Archive for the ‘IT security’ Category

HomeIT security

Engate Launches In-The-Cloud Email Security Enabling Secure Web and Email Gateway Vendors to Achieve 99% Edge Protection

On July 8, 2010   /   IT security, Security Solutions   /   Leave a comment

Next Generation botnet, phish and email security solution empowers OEM partners to deliver significant network bandwidth and data-center consolidation cost savings.

Engate Technology Corporation, leaders in next generation reputation network profiling technology and proactive botnet, phish, virus and email security solutions, today announced the latest version of GlobalRules™ network profiling technology. The new solution empowers secure web/email gateway, intrusion prevention, unified threat management, and router OEM partners to deliver a unique hybrid SaaS email and botnet security solution Nthat achieves 99% proactive in-the-cloud protection. By blocking email-borne threats in-the-cloud and outside the network with superior accuracy, Engate enables OEM partners to greatly reduce the amount of email and bandwidth that must be processed at the gateway, thereby improving the efficiency of on-premise mail processing and ensuring greater protection through multiple layers of security.

Engate makes the power of its patented network profiling connection management technology available to OEM vendors that use reputation and on-premise solutions by providing a first line of in-the-cloud defense against malicious email connections. Engate employs next generation network profiling, source verification, and anti-forgery techniques to identify and block email-borne botnet, phish, spam, malware and blended web/email attacks at the connection level — before they have a chance to compromise IT resources, invade privacy, degrade network performance, and waste user productivity.

Engate’s in-the-cloud security solution for builds upon Engate’s patented network profiling technology and industry leading expertise in reputation SaaS and hosted security. Engate’s hybrid deployment model allows OEM partners to achieve more thorough in-the-cloud protection while meeting a wider range of security and performance requirements than is possible in a reputation and on-premise deployment model. By preemptively stopping 99% of email-borne threats completely at the connection-level, Engate helps OEM partners to improve the efficiency of on-network processing and deliver significant network bandwidth and data-center consolidation cost savings to the enterprise.

“Email remains one of the most widely-used attack vectors against enterprise users. With 90 percent of all email being malicious and unwanted, Engate‘s in-the-cloud protection enables secure web and email gateway, IPS and UTM partners to enhance their security portfolio by reducing the burden of what is processed, filtered, and archived on-premise,” said Wil Cochran, CEO, Engate Technology.

In-the-Cloud Network Profiling for Secure Web and Email Gateway Partners

With more than eight years of operational experience collecting and analyzing data on global networks, Engate‘s reputation network profiling technology empowers strategic OEM partners to take advantage of the reputation of every ’good and bad‘ IP in an entire network. By profiling whole networks beyond infected hosts, Engate has built a repository of intelligence on potential and unknown hosts that may become infected. This unique intelligence on unknown threats is a critical component to enhance an OEM partner‘s security portfolio today — as well as in the future – particularly as unknown threats continue to rise due to the growth of botnets.

Engate delivers incremental value to secure email gateway, secure web gateway, unified threat management, intrusion prevention, firewall, and router partners in the following ways:

(1) Enhance 3rd party threat scoring systems with an extra layer of threat intelligence proven to achieve an additional 15-20% unique catches on top of existing content scanning, Real-time Blacklists (RBL) and reputation technologies.

(2) Improve connection-level security and the efficiency of 3rd party email security filters by reducing over 99% of unwanted traffic and malicious payloads from reaching the gateway.

(3) Augment multi-layer security strategy with proactive protection from known and unknown threats. Engate’s unique network profiling functionality gives OEM partners preemptive in-the-cloud defense against email-borne botnets, phish, spam, viruses and blended web/email threats.

Learn More about Leveraging Cloud Computing to Maximize Security

Powered by the latest advances in cloud computing, virtualization and network profiling technology, Engate’s solutions help OEM partners reduce the risks and costs related to email-borne botnet, phish, virus, malware and web/email threats. To learn more about the new Engate’s in-the-cloud solution and how SaaS and hybrid solutions provide enhanced multi-layered security, visit engate.com.

Read more
Back to Top

Virus Production from Russia Increases Again

On July 5, 2010   /   Crime, IT security, Virus and Spyware   /   Leave a comment

Virus production from Russia is on the up again, after a temporary decline last month when Russian hosting service, PROXIEZ-NET – notoriously used by criminal gangs – was taken down in early May. This is according to analysis of internet threats in June, by managed security company, Network Box.

Russia is now responsible for 7.4 per cent of the world’s malware, and is back to being in the top four virus-producing countries, behind the US (13 per cent), Korea (10.1 per cent) and India (9.2 per cent).

