This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. The nature of how cyber attacks start is changing. Today's malicious actors are not merely opportunistic, they know what information they want and who to target to get at it. For example, the 2014 breach at JP Morgan reportedly began when an IT employee opened a specially-crafted email and was tricked into providing credentials to a vulnerable internal machine. Attackers used the privileges of that person's credentials to move around the network until they were able to find and exfiltrate 83 million records in one of the largest data breaches of the year.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. One of the weakest links in security systems is end user credentials. They are often abused by their legitimate owners, and stolen by malicious actors. The 2014 Verizon Data Breach Investigations Report revealed that 88% of insider breaches involve abuse of privileges, and 82% of security attacks involve stolen user credentials.An external attacker might use a stolen set of credentials to make the initial infiltration of a network, to make lateral movements inside the network to gain access to sensitive data or information, or to exfiltrate data to complete the breach. This type of activity is hard to detect because the credentials themselves are legitimate—they are just being used the wrong way.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe.
Does your company do business internationally, and especially with customers within the European Union (EU)? If so, then you need to pay attention to what's happening in the areas of data privacy and data sovereignty. Big changes are underway and they could have an impact on how you manage customer information.
At the end of December, the European Commission (EC) approved the final version of the General Data Protection Regulation (GDPR). It's a massive overhaul of the EU's 1995 data protection rules (Directive 95/46/EC), which were quite out of date given the technology developments and globalization of the last two decades. The EC has been working on the GDPR since 2012 in order to strengthen online privacy rights and boost Europe's digital economy.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. Cyber insurance is rapidly becoming an important part of many organizations' risk mitigation strategy. While most businesses have some sort of property or general liability insurance, those policies exclude coverage for cyber liability, so cyber insurance has become its own category, and it's the fastest growing area of insurance for businesses. At least 50 major providers now offer this type of insurance, attracted by the fact that demand for cyber insurance has been rising by double digit percentages for the last few years.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. I don't often write about technology products aimed at the home user, but this is one I definitely want for my home. Small offices might find this product useful as well, and there is an enterprise version in development, so it's worth me telling you about what's on my wish list this time of year.I'm talking about eBlocker, a small device that protects your personal privacy when you are surfing the web. It's from a German engineering company of the same name, eBlocker.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. Close to 20 years ago I was working with a company in the process of a blockbuster merger with a competitor. The company set up numerous closed-door "clean rooms" at headquarters where teams from both companies could work through the details of the proposed deal. Scores of people from the target company came to town and lived in hotels for weeks on end.Those of us not on the merger team watched daily as boxes of documents were carted into the clean rooms. We assumed the boxes contained each company's most sensitive business information. The people in those rooms were charged with deciding if the merger was the right thing to do. They hoped the answers would be found in those precious documents. Apparently they were because the merger went through.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. As a security technology that obfuscates clear text data, tokenization is the red-headed stepchild compared to encryption. That's changing, however, as tokenization has a key role in enabling mobile payment systems such as Apple Pay, Samsung Pay and Android Pay. If you use any of these smartphone-based payment applications, tokenization is already at work for you.Unless you're in the payments industry, you might not even know what tokenization is, or how it can protect sensitive data. Yes, there are uses for the technology beyond securing payment data. I'll talk use cases in a minute, but first let me explain what tokenization is.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. If you live in the United States and you have a credit card, chances are high your bank recently sent you a new card with an embedded smart chip. Banks and other card issuers are scurrying to put chip-enabled credit cards in their customers' hands. Debits cards, too. These cards are critical for a new security system for card-based payments that will go into effect in the U.S. soon.In the lingo of the payments industry, the new cards are called EMV cards. EMV is an open set of specifications for smart cards and other acceptance devices such as smart phones and fobs. EMV stands for Europay, MasterCard and Visa, which are the three companies that developed the standard in 1994. Today the EMV standard is managed by EMVCo LLC, which has six member organizations – American Express, Discover, JCB, MasterCard, UnionPay and Visa – and dozens of EMVCo associates. EMVCo makes decisions on a consensus basis to assure card infrastructure uniformity throughout the world.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. From time to time, companies must undertake a data migration project for one reason or another. Perhaps it's to consolidate data onto a single platform after a merger or acquisition, or to accommodate an application upgrade or consolidation. Migrating away from legacy systems is another popular reason to move data around. Whatever the motivation, a data migration project is no fun.In the years 2000, 2007 and 2011, Bloor Research undertook research studies on the costs and challenges of data migrations. Their 2011 study showed that the average budget for a data migration project is $875,000. Despite spending that kind of money, only 62% of such projects were brought in "on time and on budget." The average cost of budget overruns is $268,000. One of Bloor's recommendations for achieving the greatest chance of success with a project is to have a dedicated internal competency center or team specializing in data migration. Even with that, success is not guaranteed.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. In recent weeks I've written about several vendors in the software defined wide area networking (SD WAN) space. There's one thing I've learned as I've talked with these companies: each one takes an approach to wide area networking that plays to the company's strengths. Silver Peak just had a major announcement pertaining to SD WAN, and not surprisingly, this company is building on its deep expertise in WAN acceleration.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. In recent weeks I've written about several vendors in the software defined wide area networking (SD WAN) space. There's one thing I've learned as I've talked with these companies: each one takes an approach to wide area networking that plays to the company's strengths. Silver Peak just had a major announcement pertaining to SD WAN, and not surprisingly, this company is building on its deep expertise in WAN acceleration.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. Many vendors are racing to compete in the burgeoning software-defined WAN space. Each competitor has its own strategy of how to implement the network overlay that makes the network connections, provides virtualized services and steers applications. It all comes down to what the SD-WAN vendor wants to help its customers achieve.VeloCloud has an entry in this race, and the company has two goals: to simplify the way companies set up their branches within their wide area network, and to improve the performance of the WAN. There are several specific problem areas VeloCloud is setting out to address.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. In April 2014, Zeus Kerravala wrote in Network World that the software-defined WAN (SD-WAN) is now a business imperative. He cites several reasons why the time is right for companies to reconsider their WAN architecture.First of all, cloud and mobile computing, as well as applications such as video and voice over the network, are creating vastly different traffic patterns than the old style of client/server computing. Next, business agility is the enterprise mantra today, but traditional WAN architectures are too inflexible to enable the much-needed application agility. And last but not least, the complexity of the WAN makes it increasingly difficult to make even small changes in a reasonable timeframe.To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. As 2014 drew to a close, Network World contributor Steve Alexander proclaimed 2015 to be the year that Software Defined Networking (SDN) and Network Functions Virtualization (NFV) go mainstream. Calling them "transformative technologies," Alexander expects enterprises to consume services from telcos and other service providers instead of buying traditional data center hardware appliances.To read this article in full or to leave a comment, please click here