

“Using energy efficiently within a business will not only reduce environmental impact but also has the potential to offer significant cost savings,” states Dave Brass, Managing Director of Avanquest Software Publishing. “A resource-efficient business can improve reputation among existing customers, employees, investors, stakeholders and suppliers as well as offering value for attracting prospective new customers.”

Energy Saver Eco automatically adjusts and optimises the power and temperature of a PC’s processor through an ‘Efficient Power’ function to enable users to benefit from up to 40% of electricity savings. It manages the stand-by parameters of the Windows operating system and instantly regulates the processor’s power without delay, according to the programs and functions that are in use. Consequently, tasks that require different speeds such as word processing, picture editing and video exporting can be completed without wasting energy.

The stand-by system offered by Energy Saver Eco ensures that a computer does not consume energy unnecessarily while it is not in use by enabling users to set stand-by functions for both day and night. ‘Simple’ stand-by mode stores data in RAM, consumes very little energy and allows for a very rapid exit, while ‘Extended’ standby writes the data to the hard drive, still consumes little energy and enables a quick restart of the PC.

Print Saver Eco enables users to manage printer ink ratios to prevent unnecessary waste, encourage savings and extend the life of cartridges by reducing the amount of ink used by up to 75%, while still maintaining print speed efficiency and final print quality. Compatible with any printer, as well as printers shared over any Local Area Network, the software sits in the system tray when activated and works in the background so no adjustments need to be made each time printing is required.

With Print Saver Eco users can specify preferred ink saving ratios using the Ink Saving Option window and then keep up to 100 of them as ‘Profiles’, which can be activated in just one click for easy and convenient future use. The software also allows users to monitor how much money they are saving on ink via the savings calculator function and by saving a printing log as a .csv file to track savings and printing history.

Energy Saver Eco enables companies to:

· Save up to 40% on their energy bills

· Know their IT consumption figures

· Ensure that all PCs are placed on standby when not in use

· Optimise their energy strategy on the basis of known use

· Provide each user with the computing power needed in real time

Print Saver Eco offers businesses the opportunity to:

· Save up to 75% on the amount of ink they use

· Know their ink consumption figures

· Monitor print history and track savings via a printer log

· Use data provided to report on environmental strategies

· Contribute towards environmental responsibility

Sales information:

Energy Saver Eco: RRP £34.63 inc VAT

Print Saver Eco: RRP £30.62 inc. VAT

Trial versions are available via ESD from: www.avanquest.com/uk

Resellers interested in selling these products should visit www.resellers.avanquest.com or contact Avanquest B2B sales on: 01480 359405.

System requirements for Print Saver Eco:

Microsoft Windows^®2000, Windows XP, Windows Vista^™ (32-bit & 64-bit) and Windows 7 (32-bit & 64-bit), RAM: 256 MB minimum hard drive space, minimum of 5 MB for installation.

System requirements for Energy Saver Eco:

Microsoft Windows^® XP, Windows Vista^™ (32-bit & 64-bit), Windows XP (64-bit) and Windows 7 (32-bit & 64-bit), 1.0 GHz processor. 512 MB RAM, 10 GB hard disk (requires 5 Mb free disk space),

.NET Framework 2.5.

Avanquest Software is one of the world’s leading software developers and publishers, with operations in Europe, North America and China, and marketing its software titles through Retail, Corporate, OEM and Direct-to-Consumer channels. The company is committed to innovation in the design, development and publishing of world-class, easy-to-use and affordable software. Avanquest Software is listed on Euronext (ISIN FR0004026714) since December 1996. Additional information is available at http://www.avanquest.com or http://about.avanquest.com.

Source: Media Safari

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Talk of Intel developing IT security game-changer is premature says Tufin Technologies

2011-02-04T08:36:00.001-08:00

Tufin Technologies says that reports of Intel developing an `IT security game-changer' that will reportedly stop zero-day security attacks should be tempered with the reality that many company PCs in use today will still be in active use in five years’ time.

According to Michael Hamelin, chief security architect with the security lifecycle specialist, whilst Intel has been something of a chip pioneer ever since the earliest days of PCs, the reality is that a new chipset - no matter what its features - will still have to replace the hundreds of millions of legacy computers in active use around the world.

"Most companies work on a two or three-year cycle for their computers, so even if Intel unveiled a zero-day killer chip architecture this summer, it probably won't reach PC store shelves until much later in the year," he said.

"That means you are probably looking at a 2014/2015 timeframe before most corporates upgrade their PCs to the new architecture, and around the latter part of the decade before most companies have moved on up," he added.

Citing the example of quad-core processor-based PCs still very much in the minority, largely owing to the cost of deploying such machines in the corporate world, Tufin's chief security architect said it could be even longer than this before a generation of Intel-based zero-day protected PCs begin to reach a majority in the workplace.

You only, he explained, have to look at the success that the Dell Optiplex series has had in the workplace since their widespread introduction in the mid-2000. Many call centres still use these machines owing to their modularity and ease of deployment.

Hamelin went on to say that Intel's AntiTheft (AT) technology is a classic case in point, as, although the chip technology has been discussed for some time, its implementation is still quite scarce in the computer world.

It is, he said, excellent to hear that Intel is developing next-generation chip architectures that support security features on an on-chip basis, but the reality is that there are many hundreds of millions of legacy PCs in day-to-day usage in companies around the world.

"There will also be large numbers of PC sold this year with quite mundane non-AT specifications. Even with the most attractive security technology ever seen, companies are not going to flock to buy new computers - they're going to amortise their existing systems," he said.

"And with an amortisation cycle for a typical company PC being measured in years, we think that any talk of Intel developing a game-changer in the computer security business is a little premature," he said.

For more on Intel's forthcoming IT security system: http://bit.ly/heKt72

For more on Tufin Technologies: www.tufin.com

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

SOURCEFIRE’S IMMUNET ANTI-MALWARE SOLUTION DELIVERS

2011-02-01T08:50:00.001-08:00

SOURCEFIRE’S IMMUNET ANTI-MALWARE SOLUTION DELIVERS 100 PERCENT PROTECTION IN INDEPENDENT TEST OUTPERFORMING ALL COMPETITORS

Malware Research Group Testing Shows that Immunet Delivers Industry’s

Best Protection Against “In the Wild” Threats

Wokingham, UK, 1^st February 2011 -- Sourcefire, Inc. (Nasdaq: FIRE), the creator of Snort® and a leader in intelligent cybersecurity solutions, today announced that in a recent independent test, its cloud-based anti-malware solution Immunet successfully protected against 100 percent of malware attacks, outperforming all competitors.

“Malware Research Group conducted an extensive test of every leading anti-malware solution and put them through their paces against potentially malicious applications located in the wild,” said Sveta Miladinov, Founder & CEO of Malware Research Group. “Immunet was the only solution to pass our test with 100 percent detection, which is quite a feat when you look at the testing environment and the solutions it was pitted against.”

In real-world scenarios, the Malware Research Group compared the ability of 20 anti-malware solutions to detect 15 rogue or “potentially unwanted applications” (PUAs), ranging from non-malicious, minimal functionality applications to software designed to steal financial information. In comparing the ability of anti-malware solutions to detect these applications, it simulated real-world user experiences, which highlighted each solution’s ability to detect potentially damaging software in real time. Immunet was the only solution to protect against all 15 applications tested and was unrivaled by any other solution.

“The Malware Research Group created a testing scenario that maps the challenges users face on a daily basis, so that organisations can use these results to inform their anti-malware strategies and improve their protection efforts,” said Martin Roesch, Sourcefire’s CTO and Founder. “We are proud of Immunet’s performance, as it validates our cloud-based approach and the power of our collective user base in protecting the entire Immunet community against the latest potential malware.”

Immunet combines the collective intelligence of a growing user community, the speed of cloud computing, advanced data mining and machine learning technologies to provide a groundbreaking approach to cybersecurity.

Sourcefire, Inc. (Nasdaq:FIRE), is a world leader in intelligent cybersecurity solutions. Sourcefire is transforming the way Global 2000 organisations and government agencies manage and minimise network security risks. Sourcefire’s IPS, Real-time Network Awareness and Real-time Adaptive Security solutions equip customers with an efficient and effective layered security defense – protecting network assets before, during and after an attack. Through the years, Sourcefire has been consistently recognised for its innovation and industry leadership by customers, media and industry analysts alike – with more than 50 awards and accolades. Today, the name Sourcefire has grown synonymous with innovation and network security intelligence. For more information about Sourcefire, please visit http://www.sourcefire.com.

Media Source: C8 Consulting Ltd

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Lieberman Software and Q1 Labs Partner to stop insider threats

2011-02-01T08:47:00.001-08:00

Joins Q1 Labs Security Intelligence Partner Program

London – February 1, 2011 Organisations seeking to eliminate the potential for anonymous employee access to sensitive data are extending their Security Information and Event Management (SIEM) platforms through the addition of privileged identity management (PIM) solutions. The combined technologies provide enterprises with enhanced monitoring, visibility and management of the powerful privileged accounts that allow unaudited access to nearly every system, business application, database, Web service and network appliance throughout large organisations.

To help customers accomplish these objectives Lieberman Software Corporation, the Pioneers of Privileged Identity Management^SM, has been certified by Q1 Labs for its Security Intelligence Partner Program. The certification allows Lieberman Software to integrate with Q1 Labs’ open security intelligence protocols – LEEF and AXIS - to identify security threats and anomalies.

Enterprise Random Password Manager™ (ERPM), Lieberman Software’s flagship PIM solution, automates the tasks to locate, inventory, organise and manage the thousands of privileged account passwords dispersed throughout large enterprise environments. ERPM works with Q1 Labs’ QRadar Security Intelligence Platform to correlate security and event data and provide oversight control of elevated privileged accounts.

With this new integration all ERPM password check-out/check-in and credentials changes are visible in Q1 Labs’ QRadar, as are successful and failed password verifications. Q1 Labs’ QRadar SIEM tracks and correlates all privileged account activities, letting users monitor and respond to issues from within the QRadar Security Intelligence Operating System interface. Customers benefit from being able to accurately observe all actions taken by privileged users and can provide this information to security auditors in the form of detailed, customisable reports created with a few mouse clicks.

“This integration is closing the loop on event management by providing visibility into the real-time ownership and delegated access to sensitive accounts that appear in Q1Labs’ gathered events,” said Philip Lieberman, president and CEO of Lieberman Software. “With this 360 degree view of security events Lieberman Software and Q1 Labs can show not only what is happening, but also who is behind the activity – effectively ending anonymous access to privileged accounts.”

SIEM - PIM: Why It’s Important

SIEM software collects and correlates log information from systems to track intrusion detection, normal and abnormal job operations, credentials abuse and other security events. Almost any system or application activity, success or failure can generate messages for the SIEM system. SIEM actions can trigger email, text message, trouble ticket and other human notifications. Or they can generate application-oriented actions like stopping jobs, restarting systems, blocking IP addresses and other IT operations that can typically be scripted.

PIM solutions manage the accounts that allow privileged access in the network. Privileged accounts hold elevated permission to access files, install and run programs, and change configuration settings. They exist on virtually every IT resource in the organisation. Organisations that do not manage their privileged accounts risk having unauthorised users or malicious programs compromise just one password and gain unrestricted access to sensitive data on the network.

Lieberman Software’s ERPM is the first product in the PIM field capable of automatically discovering, strengthening, monitoring and recovering all of the privileged passwords in the cross-platform enterprise. When paired with Q1 Labs the solution provides unparalleled insight into non-interactive use of privileged identities.

Tom Turner, senior vice president of marketing and channels for Q1 Labs said: “With more than a decade of experience in the security industry, Lieberman Software’s commitment to providing a truly secure password management solution made it a perfect fit for the Security Intelligence Partner Program. Lieberman Software has taken the next step in achieving its mission of building the privileged account password management space, ensuring its place in the intelligent security infrastructure.”

The ERPM-Q1 Labs integrated solution is available now. For more information see www.liebsoft.com/q1labs_integration.

Lieberman Software provides privileged identity management and security management solutions that protect the multi-platform enterprise. By automating time-intensive IT administration tasks, Lieberman Software increases control over the computing infrastructure, reduces security vulnerabilities, improves productivity and helps ensure regulatory compliance. As Pioneers of Privileged Identity Management^SM Lieberman Software not only developed the first software solution to address this need, its products continue to lead the market in features and functionality. The company is headquartered in Los Angeles, CA with an office in Austin, TX. For more information, see www.liebsoft.com.

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Data governance and leaks drives Varonis growth

2011-02-01T08:45:00.001-08:00

Varonis customers ENJOY peace of mind ABOUT THEIR DATA while the company rockets to a FIFTH year of consecutive growth

“With the amount of data we need to manage, it’s physically impossible to do it manually without a solution like DatAdvantage® and be 100 percent confident that it’s accurate. Varonis gives us peace of mind.” - James Herbert, HIT Entertainment

New York – Feb. 1, 2011 – Varonis Systems Inc., the leading provider of comprehensive data governance software, announced today it achieved its fifth consecutive year of record growth. In 2010, the company grew sales 63 percent year-over-year from 2009, increased its worldwide licensed installations to more than 3,500 and added 340 new customers, bringing the number of organizations and agencies that use Varonis to manage and protect their data to 940 globally.

“While our team is very pleased with the continued momentum and how rapidly our new products are being adopted by our install base and new customers, our focus remains on the underlying drivers of our growth – organizations throughout the world need to collaborate digitally without fear of their sensitive data being exposed,” said Ohad Korkus, executive vice president of engineering, chief technical officer and co-founder. “We continue to experience hyper-growth because our software is engineered to enable safe and efficient digital collaboration without disrupting existing business processes. Almost every organizational workflow is becoming digital, yielding massive gains in productivity. By automating data governance activities, we see the same boost in productivity while ensuring only the right people have access to the right data.”

Eighty percent of the world’s data is unstructured (documents, spreadsheets, presentations, emails, images, video, audio, etc.) and it’s growing by 50-plus percent every year according to Gartner. While digital collaboration introduces efficiencies, it also exponentially increases the risk of data exposure as cross-functional teams access more and more data sets. The complexities of collaboration and volumes of data simply overwhelm organizations that try to protect their data manually. By automating manual data governance processes, risk is reduced as are labor costs. The high-profile security breaches that have occurred in the past year have shown that companies must be proactive in automating management and protection of their data by systematically restricting access to sensitive data, and monitoring its use and potential abuse.

“Varonis has enabled us to remove the risks associated with data permission changes within our IT environment,” said Colin Lennox, technical services manager at Baillie Gifford. “Employees with responsibility for sensitive and critical data now have confidence that there are no security exposures. As an organization, we can prove to our regulators that our IT controls are stringent and that we are providing effective protection around our data."

Varonis customers have the ability to completely standardize unstructured and semi-structured data protection and management on their file systems, NAS, SharePoint sites and Exchange mailboxes with the Varonis® Metadata Framework™ technology that forms the foundation of Varonis software. Organizations can effectively and automatically manage data access control, audit, ownership, classification, entitlements and authorization processes on the platforms that host unstructured and semi-structured data. The Varonis® Metadata Framework™ enables organizations to expand digital collaboration boundaries safely while at the same time significantly increasing IT workforce productivity for daily data protection and management tasks.