This follows a similar pattern to malware production after the McColo shutdown in the US, in November 2008, when the US’s threat production decreased dramatically temporarily, but was back up to normal levels within a month.

Levels of viruses and spam from the UK remain high. The UK has the dubious honour of being the world’s fourth-largest producer of spam, with 4.1 per cent of spam originating from home shores, the same as last month. This is behind the US (11.1 per cent), India (8.0 per cent) and Brazil (4.2 per cent).

Virus levels from the UK are slightly down from last month (2.9 per cent, down from 5.9 per cent), but this figure results from an increase in production from other countries, notably India (up to 9.2 per cent of viruses from 5.5 per cent last month) and Russia. The US is back at the top spot, overtaking Korea, and is now responsible for 13.6 per cent of the world’s malware (up from 11.6 per cent last month).

Simon Heron, Internet Security Analyst for Network Box, says: “We predicted that Russian malware and spam production would be back up to normal levels this month, and this has proved to be the case. Any efforts to shut down criminal hosting services is to be applauded, it makes life a little harder for those who would prey on others but sadly in the current political climate it doesn’t normally have a long term effect, as the criminals simply go elsewhere.”

For more information on security issues, visit Network Box, see Simon Heron’s blog; or follow him on Twitter.

Read more
Back to Top

Securing Data: Free Guide

On May 27, 2010   /   Computer Security, IT security, Security News   /   Leave a comment

A new guide for businesses on how to secure data is available from managed security company, Network Box. The guide is designed to give guidance to companies on best security practice to avoid a security breach; and is available free from Network Box’s website.

From April 2010, the Information Commissioner’s Office in the UK has greater powers to enforce data security regulations (including the power to fine companies up to £500,000 for the most serious breaches), and this has made good security even more important for businesses.

Organisations keep more data, and for longer, than ever before. Much of this data – customer records, financial information or personal identity details – has a value to cyber-criminals, and any organisation that holds sensitive data could be targeted by a hacker. Whether it’s stealing an identity, launching a phishing campaign, or cloning credit card information, consumer data has intrinsic value to cyber-criminals, so must be kept secure.

The Network Box Guide to Compliant Security in the UK includes opinion from James Pickering, a commercial litigation barrister, on interpreting the data protection laws (but it is not designed to give or replace legal advice to companies on compliance). Pickering’s full opinion on the legal aspects of compliance can be read here.

The guide includes advice on best security practice, such as:

• Avoiding or minimising the risk of human error (the cause of most data breaches), from phishing attacks to leaving an unprotected laptop on a train
• Planning for a security breach, such as system redundancy; and a breach notification plan (voluntary at the moment, but likely to become mandatory within the next two years)
• Reviewing third party suppliers that host data, such as CRM systems or financial systems providers (including web or mobile payment providers); and ensure that they are PCI DSS compliant
• Encrypting data and using strong password authentication, particularly for mobile devices, laptops and data sticks
• Checking all data that leaves the building (via any channel, including IM), as well as data that enters it, to prevent unauthorised transfer of data
• Securing more than just email. 2009 saw a clear move by cyber-criminals towards focusing on exploiting vulnerabilities in applications, web browsers and servers, rather than just mailing executable code
• Reviewing all applications and systems across the organisation regularly, to check for vulnerabilities; and setting clear user rights (see Network Box’s guide to monitoring applications)
• Ensuring that all data is routed through the appropriate channels and doesn’t bypass security systems (for more information, see Network Box’s guide to routing)
• Educating employees on their role in keeping the organisation secure; and limit access rights to certain applications or platforms
• Using secure VPNs, so data doesn’t have to be moved, on, for example, a laptop or memory stick; and ensure that home or remote workers have the same levels of security as the rest of the organisation (see Network Box’s guide to remote working for more information)
• Preventing employees from downloading anything that isn’t approved by the security team, such as peer to peer software, that might leave a ‘back door’ open into the organisation.

Simon Heron, Internet Security Analyst for Network Box says: “There’s a lot of confusion among companies about what they should do to be secure. At InfoSec this year we heard a number of companies who are concerned, but who are unsure what to do. We hope this guide will help organisations put in place security measures to avoid a security breach. The cost of cleaning up after data breach – both financial and in reputation terms – can be enormous.”

For more information on security issues, visit Network Box, see Simon Heron’s blog; or follow him on Twitter.

