IDG Contributor Network: Knowing when a trusted insider becomes a threat

Most organizations are pretty good at vetting job applicants up front. They interview candidates, contact references, and in many cases conduct at least rudimentary background checks to bring out any issues of concern before making a hiring decision.Government security agencies go several steps further; just ask anyone who's filled out an SF-86 and then waited while investigators delved into youthful indiscretions, overseas trips and contacts with foreigners.But it's also true that most government and private-sector organizations operate on the principle of "Once you're in, you're in." Few of them have anything remotely resembling a continuous monitoring program for current managers and staff, let alone for contractors and vendors. And yet virtually every day brings fresh news of a data breach, intellectual property theft, or other adverse event either instigated or abetted by a supposedly trusted insider.To read this article in full or to leave a comment, please click here

IDG Contributor Network: Knowing when a trusted insider becomes a threat

Most organizations are pretty good at vetting job applicants up front. They interview candidates, contact references, and in many cases conduct at least rudimentary background checks to bring out any issues of concern before making a hiring decision.Government security agencies go several steps further; just ask anyone who's filled out an SF-86 and then waited while investigators delved into youthful indiscretions, overseas trips and contacts with foreigners.But it's also true that most government and private-sector organizations operate on the principle of "Once you're in, you're in." Few of them have anything remotely resembling a continuous monitoring program for current managers and staff, let alone for contractors and vendors. And yet virtually every day brings fresh news of a data breach, intellectual property theft, or other adverse event either instigated or abetted by a supposedly trusted insider.To read this article in full or to leave a comment, please click here

DigitalOcean adds free monitoring to its cloud virtual machines

DigitalOcean’s cloud platform became more useful to developers running production applications on Tuesday with the addition of monitoring capabilities for its virtual machines.Customers will be able to set alerts on the performance of their VMs, so that they’re notified via email or Slack when certain conditions are met. For example, users could set an alert to trigger if a machine is using more than 85 percent of its CPU capacity for five minutes.In addition, the monitoring service will let developers view logs of the performance of their VMs over time. The capabilities aren’t as advanced as some third-party offerings, but DigitalOcean is offering them to customers free of charge.To read this article in full or to leave a comment, please click here

Why enterprises are upgrading to Windows 10 faster than expected

In 2015, Gartner predicted that 50 percent of enterprises would start their Windows 10 deployments by January 2017. A Spiceworks survey of IT pros agreed: 40 of respondents said they would start migrating to Windows 10 by the middle of 2016, and 73 percent said their organizations would roll out Windows 10 by July 2017. A follow-up survey found that prediction was fairly accurate: 38 percent of organizations had already adopted Windows 10 by July 2016, most of them larger businesses.And in October 2016, CCS Insight’s decision maker survey showed “strong anticipated adoption of Windows 10 this year and beyond,” vice president for enterprise research Nick McQuire tells CIO. Forty-seven percent of organizations surveyed planned to upgrade to Windows 10 by the end of 2017, with 86 percent saying they’d migrate within three to four years. He estimates there are already some 24 million Windows 10 enterprise machines in production.To read this article in full or to leave a comment, please click here

Deadline 3 May: Recognize an outstanding technologist

Do you know someone who has made an outstanding contribution to the development of the Internet?

We are pleased to announce that candidate nominations for the 2017 Jonathan B. Postel Service Award are open.

This annual award is presented to an individual or organization that has made outstanding contributions in service to data communications and places particular emphasis on those who have supported and enabled others. 

Nominations are encouraged for individuals or teams of individuals from across the data communications industry around the world who are dedicated to the efforts of advancing the Internet for the benefit of everybody.

Ms. Carly Morris

Meleap delivers augmented reality to the iPhone before Apple

Today, augmented reality (AR) could be translated to mean “prototype.” Waiting for improved software and lighter, lower-cost and faster headsets, developers build prototype applications. One example is Japanese company Meleap, which used used clever engineering to deliver light, fast and low-cost AR today—on an iPhone no less.Hado, an active game that was demonstrated at Virtual Reality Silicon Valley Expo, solves a lot of AR problems still on the horizon. Designed for a class of applications using tried and true technologies, meleap’s engineering is simple—beautifully simple.To read this article in full or to leave a comment, please click here

MicroSegmentation of Applications using Application Rule Manager

Micro-Segmentation provides a way to build a zero-trust network – where all networks, perimeters and application are inherently untrusted.” – declared Forrester Consulting in 2015 with their white paper Leveraging Micro-Segmentation to build zero-trust model.  The last mile in creating a truly zero-trust network implies not trusting each application and also tiers within an application (Figure 1). To complete the last mile, network, security and risk professionals are increasingly looking for tools to understand application communication patterns and providing access controls to them. With version 6.3.0, NSX has unveiled 2 new tools, namely, Application Rule Manager (ARM) and Endpoint Monitoring (EM), to help professionals understand application patterns.

ZTwithMSEGFigure 1: Zero-Trust Model using NSX

From Theory to Practice

Micro-Segmenting each application requires understanding of application communication patterns. Users should allow the flows required by the application. To accomplish zero-trust, users should be closing all unwanted flows & ports. Figure 2., is a sample practical firewall policy model to achieve that.  In this model, ARM/EM provides application patterns and a one-click conversion of those patterns into distributed firewall rules to achieve inter/intra application rules.