“Varonis is set for a further period of growth in the coming year as more organizations recognize data access and usage monitoring, permissions management and revocation, identification of data at risk, and finding data owners and classifying data no longer need to be done manually,” said Yaki Faitelson, chief executive officer, president and co-founder of Varonis Systems. “The instinctive reaction of many to inappropriate data access is to try and lock down all data — that is not only impossible, it is unnecessary. What was previously impossible is now possible through the intelligent use of metadata and data governance automation.”

From mid-tier businesses to government agencies and global enterprises, Varonis customers immediately see where their critical data resides, who is accessing it, who owns it, who has access to it, who should and should not have access to it, and then take action through quick revocation of excessive access controls and simplified data management processes.

Leveraging Metadata Technology

Collecting, analyzing and presenting metadata - data about data (or information about information) - for decision making and automation is a monumental engineering task. A critical part of limiting and automating access is the ability to leverage metadata. When it comes to identifying sensitive data and protecting access to it, a number of types of metadata are relevant: user and group information, permissions information, access activity, and sensitive content indicators. A key benefit to leveraging metadata for preventing data loss is that it can be used to focus and accelerate the data classification process. In many instances, the ability to leverage metadata can speed up the process by up to 90 percent, providing a shortlist of where an organization’s most sensitive data is, where it is most at risk, who has access to it and who shouldn’t.

The Varonis Metadata Framework™ technology that forms the foundation of Varonis software, non-intrusively collects this critical metadata, generates metadata where existing metadata is lacking (e.g. its file system filters and content inspection technologies), pre-processes, normalizes, analyzes, stores, and presents the metadata to IT administrators in an interactive, dynamic interface – automating the process of finding areas with excessive permissions and abnormal access activity, understanding who can access, who is accessing, who shouldn't have access, and who owns the data, and enabling remediation of risk faster than traditional data protection products.

Watch the IDC Technology Spotlight on Varonis

2010 Results

· 940-customers – Varonis added over 340 new customers in 2010

· 3,500-plus licensed installations worldwide – Varonis added over 1,900 in 2010

· 63 percent year-over-year annual sales growth

· Release of Varonis® DatAdvantage® for Exchange aggregates user, permissions, data and access event information from mailboxes and public folders. Sophisticated analytics applied to the collected information show detailed data use and determine rightful access based on business need. Key functionalities include bi-directional visibility into mail store permissions, a complete audit trail of email activity, recommendations on removing excess permissions and modeling of changes, data ownership identification through analysis of user activity, the ability to effect changes to permissions and groups, and the ability to include other metadata and platforms (e.g. classification information via IDU Classification Framework®, SharePoint, Windows, UNIX, etc.).

· Release of Varonis® DatAdvantage® for AIX aggregates user, permissions, data and access event information from directories services (e.g. LDAP and NIS) and UNIX servers. Key functionalities include bi-directional visibility into file system permissions, including identification of world-writable directories and files, a complete audit trail of file events, recommendations on removing excess permissions and modeling of changes, data ownership identification through analysis of user activity, the ability to effect changes to permissions and groups, and the ability to include other metadata and platforms (e.g. classification information via IDU Classification Framework®, SharePoint, Windows, etc.). Sophisticated analytics applied to the collected information shows areas of excess access and simulated results of both group and permissions changes.

Varonis is the leader in unstructured and semi-structured data governance for file systems, SharePoint and NAS devices, and Exchange servers. The company was named "Cool Vendor" in Risk Management and Compliance by Gartner, and voted one of the "Fast 50 Reader Favorites" on FastCompany.com. Varonis has over 3500 installations worldwide. Based on patented technology and a highly accurate analytics engine, Varonis' solutions give organizations total visibility and control over their data, ensuring that only the right users have access to the right data at all times. Varonis is headquartered in New York, with regional offices in Europe, Asia and Latin America, and research and development offices in Hertzliya, Israel.

Source: Eskenzi PR Ltd. for Varonis Systems

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

ISACA report emphasizes governance's central role in IT security

2011-02-01T08:43:00.001-08:00

London, UK February 2011 - A major survey from ISACA, a not-for-profit IT governance and security association, confirms the central role that governance plays in information security within large organisations and stresses the fact that 95% of IT professionals within major organisations consider governance to be important.

The study conducted by the IT Governance Institute (ITGI), ISACA’s research affiliate is titled the “Global Status Report on the Governance of Enterprise IT (GEIT) 2011.” It says that two thirds of respondent enterprises have some GEIT activities in place, with the most common being the use of IT policies and standards, followed by the employment of defined and managed IT processes.

According to Rolf von Roessing, CISA, CISM, CGEIT, international vice president of ISACA, the report highlights that the main driver for activities related to GEIT is ensuring that IT functionality aligns with business needs.

"It also shows that the most commonly experienced outcomes are improvements in the management of IT-related risk, as well as communications and relationships between business and IT," said von Roessing. "Obviously, these issues are important to ISACA’s global membership, which now tops the 95,000 mark, as governance and regulatory compliance are at the heart of the modern information security curriculum."

Von Roessing explained that, with regulatory compliance now high on the agenda of most corporate boardrooms especially in Europe, where best practice compliance is now a statutory requirement in many areas of business, the report makes some interesting, valid points.

It's clear, he says, that the right governance enablers can help ensure that the implementation of IT plans within major organisations is as smooth as possible.

"As the report says, it is now a fact of business life that specific events, activities or even crises will arise that require some GEIT objectives to take precedence over others. It is equally important that managers should take a balanced and holistic view of the five GEIT focus areas - strategic alignment, risk management, value delivery, resource management and performance," said von Roessing.

And, when you dip further into the report, he added, you begin to realise the importance of IT in the management process, as 70 per cent of respondents to the ISACA survey indicated that the head of IT in their organisation is also a member of the senior management team.

"More than anything, the results of our survey confirm the significance of IT in many enterprises. However, there is still a lot of work to be done, as researchers have found that it is still common in smaller enterprises for the head of IT not to be on the senior management team," said von Roessing.

"It is also worth noting that other frequently stated reasons for IT not being on the senior management team are that IT is a support function (32 per cent), and that IT is adequately represented by another member of the senior executive team (32 per cent again),” he added.

"Our in-depth report is a timely indicator that, whilst great strides have been made in helping industry to understand the central role that IT has in a business, IT professionals and security professionals in particular should not rest on their laurels."

Full results of the study are available as a free download from www.isaca.org/ITGI-Global-Survey-Results.

With 95,000 constituents in 160 countries, ISACA^® (www.isaca.org) is a leading global provider of knowledge, certifications, community, advocacy and education on information systems (IS) assurance and security, enterprise governance and management of IT, and IT-related risk and compliance. Founded in 1969, the nonprofit, independent ISACA hosts international conferences, publishes the ISACA^® Journal, and develops international IS auditing and control standards, which help its constituents ensure trust in, and value from, information systems. It also advances and attests IT skills and knowledge through the globally respected Certified Information Systems Auditor^® (CISA^®), Certified Information Security Manager^® (CISM^®), Certified in the Governance of Enterprise IT^® (CGEIT^®) and Certified in Risk and Information Systems Control™ (CRISC™) designations.

Follow ISACA on Twitter: http://twitter.com/ISACANews

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

WikiLeaks DDoS arrests welcomed by Infosecurity Europe

2011-02-01T08:33:00.001-08:00

London, UK, January 2011 - Reports that five men were arrested in connection with an investigation into the DDoS attacks against allegedly anti-WikiLeaks financial and other Web sites, have been welcomed by the organisers of the Infosecurity Europe show. April 19-21 www.infosec.co.uk

According to Claire Sellick, Event Director for Infosecurity Europe, which takes place each spring in London, distributed denial of service (DDoS) attacks - no matter what their stated intention - are a potentially devastating type of attack on commercial organisations.

"Whilst the Anonymous group has received a lot of positive attention, most recently in the toppling of the government in Tunisia, the reality of a DDoS attack on a commercial organisation is that it paralyses that firm's Web site and, in many cases, costs them money - both directly and indirectly," she said.

"And whilst those staging the DDoS attacks may feel they are carrying out their acts of cybervandalism with good intentions, the reality is that a team of IT professionals has to sort out the mess behind the scenes," she added.

The Infosecurity Europe director went on to say that that the arrests of the five people on Thursday follow on from the arrest of two teenagers in the Netherlands on similar allegations.

And, she said, other arrests will undoubtedly come in the weeks and months ahead, as investigators piece together the trail of electronic breadcrumbs that anyone using the Internet leaves behind them.

Even if a user thinks they are anonymous on the Internet, the reality is that, with sufficient time and resources, investigators can track them down by their IP trails, she explained. After that, arrests can ensue.

If, as seem likely, charges ensue against the five people who have been arrested, it is almost certain that any court appearances will be punctuated by media reports of celebrities expressing their support for the cause, and perhaps even the odd misguided celebrity offering to pay their fines and legal fees.

But, says Sellick, the spotlight of the media circus that will accompany any possible court cases will never fall on the hard-working IT professionals who labour behind the scenes to restore services on the Web servers affected by a DDOS attack.

"That is the stark IT reality here. The only piece of good news that will result from the DDoS attacks of recent months is that IT security experts now understand a lot more about how an attack of this type unfolds in the wild, and how to assuage its effects," she said.

"This expertise will also allow specialists to better defend the national infrastructure from future cybervandalism. We expect many experts to talk about the issue of DDoS attacks at the Infosecurity Europe show, when it opens for a three-day run on April 19-21 at Earls Court in London," she added.

For more on the alleged WikiLeaks DDOS attack arrests: http://bit.ly/eZbMCx

For more on the Infosecurity Europe show: www.infosec.co.uk

Source: Eskenzi PR

KOBIL mIDentity secures e-Banking of the BBVA (Suiza) SA

2011-02-01T08:31:00.001-08:00

The subsidiary of the Spanish bank BBVA relies on IT-Specialist KOBIL

Worms / Zürich - January 2011: KOBIL Systems is a market leading trendsetter and manufacturer of mobile and highly secure IT-solutions in the field of data security and digital identity. The German company developed the well known and worldwide used KOBIL mIDentity that is deployed by renowned banks and businesses. BBVA (Suiza) SA is yet another Bank in Switzerland that decided to implement KOBIL’s mobile security solutions. The mIDentity 4smart banking - the smallest bank branch in the world – as highly secure solution in pocket size will be available for free for every BBVA (Suiza) SA eBanking customer by January 2011.

BBVA (Suiza) SA wishes to implement a highly secure, modern and mobile solution for every e-Banking customer. During the last years KOBIL was able to provide confidence among large Swiss banks by providing quality and performance and setting a new standard in e-Banking with the mIDentity.

Also BBVA (Suiza) SA has found with KOBIL the matching manufacturer that meets the high expectations of the bank and offers highly secure client-authentication completely mobile and without any installation.

This solution replaces the current OTP-Technology. Due to the fully developed processes and the easy implementation in every IT-infrastructure it was possible to realize the whole project within only one quarter from the signing of the contract to the going live. The mIDentity will be available for free for all e-Banking clients by January 2011.

“The perfect cooperation between KOBIL and BBVA (Suiza) SA made it possible to conclude this challenging project successfully within only one quarter. We value the cooperation with BBVA (Suiza) SA very much as we have gained another internationally operating bank for the mIDentity technology as this technology fulfills the high security and operating requirements completely”, comments Claudio Retica, country manager Swiss from KOBIL.

The mIDentity protects the bank and the clients against criminal attacks and infected PCs while using a hardened browser which is preconfigured exclusively for the online banking with BBVA (Suiza) SA. The bank customer information is thus completely prevented from Phishing and other criminal attacks. In case of losing the mIDentity the finder won’t be able to use the device as he does not know the respective PIN.

mIDentity ensures the user of a zero adherence access to its bank account from every PC worldwide and of being protected against any use, tapping or spying by a third party.

KOBIL Systems is a market leader and trendsetter in the production of mobile high security IT solutions in the area of digital identities. KOBIL stands for secure data, secure communication and secure authentication on every computer worldwide. Founded in 1986, the 120-strong KOBIL Group based in Worms, Germany, is the only manufacturer worldwide with a fully developed product line. As a pioneer in the area of cryptography, smart card technology and PKI (digital certificates), KOBIL’s products have become today’s recognized standard for digital identities and highly secure data technology. The development of the products is done in Germany with 40 percent of the staff involved in the development at the KOBIL headquarters alone. KOBIL applications comply with international standards such as EMV-CAP, ISO 7816, ISO 9001 and the German Act for Digital Signature. KOBIL products also support common technology standards making it very simple to integrate them into existing IT infrastructures. IT security solutions by KOBIL are mobile, flexible and user friendly, and are used in a variety of different industries. Businesses, banks and institutions such as Deutsche Telekom, Swisscom, RWE, T-Systems, DATEV, Commerzbank, Postbank, Migros Bank, Valiant Bank, Hypothekarbank Lenzburg, Rothschild Bank, Raiffeisenbank International, UBS Bank, RZB, Société Générale, YapiKredi Bank, Akbank and Isbank as well as the German parliament and the German Federal Office for Information Security (BSI) rely on technologies by KOBIL.

Source: KOBIL Systems GmbH

Latest Opera vulnerability proves that all Web browsers should be viewed as potentially insecure says Idappcom

2011-01-25T08:22:00.001-08:00

25^th January 2011 - Reports that the Opera Web browser has been hit by a zero-day vulnerability highlights the fact that all Web browser clients are, by their very nature, insecure, says Idappcom, the data traffic analysis and security specialist.

According to Anthony Haywood, the firm's chief technology officer, Opera is popular amongst users of smartphones and netbooks, owing to its relatively small footprint.

"Ironically, it's also been gaining traction on account of its less-than-mainstream status, which some experts have observed means that the software is less of a target by hackers and cybercriminals," he said.

"This reasoning appears quite sound, until you realise the world's Internet browser user base is now measured in hundreds of millions, which means that a client that accounts for a fraction of a percentage still means there are millions of users out there in cyberspace," he added.

Idappcom's CTO went on to say that the very fact a browser is low profile and has a select user base can actually make it attractive in the eyes of cybercriminals, as hackers can start exploring what appears to be virgin territory as far as vulnerabilities are concerned.

The most important thing to realise about Web browser client software, he says, is that it is designed to access a variety of Web sites, typically using Port 80 for regular HTTP access, and Port 443 for HTTPS access.
With so many IP ports available, this might sound a small IP profile to deal with from a security perspective, but the problem is that there are a growing number of non-standard applications that use Port 80 across the Internet, meaning that a Web browser client must be able to support these features, he explained.

Haywood says that this latest vulnerability - which some sources are reporting as a zero-day issue - allows potential attackers to execute arbitrary code remotely.

The flaw was discovered by French security researcher Jordi Chancel who disclosed it on his blog earlier this month, and classified the problem as an integer truncation error.

"Although technically complex, the flaw can cause Opera to crash, although the potentially silver lining here is that the address of the memory violation is reported to be unpredictable. This makes the vulnerability less easy to exploit from a hacking perspective," he said.
"Is Opera less or more secure than the other mainstream browsers? That depends on your perspective. The reality is that any software that uses Port 80 across the Internet has to be viewed as a potential security issue and users - especially IT managers - need to be aware of this fact," he added.
The bottom line to this latest browser flaw is that Internet software users need to install multiple layers of security defence, and ensure their software - and their security knowledge - is as up to date as possible."