Read more
Back to Top

Guidance Software Acquires Assets of Forensic Hardware Leader Tableau LLC

On May 20, 2010   /   Crime, IT security, Security News   /   Leave a comment

Guidance Software, Inc. (NASDAQ: GUID) has announced it has signed a definitive agreement to acquire substantially all of the assets of Tableau, LLC, a privately held developer and manufacturer of computer forensic hardware. This acquisition extends Guidance Software’s existing leadership in computer forensics technology by combining software with hardware for a complete forensic framework for the law enforcement, legal and corporate communities.

The purchase price for this transaction was $12.3 million in cash. The assets of Tableau include cash of $1.6 million. Guidance Software expects this transaction to increase previous revenue guidance by $3 million and be $0.03 accretive to its non-GAAP earnings per share in 2010. The acquisition closed May 7, 2010.

Guidance Software customers now have access to a family of data-acquisition products – tools to gather evidence and other data – including multiple “write blocker” products, forensic duplicators and other hardware. Write-blockers protect data while it is being collected during the computer forensic process, eliminating any risk of changing the data – especially useful in criminal cases and other legal investigations. Tableau has sold more than 100,000 write-blockers since the company’s inception. Forensic duplicators provide an efficient and forensically sound way to copy data being used in a computer forensics investigation.

“Tableau is, by far, the leader in forensic hardware, and their products complement our industry-leading EnCase® Forensic software,” said Victor Limongelli, president and chief executive officer, Guidance Software. “The acquisition serves our key strategic aim to strengthen our leadership position in the computer forensics market. Customers should benefit from a broadened product line addressing the complete forensic process, with improved interoperability and best-in-class performance.”

Guidance Software also has created a forensic business unit, headed by former President of Tableau Robert Botchek. The business unit is dedicated to continuing Guidance Software’s leadership in computer forensics by developing and delivering software and hardware products trusted by forensic, law enforcement, defense, and intelligence organizations worldwide.

“Forensic users want a vendor focused on their needs, and that’s exactly what we will give them with the new forensic business unit,” said Botchek, now senior vice president of Forensic Solutions at Guidance Software. “Our mission is simple: listen to users and apply our combined talents in software and hardware to tailor EnCase products for their needs.”

In addition to the forensic business unit’s focus on the needs of law enforcement and other computer forensics customers, Guidance Software will continue to invest in its EnCase® eDiscovery and EnCase® Cybersecurity products, as well as its EnCase® Enterprise platform, which is trusted by more than 800 customers. These product lines continue to be a major focus, and represent an important growth opportunity.

For more information visit Guidance Software

Read more
Back to Top

IT security for Car Dealerships: Free Guide

On May 17, 2010   /   IT security, Security News   /   Leave a comment

Car dealerships, like so many businesses, are increasing the amount of business-related activities they carry out online, from checking inventory and ordering new parts, to communicating with customers and downloading manuals.

A new guide – IT Security for Car Dealerships – released today by managed security firm Network Box, provides guidelines for car dealerships to follow to protect their IT networks from security threats.

The guide is free to download from Network Box’s website, and is designed to help car dealerships understand the unique risks that they face (such as keeping the network secure when it is constantly connected to third party databases). It also provides guidelines to help minimise the risk of breaches taking place.

In the guide, Network Box recommends that all car dealerships should take steps to remedy possible security weak points, including:

1. Secure external connections by connecting to third-party suppliers via a secure VPN and keeping your security systems updated to minimise the risk of infection.
2. Defend dedicated links by accessing them through a firewall or UTM system.
3. Control downloads. Ensure that only trusted data is downloaded and prevent non-work related video and audio streams clogging up the network by using an access management content scanning system.
4. Secure applications and restrict administrator status on them. All applications must be regularly tested for vulnerabilities.
5. Review security systems regularly and avoid human error.
6. Educate employees on the importance of tight security systems via security trainings sessions held at least once a year.
7. Never leave computers unmanned and ensure applications have strong passwords.
8. Keep all security systems updated. Check for the latest versions and make sure these are used across the whole organisation.
9. Check routing to ensure that all data is routed through the correct channels and nothing bypasses security systems.
10. Check outbound data in the same way that inbound data is checked (including new technology such as IM). This will help prevent lapses in data security.
11. Tap into expert knowledge. Don’t be afraid to ask for guidance. Security is becoming an increasingly sophisticated issue which requires specialist knowledge. Hold regular training sessions for staff or being in security experts to run your systems.

For more information on security issues, visit Network Box, see Simon Heron’s blog; or follow him on Twitter.

Read more
Back to Top
Page 6 of 15« First...45678...Last »

Extra Security

FREE Security Updates

Enter your email address:

Delivered by FeedBurner

Best Security Sites

Computers Business Directory - BTS Local TopOfBlogs