Despite increasing data breaches (a whopping 4.7 billion data records worldwide being lost or stolen since 2013) and mounting regulatory and customer pressures around data protection, IT decision makers worldwide continue to ignore reality and rely on the same breach prevention strategies when it comes to protecting customer data and information. Today’s IT security professional clearly has a “reality distortion field” when it comes to the effectiveness of perimeter security. According to a recent survey of IT decision makers worldwide, one-third of organizations experienced a data breach in the past 12 months. Yet, while 86 percent of organizations have increased perimeter security spending, 69 percent are not confident their data would be secure if perimeter defenses were breached. This is up from 66 percent in 2015 and 59 percent in 2014. Furthermore, 66 percent believe unauthorized users can access their network, and nearly two in five (16 percent) said unauthorized users could access their entire network.To read this article in full or to leave a comment, please click here
Pop-up alerts on computer screens don’t work because they arrive at the wrong times, scientists say.Despite the popular belief—cultivated perhaps mainly by bosses—that humans can multitask, many believe they can’t. And that hypothesis may be proven, in part, by the discovery that on-screen alerts generally don’t achieve action if one is busy doing something else. The result is an increase in security vulnerabilities.Computer users are engrossed in tasks when the randomly timed alerts arrive, and it makes them less likely to respond.+ Also on Network World: How to craft a security awareness program that works +To read this article in full or to leave a comment, please click here
Data loss prevention toolsImage by ThinkstockWe tested data loss prevention (DLP) tools from Comodo, Digital Guardian and Forcepoint. These products are designed to stop protected data from being shared in multiple ways, everything from e-mail attachments to printing to even screen captures. Forcepoint Triton was the most mature, easiest to setup and had the most features. Digital Guardian DLP was able to eliminate almost all false positives and would be a good choice for organizations with huge amounts of intellectual property. Comodo DLP offered a lot of flexibility as well as extras like a VPN, firewall, patch and mobile device manager, making it a good choice for organizations getting up to speed with their overall cybersecurity defenses. Read the full review.To read this article in full or to leave a comment, please click here
Most security tools are focused on keeping external attackers at bay. But what about the sensitive data that lives inside your network? How do you make sure it doesn’t get out, either intentionally or by accident?To read this article in full or to leave a comment, please click here(Insider Story)
Moving to VegasImage by ThinkstockFor the first time VMware has moved its domestic VMWorld conference to Las Vegas – and what better place than under the bright lights of the strip to talk about the latest in virtualization, SDN, containers, hyperconverged infrastructure and mobile management. Check out our compilation of the hottest new products and services being announced and displayed at VMWorld 2016. To read this article in full or to leave a comment, please click here
One of the key benefits of leveraging Office 365 for your SharePoint solutions is that you will be able to take advantage of all of the latest and greatest advances in the platform as they are launched. This means that you don’t have to worry about managing upgrades and fixes – and this should save time and resources associated with platform management. But, it also means that you have less control over when changes happen in your environment – and that means you need to stay on top of what Microsoft is planning. Successful change management is a lot about managing expectations. When people are fully informed and aware of changes to the software they use every day, the changes can be easier to accept – especially if you have evaluated the impact of these changes in advance. To ensure that your continuously evolving Office 365 environment is not disruptive to your users, you need to monitor what is happening with the platform with a multi-faceted “lens” – looking at upcoming changes from multiple perspectives. For that, it takes a village.To read this article in full or to leave a comment, please click here
One security research company is taking a controversial approach to disclosing vulnerabilities: It’s publicizing the flaws as a way to tank a company’s stock.The security firm, MedSec, made news on Thursday when it claimed that pacemakers and other health care products from St. Jude Medical contain vulnerabilities that expose them to hacks.However, MedSec is also cashing in on the disclosure by partnering with an investment firm that’s betting against St. Jude Medical’s stock.The whole affair is raising eyebrows around the security community. It may be the first time someone has tried to get compensated for discovering vulnerabilities by shorting a stock, said Casey Ellis, CEO of Bugcrowd, a bug bounty platform.To read this article in full or to leave a comment, please click here