For more on the latest Opera security flaw: http://bit.ly/grWcXz

For more on Idappcom: www.idappcom.com

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Imperva Strengthens Cloud Footprint With PartnerSphere Cloud Alliance Program

2011-01-25T08:20:00.001-08:00

More Than A Dozen Major Industry Cloud Vendors Achieve Certification

Redwood Shores, Calif., January 25, 2011—Imperva, the leader in data security, today announced its PartnerSphere Cloud Alliance Program (PCA), designed to enable Managed Security Service Providers (MSSP), Hosting and Cloud Providers to deliver best-in-class data security for their cloud data centers. The program sets parameters for select partners, helping MSSP customers identify cloud service providers whose technologies and services have been certified by Imperva.

“Growing interest in cloud-based security services has helped Imperva’s Service Provider partners dramatically grow 2010 revenue 90 percent over the previous year,” said Imperva VP of world-wide channels, Chris Cesio. “With a formal program in place, enterprises using Cloud services will have a certified list of partners who properly and effectively deploy and manage Imperva’s market leading technology. Our certification program provides our small, medium and large enterprise customers with easy and reliable access to advanced data security expertise through our partners, and allows them to offload daily management functions so that they can focus on their core competencies.”

The PCA program ensures that MSSP partners have been certified according to eligibility requirements, which include:

· Partner owns and operates a secure network operations center,

· Demonstrated ability, with certified sales and technical staff, to implement Imperva’s data security products,

· Staffed to deliver ongoing and reliable 24/7 support.

Today, Imperva’s certified PCA partners include:

- Firehost

- Incapsula

- Nexusguard

- NIS or Network Integration Services

- Rackspace

- Savvis

- Seccom Global

- SecureWorks

- Security On Demand

- Solutionary

These partners have deployed Imperva SecureSphere Web Application Firewall (WAF), which enables businesses to efficiently protect data transacted by Web applications. With a WAF, Imperva’s cloud partners provide instant, cost-effective protection against attacks targeting applications for large and small enterprises.

Imperva is the global leader in data security. With more than 1,300 direct customers and 25,000 cloud customers, Imperva's customers include leading enterprises, government organizations, and managed service providers who rely on Imperva to prevent sensitive data theft from hackers and insiders. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring for databases, applications and file systems. For more information, visit www.imperva.com, follow us on Twitter or visit our blog.

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

BitDefender survey reveals internet pornography remains a major e-threat source

2011-01-25T08:16:00.001-08:00

63% of the users looking for online adult content compromised their computers’ security more than once

BitDefender^®, an award winning provider of innovative internet security solutions, has today announced results that reveal internet pornography remains a main source of e-threats. BitDefender’s study, which exposes data security risks and implications when accessing websites with adult content, confirms that 63% of the users attempting to find adult content on their computers compromised their security on multiple occasions. The study consisted of a survey concerning the psychological background of adult online content use and net research aiming to identify the ensuing malware and privacy related issues.

“This BitDefender survey confirms that users should think twice when accessing pornographic sites since this is an area that cyber criminals continue to exploit,” states Sabina Datcu, E-Threats Analysis and Communication Specialist and author of the survey. “Over 60% of respondents admitted that they have had malware-related issues more than once as a direct consequence of accessing adult content. The findings of this study should make users consider whether accessing these sites is worth compromising their systems, data and work.”

More than 72% of the 2,017 respondents interviewed in the study admitted that they had searched for and accessed adult content sites (78% men and 22% women). The study also uncovered that of the most accessed pornographic materials, 91% were videos that can be downloaded from different sources including torrents, websites and hubs. Real-time adult content sites, such as video-chats and adult dating, ranked second in respondents’ preferences with 72%.

The study went on to reveal that 69% of the interviewed participants declared that they usually access adult content websites from home, while 25% access them from work and only 6% from other locations (internet cafés, etc). The main motivations for accessing adult sites were the need to relax (54%) and curiosity (38%).

More details on this survey can be found at Malwarecity.com. For a full list of BitDefender 2011 features and benefits by product, please visit www.bitdefender.co.uk or follow BitDefender on Twitter for daily malware alerts.

BitDefender is the creator of one of the industry's fastest and most effective lines of internationally certified security software. Since its inception in 2001, BitDefender has continued to raise the bar and set new standards in proactive threat prevention. Every day, BitDefender protects tens of millions of home and corporate users across the globe - giving them the peace of mind of knowing that their digital experiences will be secure. BitDefender solutions are distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. More information about BitDefender and its products are available at the company's security solutions press room. Additionally, BitDefender's www.malwarecity.com provides background and the latest updates on security threats helping users stay informed in the everyday battle against malware. www.bitdefender.co.uk

Source: Media Safari

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Imperva Announces PartnerSphere Technology Alliance

2011-01-25T08:14:00.001-08:00

Imperva Announces PartnerSphere Technology Alliance, Adds Two Key Partnerships
New program offers key partnerships with WhiteHat Security and NetOptics

Redwood Shores, Calif., January 25, 2010—Imperva, the leader in data security, today announced the new PartnerSphere Technology Alliance (link), a technology ecosystem dedicated to data security and compliance. The PartnerSphere Technology Alliance offers organizations an end-to-end blueprint for data security, providing best-of-breed products that complement and extend Imperva SecureSphere Web Application, Database, and File Security Solutions.

“Our partner ecosystem is growing rapidly as the demand for a data security strategy increases,” said Imperva VP of Business Development, Farzad Tari. “Our program recognizes the reality of today’s IT security landscape by partnering with leading technology providers in a formal, cohesive fashion, creating a partner ecosystem to protect structured and unstructured data.”

Imperva has partnered with industry-leading vendors in several categories including Vulnerability Assessment, SIEM, Business Software, Platform, Application Delivery, Identity Management, and Masking and Encryption. Together, Imperva and its technology partners offer fully complete solutions that address organizations’ top data security challenges.

With the creation of the PartnerSphere Technology Alliance, Imperva also announces two new partnerships with WhiteHat Security and NetOptics:

Imperva WAF Quick Start Program including WhiteHat Sentinel Website Vulnerability Management:

Imperva and WhiteHat Security have joined forces to offer a closed-loop process to identify and mitigate website vulnerabilities. Beginning today, Imperva’s Web Application Firewall Quick Start Program, a packaged professional services engagement for initial product installation and configuration, will include one WhiteHat Sentinel vulnerability assessment. As part of the Quick Start Program, WhiteHat Sentinel will conduct a website vulnerability assessment. All results are verified for accuracy, eliminating false positives. Then an Imperva professional services consultant will import the verified WhiteHat assessment results into SecureSphere Web Application Firewalls to instantly remediate discovered vulnerabilities.

The Quick Start Program now allows customers to leverage the full benefits of the Imperva SecureSphere and WhiteHat Sentinel integration. Customers can immediately mitigate Web application vulnerabilities, eliminating the window of exposure inherent with manual remediation. Virtual patching also allows customers to design and implement code fixes on their schedule, avoiding emergency fix and test cycles.

“The combined Imperva and WhiteHat solution effectively detects vulnerabilities and protects against website attacks. This integration provides a complete and automated way for organizations to simplify the management of the Web application security lifecycle,” said Bill Pennington, Chief Strategy Officer, WhiteHat Security. “WhiteHat Sentinel delivers ongoing accurate website vulnerability data that enables Imperva SecureSphere customers to deploy virtual patching with confidence. Organizations can design and implement application code fixes on their schedule, without rushing to fix and test patches, eliminating disruption in their development cycle. This allows businesses to freedom to decide how and when to mitigate web application security vulnerabilities in production.”

Partnership with Net Optics provides unparalleled performance, visibility, and scalability to protect network and web applications in the demanding 10G environment

Net Optics brings to the partnership a record of proven leadership in intelligent monitoring access by providing a fault tolerant architecture with high-speed intelligent load balancing. The company’s growing suite of innovative solutions enables customers to meet the challenge of monitoring, troubleshooting, and securing high volumes of network traffic, bandwidth-intensive applications, and cloud deployments. SecureSphere Stack, powered by Net Optics, provides a scalable, high-performance data security solution for up to 10Gbps of network traffic.

The new offering will employ the unique capabilities of Net Optics Director Pro™ Data Monitoring Platform to control, filter, and dynamically load balance traffic sent to monitoring appliances. Engineered for extremely high, business-critical traffic levels, Director Pro enables deep packet exploration at full 10Gbps wire speed and provides 24/7 passive network access without introducing a point of failure. The robust Director Pro works in conjunction with up to five SecureSphere X6500 appliances to maximize Web, Database, and File Security for the most demanding applications without affecting performance and availability. Director Pro not only reduces the complexity of managing an integrated network fabric, it streamlines scaling within the customer deployment and contributes the key capability of connecting inline to a 10G network.

“Imperva’s selection of Net Optics will help customers overcome their toughest monitoring challenges in an ultra-high performance environment where security is critical,” said Bob Shaw, CEO, Net Optics. “The Imperva-Net Optics 10G solution will enable high availability, cost-effectiveness, and the enhanced security that’s vital to any organization and cloud service provider.”

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Lieberman Software President Calls ‘Lush’ Hack a Potential Brand Destroyer

2011-01-25T08:12:00.001-08:00

The Web site of Lush, the natural ingredients cosmetic firm, was reportedly cracked and subverted by hackers. Unconfirmed reports suggest that customers' payment card details have already been used by fraudsters.

According to Phil Lieberman, president of privileged identity management software specialists Lieberman Software, whilst reports of the site hack only broke on the newswires late on Friday, forum postings suggest the hack has been subverting customer payment card details for some time.

"This appears to have been confirmed by Lush, which says that anyone who placed an online order between October 4 and last Thursday should contact their bank in case their payment card has been compromised," he said, adding that the BBC reports that customers are now complaining about fraudulent purchases.

This saga is a potential brand destroyer, says Lieberman, as the cosmetics firm could have handled the situation better. One needs only read the comments on the Lush Facebook page, Lieberman added, to see the anger and frustration of the company’s past customers.

“The bare minimum response of companies who undergo similar attacks is usually to fully disclose of the scope of the breach, offer a frank apology, and provide a year’s worth of no-cost credit checks for impacted consumers,” said Lieberman. Instead, the company simply said it was aware of the problem.

"I agree with consumers who say that the retailer’s response has been inadequate,” he added. “The company should have responded earlier and with more appropriate action – especially since this organization has been in the industry for several decades and, while portraying itself as a small and laid-back company, is in reality a major chain with a multi-million pound turnover.”

Lieberman went on to say that the firm could face punitive fines from the Information Commissioner's Office, as well as an investigation under the PCI DSS security rules form the Payment Card Industry Security Standards Forum. Whilst it's unlikely that Lush will lose its ability to process card transactions as a result of the incident, the firm could find that its commission rates will rise - adding substantially to its cost of doing business in the wake of the fiasco.

"This looks like a prime example of how not to handle a serious data security incident. Not only has the retailer alienated large numbers of customers, but it could also pay big penalties on several fronts," he said.

"The real damage lies in the fact that the reputation of the company - which prides itself on customer service and an eco-friendly approach to its products - will take a battering. There are a lot of customers who will be tempted to buy elsewhere, and that is a stark reality," he added.

"Other firms who are concerned about their own Web site and card security arrangements would do well to sit up and take notice."

For more on the Lush cosmetics site security saga: http://bbc.in/dOI3dg

For more on Lieberman Software: www.liebsoft.com

Source: Eskenzi PR Ltd.

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

The Italian Job - the first ‘perfect storm’ cyber attack

2011-01-23T10:29:00.001-08:00

Michael Cain’s team of bank robbers were arguably the first cyber attackers as they compromised the Italian traffic control system allowing them safe passage through the city of Rome in the iconic film, The Italian Job. Today, the threat is not only to bank detail loss or credit card detail theft but to a countries entire infrastructure in order to bring down or influence a particular political regime. Hence, governments are taking the ‘perfect storm’ scenario deadly seriously.

Says Colin Tankard, Managing Director, Digital Pathways, “ Such scenarios usually highlight known vulnerabilities in systems which have not been ‘patched’ or simply bad operating practices. Operating systems and applications are updated so frequently that often organisations cannot test the update quickly enough before the next update is released. They therefore fall behind and open themselves for exploit.

“Another problem is the growing trend towards outsourcing which leads to the opening of networks or the lowering of internal controls for access to data or systems which makes the task of introducing a hole in a system which can be used by an external party to launch an attack.

“Whilst we recognise that there will always be a high level of threat to any system the way to limit the damage is by understanding the threat, identifying exactly where the vulnerabilites are and categorising them by significance. “From this position, organisations can put in place solutions to address the issues and instigate a mechanism of audit which brings together all vulnerabilites and directs the initiative for securing the weakness either by updating the system or applying a security solution directly to the application.

“ In my opinion where we are today is in a situation where many organisations have addressed their security issues individually, as the need arises, and not holistically as a whole. This is where a ‘perfect storm’ could become a reality. What is vital is that security solutions are not piecemeal but properly instigated strategies that are able to grow with the ever-changing technology landscape and requirements of organisations.”

Source: Digital Pathways

Major European and US government websites Hacked and access for Sale

2011-01-21T10:55:00.001-08:00

Researchers from Imperva's Hacker Intelligence Initiative (HII) have found dozens of .mil, .gov and .edu web sites which have been hacked and are up for sale due to SQL injection vulnerabilities. The list includes websites government sites including Defence and State sites in the USA and Europe. Access to these sites is being sold at $55-$499 each; Noa Bar Yosef, Senior Security Strategist at Imperva provides an in-depth analysis below:

The list includes (with original hacker's typos):

The ‘traffic’ probably stands for the number of records within the Database tables. The ‘goods’ in this case are probably the needed information for the ‘Level of Control.’ For ‘full site admin’ – probably the credentials and the URL of site administrator interface.

The hacker is also selling personally identifiable information (PII) from hacked sites, for $20 per 1K records:

For example, here they want to sell a list of UConn staff:

In the screenshot below, the hacker tries to show proof of accessing the administrator interface for a major university:

The victims' vulnerabilities were probably obtained by SQL injection vulnerability automatic scanner and exploited in automatic manner, as the hacker published his methods in a post in some hacker forum – see screen shot and explanation:

In the screen shot above we can see IRC "chat" between the SQLi "master" = @evil which issues the scanning commands and the exploiting "x0wner" which performs the commands. In this specific case @evil issues command for to x0wner to obtain DB tables names ("!tbls") from vulnerable link ("www.site.gr/athlete.php?id=...") x0wner reports its findings - the tables "activities","admin",…

Imperva is the global leader in data security. With more than 1,200 direct customers and 25,000 cloud customers, Imperva’s customers include leading enterprises, government organizations, and managed service providers who rely on Imperva to prevent sensitive data theft from hackers and insiders. The award-winning Imperva SecureSphere is the only solution that delivers full activity monitoring for databases, applications and file systems. For more information, visit www.imperva.com, follow us on Twitter or visit our blog.

