Report: Bad policies and practices put data at risk [Infographic]

Almost every company has data stored in its systems that is overexposed and at risk. That’s the finding of the recently released 2017 Varonis Data Risk Report. The report is based on assessments that Varonis conducts for its customers and prospects to determine which data is at risk. The report data is aggregated and anonymized. download 2017 Varonis Data Risk Report Highlights Varonis What this year’s report revealed is that much of the risk is due to bad policy or failure to follow an established policy. For example, files were accessible to people who should not have access, complex permissions rules negatively impacted enforceability, and some companies fail to properly audit data for risk. The report also found that these risks were consistent across geographies and industries.To read this article in full or to leave a comment, please click here(Insider Story)

The NSX Mindset

NSX Mindset The NSX Mindset: one’s mental capability to be a determined leader and catalyst for change in the way a company designs, implements, manages, and operates networking and security.

The NSX Mindset

The NSX Mindset: one’s mental capability to be a determined leader and catalyst for change in the way a company designs, implements, manages, and operates networking and security.

Change isn’t easy.  Especially when it involves something personal.  Unfortunately, though, it happens whether we like it or not.  In the world of information technology change is upon us.  IT Automation, micro-segmentation, application availability, and cross cloud services are no longer buzz words in marketing materials and executive meetings.  These are realities designed and deployed in some of the world’s largest IT environments.  The common thread among these concepts is the new capabilities in networking and security brought to life by VMware NSX.

VMware NSX is a platform for the next generation data center architecture.  The capabilities are transforming the way enterprises approach traditional business problems and it is solving new business problems brought about by a company’s digital transformation.

As an IT professional your long term success hinges on your ability to adapt to new technologies and solutions.  While VMware NSX is disruptive to the status quo, it is at the same time an opportunity for admins, engineers, and architects to become leaders Continue reading

20% off Site-Wide At Griffin.com With Code, For Mother’s Day – Deal Alert

Protect, power and connect Mom's tech with products from Griffin. Get 20% off anything you find at Griffin.com with this Mom's day code applied at checkout: LUVURMOM. This site-wide Mother's Day promotion runs for a limited time and is good for Griffin tech products in categories such as (click a category to see more) Cases, Power, Cables, In-car, Wearables Accessories, Stands & Mounts, Audio, Stylus & Keyboards, Toys, and more. Visit Griffin and get your shopping done now while there's still time. Don't forget the code LUVURMOM should be applied at checkout for 20% off your order.To read this article in full or to leave a comment, please click here

The AdStage Migration from Heroku to AWS

This is a guest repost by G Gordon Worley III, Head of Site Reliability Engineering at AdStage.

When I joined AdStage in the Fall of 2013 we were already running on Heroku. It was the obvious choice: super easy to get started with, less expensive than full-sized virtual servers, and flexible enough to grow with our business. And grow we did. Heroku let us focus exclusively on building a compelling product without the distraction of managing infrastructure, so by late 2015 we were running thousands of dynos (containers) simultaneously to keep up with our customers.

We needed all those dynos because, on the backend, we look a lot like Segment, and like them many of our costs scale linearly with the number of users. At $25/dyno/month, our growth projections put us breaking $1 million in annual infrastructure expenses by mid-2016 when factored in with other technical costs, and that made up such a large proportion of COGS that it would take years to reach profitability. The situation was, to be frank, unsustainable. The engineering team met to discuss our options, and some quick calculations showed us we were paying more than $10,000 a month for the convenience of Continue reading

The differences among the white, grey, and black hats

The infographic below provides good, entertaining definitions of the terms white hat, grey hat and black hat hackers courtesy of Exigent Networks. As the infographic explains, there are some, well, grey areas between categories—for example, there is sometimes a fine line between grey hats and black hats.Some might also disagree with the choices of white hat hacker examples. The telecom industry, for example, might consider Steve Wozniak’s early hacking exploits theft of services rather than hacking for the greater good. And Julian Assange’s qualifications will be tinted by whatever political lens through which an individual judges his actions.To read this article in full or to leave a comment, please click here(Insider Story)

The differences among the white, grey, and black hats

The infographic below provides good, entertaining definitions of the terms white hat, grey hat and black hat hackers courtesy of Exigent Networks. As the infographic explains, there are some, well, grey areas between categories—for example, there is sometimes a fine line between grey hats and black hats.To read this article in full or to leave a comment, please click here(Insider Story)

Introducing TLS with Client Authentication

In a traditional TLS handshake, the client authenticates the server, and the server doesn’t know too much about the client. However, starting now, Cloudflare is offering enterprise customers TLS with client authentication, meaning that the server additionally authenticates that the client connecting to it is authorized to connect.

TLS Client Authentication is useful in cases where a server is keeping track of hundreds of thousands or millions of clients, as in IoT, or in a mobile app with millions of installs exchanging secure information. For example, an IoT company can issue a unique client certificate per device, and then limit connections to their IoT infrastructure to only their devices by blocking connections where the client doesn’t present a certificate signed by the company’s certificate authority.