MPLS (multi-protocol label switching) VPNs (Virtual Private Network) have long been recognized as a preferred option for dedicated, high performance connectivity over a wide area network (WAN), such as linking data centers or branch offices that require high volume and reliability. Often these MPLS VPNs would use a broadband internet connection, either DSL, Cable or LTE, as a backup option. It has become more common recently to leverage that broadband for internet offload. In fact, the broadband internet is also being used as the primary VPN link for many locations and is even being combined with single user remote access options. Regardless of the use case for the broadband VPN, it uses the IPSec protocol to encrypt the VPN traffic to keep it secure. To read this article in full or to leave a comment, please click here
This column is available in a weekly newsletter called IT Best Practices. Click here to subscribe. Who's that coming to your website? Is it friend or foe? Is it a customer wanting to buy your products, or someone or something wanting to steal your web content? Is it a community member that wants to post a relevant comment, or a spammer intent on planting junk links and content in your open comments section? Is it a real person clicking on an ad, or a web bot driving up fraudulent clicks?Web applications are increasingly being subjected to automated threats such as click fraud, comment spam, content scraping, abusive account creation, and more. These and other illicit or unwanted activities are described in detail in the OWASP Automated Threat Handbook for Web Applications.To read this article in full or to leave a comment, please click here
Whether they identify as white hats, black hats or something in-between, a majority of hackers agree that no password is safe from them — or the government for that matter. Regardless of where they sit with respect to the law, hackers mostly agree that five key security measures can make it a lot harder to penetrate enterprise networks.At the Black Hat USA 2016 conference in Las Vegas earlier this month, Thycotic, a specialist in privileged account management (PAM) solutions, surveyed more than 250 attendees who self-identified as hackers (respondents remained anonymous). Eighty-four percent of respondents identified as white hat hackers — security researchers that help organizations uncover and remediate vulnerabilities. And 15 percent identified as black hat hackers, who penetrate networks with criminal intent.To read this article in full or to leave a comment, please click here
Wipro has Holmes, Tata Consultancy Services introduced Ignio, Syntel is selling Synbots. HCL Systems calls its Dry Ice. And Infosys is promoting Mana. With traditional IT outsourcing revenue streams at risk to automation, a number of IT service providers are responding by developing their own homegrown systems which are designed to perform routine tasks and operations otherwise performed by humans.The good news is that CIOs now have a number of automation options to choose from. The bad news? The array of choices can be confusing and the unproven systems can be risky. It may not be immediately clear how these new automation options from traditional IT service providers differ from the solutions of the more well-established robotic systems companies like IPSoft or BluePrism.To read this article in full or to leave a comment, please click here
A private equity firm has signed an agreement to buy major cloud player Rackspace for $4.3 billion.Rackspace announced today that Apollo Global Management, a U.S.-based investment manager, will acquire the company in a deal that will give Rackspace shareholders $32 per share."Our board, with the assistance of independent advisors, determined that this transaction, upon closing, will deliver immediate, significant and certain cash value to our stockholders," said Graham Weston, co-founder and chairman of Rackspace, in a statement. "We are also excited that this transaction will provide Rackspace with more flexibility to manage the business for long-term growth and enhance our product offerings."To read this article in full or to leave a comment, please click here
The big rumor surrounding Apple’s iPhone 7 is that it will completely abandon the 3.5mm headphone jack, a familiar port that has been around in one form or another for decades on end. Needless to say, Apple’s decision won’t be met without controversy. While alternatives like lightning-based audio and Bluetooth do exist, getting rid of a port that’s ubiquitous and as exceedingly reliable as the headphone jack is undoubtedly a risky move.Recently, Apple co-founder Steve Wozniak chimed in on the iPhone 7 and articulated that Apple may be going down the wrong path. During an interview with the Australian Financial Review, Woz said that Bluetooth technology isn't yet suitable as a replacement to a wired headphone solution.To read this article in full or to leave a comment, please click here
We are used to external developments driving progress in enterprise networking. An obvious example is the modern smartphone, born in the consumer market but now the primary client for enterprise WLANs.Another is the move towards white-box networking, an extraordinary change in the way enterprises build data centers that would not have happened but for the activities of the big consumer internet companies.So, it is natural to look to other markets for technologies that may become important in the enterprise over the next few years. In wireless, Bluetooth is the one to watch.Bluetooth Low Energy: wireless technology of choice Bluetooth has enjoyed an extraordinary rise since re-inventing itself with BLE (Bluetooth Low Energy, also called Bluetooth Smart and Bluetooth 4.0) in 2010. Its main benefits are very low-cost chips and very low power, enabling inexpensive battery-powered devices that run for years.To read this article in full or to leave a comment, please click here