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

A constant patch and review process is essential to defend a company's IT resources

2011-01-21T10:48:00.001-08:00

Idappcom says that a constant patch and review process is essential to defend a company’s IT resources more effectively

London, January 2011 - Commenting on the latest annual Secunia security vulnerability report, Idappcom says that blaming third-party apps for security problems on PCs is the incorrect way of approaching the perennial problem of the way software applications interact with each other.

According to Anthony Haywood, CTO with the data traffic analysis and security specialist, the problem of inter-application security issues has been around ever since the Windows API was first seen way back in 1985.

"A lot has changed in the last 26 years, not least the number of function calls which the WinAPI now supports, having increased massively since the original 450 seen in Windows 1.0," he said.

"Against this backdrop, it's interesting to see our colleagues at Secunia reporting that vulnerabilities in third-party products are the weakest link in software installations. More than anything, this confirms something our researchers have noted for some time, namely that software patches and updates need to be installed on a very timely basis, and allied to a highly effective range of IT security software at all times," he added.

Haywood went on to say that the report, which also predicts that network vulnerabilities will continue to be a problem in the year ahead, does an excellent job in detailing the issues that a good IT security manager and his/her team needs to address.

It all comes down to due diligence and risk analysis, a series of processes that needs to be updated and reviewed on a continual basis, rather than treating it as an annual `tick and check' project to be carried out like a stocktaking exercise, he explained.

Having said that, the Idappcom CTO noted that the report's conclusions - which include the fact that there often is a delay between flaws being exploited and the IT team in an organisation `getting around' to patching the flaw on a remediated basis - need to be addressed.

And it's for this reason that Haywood recommends that organisations look to automated patching software, which can now be sourced on a freeware basis for several operating systems.

"It's interesting to note that Secunia has developed its own auto-update application - PSI 2.0 - which is free of charge and is actually a reduced feature version of the pay-for edition," he said.

"The good news is that the message about the requirement for timely patches appears - at last - to be getting through to the software vendor community, especially Adobe, which now has an auto-update mechanism for Acrobat, Flash and Reader, developed apparently after lobbying from users," he added.

"When allied to a competent security advisory service like our own, IT security managers can rest easy in their beds, sure in the fact that their IT resources are as well defended as it is possible to be with the resources that are now available."

For more on the Secunia annual vulnerability report: http://bit.ly/ihKTel

For more on Idappcom: www.idappcom

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Zeus latest evolution in malware trends - targets online payment providers

2011-01-21T10:45:00.001-08:00

Confirming our previous observations here at Trusteer, the Zeus malware continues to evolve, diversifying away from its target bank sites and their customers, and over to sites with user credentials that allow assets that have a financial value.

The move mirrors the evolution of card fraud in the 1980s and 1990s, when fraudsters initially targeted banks for cash advance fraud, then, as the banks developed their internal anti-fraud resources, moved over to quasi-cash platforms such as foreign currency purchases and then over to retail and e-tail sales outlets.

The parallels between card fraud evolution and the evolution of Zeus is reflected in the attack vectors against a few websites our researchers have identified as being targeted.

Money Bookers (www.moneybookers.com) is an online payment provider allowing you to make online payments without submitting your personal information each time. We have found 26 different Zeus configurations targeting Money Bookers. This usually indicates that fraudsters have a solid business around this target. For comparison, this number doesn’t fall short of some of the highly targeted banks and brands in the world. For those of you who don’t know what a Zeus configuration file is – it’s basically a set of instructions that Zeus gets on which websites to target and what to do with them (steal login credentials, tamper with HTML webpages, etc). Different configurations represent different work efforts of targeting online websites.

Another interesting target we have found is Web Money (www.wmtransfer.com). This is another online payment solution that claims to have more than 12 million active users. Web Money is targeted by 13 different Zeus configurations, with the last one released January 16th, indicating that this is hot target for fraudsters. As with all the other online payment providers, Zeus steals login information and other sensitive information of Web Money users.

Another popular target is Nochex (www.nochex.com). A UK based online payment company specializing in smaller online businesses. Nochex is targeted by 12 different Zeus configurations with the last one released in January 16th.

While these three examples represent online payment providers which have been targeted for months, there are new comers as well. One example is netSpend (www.netspend.com). This website has been recently started to be targeted by Zeus. netSpend is a prepaid card provider. You add money to your account and use you netSpend account to pay online.

The last example for today is e-gold (www.e-gold.com). The e-gold portal is a one that provides a money-like currency and wire transfer services. This website has been indicted in the past for violating money laundering regulations. According to Wikipedia (http://en.wikipedia.org/wiki/E-gold) “e-gold has been perceived by the United States government as the medium of choice for many online con-artists, with pyramid schemes and high-yield investment programs ("HYIPs") commonplace.”. This website is targeted by 16 different Zeus configuration. Could it be that fraudsters are targeting other fraudsters?

The genuine login page for e-gold (https://www.e-gold.com/acct/login.html) asks the user for the account number, passphrase and uses CAPTCHA technology to help prevent automated attacks.

On a Zeus-infected machine (with an e-gold targeting configuration), the malware injects an additional element into the login page that requests the alternate password - plus the email associated with the account, which can then presumably be tapped for back-door access to the account,.

The following screenshot shows the login page after it has been tampered with by Zeus (the injected fields are identified using a red rectangle):

We believe this trend of targeting online payment providers will continue as more retailers allow these alternate payment methods with their Web sites.

The latest UK figures on card fraud in the UK from KPMG (http://bit.ly/dIUzxE) show that card fraud soared by 16 per cent in 2010 when compared to the previous year, with one of the largest frauds worth a hefty £103 million.

The story is a similar one in the US, although research from Bank Info Security (http://bit.ly/cvdRUo) found that only 48 per cent of fraud is detected at the point of transaction.

So what can be done to counter the problem of Zeus-enabled credential fraud against a diversified range of online payment providers?

We believe that customers of all sites where purchases are involved need to protect their PC or access terminal, using secure browsing services and solutions that specialize in protecting online payments and online banking.

Users should also avoid using public access computers, as well as computers you do not own and therefore have direct control over.

Retailers and payment providers, meanwhile, need to assess the risk associated with their customers' endpoint devices. They should, we believe, reject transactions from accounts used over insecure endpoints.

For more information see http://www.trusteer.com/blog

Source: Eskenzi PR Ltd.

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

According to ISACA 40% of Global Executives Block Move to the Cloud

2011-01-21T10:42:00.001-08:00

IT Governance Institute Survey Also Reveals Outsourcing, Social Media and GEIT Trends

Rolling Meadows, IL, USA (January 2011)— Forty percent of C-level executives have stated that they are not planning to adopt cloud computing, according to the fourth Global Status Report on the Governance of Enterprise IT (GEIT, conducted by the nonprofit, IT Governance Institute (ITGI), ISACA’s research affiliate. Respondents who do not plan to use cloud computing at all in the near future list security (47%) and privacy concerns (50%), followed closely by legacy infrastructure investments (35%), as barriers to adoption. The 2011 study polled 834 executives from 21 countries, divided almost evenly between business executives (CEOs, CFOs and COOs) and IT executives (CIOs and heads of IT). Of the executives who use or plan to use cloud computing for IT services 60 percent was non-mission critical and 40 percent would also trust the cloud for mission-critical IT services. Organizations are also actively employing outsourcing, with 93 percent fully or partially outsourcing some of their IT activities.

“Emerging technologies such as cloud computing and outsourcing can be managed effectively by integrating good governance over IT. Organizations need to adopt new service delivery models to stay competitive, and this is fueling a strong commitment to enterprise IT governance across the C-suite,” said Ken Vander Wal international vice president. “Assessing the value of current investments, building consensus among stakeholders and mitigating risk with third-party providers all require a comprehensive governance framework for organizations to be sure they are doing the right things and doing things right.”

The ITGI study and three past editions are available as free downloads from www.isaca.org/ITGI-Global-Survey-Results. The study analyzes the degree to which the concept of GEIT is accepted by the C-suite and determines GEIT maturity levels, recognized frameworks, required/preferred certifications, and impact of current special-interest, GEIT-related topics.

Of the C-level executives surveyed, 95 percent consider governance of enterprise IT important. This reveals an almost universally shared perception of IT as a critical contributor to overall business strategy, no matter where the organization is on the path of GEIT maturity.

Key findings include:

· Value creation of IT investments is one of the most important dimensions of IT’s contribution to the business (mentioned by more than nine out of 10 respondents). But challenges exist: increasing IT costs and an insufficient number of IT staff are the most common IT-related issues experienced by respondents in the past 12 months.

· There is a correlation between the position of the head of IT in the enterprise’s hierarchy and the pro-active nature of the IT department. Overall, 70 percent of respondents noted that the head of IT is a member of the senior management team, but this figure increases to 80 percent for those enterprises where IT has a proactive role.

· Governance of enterprise IT (GEIT) is a priority with most enterprises—only five percent indicated that they do not consider it important. Two-thirds of respondent enterprises have some GEIT activities in place, the most common being the use of IT policies and standards, followed by the employment of defined and managed IT processes. The main driver for activities related to GEIT is ensuring that IT functionality aligns with business needs, and the most commonly experienced outcomes are improvements in management of IT-related risk and communication and relationships between business and IT.

· Outsourcing is highly prevalent across the board, but especially in larger enterprises and those where IT is considered important or very important to the delivery of the business strategy or vision.

· Sixty percent of respondents use or are planning to use cloud computing for non-mission-critical IT services, and more than 40 percent use or are planning to use it for mission-critical IT services. For companies that do not have plans to use cloud computing the main reasons are data privacy and security concerns.

· The global economic downturn has had an effect on IT activities, the primary response initiatives being: (1) a reduction in contractor staff, (2) a reduction in permanent staff and (3) a consolidation of the infrastructure.

· The use of Facebook or Twitter at work is not highly prized; only one out of five respondents believes that the benefits of employees using social networking outweigh the risks.

More information about these topics will be presented at ISACA’s EuroCACS 2011, to be held on 20-23 March in Manchester. ISACA’s EuroCACS is the hot-topic event for IT audit/assurance, security, control and governance professionals in the region, covering issues such as: governance concerns for ERP, how to make IT audit more relevant, wireless network security, cloud computing, and security concerns for service-oriented architecture. Additional information is available at www.isaca.org/EuroCACS.

“The overwhelming consensus about the importance of IT governance is encouraging. As 2011 IT initiatives get underway against an economic backdrop that continues to be volatile, the ability to balance and manage value creation, risk management and optimization of resources will be critical,” said Roger Southgate, Past President ISACA London and Independent Governance and Risk Consultant.

This year’s study shows that top tactics used to battle the economic downturn were a reduction in contractor and permanent staff numbers and infrastructure consolidation. According to the Global Status Report on GEIT, GEIT processes can ensure that this focus is balanced with a view on investments that can generate cost savings and ultimately become self-funding.

Successfully implementing GEIT depends on effective change management, communication, scoping and identification of achievable objectives. The outcomes encompass shorter-term benefits such as reduced cost and longer-term benefits such as enhanced management of IT-related risk, improved relationships between business and IT, and increased business competitiveness. The top outcomes cited in this year’s study are improved management of IT-related risk (mentioned by 42 percent of respondents) and better communication and relationships between business and IT (37percent).

For additional information, visit www.isaca.org/ITGI-Global-Survey-Results.

The IT Governance Institute^® (ITGI^®) (www.itgi.org) is a nonprofit, independent research entity that provides guidance for the global business community on issues related to the enterprise governance of IT assets. ITGI was established by the nonprofit membership association ISACA (www.isaca.org) in 1998.

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Trustmarque Solutions Hosts Exclusive Client Council

2011-01-15T03:21:00.001-08:00

Experts gathered to discuss the impact and fall out from the Comprehensive Spending Review on public sector organisations
A key challenge cited for both Central Government and the wider public sector is that investments to improve ICT infrastructure are harder to prioritise than in the private sector

York, UK: 14^th January 2011. Value Added Reseller (VAR) Trustmarque Solutions recently hosted a roundtable where 12 experts gathered to give their views on current ICT issues faced by public sector organisations and the consequences of the budget cuts laid out in the Comprehensive Spending Review. Representatives included Trustmarque public sector clients the Royal Borough of Kensington and Chelsea, Hampshire Health Informatics Service, HQ Land Forces and South London & Maudsley NHS Foundation Trust as well as other participants including Digital Systems Knowledge Transfer Network (KTN), Trustmarque Solutions, Pink Elephant, Campaign4Change, Computer Weekly, The British Computer Society and First Base Technologies.

Key questions debated and discussed focused on: How will investments be funded if a department has no additional ICT budget to invest? How will services be shared in departments that are operating to individual mandates? How will resources be shared if security levels change in a non-linear fashion? Technology topics under discussion included Cloud Computing and the idea of taking more services online, creating a modern IT infrastructure and the benefits of consolidation, virtualisation and hosted solutions, security and risk management and of course doing more with less and optimising the IT environment.

The fact that many public sector organisations have acquired a wide range of equipment and applications that have lengthy life spans and which continue to run today, 30 or 40 years after they were introduced continues to be a significant challenge. Ian Osborne, Director Digital Systems KTN stated: “What we are finding is that while there is considerable appetite to consolidate, update, reduce costs and carbon emissions etc., for many migrating to a virtualised, commodity and modern infrastructure is simply not a practical option as there is limited budget available to invest in new technologies. This puts considerable stress on the need to update existing systems which will underpin the government programme to reduce the deficit.”

Ian Osborne went on to say: “Organisations want to deliver more services online to reduce cost and energy usage, with almost 70 percent of UK citizens online sharing resources and infrastructure that is required to achieve this. Most organisations only use about 10 percent of their server capability. Something has got to give. The only way we can move forward in the ‘Big Society’ vision is to change our server usage.”

David Hardy, South London and Maudsley NHS Foundation Trust said that his challenge was to sweat existing assets, finding software and systems with unnecessary functional duplication and realising the additional benefits that are frequently tucked away out of sight. Other cost cutting and efficiency measures undertaken include server virtualisation, migration to Voice over IP for internal telephony, migrating from legacy WAN technologies and consolidating comms suppliers. ICT are enabling the rest of the business to access savings via video conferencing, remote working and provisioning hot desk functionality via thin client and VoIP.

Lee McKenzie of HQ Land Forces commented: “It is all about making the most of reducing budgets and getting more out of the money that we have already spent by seeing how we can optimise our existing infrastructure. McKenzie went on to say that one of the key things stopping his organisation from moving to new platforms and technologies such as the Cloud is that it has hundreds of overlapping applications covering 27 different services, therefore he concluded: “We would need to consolidate before we can even think about moving to the Cloud.”

With the recent departure of Government CIO John Suffolk in mind, David Bicknell of Campaign4Change stated: “Currently, although there has been much discussion about G-Cloud in the past year, there is no central Government ICT strategy in place. That is still under discussion and what public sector organisations need right now is greater certainty and strong leadership with a clear vision and strategy they can believe in. I certainly believe that there is an opportunity for smaller and medium-sized organisations to break the procurement mould. There are new reformers out there who should be rewarded for their innovation, not thwarted by some civil servants who prefer to keep the status quo.”

