Why complex pa55w0rdz don’t work…..

May 20, 2010 by varidion Leave a Comment

Gmail, Yahoo, Hotmail, DropBox, ShareFile….. that’s why!

It’s very simple.  You can’t stop staff trying to extend their days or be available 24 x 7,  and it’s not just the younger Generation Y workers.  Gen X and even boomers have now shifted from work life balance to work life integration…..  So what’s this got to do with passwords? 

It’s data loss… 

Todays connected staff want to carry on their good work on that important spreadsheet or presentation at home, and the best way is the simplest way, email it or upload it to their home and personal account.  Instant data loss!  What protects this corporate data?  A weak password.

Probably their wife’s name,  kid’s name, a pet’s name or if they are security conscious they may have included their date of birth to help throw in a few numbers.  And this is all very public information, but if you don’t know it just ask for it. 

A recent blog claimed that as long as general questions are used as a ‘forgot password’ backup, most web authentication is no more secure than personal knowledge questions.

Joseph Bonneau from the University of Cambridge wrote that with incidents such as Sarah Palin‘s web mail account being hacked and the taking of Twitter documents from a Gmail account, the questions and answers for forgotten passwords are easy to look up online, often found in public records, and easy for friends and acquaintances to guess.

So Security Manager –  do you know what data is leaving your network?  No?   Speak to Varidion and we will show you…..

Filed under DLP, Managed Security, Next Generation Firewalls, Palo Alto Networks, Social Enterprise Tagged with ,

Gartner: Next Generation the Only Way…..

April 26, 2010 by varidion Leave a Comment

I’m convinced you have no tolerance for ever-increasing network security costs.  Sure, you want to effectively manage risk, especially in an increasingly regulated world where security breaches result in huge fines and bad press – but your network security costs keep rising, even as traditional network security technologies like intrusion prevention systems (IPS) prove less and less effective against modern threats.

This is simply unacceptable. Industry analysts like Gartner have noted this as well, and have recommended that customers move to next-generation network security infrastructure.

Not only do next-generation firewalls vastly increase the visibility and control you have over the applications, users, and content you have on your network – they also save you lots of money on IPS.  With today’s highly segmented networks, this can result in multi-million pound purchases for large organizations – but ironically you still can’t manage threats well.

One of the principal reasons for Gartner’s recommendations is that traditional IPS can’t effectively manage applications and can’t detect threats in SSL-encrypted and compressed content.

Our next-generation firewalls do all of the above, and deliver industrial-strength intrusion prevention capabilities while saving you money.  In fact, the cost of our solution averages under £3,000 per protected network segment – a savings of at least 75% over TippingPoint and ISS.  Don’t take our word for it…  Drop into InfoSec and see for yourself; at the same time get measured up for a bespoke shirt.

Tailored security from Varidion

Filed under Managed Security, Next Generation Firewalls, Palo Alto Networks, Social Enterprise, Varidion Tagged with , , ,

Social Enterprise can damage your wealth.

December 21, 2009 by varidion Leave a Comment

Attackers love to tempt people with freebies, security experts say.  “The bait that works best is a popular device,” says Sherri Davidoff, a penetration tester who breaks into corporate networks.  One of her most successful techniques is simple; a fake employee survey.  Victims fill it out thinking they’ll qualify to win an iPod if they hand over sensitive information and 30% do!

It’s this trust that allowed the Koobface worm to spread throughout Facebook and led to a rash of direct-message attacks on Twitter.  The worm connects to a site using log-in credentials stored in the gathered cookies and sends messages to the friends of an infected user.  It also sends and receives information from an infected machine by connecting to remote servers and allows attackers to execute commands on infected machines.  The worm is also targeting users of other social-networking sites, including MySpace, Bebo, Friendster, hi5, MyYearbook, Tagged.com, Netlog, Fubar, and LiveJournal.com.

It’s all part of the next round of social enterprise attacks and the Enterprise must be prepared.  Social Networking applications are more than just another website, many have plug-ins and modules that push and pull information via HTTP while others use SSL and port hopping to bypass the corporate firewall.  So if your protection, i.e. your firewall, doesn’t understand the applications your not protected.  Assuming that all port 80 is HTTP is wrong.  Assuming that all SSL traffic must be official because it’s encrypted is also wrong.  Assuming you also block these sites via URL checking is also wrong.

The only way to protect yourself is by properly identifying the applications entering and leaving your network, by actual name and type not by IP address and port.

Just think what could be leaving your network…  as you embrace the social enterprise because of the good benefits like productivity gains and cost savings, don’t inherit the bad bits such as data loss and theft.  Speak to us about auditing your network and the applications using it and I bet we find applications in use you thought were blocked.

Filed under Managed Security, Social Enterprise Tagged with , , ,

Confidential Data – Leaving via an IPS near you…

December 8, 2009 by varidion Leave a Comment

One of the biggest information security news items over the past Year is the leaking of confidential or sensitive data by specific applications.  Ironically, the applications that facilitated these breaches were specifically forbidden, but because these programs masquerade as valid applications or hide within SSL encryption, traditional network security and IPS appliances are oblivious to the breaches.