Or in the case of a mobile banking app, where the bank wants to ensure customers’ secure financial data doesn’t get stolen by bots spoofing their mobile app, they can issue a unique certificate to every app install and in the TLS handshake validate requests are coming from their mobile app. Client authentication is also useful for VPNs, enterprise networks or staging sites, where corporations and developers need to lock down connections to only laptops Continue reading

Greenbug’s DNS-isms

Over the past few months there has been a lot of research and press coverage on the Shamoon campaigns. These have been the attacks on Saudi Arabian companies where a destructive malware known as Disttrack was deployed. The malware, using stolen credentials, spreads throughout the […]

DockerCon 2017 Online meetup Recap

Weren’t able to attend DockerCon 2017 or looking for a refresher? Check out the recording and slides from the DockerCon 2017 Online Meetup highlights recap of all the announcements and highlights from DockerCon by Patrick Chanezon and Betty Junod.

Watch the General Session Talks

The videos and slides from general session day 1 and day 2 as well as the top rated sessions are already available. The rest of the DockerCon slides and videos will soon be published on our slideshare account and all the breakout session video recordings available on our DockerCon 2017 youtube playlist.

Learn more about the Moby Project

The Moby Project is a new open-source project to advance the software containerization movement and help the ecosystem take containers mainstream. Learn more here.

Moby Project by Docker

Learn More about LinuxKit

LinuxKit is toolkit for building secure, portable and lean operating systems for containers. Read more about LinuxKit.

LinuxKit

Learn More about the Modernize Traditional Applications Program:

The Modernize Traditional Applications (MTA) Program aims to help enterprises make their existing legacy apps more secure, more efficient and portable to hybrid cloud infrastructure. Read more about the Modernize Traditional Apps Program.

Modernize Traditional Apps with Docker

Weren’t able to attend #dockercon? Watch this recap video for key highlights !
Click Continue reading

Nyansa introduces private cloud option for its network analytics platform

Having a full understanding of end user experience has been theorized in IT circles for decades but has remained as elusive as the Holy Grail or the Fountain of Youth. Some people claim to have seen it, but no one really knows for sure.Last year, an innovative startup, Nyansa, came to market with a new approach to end-user management. Its Voyance product continuously collects data, analyzes it and correlates every end user transaction across the wired and wireless networks and provides insights and actionable recommendations that can be taken to improve application performance.To read this article in full or to leave a comment, please click here

Worth Reading: How to choose a sandbox

Businesses have become painfully aware that conventional approaches — virus signature scanning and URL filtering — are no longer sufficient in the fight against cyberthreats. This is in part because malware is constantly changing, generating new signatures with a frequency that far outpaces the updates of signature detection systems. In addition, malware today tends to be targeted to specific sectors, companies, or even individual members of a management team, and such targeted attacks are difficult to spot. It has become necessary to use state-of-the-art technology based on behavioral analysis, also known as the sandbox. This blog examines how a sandbox can increase security and it looks at what to consider when choosing a sandbox solution. —Coud Security Alliance

The post Worth Reading: How to choose a sandbox appeared first on rule 11 reader.

IDG Contributor Network: Wasabi serves up some spicy AWS-killer claims

What happens when you take a couple of very seasoned co-founders, investment from some high-profile investors, and an uber-dominant existing vendor? Well, in Wasabi’s case, you get some pretty outlandish claims. But before we got on to that, let’s look at the who and what for Wasabi.Wasabi is a cloud storage company founded by Jeff Flowers and  David Friend. Those names might ring a bell, since they’ve started, built and sold five previous technology companies. Most recently they co-founded backup company Carbonite and previously founded Pilot Software.RELATED: Engineering firm uses cloud storage to speed file loads, and then unplugs its MPLS net These two can’t seem to stop themselves, and for their latest idea, they’ve already raised a ton of cash—$8.5 million to date with key investors, including Bill Sahlman, Harvard Business School marketing prof and angel investor; Desh Deshpande, who donated $100 million to MIT for the Deshpande Center; Ron Skates, former CEO of Data General; Jeff Parker, founder of CCBN; and Howard Cox from Greylock Partners.To read this article in full or to leave a comment, please click here

Apparently, Wikipedia is a threat to public order and national security

It’s easy to criticize Wikipedia for a lot of things. Besides being the source of many a plagiarized term paper, its crowd-sourced nature also means it’s occasionally subject to internecine warfare and political infighting over articles.Wikipedia the largest general reference on the net But now Turkey has blocked the self-described “largest and most popular general reference work on the Internet,” under a vague law that allows the country to “block access to individual web pages or entire sites for the protection of public order, national security or the well being of the public,” according to The Guardian.To read this article in full or to leave a comment, please click here

Apparently, Wikipedia is a threat to public order and national security

It’s easy to criticize Wikipedia for a lot of things. Besides being the source of many a plagiarized term paper, its crowd-sourced nature also means it’s occasionally subject to internecine warfare and political infighting over articles.Wikipedia the largest general reference on the net But now Turkey has blocked the self-described “largest and most popular general reference work on the Internet,” under a vague law that allows the country to “block access to individual web pages or entire sites for the protection of public order, national security or the well being of the public,” according to The Guardian.To read this article in full or to leave a comment, please click here

1 2,070 2,071 2,072 2,073 2,074 3,808