The conversation moved on to risk mitigation, data protection and security, and Peter Wood from the British Computer Society and First Base Technologies felt that awareness of security in government had positively soared: “Nowadays there are fines for councils and public sector organisations if computers are found to be unencrypted. However public sector funding for security investment and infrastructure is still tied.” He added: “Where Cloud is concerned many councils have to use a UK data centre and there are some very sensitive areas such as Child Support and Social Services that would need robust security processes in place before outsourcing to the Cloud.”

David Marriott Lodge, Trustmarque Solutions added: “Cloud offers scalability within certain boundaries – we can definitely see the benefit of Cloud but it has to start with understanding what you have and how you are using it before you can start outsourcing to a third party provider. Plus it presents a cultural barrier which organisations need to overcome. The majority of software we sell is still on-premise, the uptake on change is slow – one of the main issues is that organisations want things to be simple and they want to keep everything in one place.”

Mark Penny of Trustmarque Solutions felt that the one of the primary challenges facing public sector procurement in the current economic climate was the perceived need to prioritise price ahead of value. “Rarely does price advantage equate to best overall value,” said Penny. “Whilst tendered frameworks enable customers to procure their project output requirement or shopping list at the lowest possible price, there is far greater value to be had by working closely with genuine value-added resellers such as Trustmarque to significantly reduce the output requirement itself! Engaging your reseller earlier in the process is the only reliable means of realising substantial cost savings.”

Barry Goodall, Royal Borough of Kensington and Chelsea summed up what he felt the road ahead for public sector organisations looked like: “Today and for the foreseeable future it is all about continual change. Change is the norm, so you had better get used to it – in fact to not only survive but thrive you need to embrace it. I can only describe it as a journey that we are all on, where the end destination is unknown.”

Trustmarque launched its Work Smart Cost Savings Campaign on 1^st September 2010, which is designed to help public sector organisations squeeze out costs and stretch budgets further to deliver optimum value on their IT investments. Since then Trustmarque has effectively worked with a number of local councils, the MoD and NHS Trusts to drive down their IT costs and improve best practices within the business. For more information visit www.trustmarque.com/worksmart

Trustmarque has been providing value added services to customers since it was founded in 1987 and is now one of the UK’s largest Value Added Resellers. Trustmarque brings together years of knowledge plus a strong track record of delivering successful IT enabled projects for customers that realise positive business outcomes. Trustmarque delivers solutions across six key areas: Business Solutions, Information Security, Infrastructure Services, Technology Optimisation Solutions, Managed Licence Services and Unified Communications.

Trustmarque is also a Microsoft Large Account Reseller (LAR) with Microsoft Gold Certified Partner status, as well as partnering with many other major vendors in the IT market, such as: Adobe, Business Objects, CA, Citrix, McAfee, Novell, Nuance, Sophos, Symantec, Trend, VMware and Websense to name but a few.

Trustmarque Solutions has worked with The CarbonNeutral Company (formerly Future Forests) leaders in the field of carbon management and climate change solutions to become a CarbonNeutral® company.

Source: C8 Consulting Ltd

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

SOURCEFIRE OUTPERFORMS ALL COMPETITORS IN TUNED-DETECTION FOR SECOND

2011-01-15T03:11:00.001-08:00

CONSECUTIVE YEAR ACCORDING TO NSS LABS COMPARATIVE TEST

Independent Test Verifies Sourcefire’s Leading Performance and Protection

Wokingham, UK, 13th January 2011 -- Sourcefire, Inc. (Nasdaq: FIRE), the creator of Snort® and a leader in intelligent cybersecurity solutions, today announced that the Sourcefire Intrusion Prevention System (IPS) protected against 98 percent of all attacks and established a new industry record in NSS Labs’ recent independent tests. The results highlight Sourcefire IPS technology as the industry best - offering the most effective tuned detection of any Intrusion Prevention System tested.

"To combat today's evolving threats, organisations require security solutions that can be tailored to their unique environments and needs, which is why our evaluation process places significant focus and resources on the effectiveness of tuning detection," said Rick Moy, president, NSS Labs, Inc. "The Sourcefire 3D 4500 IPS, tuned by Sourcefire engineers, achieved the highest level of protection for the second year in a row. It should remain one of the top choices for organisations looking to leverage a network IPS."

For the second consecutive year, Sourcefire’s IPS took the top spot in tuned detection of any product tested and, once again, earned NSS Labs’ highest “Recommend” rating. The Sourcefire 3D 4500 Sensor, promoted by Sourcefire as a 2 Gbps IPS, actually achieved 3.2 Gbps of throughput, equating to 161 percent of its vendor-stated performance—the highest percentage of all IPS models tested. Additional highlights of Sourcefire’s test results include:

· Industry best 98 percent tuned security effectiveness

· Industry best 99 percent tuned detection of target-initiated attacks

· Industry best 98 percent tuned coverage for vulnerabilities reported between 2004 and 2010

· 100 percent anti-evasion coverage

“Focusing on customising and tuning our IPS is one of the critical ways we protect our business from threats that target our applications, systems and users,” said John South, chief security officer at Heartland Payment Systems, one of the nation’s largest payments processors. “Sourcefire offers a premier IPS solution that enables us to protect against threats to our specific environment through IPS customisation coupled with automated tuning capabilities. NSS Labs’ findings further validate the effectiveness of Sourcefire’s technology.”

“The results of this test from NSS Labs highlight the importance of Intrusion Prevention technology in today’s dynamic enterprise networks. We are proud to lead the industry for a second consecutive year in blocking more attacks than any other IPS vendor,” said Matt Watchinski, Senior Director of Vulnerability Research at Sourcefire. “This year’s test reaffirms the importance of selecting an IPS solution that not only protects against current threats, but has the ability to adapt to new attacks, as well.”

Designed to address the challenges faced by IT professionals in selecting and managing security products, NSS Labs reports offer unbiased, actionable information based on real-world test data. Using its real-world testing methodology, NSS Labs compared 13 enterprise IPS solutions against 1,179 live exploits and six anti-evasion categories representing another 75 tests, in the industry’s most comprehensive test to date. All devices were tested twice, once using default policy settings and then again after being configured and tuned by each vendor’s technical experts. Ratings were then awarded based on the product’s security effectiveness, performance and total cost of ownership (TCO). Each product earned a rating of either “Recommend,” “Neutral,” or “Caution” based on its composite test results. Only the top technical products earned a Recommend rating, regardless of their market share, brand recognition or the company’s size.

Sourcefire Individual Test Report Available Now

The Sourcefire Individual Test Report from NSS Labs can be found at: http://sourcefire.mktoweb.com/NSSLabs.html

The full group report can also be purchased at www.nsslabs.com.

Join Sourcefire and NSS Labs Webcast: Selecting an Enterprise IPS

Tuesday, January 25, 2011, 11am EST / 8am PST / 4pm GMT

Featuring Vik Phatak, CTO of NSS Labs and Jason Brvenik at Sourcefire

https://sourcefire.webex.com/sourcefire/onstage/g.php?t=a&d=797995461

About NSS Labs, Inc.

NSS Labs, Inc. is the leading independent, information security research and testing organisation. Its expert analyses provide information technology professionals with the unbiased data they need to select and maintain complex security products for their organisations. Pioneering intrusion detection and prevention system testing with the publication of the first such test criteria in 1999, NSS Labs evaluates firewall, unified threat management, anti-malware, encryption, web application firewall and other technologies on a regular basis. The firm’s real-world test methodology is the only one to assess security products against live Internet threats. NSS Labs tests are considered the most aggressive in the industry. Founded in 1991, the company has offices in Carlsbad, California and Austin, Texas. For more information, visit www.nsslabs.com.

SOURCEFIRE®, Sourcefire IPS™, SNORT®, RAZORBACK™, the Sourcefire logo, the Snort and Pig logo, SECURITY FOR THE REAL WORLD™, SOURCEFIRE DEFENSE CENTER®, SOURCEFIRE 3D®, RNA®, RUA®, DAEMONLOGGER™, CLAMAV® and certain other trademarks and logos are trademarks or registered trademarks of Sourcefire, Inc. in the United States and other countries. Other company, product and service names may be trademarks or service marks of others.

Source: C8 Consulting Ltd

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

BitDefender offers free removal tool for malware that steals FTP and e-banking passwords

2011-01-15T03:08:00.001-08:00

Free new disinfection tool against Backdoor.Lavandos.A available on MalwareCity.com for all computer users

BitDefender^®, an award winning provider of innovative internet security solutions, has announced the release of a free removal tool for the Backdoor.Lavandos.A malware that discreetly steals FTP and e-banking passwords. Primarily used by Russian and Ukrainian institutions, Lavandos will also steal personal data from accounts on the infected computer.

Shortly after infection Backdoor.Lavandos.A will generate, for each browser found on the ‘hijacked’ PC, a ‘setupapi.dll’ in the installation root folder for Mozilla^® Firefox^®, Opera^®and Internet Explorer^®. This will enable easy manipulation of browser functions in order to import certificates or to accept a self-signed certificate as being trusted. Users infected with Backdoor.Lavandos.A are at risk of disclosing sensitive information related to e-banking as well as having their FTP accounts stolen by cybercriminals involved in malware distribution.

“What is particularly interesting about this e-threat is the fact that its driver component will not remain written on the disk longer than necessary,” said Catalin Cosoi, Head of the BitDefender Online Threats Lab. “Instead it will be stored in the Windows® Registry immediately after completing its task, ensuring it keeps a low profile.”

BitDefender customers have been protected since day zero via generic packer routines already included in the signature database. For those not protected by a BitDefender product, the free Lavandos removal tool can be downloaded from the Downloads section of MalwareCity.com, a BitDefender initiative for the software security community and a free resource for those interested in their online security.

To stay up-to-date on the latest e-threats, sign-up for BitDefender’s RSS feeds here. For a full list of BitDefender 2011 features and benefits by product, please visit www.bitdefender.co.uk or follow BitDefender on Twitter for daily malware alerts.

BitDefender is the creator of one of the industry's fastest and most effective lines of internationally certified security software. Since its inception in 2001, BitDefender has continued to raise the bar and set new standards in proactive threat prevention. Every day, BitDefender protects tens of millions of home and corporate users across the globe - giving them the peace of mind of knowing that their digital experiences will be secure. BitDefender solutions are distributed by a global network of value-added distribution and reseller partners in more than 100 countries worldwide. More information about BitDefender and its products are available at the company's security solutions press room. Additionally, BitDefender's www.malwarecity.com provides background and the latest updates on security threats helping users stay informed in the everyday battle against malware. www.bitdefender.co.uk

Source: Media Safari

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Avecto Achieves Record-Breaking Growth and Widespread Industry Recognition in 2010

2011-01-15T03:04:00.001-08:00

Boston, MA and Manchester, UK, Jan 2011: Avecto the world leader in Windows privilege management, today announced record-breaking year end results for 2010 with annual revenue up by 300%. Additionally, worldwide sales of new Privilege Guard licences quadrupled, the company signed its first $1M customer, launched 24/7 customer support, expanded strategic partnerships to include HP, CSC and IBM and its award winning Privilege Guard solution was voted ‘Best Security Product’ by Windows IT Pro industry experts.

Tony Bolland, Avecto CEO said “2010 was a great year for Avecto, and despite tough market conditions globally, we achieved exceptional customer adoption and widespread industry recognition. Windows 7 has now reached just over 20% of the worldwide market and, as the roll-out of this latest Microsoft operating system (OS) continues, organizations need to plan for the security features of Windows 7 and strive to achieve the least risk Windows 7 desktop. We are committed to delivering the highest levels of customer service and support, and ensuring that Privilege Guard continues to exceed market expectations.”

When Oxford University Press (OUP), the largest university press in the world, implemented their policy of least privilege using Privilege Guard as part of their Windows 7 deployment, Gavin Wilson, Senior Support Analyst from OUP stated, "Avecto have provided us with excellent support, not just for the product, but they have gone beyond implementation and given us some of the best advice we have ever experienced. We are confident we made the right decision in choosing them to help roll-out our least privilege strategy”. Jeff Douglas, senior advisor for Infrastructure Services at National Government Services, noted "Privilege Guard support has been the best part of our experience!"

Avecto’s Privilege Guard has been adopted by organizations in all major industry verticals including Banking and Finance, Government, Defence, Pharmaceutical, Education, Publishing, Energy, Telecoms and Aerospace, as well as many more, enabling customers to give their Windows desktop users the flexibility they require while optimizing the security posture of the internal networks through granular privilege management.

Avecto is the leader in Windows privilege management, helping organizations to deploy secure and compliant desktops and servers. With its award winning Privilege Guard technology, organizations can now empower all Windows based desktop and server users with the privileges they require to perform their roles, without compromising the integrity and security of their systems.

Customers of all sizes rely on Avecto to reduce operating expenses and strengthen security across their Windows based environments. Our mission is to enable our customers to lower operating costs and improve system security by implementing least privilege. Avecto is building a worldwide channel of partners and system integrators and is headquartered in Manchester, UK. For more information, visit www.avecto.com.

Source: Avecto

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Trustmarque Solutions Helps The North West Ambulance Service Take Control Of Its Software Assets

2011-01-15T02:59:00.001-08:00

· North West Ambulance Service (NWAS) implements ongoing Software Asset Management (SAM) with Trustmarque’s Snow Hosted Managed Service

· NWAS now has the opportunity to re-harvest any unused licences, avoiding un-necessary future purchases

York, UK: 4^th January 2011. Value Added Reseller (VAR) Trustmarque Solutions announced today that it has created an effective licence position (ELP) for NWAS for four major vendors using a Snow Hosted Managed Service.

As a result, NWAS can now accurately obtain the licensing position of all its installed software. The hosted service has enabled the Trust to monitor its entire estate across Cheshire & Mersey, Lancashire, Cumbria and Greater Manchester Areas. Commenting on the implementation, Kate Cushion, IT Security Manager at NWAS said:

“Since deploying Snow Inventory via the Hosted Managed Service the North West Ambulance service is now aware of the licensing position of four major vendors and we are working towards that same knowledge for all vendors that are in use within NWAS. Moving forward, using Snow is continuing to help NWAS to proactively manage our licensing due to ease of use and the metering data it provides.”

The Licence Management element of Snow is exceptional compared to that of many other software asset tools, many of which merely act as “sniffers” providing meaningless licence information that can be a nightmare to manage. Trustmarque’s Snow specialist consultant, however, has provided training, knowledge transfer and a policy and procedure review to enable NWAS to continue using Snow, ensuring ongoing software compliancy.”

Since implementing Snow, NWAS has a better understanding of how software is being used by the Trust and it can make informed decisions when reviewing software licensing budgets. NWAS now has the opportunity to re-harvest any unused licences and avoid unnecessary purchases, and can remain confident that it is software licence compliant should it face a vendor audit.

Formed in 2006 by combining a number of smaller NHS ambulance services, the NWAS NHS Trust serves the Greater Manchester, Cheshire & Mersey and Cumbria & Lancashire areas making it the largest NHS Ambulance Service in England.

However, merging these NHS trusts from across a large area left the NWAS with a problem; it lacked a comprehensive view or adequate control over the software licensing systems for the whole NHS trust. Whilst a Software Asset Management (SAM) tool was in place, NWAS found that it was failing to meet its requirements for both asset discovery and metering of applications. Alongside this, the tool was not proving to be user friendly which was compounded by a lack of support from the tool’s suppliers.