With today’s dynamic applications, a next generation of network security device is required;

  • One that can identify the applications in use, even when they are trying to hide.
  • One that can identify who has these applications, either through choice or via malware infection.
  • One that will control what’s entering and leaving your network, even if it’s encrypted inside SSL.

And until recently you needed to add another point solution or applicance to protect your network.

Next Generation Firewall vendor, Palo Alto Networks, has grasped the nettle and created a Multi-Gigabit Firewall that can identify, control and report on over 1000 applications right down to a user level and even if shrouded in encryption.  Refreshingly, implementing a Palo Alto Next Generation Firewall from Varidion will reduce your appliance sprawl as this single device delivers URL control; Spam filtering; Remote Access (IPSEC and SSL) and Malware detection all for less than £1,000 per month.

Can you afford not to implement one?  Call us today..

Filed under Managed Security, Social Enterprise Tagged with , , ,

File Sharing – Not Just a Geek Problem

December 5, 2009 by varidion Leave a Comment

An alarming trend has been indentified by our Partner, Palo Alto Networks, in their Applications Usage and Risks Report:  browser based file sharing has overtaken the use of client specific Peer 2 Peer applications for the first time.P2P -v- Browser

So what?

Well its simple, if today you detect and remove the use of file-sharing software within your business by managing and removing applications loaded onto your PCs, then this method is now redundant.  That is, unless you plan to remove browsers from your PCs?

Browser-based file sharing applications are a direct avenue for the transfer of confidential data and allows user download of infected files and malware-infested advertising.

The remedy is simple; you need to identify and control your applications at the network layer.  By their very nature, P2P, Malware and many Web2.0 applications masquerade as valid web and SSL traffic by hiding within their ports and protocols.  So unless your firewall can identify these rogue applications you have no way of controlling them.  Can your firewall distinguish between valid http and file-sharing http?

At Varidion, our Next Generation Firewall can identify and classify some 900 applications so control and protection is simple.  If you still managing by port & protocol speak to us about a free trial of our service, we will even give you a report outlining all the applications in use on your network.  I guarantee we’ll find something you don’t like!

Filed under Social Enterprise Tagged with , , , , ,

Long Range Forecast: It’s getting Cloudy with Storms.

November 9, 2009 by varidion 2 Comments

CloudsLast week I was discussing the merits of a Cloud based infrastructure with a prospect and he jokingly asked me for a “Long Term Weather Forecast”,  I thought it was a joke but it soon became apparent that some insight into the coming Years would help them choose their wardrobe for the coming seasons.  So in true Michael Fish tradition.

Private Secure Cloud – Enterprises will see through the Fog and embrace the “Private Cloud” and host ICT within their network and not at the edge of their network.  Be quick!  Hosting facilities are filling fast and some very good deals can be had.

Application Specific Clouds – You buy vertical applications for specific business need, so why can’t we do this with Cloud?  You can.  Subscribing to different vendors for Voice, Email, Storage and Security is the best world strategy but can prove complex.  Incidentally, this is a key benefit of Varidions HYDRA platform – Choice!

Self Service – Outsourcing an application to a Cloud provider doesn’t mean you lose control, however some providers have better management platforms than others.  The ability to control your applications and services via consoles and control panels is big business and as SaaS providers try to differentiate themselves, this is where the gaps will appear.

Mostly Cloudy

Quality of Service – Many early adopters cite “Internet Weather” as a major complaint of SaaS; when users complain of slow response from applications and erratic performance the Network and IT Manager is helpless as the problem is after their network but before the SaaS provider.  Varidions HYDRA leads the way in providing QoS based interconnects between Customers and SaaS providers.

Application Monitoring – you’ve subscribed to SaaS, your applications and services are in the Cloud and users are complaining.  You’re blind!  Understanding where your providers are meeting or exceeding their SLAs is critical to companies that are to embrace SaaS.  Not only that, what is the actual application performance users are getting?

Filed under Application Enabled Networks, Cloud Networking, SaaS Tagged with , , , ,

Customer complaints on Facebook – Who cares? Retailers Must!

November 3, 2009 by varidion Leave a Comment

Today the consumer is more likely to air their grievances on social networking sites such as Facebook, Twitter and their Blogs before making an actual complaint to the retailer, but only the Web 2.0 savvy retailers are listening.

According to Brand Reputation, over 80% of surveyed consumers are more likely to look for online reviews than 12 months ago, but crucially they are five times more likely to tell friends and post negative feedback.

Brand Reputations CEO said, “When this trend occurs via the Web, these numbers quickly multiply and could spell disaster for retailers who don’t have strategies in place.”

It’s critical a retailer embraces Social Media, the Net-Generation consumer doesn’t read Which, they take peer review and negative feedback as their key litmus test.  So while the Retailers website has become its shop front, Social Media will be become its marketing media, but unless managed and controlled it could prove fatal.

Filed under Managed Security, Social Enterprise Tagged with , , , , ,