The Backup Plus Ultra Slim Portable Drive is one of Seagate's thinnest and most eye-catching portable hard drives. Available in stunning gold and platinum colors- style meets storage- and easily slips into your backpack along with your other essentials. At 9.6mm thin, capacity is not sacrificed with 1TB and 2TB options-bring your most important files and head out the door. Back up and manage your favorite files from your computer, tablet and mobile devices using the Seagate Dashboard. Run a one-click backup or schedule an automatic backup plan to help protect your files. Convenient tools for local, mobile, cloud and social media backup at the ready. With high-speed USB 3.0 and 2.0 connectivity, you can depend on seamless plug-and-play functionality. And the USB bus-power eliminates the need for an external power supply, letting you access your files while on the move. The Lyve mobile and desktop app gives you the ability to access a single, consolidated and personalized photo and video library. When you purchase a Backup Plus Ultra Slim Portable Drive, you get 200GB of OneDrive cloud storage for 2 years (US$95 value). The Backup Plus Portable Drive averages 4.5 out of 5 stars on Continue reading
In order to help webmasters better protect their websites and users, Mozilla has built an online scanner that can check if web servers have the best security settings in place.Dubbed Observatory, the tool was initially built for in-house use by Mozilla security engineer April King, who was then encouraged to expand it and make it available to the whole world.She took inspiration from the SSL Server Test from Qualys' SSL Labs, a widely appreciated scanner that rates a website's SSL/TLS configuration and highlights potential weaknesses. Like Qualys' scanner, Observatory uses a scoring system from 0 to 100 -- with the possibility of extra bonus points -- which translates into grades from F to A+.To read this article in full or to leave a comment, please click here
Goldilocks?Image by NASAWith the discovery of a possibly habitable Earth-sized orbiting around our own nearest star some four light-years in the distance, we thought we’d take a look at some of the other potential Goldilocks planets discovered over the past years. Have a look…To read this article in full or to leave a comment, please click here
Best Deals of the Week, August 22-26 - Deal AlertCheck out this roundup of the best deals on gadgets, gear and other cool stuff we have found this week, the week of August 15th. All items are highly rated, and dramatically discounted!72% off Cambridge SoundWorks OontZ Angle 3 Wireless Bluetooth SpeakerThe Cambridge SoundWorks OontZ Angle 3 Next Generation Ultra Portable Wireless Bluetooth Speaker currently averages 4.5 out of 5 stars from over 8,300 people on Amazon (read reviews). It's regular list price is $99.99, but with the current 72% discount you can get it for just $27.99. The OontZ Angle 3 connects effortlessly to your device via bluetooth. It is designed to be loud and clear, with rich bass delivered through their proprietary passive subwoofer design. Its high capacity rechargeable 2200 mAh battery lasts for up to 7 hours of playtime. Check out the dramatically discounted OontZ Angle 3 from Cambridge Soundworks now on Amazon.To read this article in full or to leave a comment, please click here
Amid reports that Apple is working on a social app, if not an outright foray into a social network, analysts wonder whether the company is already too far out of the social loop to make a difference."Apple would have to come up with a very solid social app in order to compete with what's available today," said Dan Olds, an analyst with OrionX. "Even with Apple's very large installed base of users, I think it would be very difficult for Apple to compete head-on with Facebook, Twitter or Google. I'm not sure people want to add yet another social network to manage and maintain. The market seems fairly well satisfied right now."At this point in the progression of social media - with users ensconced in Facebook, Snapchat, Instagram, Twitter and Pinterest - what would it take for Apple to make a real difference, or even a dent, in the market?To read this article in full or to leave a comment, please click here
Four former Hewlett Packard Enterprise (HPE) employees, all of them over 50 years of age, allege in a lawsuit that the firm pushed older workers out so it could increase the number of younger employees -- millennials in particular.The federal age-discrimination lawsuit, which marshalled statistical evidence, job ads and internal memorandum to support its claims, will also cite public statements by HPE CEO Meg Whitman in its case.For instance, in a CNBC interview last November, Whitman was asked by an interviewer: “You did announce significant job cuts about a month or so ago.… Is that going to be it for HP?” (HP announced cuts of up to 30,000 jobs in September last year)To read this article in full or to leave a comment, please click here