NWAS required a Software Asset Management tool which could effectively discover, monitor and report on the Trust’s software use across a wide number of systems. NWAS approached Trustmarque and based on Trustmarque’s expertise in the Snow Software Inventory Tool, the decision was made to implement this software and host it off site at Trustmarque’s York data centre.

Initially NWAS chose to analyse four vendors and Trustmarque then produced the Effective Licence Position (ELP) for each vendor. Trustmarque advised on how this compliance view was achieved and in addition gave recommendations on how to avoid the situation recurring. The Training and ongoing support provided by Trustmarque has enabled staff to get the most from the new SAM tool. During the SAM review the licensing agreements for the NHS in England changed and Trustmarque will be working with NWAS to help it understand its new position and what is required moving forward.

David Marriott-Lodge, Services and Solutions Director at Trustmarque comments, “It’s fantastic to see a public sector organisation investing in software asset management. Many organisations are still unsure of the value in SAM but it’s clear from this example that it can be extremely effective. With the added pressure of the recent spending review it’s vital that public sector organisations establish what software they are actually using and the licensing requirements of their vendors. There are many organisations who are paying large sums of money for licences they do not need.”

Earlier this year, Trustmarque gained a place on the government IT framework for Commoditised IT Hardware and Software (CITHS), previously known as Catalist. Trustmarque is one of just ten companies to be awarded a framework agreement for a position on the prestigious software supplier list with preferred adviser and provider status to both central (civil) government and the wider public sector.

The Trustmarque Work Smart Cost Savings Campaign was launched on 1^st September 2010 and is geared towards helping public sector organisations drive out costs. For more information visit www.trustmarque.com/worksmart.

Trustmarque Solutions has worked with The CarbonNeutral Company (formerly Future Forests) leaders in the field of carbon management and climate change solutions to become a CarbonNeutral® company.

Source: C8 Consulting Ltd

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Mobile Users Three Times More Vulnerable to Phishing Attacks

2011-01-15T02:57:00.001-08:00

Trusteer recently gained access to the log files of several web servers that were hosting phishing websites. Analyzing these log files was an interesting exercise. Specifically, they provide visibility into how many users accessed the websites, when they visited them, whether they submitted their login information, and what devices they used to access the website. Here are a few interesting findings from these logs:

1) Mobile users are the first to arrive

2) Mobile users accessing phishing websites are three times more likely to submit their login info than desktop users

3) Eight times more iPhone users accessed these phishing websites than Blackberry users

1) Mobile users are the first to arrive

As soon as a phishing website is broadcast through fraudulent email messages the first systems to visit it are typically mobile devices.

This makes sense since mobile users are "always on" and are most likely to read email messages as soon as they arrive. Meanwhile, desktop users only read messages when they have access to their computer. Also most fraudulent emails call for immediate action. For example, they usually claim that suspicious activity has been detected in the user’s account and that immediate action is required. Most victims who fall for this ploy will visit the phishing site quickly.

The first couple of hours in a phishing attack are critical. After that many attacks are blocked by phishing filters or taken down. Hence Mobile users are more likely to be hit by Phishing just because they're "always on".

Here are some mobile user-agent fields spotted in the log files:

iPhone

Mobile Safari: Mozilla/5.0 (iPhone; U; CPU iPhone OS 4_0 like Mac OS X; en-us) AppleWebKit/532.9 (KHTML, like Gecko) Version/4.0.5 Mobile/8A293 Safari/6531.22.7

iPad

Mobile Safari: Mozilla/5.0 (iPad; U; CPU OS 3_2 like Mac OS X; en-us) AppleWebKit/531.21.10 (KHTML, like Gecko) Version/4.0.4 Mobile/7B367 Safari/531.21.10

Android

Mobile Safari: Mozilla/5.0 (Linux; U; Android 2.2; en-gb; HTC_Desire-orange-LS Build/FRF91) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1

BlackBerry

Blackberry Browser: BlackBerry8520/5.0.0.681 Profile/MIDP-2.1 Configuration/CLDC-1.1 VendorID/123

Mobile Safari: Mozilla/5.0 (BlackBerry; U; BlackBerry 9780; en-GB) AppleWebKit/534.1+ (KHTML, like Gecko) Version/6.0.0.294 Mobile Safari/534.1+

Symbian

Symbian Browser: Mozilla/5.0 (SymbianOS/9.3; Series60/3.2 NokiaE72-1/031.023; Profile/MIDP-2.1 Configuration/CLDC-1.1 ) AppleWebKit/525 (KHTML, like Gecko) Version/3.0 BrowserNG/7.2.3.1

2) Mobile users accessing phishing websites are three times more likely to submit their login info than desktop users

Most users who access phishing websites do not submit their personal information. Some submit fake information. However, compared with desktop users, mobile users are three times more likely to submit private information once they access a phishing website. Why do mobile users trust phishing websites more? One explanation could be that it's harder to spot a phishing website on a mobile device than on a computer. As a research experiment, we compared the user experience of accessing a phishing website on a Blackberry and an iPhone. Here’s what we found:

BlackBerry:

It's very difficult to tell whether an email is fraudulent since the “From” field doesn't include the sender's address but rather the name of the sender (such as ACME Bank). Some users could interpret that the device "trusts" the sender more because it is just shows the name and not the full address. Although email addresses can be spoofed, if the entire address is visible and appears “phishy”, certain users will not click through the link in the message.

In HTML mail (the most common format for fraudulent messages) when a link is embedded as a href such as <a href="http://www.acmebank.com">Click Here to Login</a> hovering over the link will not reveal the actual address. When the user clicks on the link the BlackBerry device presents the following message: "Continue to" with the real address appended. Due to the limited screen size, if the URL is long enough and well crafted (e.g. starts with www.acmebank,com.vdgrtgrt ...) it is hard to detect that the URL is not legitimate.

Once the BlackBerry switches to the browser and starts loading the phishing website the top bar shows the website name created by the fraudster (e.g. Welcome to ACME Bank) and the real address is not presented. If the phishing website is a good clone of the authentic bank’s website (and most are) there is no easy way of determining that the website is fraudulent.

iPhone:

The experience on this device is similar to the BlackBerry until the user clicks on a link. iPhone devices don't ask the user if they want to open the URL. They automatically load the page. Unlike the BlackBerry, the iPhone does have an address bar. However, due to size limitations only the beginning of the URL is shown. Here again, if the URL is well crafted (e.g. www.acmebank,com.vdgrtgrt ...) it's hard to detect that the URL is not legitimate.

Based on our findings, it is equally difficult to spot phishing websites on BlackBerry and iPhone devices.

3) Eight times more iPhone users accessed these phishing websites than Blackberry users.

According to Comscore's October 2010 U.S Mobile Subscriber Market Share (http://www.comscore.com/layout/set/popup/layout/set/popup/Press_Events/Press_Releases/2010/12/comScore_Reports_October_2010_U.S._Mobile_Subscriber_Market_Share) report BlackBerry devices (RIM) are still the market share leader in the US with almost 36% compared to iPhones (Apple) with 26%.

Then why are more iPhone users accessing phishing websites? One explanation could be that Blackberry users, many of which are issued their device by a business, are more educated about Phishing threats and thus less likely to click these links, and have better protection on their mail servers. Although we don’t have any data to validate this theory, if in fact the iPhone is more commonly used in the private sector then this is a very plausible reason for these findings. Also, the message that Blackberry devices present when a user clicks on the link in a Phishing email may discourage a certain percentage of victims from proceeding to the phishing website. Another possibility is that the Comscore market share numbers are inaccurate, and the iPhone has a greater market share than currently documented.

Recommendations:

Mobile users – never click on links in email messages, since it is difficult to determine who sent the message, what the destination address is, and what consequences may occur (phishing, malware, scam, etc.)

Banks – When customers access a web application using a mobile device, we recommend presenting them with a noticeable welcome message that reminds them to:

· Never click on links in email messages or on the web that claim to take them to the bank’s website.

· Always type the bank's address in their browser.

· Download a secure mobile browser (Trusteer offers one) that can protect them against mobile threats.

For more information see http://www.trusteer.com/blog

Source: Eskenzi PR Ltd.

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Healthcare Focus Just What the Doctor Ordered for BridgeHead Software in 2010

2011-01-11T10:46:00.001-08:00

Healthcare Storage Virtualization^™ (HSV^™) specialist grows 40 per cent in 2010 as hospitals in North America and EMEA respond to BridgeHead's unique healthcare data and storage management offerings

Woburn, MA, US and Ashtead, UK - January 11^th, 2011 - BridgeHead Software, the Healthcare Storage Virtualization (HSV) company, announced today that its year-over-year income had increased 40 per cent for fiscal year 2010, which ended on September 30. BridgeHead attributed its dynamic 2010 growth to its singular focus on developing and delivering data and storage management offerings that meet the unique needs of the healthcare market.

Just 24 months ago, as the world faced a severe financial crisis, BridgeHead Software underwent a re-organization. Both operations and products were realigned to focus specifically on the healthcare market - a natural strategic evolution given that BridgeHead had already exhibited expertise and a track record of success in this area. This new focus on healthcare has paid off for BridgeHead; the company has grown organically and sustained five consecutive quarters of profitability.

By specializing in healthcare, BridgeHead has been able to capitalize on the US HITECH Act, which provides federal funds for hospital adoption of electronic health records (EHRs), as well as pro-actively developing solutions for the backup and archiving of MEDITECH's health care information system (HCIS) software release. The vertical focus on healthcare has also enabled BridgeHead Software to renew its appeal to NHS trusts in the UK, despite its exclusion from the National Programme for IT (NPfIT) vendors list, and make headway into European public healthcare.

This year, BridgeHead introduced the concept of Healthcare Storage Virtualization (HSV), offering hospitals a new approach to understanding and overcoming some of the difficulties around data and storage management. In essence, HSV enables software applications to be separated from the allocation and management of the physical storage hardware on which the application data resides. This gives healthcare organizations more choice, flexibility and control over the way data is accessed, protected and managed. Ultimately, HSV enables better utilization of existing and future hardware resources and, more importantly, the efficient use of critical electronic patient data. A newly released whitepaper entitled - "Healthcare Storage Virtualization: A New Way of Thinking About Your Data and Storage Management Challenges" is currently available for download.

"Over the course of FY 2010, BridgeHead has reaped the benefits of its reinvention as the Healthcare Storage Virtualization company. In changing our company strategy, we've invested heavily across every division, including the recruitment of new personnel both in our UK and US offices. One of our primary initiatives has been on product development to ensure that we deliver a valuable suite of solutions to hospitals that overcome their specific data and storage management challenges," said BridgeHead founder and CEO Tony Cotterill. "The number of hospitals buying and implementing our technology is a strong validation of BridgeHead's vision: to support the Electronic Health Record and empower healthcare IT to meet their growing storage needs without compromising on current hardware brand or media type."

How BridgeHead Solves Hospital Data and Storage Management Challenges

As it works to solve the data management challenges unique to healthcare organizations, BridgeHead Software has zeroed in on many of the storage pain points that bedevil hospitals all over the world.

Hospitals face a massive upsurge in data growth fueled by the adoption of Electronic Health Records (EHRs) as well as proliferation of DICOM images generated by increasingly prevalent scanning devices. This data tsunami has swamped many hospitals' disaster recovery strategies. As they struggle to manage and control rising healthcare data by purchasing more storage hardware, these same hospitals have also watched their IT budgets ebb away. Because BridgeHead's products and services help hospitals navigate this flood of storage, the company has experienced a rising demand for its healthcare-specific offerings.

Over the past year, BridgeHead has added a significant number of new healthcare customers both in North America and EMEA, expanding its footprint within its existing base. For many of these hospitals, BridgeHead's HSV architecture is providing a long-term roadmap for an effective healthcare disaster recovery (HDR) strategy as well as a blueprint for bringing data management and storage costs under control.

In the United Kingdom, BridgeHead Software has enjoyed increasing levels of interest from the NHS. David Brown, Head of ICT for recent customer The Rotherham NHS Foundation Trust, expressed support for BridgeHead's healthcare-centric approach to storage and data management.

"Clearly for us, and other Trusts, data protection, security, management and storage is absolutely critical to underpin our wider IT initiatives," he explained. "This is why our

relationship with BridgeHead Software has become so important. BridgeHead specializes only in the healthcare market, so they are well placed to understand our data, our hospital environment and our industry; and we're delighted with their progress to date. Over the course of this project, we have been really impressed by the wide range of solutions they offer in backup, disaster recovery and archiving, for both clinical and administrative data. Their knowledge of healthcare makes them a hugely valuable partner - plus, as their products are vendor agnostic, integration with existing systems is not an issue."

BridgeHead Software's largest customer footprint resides in the US where operations run out of Woburn, in the Greater Boston area. As one of BridgeHead's long-standing customers, Mark Middleton, Director of IT Infrastructure at CHRISTUS, commended the company on its expertise regarding data protection from its backup and disaster recovery solutions. "BridgeHead's technology manages all the disk and tape storage media, dynamically allocating volumes and managing the sophisticated archive retention cycles we have set up. This ensures that we are meeting our recovery point and time objectives and data availability commitments in the event of operational failure, disaster, or corruption."

Teaming With Storage Industry Leaders

Over the past 12 months, BridgeHead Software has forged new partnerships with leading storage hardware vendors Dell, Oracle and Iron Mountain while continuing to build on its existing relationships with partners MEDITECH, DB Technology and Perceptive. Dell, Iron Mountain and Oracle have combined their hardware with BridgeHead's software solutions to create comprehensive data and storage management offerings designed specifically for the healthcare industry.

Dell and BridgeHead's joint Medical Archive solution combines the strength of Dell's hardware offerings with the pedigree of BridgeHead's healthcare data management software to create a holistic and fully interoperable enterprise solution for hospitals looking to take control of their digital patient and administrative information. The underlying technology for the joint solution consists of BH MediStore^® and BH OfficeStore^® from BridgeHead and the DX6000 Object Storage Platform from Dell.

Brett Roscoe, worldwide marketing lead for Dell Enterprise Storage, commented, "We continue to see an exponential growth of storage in healthcare where more and more information is being stored digitally. Organizations require integrated hardware and software solutions that enable them to efficiently store, manage and discover their digital content. Working with Bridgehead Software, we are able to offer customers our storage platform with an industry-leading medical archiving solution from a proven information management leader."

Iron Mountain, the information management company, and BridgeHead's healthcare archiving solution, offers hospitals the opportunity to overcome some of their data management challenges by migrating older content to the Iron Mountain cloud. This significantly relieves the pressure on the hospital's current infrastructure, allowing it to redeploy existing storage assets in a more efficient and effective way (and delaying the need for a storage refresh) while helping with the creation of a "working" and robust backup and disaster recovery strategy - archiving static data into the cloud can reduce the primary backup stream by approximately 80 per cent. And all this with the flexibility, predictability and scalability that comes as part of a cloud solution.

