Microsegmentation is a method of creating secure zones in data centers and cloud deployments that allows companies to isolate workloads from one another and secure them individually. It’s aimed at making network security more granular. Microsegmentation vs. VLANs, firewalls and ACLs
Network segmentation isn’t new. Companies have relied on firewalls, virtual local area networks (VLAN) and access control lists (ACL) for network segmentation for years. With microsegmentation, policies are applied to individual workloads for greater attack resistance.To read this article in full, please click here
Our tech panel envisions the end of passwords, looks at how blockchain is evolving, details why 'serverless' computing is a boon to devs and wonders why Apple's HomePod seems late to the game.
Hackers can crack them, and users are careless with them. Passwords have long been problematic, but they are getting renewed attention after a series of major breaches. Our panelists look at the coming technology to help with password security.
As the explosive growth of IoT tech continues; businesses, vendors and consumers all have to confront the issue that the world is more connected than ever before, with potentially gigantic consequences.The central problem with IoT security is that there is no central problem – IoT is a more complicated stack than traditional IT infrastructure and is much more likely to be made up of hardware and software from different sources.+ALSO ON NETWORK WORLD: Review: VMware’s vSAN 6.6 + Configuration errors in Intel workstations being labeled a security holeTo read this article in full, please click here
Blockchain continues to evolve and grow, as more companies test it out. It's now seen as the heart of a new global shipping platform that could save companies billions of dollars and as the underpinning for a P2P cloud storage endeavor.
This powerful micro-cut shredder from AmazonBasics turns a letter-sized sheet into 2,235 pieces of confetti, up to 6 sheets at a time (5/32 by 15/32 inches; security level P-4). Inserted one at a time, it also destroys credit cards, rendering them completely unusable. It features a generous 4.1-gallon waste bin that is easy to manage. This micro-cut shredder averages 4.5 out of 5 stars on Amazon from over 1,900 people (72% rate a full 5 stars: read reviews). Its typical list price of $50 has been reduced 29% to $36. See it on Amazon.To read this article in full, please click here
Rob Lee, faculty fellow at the SANS Technology Institute, talks with host Steve Ragan about his group's work to help companies out of sticky situations, plus the state of the security industry and predictions for 2018.
Security researchers at an antivirus company have documented another potentially serious security hole in an Intel product, this time in the mechanism for performing system updates. The good news, however, is that it is limited to desktops, is a configuration error, and does not appear to impact servers.Last June, researchers at F-Secure found a flaw in Intel’s Active Management Technology (AMT), a feature used to perform remote updates to advanced desktops using Intel vPro or workstation platforms using Core desktop chips and certain Xeon CPUs. Xeon is primarily a server processor but there are some low-end chips used in high-performance workstations, such as those used in a CAD environment.To read this article in full, please click here
Host Steve Ragan talks with Stan Engelbrecht, director of the cybersecurity practice at D3 Security, about the inherent flaws in security defenses for public transportation systems -- and what can be done.
The Consumer Electronics Show (CES) is an odd place to announce an enterprise product, but the Wi-Fi Alliance used the massive trade show — which has more or less taken over where Comdex left off — to announce a major upgrade to Wi-Fi security.The alliance announced the Wi-Fi Protected Access 3 (WPA3), a new standard of Wi-Fi security that greatly increases the security capabilities of the wireless standard. WPA2, which is the current standard in wireless security, has been around for 14 years, so this is way overdue.To read this article in full, please click here
As we swerve onto the runway in 2018, IT leaders are finding themselves under increased pressure to ensure security, high availability and disaster recovery for the applications and systems under their care. The results of several surveys underscore the concerns of nearly 6,000 IT professionals around the globe.These surveys, conducted in 2017 by Vision Solutions, now part of Syncsort, collected responses from 5,632 professionals to determine their key business continuity concerns and their strategies for addressing high-profile hacking attacks, data breaches, disruptive natural disasters and escalating storage and data accessibility needs. The results highlight their areas of greatest concern and the key initiatives they are putting into place for moving forward.To read this article in full, please click here
As we swerve onto the runway in 2018, IT leaders are finding themselves under increased pressure to ensure security, high availability and disaster recovery for the applications and systems under their care. The results of several surveys underscore the concerns of nearly 6,000 IT professionals around the globe.These surveys, conducted in 2017 by Vision Solutions, now part of Syncsort, collected responses from 5,632 professionals to determine their key business continuity concerns and their strategies for addressing high-profile hacking attacks, data breaches, disruptive natural disasters, and escalating storage and data accessibility needs. The results highlight their areas of greatest concern and the key initiatives they are putting into place for moving forward.To read this article in full, please click here
Researchers have discovered several vulnerabilities in Dell EMC's data protection products that would allow an attacker to gain full control of the system. Fortunately, a fix is available now for download.The vulnerabilities, three in all, were disclosed on Jan. 4 by the security technology and services firm Digital Defense. They effect Dell EMC's Avamar Server, NetWorker Virtual Edition, and Integrated Data Protection Appliance, which use a common component called Avamar Installation Manager. This is the problematic app.In addition to this, a related problem in the VMware vSphere Data Protection backup product has also been uncovered, but it has already been patched.To read this article in full, please click here
Cisco’s Encrypted Traffic Analytics (ETA), a software platform that monitors network packet metadata to detect malicious traffic, even if its encrypted, is now generally available.The company initially launched ETA in June, 2017 during the launch of its intent-based network strategy and it’s been in a private preview since then. Today Cisco rolled ETA out beyond just the enterprises switches it was originally designed for and made it available on current and previous generation data center network hardware too.+MORE AT NETWORK WORLD: What is intent based networking? | Why intent based networking could be a big deal +To read this article in full, please click here
As the chip vendors wrestle to get their arms around the Meltdown and Spectre vulnerabilities, we’re slowly determining the exposure of AMD and ARM to the exploit. Intel, unfortunately, is totally vulnerable. With AMD and ARM, though, it gets complicated.First, let’s go over the Spectre exploit, which is a second class of attacks similar to Meltdown, the one we all know. Like Meltdown, Spectre exploits speculative execution in order to root out information from a CPU’s cache. Spectre is different because of how it runs.Also read: Meltdown and Spectre exploits: Cutting through the FUD
While Meltdown is based on a specific implementation of speculative execution, Spectre exploits a risk to speculative execution that requires more work to exploit but is also considered harder to mitigate. Because it’s more obscure and arcane, it’s not as well understood. That’s why Meltdown is considered the bigger risk.To read this article in full, please click here
Host Steve Ragan unpacks the latest news about Chinese company DJI's bug bounty program, plus new developments in video surveillance and more, with Fahmida Rashid.
As the fallout continues over the Meltdown and Spectre exploits in Intel and now some ARM processors, the issue of what to do about it is coming front and center. Clearly there is no fixing a silicon problem; Intel will have to adjust future chips to deal with it. So, for now, we have the software fixes.Linux distros are rolling out fixes, and Microsoft has issue patches for Windows — although the threat to consumers is minimal. Apple has also issued a macOS fix.To read this article in full, please click here
There is lots of information circulating about the new exploits of computer chips from Intel and others announced in the past few days. Some of it has been accurate, and some has been sensationalist and overblown. There is much technical information with high level of details available for both Meltdown and Spectre, so I won’t get into a lot of technical detail here. Rather, I’ll focus on the higher-level issues affecting business and personal computer users.+RELATED: Intel’s processor flaw is a virtualization nightmare; Red Hat responds to the Intel processor flaw+To read this article in full, please click here