"Hospitals need to have flexibility in their data backup processes to intelligently and cost-effectively handle the needs of the organization for today and in the future," said Ken Rubin, senior vice president and general manager, Healthcare Services for Iron Mountain. "The combined strength of BridgeHead's healthcare data management expertise and Iron Mountain's cloud archiving and disaster recovery capability answers this need. Not only will customers benefit from archiving data to the Iron Mountain cloud with BridgeHead, they can also leverage the solution for offsite backups. Instead of creating backup tapes that must then be removed from a tape library and transported to an offsite location, BridgeHead customers can transfer these backups electronically to redundant, geographically separated databunkers via the Iron Mountain cloud."

BridgeHead Software also worked with Oracle to create HEAT (Healthcare Enterprise Archive Topology), an intelligent archive management architecture that delivers cost effective, long-term data quality and retention for compliance management of healthcare data. Based on an HSV approach, HEAT enables hospitals to combine storage management software from BridgeHead with Oracle's Sun Fire x86 X4270 M2 systems and Oracle's Sun storage and tape systems, including the Sun ZFS Storage Appliance product line and StorageTek SL48 or SL500 Modular Library System to optimize data access and preservation while automating storage management and controlling both capital and operational costs.
Storage and Healthcare Experts Join the Team

To support its focus on the healthcare market, BridgeHead made several strategic additions to its executive leadership team. Michael Ball, PhD, was appointed to the newly created position of senior vice president, North America, and is based at US headquarters in Woburn, MA. Dr. Ball has more than 25 years of marketing and business development experience in the healthcare and IT industries. He comes to BridgeHead from InfoMedics where he was vice president of marketing and professional services for four years.

BridgeHead also appointed two senior executives to new positions in its Ashtead, UK headquarters: Tony Tomkys, director of sales, EMEA, and John McCann, director of marketing.

A seasoned sales professional with over 27 years of experience in IT, Tomkys aims to further increase BridgeHead's UK customer footprint in the NHS and private healthcare sector and will drive pan-European initiatives. He joins BridgeHead Software from CommVault, where he was Business Director for Public Sector. Before that, he held a range of positions from direct sales through to channel management and marketing at companies such as Steria, Morse, HP, Unisys and Apple.

As BridgeHead's director of marketing, John McCann is tasked with overseeing the creation and execution of worldwide marketing strategies that support business growth. With over 15 years experience specializing in B2B IT marketing, McCann came to BridgeHead from Micro Focus where he managed field marketing for the U.K. and Northern Europe. Prior to that, he held positions at software vendors Borland and ADP.

Product Upgrades and Introductions

In addition to rolling out its Healthcare Storage Virtualization architecture, BridgeHead also introduced enhancements and additions to its three core product lines in 2010.

BH MediSafe^™ provides the foundation for an effective healthcare disaster recovery (HDR) strategy. By understanding the profile of healthcare data, BridgeHead is able to provide a product set that can more effectively protect healthcare data - not only rapidly changing primary, dynamic data, but also the large volumes of rarely accessed and static tertiary data that hospitals create. A newly released whitepaper entitled - "Healthcare Disaster Recovery: Why Disaster Recovery is Different in Healthcare" is currently available for download.

BH MediStore leverages BridgeHead's underlying and common storage virtualization and data management services to provide a comprehensive solution for managing the clinical and administrative aspects of healthcare data and thereby underpins the electronic health record (EHR). BH MediStore manages and stores: DICOM data for the storage of medical images, scanned documents, and unstructured data files.

A 2010 addition to the MediStore line, BH PACStore^®, manages long-term storage and retrieval of PACS imaging data to create a robust, flexible and cost effective enterprise DICOM storage infrastructure. With BH PACStore, healthcare organizations can automatically retain PACS data in a highly protected geographically dispersed fashion and use the most cost effective storage systems dependant on the content's age and value.

BH OfficeStore is a comprehensive solution for the long-term archiving and secure maintenance of all hospital office data, regardless of its original location. By archiving existing content and providing an ideal location for all new user-generated unstructured content, BH OfficeStore relieves the pressure on primary storage and reduces the cost of data ownership.

"In the year to come, BridgeHead Software looks forward to supporting its existing healthcare clients as they move closer towards a full Healthcare Storage Virtualization architecture and implement more of our products," said Cotterill. "At the same time, BridgeHead will be filling out its product offerings both through continued enhancement to our existing products and through the acquisition of products that complement our own."

Healthcare Data Management Thought Leadership

BridgeHead continues to evolve and grow its position as a healthcare data management thought leader. The company published the BridgeHead Software 2010 International Data Management Healthcheck, which measured IT spending by healthcare organizations.

BridgeHead Software, the Healthcare Storage Virtualization (HSV) company, offers a scalable, future-proof platform to overcome rising data volumes and increasing storage

costs while delivering peace of mind around the access, availability and protection of critical electronic patient data. Trusted by more than 1,000 hospitals worldwide, BridgeHead Software solves healthcare organization's backup, recovery and archiving challenges. BridgeHead's HSV solutions are designed to operate with any hospital's chosen software applications and storage hardware, regardless of vendor. This presents healthcare organizations with greater choice, flexibility and control over the manner in which data is accessed, protected and managed. The net effect? Better utilization of hardware resources and, more importantly, the efficient distribution, availability and use of vital healthcare data.

To learn more about BridgeHead Software, visit: http://www.bridgeheadsoftware.com

Follow BridgeHead Software on Twitter at http://www.twitter.com/BridgeHeadHSV

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Warning as Vodafone Oz's data security dirty laundry aired in public

2011-01-11T10:44:00.001-08:00

Vodafone Oz's data security dirty laundry aired in public - what a timely warning say the experts

Reports that Vodafone’s Australian operation is in the firing line of the country's Privacy Commissioner, following the apparent placing of billing and call records of millions of its customers on a Web site whose password is only changed on a monthly basis, have been met with alarm by Lieberman Software.

According to the identity management specialist, the saga is a classic situation of what can happen when too many people have access to high level account credentials and corresponding sensitive information.

"The newswires are already reporting that at least one class action-style lawsuit is being prepared, and there will undoubtedly be others," said Philip Lieberman, Lieberman Software's president, adding that “it appears that someone within Vodafone Australia shared a password with an unauthorized individual.”

“It is telling that Vodafone Australia's chief exec has told the media the carrier is now resetting its passwords every 24 hours, since the monthly changes are clearly what caused the widely reported security problem for the carrier. ”

The fact that the carrier only became aware of the security problem when it was tipped off by a newspaper reporter on Saturday shows the potential of what can happen when you fail to secure privileged account credentials, explained Lieberman, noting that the problem appears to have been contained largely because of a tipoff by the reporter concerned.

Lieberman said: "The saga is now under active investigation by Vodafone and the fact that the Australian Privacy Commissioner is also involved, means that the situation will hopefully be contained and fully disclosed. In the longer term there may be the issue of a regulatory fine to deal with, and there has definitely been some brand damage here. There may even be lawsuits. This really is a classic case of what can happen when a company's data security methods - or rather, an alleged lack of them - are revealed in public," he added.

“The biggest threat to organisations,” Lieberman said, “is the lack of automated management of sensitive accounts/passwords (called privileged accounts). The persistent use of shared accounts using simple passwords and being manually managed will lead to more examples of this type of disaster. Many government and financial organisations have already upgraded their environments to use automated solutions, but it appears that only a major embarrassment and customer anger will prod companies like Vodafone to adopt an automated solution.”

For more on Vodafone Australian customer data breach: http://bit.ly/hiW7nx

For more on Lieberman Software: www.liebsoft.com

Source: Eskenzi PR Ltd.

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

ISACA Selects Imperva’s Web Application Firewall

2011-01-11T10:42:00.001-08:00

Redwood Shores, Calif., January 2011—Imperva, the leader in data security, announced that ISACA, the leading global association for information systems security, assurance and governance professionals, selected Imperva’s web application firewall (WAF) to protect ISACA’s web applications and continue to raise the bar for data security. ISACA leverages Imperva’s SecureSphere WAF as a part of a comprehensive security strategy that delivers unprecedented prevention, mitigation and protection for its on-demand platform.

“ISACA is committed to helping its constituents and the business community as a whole ensure they can have trust in, and derive value from, their information systems. As a result, Imperva is an essential component of our data security strategy,” said Manny Singh, ISACA IT director. “ISACA is a globally respected resource in the security industry so we must provide the best possible model for our constituents who live and breathe data security. Imperva helps us ensure the security of our sensitive data, which is a critical part of doing business every day. We evaluated many solutions and Imperva was found to be the best fit for our particular needs.”

Imperva SecureSphere is the market leading data security and compliance solution. SecureSphere protects sensitive data from hackers and malicious insiders. Imperva SecureSphere provides real-time protection against data breaches by hackers and malicious insiders. SecureSphere enables executives, risk officers, auditors and security professionals to mitigate the financial and reputation damage of data loss.

ISACA takes advantage of several key SecureSphere features including the ability to:

-Alert or block access requests that:

-Deviate from normal application and data usage

-Attempt to exploit known and unknown vulnerabilities

-Originate from malicious sources

-Violate corporate policies

-Are part of a sophisticated multi-stage attack

-Update defenses with research-driven intelligence on current threats and vulnerabilities

-Virtually patch application and database vulnerabilities to reduce the window of exposure and impact of ad-hoc fixes

“Having ISACA as a customer is a major proof point that SecureSphere is the fastest way to mitigate application security risk. Any company deploying sensitive Web applications should have a WAF in place to protect themselves,” said Imperva’s CTO Amichai Shulman.

With 95,000 constituents in 160 countries, ISACA (www.isaca.org) is a leading global provider of knowledge, certifications, community, advocacy and education on information systems (IS) assurance and security, enterprise governance and management of IT, and IT-related risk and compliance. Founded in 1969, the nonprofit, independent ISACA hosts international conferences, publishes the ISACA Journal, and develops international IS auditing and control standards, which help its constituents ensure trust in, and value from, information systems. It also advances and attests IT skills and knowledge through the globally respected Certified Information Systems Auditor (CISA), Certified Information Security Manager (CISM), Certified in the Governance of Enterprise IT (CGEIT) and Certified in Risk and Information Systems Control (CRISC) designations.

ISACA continually updates COBIT, which helps IT professionals and enterprise leaders fulfill their IT governance and management responsibilities, particularly in the areas of assurance, security, risk and control, and deliver value to the business.

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

varonis ENableS departments and agencies TO comply with new wikileaks us document AUTOMATion clampdown

2011-01-11T10:40:00.001-08:00

Limit and Automate Access to Sensitive Data with Free Trial of the Varonis Data Governance Software Suite

London – Jan. 2011 – Following the release of massive amounts of confidential government documents by WikiLeaks, the United States Office of Management and Budget (OMB) has directed federal departments and agencies to review their procedures for safeguarding classified national security information, and to complete an assessment of the safety measures they have in place to protect confidential documents by January 28.

Key in this assessment is the area of “safeguarding” (Section 3), which requires departments and agencies to limit and automate access to sensitive data. Specifically, the memo asks organisations to identify how they “ensure access to classified information in automated systems is limited to those persons who: (a) have received a favorable determination of eligibility from the agency head or their designee, (b) have signed an approved non-disclosure agreement, and (c) have a need to know the information”. Section 3 goes on to ask “How are need-to-know determinations made in your agency reflected in your management of automated systems?”.

Who Knows Who Needs to Know?

Currently, an average Terabyte of data contains roughly 50,000 containers. Of those 50,000 containers, 2,500 usually have unique permissions applied to them. These permissions usually refer to several groups that contain a few or dozens of users—an organization of 1,000 users often has 1,000 or more groups stored in their Directory Service (e.g. Active Directory). All of these folder permissions and groups need to be maintained and updated as people change roles and security labels change.

As Cablegate has shown, humans can no longer keep track of who “needs to know” without automation. There are just too many people and groups, too much data and too much change. In fact, 91 percent of organisations can’t even identify who should be deciding who needs to know (Source: Ponemon Institute Study, June 2008), nor can they accurately determine which containers their groups grant access to.

Varonis maps what data is accessible by whom and tracks what data is used by whom. Like search engines and online stores, Varonis uses sophisticated analytics to make recommendations about who should and shouldn’t be in which groups, and who should and shouldn’t have access to data. For example, recommendations automatically highlight users that have changed roles yet still have access to data sets that are no longer relevant for them, users that are in incorrect groups, and other access control errors.

Identification of Data Owners, Automated Authorization and Review

Varonis also uses automation to help identify data owners—the most active users of a high level container where the organization has write access are very likely candidates. Once data owners are identified, they are empowered to make informed authorization and permissions maintenance decisions through a web-based interface—that are then executed—with no IT overhead or manual backend processes.

Once data has been locked down so that only those who need to know have access, access still needs to be monitored—trust, but verify. Varonis analyses all data usage to identify users that suddenly deviate from their normal access patterns, or suddenly access a statistically significant number of files. These alerts can be routed to the proper personnel for immediate review.

Leveraging Metadata to Limit and Automate Access to Sensitive Data

A critical part of limiting and automating access is the ability to leverage metadata - data about data (or information about information). When it comes to identifying sensitive data and protecting access to it, a number of types of metadata are relevant: user and group information, permissions information, access activity, and sensitive content indicators. A key benefit to leveraging metadata for preventing data loss is that it can be used to focus and accelerate the data classification process. In many instances the ability to leverage metadata can speed up the process by up to 90 percent, providing a shortlist of where an organization’s most sensitive data is, where it is most at risk, who has access to it and who shouldn’t.

"Federal agencies need to know that they no longer have to manually manage permissions to ensure that only the correct users have access to the right data and that their permission can be revoked when they no longer need them,” said Yaki Faitelson, chief executive officer, president and co-founder of Varonis Systems. “The previously impossible is now possible through the intelligent use of metadata and data governance automation. The instinctive reaction of many to these WikiLeaks is to try and lock down all data — that is not only impossible, it is unnecessary if you use the right technology.”

Varonis is the leader in unstructured and semi-structured data governance for file systems, SharePoint and NAS devices, and Exchange servers. The company was named "Cool Vendor" in Risk Management and Compliance by Gartner, and voted one of the "Fast 50 Reader Favorites" on FastCompany.com. Varonis has over 3,000 installations worldwide. Based on patented technology and a highly accurate analytics engine, Varonis' solutions give organisations total visibility and control over their data, ensuring that only the right users have access to the right data at all times. Varonis is headquartered in New York, with regional offices in Europe, Asia and Latin America, and research and development offices in Hertzliya, Israel.

Source: Eskenzi PR Ltd.

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Hackito Ergo Sum announcing HES2011

2011-01-07T13:36:00.001-08:00

Hackito Ergo Sum announcing HES2011

from 7th to 9th of April (Paris, France)

After the sucess of its first edition last year, the HES2011 conference gathers together once again the finest experts of the international security scene. Backed up with an amazing program committee*, HES is on the way to be an international event of exceptional quality.

HES aims at anticipating the challenges of the security world and gathers together underground or amateur security researchers together with professional security expert researchers and technical decision makers. During three days, HES will feature new research presentations, of the highest technical level, presented by some of the most respected international researchers. Its goal is to support networking and innovation while federating communities and key actors from the industry, from both the public and the private sectors.

The topics covered will include : vulnerability analysis, SCADA architectures, Reverse Engineering, the underground economy, attacks on banking or telecom infrastructures, Cloud Computing security, the botnet fenomenon, threat intelligence...

In addition to the debates between security enthousiasts, many practical demos are expected. A special session will focus on genuinely new content from brilliant hackers, security researchers, or academic researchers. An other track will present talks from anonymous speakers, allowing them to publish their most sensitive work while preserving their privacy.

According to the traditional spirit of security conferences, the 2011 edition will offer various challenges, like a lockpicking contest or the mandatory "Capture The Flag", which was last year prepared by the Over The Wire online wargame community.

The Call for Paper is now open and will close the 20th of February 2011 : http://hackitoergosum.org

The Program Committee is composed of some of the most respected hackers worldwide.

This is the ultimate garantee of the quality of the content chosen to be presented at HES.

In spite of the borders and their ideological, economical or military differences, they share their research and forge together new concepts. At the same time theoretician and experimentators, they all collaborate in a community spirit, to contribute to the progress of computer security and anticipate tomorrow's challenges.

* Program Committee is composed of the following World-Wide Experts :

Tavis Ormandy (Google)

Matthew Conover (Symantec)

Jason Martin (SDNA Consulting Shakacon)

Stephen Ridley

Mark Dowd (AzimuthSecurity)

Tiago Assumpcao

Alex Rice (Facebook)

Pedram Amini (ZDI)

Erik Cabetas

Dino A. Dai Zovi (Trail Of Bits)

Alexander Sotirov

Barnaby Jack (IOActive)

Charlie Miller (SecurityEvaluators)

David Litchfield (V3rity Software)

Lurene Grenier (Harris)

Alex Ionescu

Nico Waisman (Immunity)

Piotr Bania

Laurent Gaffié (Stratsec)

Julien Tinnes (Google)

Brad Spengler (Grsecurity)

Silvio Cesare (Deakin University)

Carlos Sarraute (Core security)

Cesar Cerrudo (Argeniss)

Daniel Hodson (Ruxcon)

Nicolas Ruff (E.A.D.S)

Julien Vanegue (Microsoft Security Redmond)

Itzik Kotler (Security Art)

Rodrigo Branco (Checkpoint)

Tim Shelton (HAWK Network Defense)

Ilja Van Sprundel (IOActive)

Raoul Chiesa (TSTF)

Dhillon Andrew

Kannabhiran (HITB)

Philip Petterson

The Grugq (COSEINC)

Emmanuel Gadaix (TSTF)

Kugg (/tmp/lab)

Harald Welte (gnumonks.org)

Van Hauser (THC)

Fyodor Yarochkin (Armorize)

Gamma (THC Teso)

Pipacs (Linux Kernel Page Exec Protection) Shyama Rose.

Including the three organisers of HES:
Philippe Langlois (P1 Security TSTF /tmp/lab)
Jonathan Brossard (Toucan System P1 Code Security /tmp/lab)
Matthieu Suiche (MoonSols)

"Hackers to Decision Makers" meetings

For all the duration of HES2011, companies can ask for face to face interviews with technical experts on the hotest topics of computer security and research during the "Hackers to Decision Makers" meetings. Those individual interviews will then focus on the topic of their choice : botnets, reverse code engineering, attacks and enforcement of copyright laws, anonymity and tracking on internet, critical infrastructures, virtualization... Those interviews with key experts of the sector will preserve the anonimity of the participants.

Trainings

HES will feature trainings of very high technical level. They will happen the days before the 2011 edition of Hackito Ergo Sum. Like during the Blackhat or CanSecWest conferences, those trainings will be given by the speakers of HES2011, on extremely technical topics, such as binary reverse engineering, security analysis through Microsoft HyperV, security of the SS7 Telecom signaling networks... Those trainings are focusing on the latest attack trends and techniques, with strong emphasis on demos and practical manipulation of the environments, processes or infrastructures by the participants of the training.

Hackito Ergo Sum (HES) is a security conference offering new and exclusive points of view on IT security. It gathers together international security experts along with the most respected hackers from the underground. HES aims at facilitate the sharing of knowledge and best practices, the release of previously undisclosed research, and trends, in order to anticipate and face the upcoming challenges in IT security. Since it was created in 2009, Hackito Ergo Sum can count on the help of the best security researchers worldwide.

For more information http://hackitoergosum.org

Beware of Malicious Twitter trends

2010-12-26T05:52:00.001-08:00

by Michael Smith (Veshengro)

Denis, of Kaspersky Labs, in Moscow, wrote on December 1, 2010 that after seeing the Aurora from Moscow he decided to write about it on Twitter and then decided to search for “северное сияние” (Aurora in Russian) to see if others have noticed it too.

He then saw a number of tweets from people in Moscow who also had seen the Aurora. He then noticed "Morgan Freeman" listed in the Twitter Trends.

Thinking that something had happened to him Denis checked the tag and found a number of suspicious messages. After checking the URL he found they were malicious – a new attack being carried through Twitter at that very moment, live.

Further investigation revealed several trending topics –‘Morgan Freeman’, ‘Advent Calendar’, ‘Pastor Maldonado’, ‘Toivonen’, ‘Grinch’ and ‘Hannukah’ – with various messages with the shortened URLs. Various shortening services were used: tinyurl.com, urlcut.com, bit.ly, doiop.com, tiny.cc, alturl.com, shortlinks.co.uk, yep.it – all pointing to malicious websites.

All these links lead to br********.com/about.html which will redirect user to bestivideos****.it. Then user will be redirected to myb****.com/flash/ where user will see the following ‘offer’:

This ‘codec’ is actually malicious and detected by Kaspersky Lab as Trojan-Dropper.Win32.Drooptroop.ipl.

Be careful with twitter trends because popular topics could always lead to malicious messages!

It would very much appear that shortened URLs are being used to offload malware on unsuspecting users of Twitter (and other social media sites) and, maybe, a way must be found to preview the links, as full URLs, so that users can see where the link actually sends them to.

Byt.ly and tinyurl.com will, in TweetDeck always, it would appear, present a box where the real URL is shown.

If you are using Firefox then by hovering over the link the full URL is being shown and it should become practice for all of us to use browsers such like that and protection plug-ins and ensure that we see the proper web address before we click on any link.

Cyber criminals have been using the hunger of people for news about this or that for some time already and emails were being sent about before with messages about the war in Afghanistan, supposed earthquakes, and other disasters. Or messages that this or that celebrity had appeared nude, etc.

The desire by users to be the first to learn about such issues tend to be their downfall and they end up getting trapped and it proves, time and again, that computer users must become much more savvy and by now, one would have hoped, that that would be the case already. Alas, however, it is not.

It is the same with people who believe that their anti-virus software makes their computer slow and that by disabling or even uninstalling it they would have a faster computer. That is as dangerous as removing a child stair gate just because we have to step over it.

Cyberspace is a dangerous place, unfortunately, and we need to keep out wits about us when venturing there. That does not mean that we should abandon it. Just using proper commonsense and care, plus some good protection software, a safe browser and not opening links in emails that we are not sure about, and especially NOT in any unsolicited emails.

Be careful, its a jungle out there.

PRIVILEGE GUARD NAMED "BEST SECURITY PRODUCT 2010"

2010-12-23T10:47:00.001-08:00

AVECTO PRIVILEGE GUARD NameD “BesT SecURITY PRODUCT 2010” BY WINDOWS IT PRO MAGAZINE

December 23^rd , 2010, North Andover, MA and Manchester, UK: Avecto Ltd, the leader in Windows privilege management, today announced that its Privilege Guard 2.6 was named as a GOLD medal winner of the “2010 Editor’s Best Awards” in the ‘Best Security Product’ by Penton Media’s Windows IT Pro^® magazine.

“The 2010 Editors’ Best Awards—presented in conjunction with our 2010 Community Choice Awards—are a recognition of our editors’, contributors’, and authors’ favorite products of the year,” said Jason Bovberg, senior editor at Windows IT Pro. “Our editorial experts' annual tradition of selecting winners based on a product’s strategic importance to market, its competitive advantages, and its value to the customer is particularly significant to the Windows IT Pro and SQL Server Magazine communities this year, as we call out exceptional products in an economically tight, highly competitive market.

“Our Editors’ Best Awards let us leverage our contributing editors’ expertise to provide well-earned recognition to products that exceed industry standards. This year, we’ve even added valuable, in-the-trenches insight about winning products from our reader community. We're proud to now share this invaluable information with our Windows IT Pro and SQL Server Magazine communities. Our winners should be extremely proud of this honor of recognition from our editorial experts

Avecto Privilege Guard is the industry’s most comprehensive solution for enabling the security principle of least privilege in Windows environments. Privilege Guard eliminates the need to assign admin rights to users and allows enterprises to dynamically assign these rights to applications, tasks and scripts. Privilege Guard enables users to log on to Windows desktops and servers with minimal rights while empowering them to perform their day-to-day role, leading to increased security, simplified compliance with industry regulations and reduced support costs.

“Avecto is honored to be awarded a ‘Gold Editors Best’ award for 2010,” said Tony Bolland, chief executive officer at Avecto. “This is a wonderful accolade and we are delighted to have been recognized as having the best security product by Windows IT Pro. Knowing that we were selected for our product’s strategic importance to market, competitive advantages, and the value we deliver to customers is a major achievement for the Avecto team.”

About Avecto

About Windows IT Pro

Windows IT Pro is the leading and largest independent voice in Windows IT, with more than 2.5 million visits per month, and consists of a multitude of print and online channels. In addition to the flagship Windows IT Pro magazine, our technology network includes SQL Server Magazine, SharePointPro Connections and DevProConnections. Other online channels include blogs, forums, podcasts, RSS feeds, webinars, virtual events, white papers, newsletters, classes and more. IT professionals get objective, “direct from the trenches” information about Microsoft’s latest Windows-based solutions and gain essential insight for keeping business-critical Microsoft applications up and running. For more information, visit www.windowsitpro.com.

Penton Media, Inc. is the largest independent business-to-business media company in the United States, serving more than 6 million business professionals every month. The company's market-leading brands are focused on 30 industries and include 113 trade magazines, 145 websites, 150 industry trade shows and conferences, and more than 500 information data products. For additional information about the company and its businesses, visit www.penton.com.

Source: Avecto Ltd, www.avecto.com

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

Infosecurity Europe organisers say lack of awareness of PCI DSS 2.0 is very worrying

2010-12-23T10:45:00.001-08:00

London, UK 23^rd December 2010 - A survey that revealed that almost 30 per cent of IT directors/managers of major retailers in the UK are either unaware - or only partially aware - of the PCI DSS 2.0 security standard's requirements is very worrying, say the organisers of the Infosecurity Europe show. . Infosecurity Europe will be held at Earls Court, London 19-21 April 2011 www.infosec.co.uk

According to Claire Sellick, event director with the show, it is also of significant concern that only 36.2 per cent of respondents to the survey knew that PCI DSS 2.0 includes significant changes regarding an organisation’s network architecture and virtualisation.

"What we have from the results of this LogLogic poll is that some of the IT managers with largest retailers in the UK - i.e. those with more than 50 outlets – just don’t `get’ what the PCI DSS 2.0 is all about, or the potential serious repercussions to their business of not being able to pass an audit. . If anyone should know about the issues involved, then it should be them," she said.

"The fact that the majority of them are doing their jobs, apparently blissfully unaware of the security requirements of the PCI Security Standard Council's rules as regards their IT architecture, is of phenomenal concern," she added.

Sellick went on to say that the increasing using of virtualisation in all large organisations, largely because of the economic imperative the technology offers, means that security managers really do need to be on their toes when dealing with the new IT platform.

Only a minority of existing security applications fully port over to a virtual machine environment, so it's critical that IT managers understand the need for a root and branch review of their IT security strategy before they migrate to a virtualised system.

And since the provisions of PCI DSS 2.0 mean that an organisation that cannot demonstrate it is operating within the rules to an auditor from the PCI Security Standards council could find itself unable to accept debit and credit cards, this really is an ultra-critical issue, she explained.

The only piece of good news to come out of this survey, she says, is the fact that around half of major retailers in the UK view PCI DSS as valuable addition to their security arsenal.

"Let's not forget that developing and maintaining an effective IT security strategy is all about knowledge. Only with the knowledge of what your options are can you truly develop a holistic set of security defences," she said.

"Frankly, anyone can source a leading-edge IT security appliance or software-based system, but to deploy it in an effective manner takes a high degree of security intelligence. And since PCI DSS 2.0 is so critical to modern businesses, the results of this survey are a real eye-opener," she added.

"It is to be hoped that IT managers who learn about the results of this survey will move swiftly to counter lack of understanding of PCI DSS rules in their organisation, otherwise when the PCI auditor comes knocking, their business could be in serious trouble."

For more on the PCI DSS 2.0 survey: http://bit.ly/dWmCvt

For more on the Infosecurity Europe show: www.infosec.co.uk

Infosecurity Europe, celebrating 16 years at the heart of the industry in 2011, is Europe’s number one Information Security event. Featuring over 300 exhibitors, the most diverse range of new products and services, an unrivalled education programme and visitors from every segment of the industry, it is the most important date in the calendar for Information Security professionals across Europe. Organised by Reed Exhibitions, the world’s largest tradeshow organiser, Infosecurity Europe is one of four Infosecurity events around the world with events also running in Belgium, Netherlands and Russia. Infosecurity Europe runs from the 19th – 21st April 2011, in Earls Court, London. For further information please visit www.infosec.co.uk

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.

CitySights card hack could generate PCI DSS fallout

2010-12-23T10:43:00.001-08:00

CitySights card hack could generate PCI DSS fallout says Imperva

23^rd January 2010 - Reports that the Web site of a New York-based tour firm has been hacked and around 110,000 bank card details lifted by hackers may have repercussions for the company on the PCI DSS front, says Imperva.

According to Amichai Shulman, chief technology officer with the data security specialist, the hack itself occurred via a SQL Injection attack. In such an attack, the hacker gains illegal access to information in the database. As media reports have shown, the hacker launched the attack on September 26 over a 3 week period obtaining over 100K credit card details including the account number, expiration date, CVV2, and other personal identifying information such as home and email addresses. Shulman’s team had investigated this attack, and what they found was an Indonesian hacker’s blog listing numerous websites vulnerable to attack, including the site of CitySights. Interestingly enough, the blog’s entry was dated September 9^th – more than two weeks prior to the initial attack campaign.

While this case clearly illustrates the security misgivings the company suffered from, CitySights may also be in breach of the PCI DSS industry regulation. The PCI regulation, mandated by major credit-card processing companies such as Visa and Mastercard, defines the required security controls to be placed on the storage and processing of credit cards. The PCI regulation includes specific requirements in regards to the storage of unencrypted credit card data as well as prohibiting the storage of sensitive authentication data (CVV2) all together.

Since the hacker was able to gain access to this data, “may indicate that the firm’s data security practices are not aligned with PCI DSS requirements”, Shulman proceeds to say.

The tour company had offered a 50% discount voucher to its affected customers. Ironically enough, Shulman says, they posted the discount code online, making it in short available for anyone.

For more on the CitySights card database hack: http://bit.ly/fYK8Ro

For more on Imperva: www.imperva.com

Source: Eskenzi PR

This press release is presented without editing for your information only.

Full Disclosure Statement: The ICT REVIEW received no compensation for any component of this article.