FirewallPolicyModelFigure 2: Firewall Policy Model

Generating Distributed Firewall Rules Rapidly

Any application in the datacenter can be Continue reading

Amazon Unveils Deep Discounts On Select Unlocked Phones, Tues and Wed Only – Deal Alert

If you're in the market for an unlocked phone, you'll save serious cash by buying one of these on Amazon, but the special event runs April 4 and 5 (Tuesday and Wednesday) only. These phones will work on any carrier. Browse the full list of unlocked phone deals on this special Amazon page, active April 4-5 only. To read this article in full or to leave a comment, please click here

Web inventor Berners-Lee adds Turing Award to prize collection

Sir Tim Berners Lee, deservingly among the most decorated of technology professionals for his invention of the world wide web, has now been honored with the 50th edition of the ACM A.M. Turing Award (a.k.a., the Nobel Prize of Computing).The MIT and University of Oxford professor is being recognized with the $1M Association for Computing Machinery (ACM) prize, funded by Google, for inventing the web, coming up with the first browser and working on the protocols and algorithms that have allowed the web to scale.MORE: Whirlwind tour of computing and telecom's top honors, awards & prizesTo read this article in full or to leave a comment, please click here

Web inventor Berners-Lee adds Turing Award to prize collection

Sir Tim Berners Lee, deservingly among the most decorated of technology professionals for his invention of the world wide web, has now been honored with the 50th edition of the ACM A.M. Turing Award (a.k.a., the Nobel Prize of Computing).The MIT and University of Oxford professor is being recognized with the $1M Association for Computing Machinery (ACM) prize, funded by Google, for inventing the web, coming up with the first browser and working on the protocols and algorithms that have allowed the web to scale.MORE: Whirlwind tour of computing and telecom's top honors, awards & prizesTo read this article in full or to leave a comment, please click here

Machine Learning, Analytics Play Growing Role in US Exascale Efforts

Exascale computing promises to bring significant changes to both the high-performance computing space and eventually enterprise datacenter infrastructures.

The systems, which are being developed in multiple countries around the globe, promise 50 times the performance of current 20 petaflop-capable systems that are now among the fastest in the world, and that bring corresponding improvements in such areas as energy efficiency and physical footprint. The systems need to be powerful run the increasingly complex applications being used by engineers and scientists, but they can’t be so expensive to acquire or run that only a handful of organizations can use them.

At

Machine Learning, Analytics Play Growing Role in US Exascale Efforts was written by Nicole Hemsoth at The Next Platform.

Trump ‘actively’ considering new H-1B spouse work rule

President Donald Trump's administration has decided to "actively reconsider" an Obama-era rule allowing certain H-1B spouses to hold jobs, according to court documents filed Monday. It is asking the court to give it until September to consider changing the H-4 work authorization rule.This is becoming a high-stakes case for approximately 180,000 spouses of H-1B visa holders who gained the right to work in 2014. These are spouses of H-1B visa holders who are seeking a green card.+ RELATED: Trump reviews right of H-1B spouses to work +To read this article in full or to leave a comment, please click here

Justice Dept. says replacing U.S. workers may bring lawsuit

Critics of the H-1B program have little to celebrate, so far, from President Donald Trump. He promised reforms of the visa program during the campaign, but nothing has happened of consequence -- at least until Monday.The U.S. Department of Justice (DOJ) issued a warning to H-1B employers not to use the visa program to discriminate against U.S. workers. And it promised to investigate and prosecute employers who do so.[ Further reading: 4 high-growth tech fields with top pay ] By itself, the Justice Department notice may be a poor consolation prize to critics who wanted more. But if the DOJ files a lawsuit alleging discrimination against U.S. workers "because of their citizenship or national origin in hiring, firing and recruiting" it may be breaking ground.To read this article in full or to leave a comment, please click here

Application Rule Manager (ARM) Practical Implementation – Healthcare

This post originally appears as part of a series of VMware NSX in Healthcare blogs on Geoff Wilmington’s blog, vWilmo. To read more about VMware NSX and its applications in healthcare, check out Geoff’s blog series.

Originally this series on Micro-segmentation was only going to cover Log Insight, vRealize Network Insight (vRNI), and VMware NSX.  With the release of VMware NSX 6.3, there is a new toolset within NSX that can be leveraged for quick micro-segmentation planning The Application Rule Manager (ARM) within NSX, provides a new way to help create security rulesets quickly for new or existing applications on a bigger scale than Log Insight, but smaller scale than vRNI.   With that in mind, we’re going to take the previous post using Log Insight, and perform the same procedures with ARM in NSX to create our rulesets using the same basic methodologies.

The Application Rule Manager in VMware NSX leverages real-time flow information to discover the communications both in and out, and between an application workload so a security model can be built around the application.  ARM can monitor up to 30 VMs in one session and have 5 sessions running at a time.  Continue reading

How to rescue your PC from ransomware

With  nasty malware like Locky making the rounds—encrypting its victims’ files, and then refusing to unlock them unless you pay up—ransomware is a serious headache. But not all ransomware is so difficult.You can remove many ransomware viruses without losing your files, but with some variants that isn’t the case. In the past I’ve discussed general steps for removing malware and viruses, but you need to apply some specific tips and tricks for ransomware. The process varies and depends on the type of invader. Some procedures involve a simple virus scan, while others require offline scans and advanced recovery of your files. I categorize ransomware into three varieties: scareware, lock-screen viruses, and the really nasty stuff.To read this article in full or to leave a comment, please click here

How to rescue your PC from ransomware

With  nasty malware like Locky making the rounds—encrypting its victims’ files, and then refusing to unlock them unless you pay up—ransomware is a serious headache. But not all ransomware is so difficult.You can remove many ransomware viruses without losing your files, but with some variants that isn’t the case. In the past I’ve discussed general steps for removing malware and viruses, but you need to apply some specific tips and tricks for ransomware. The process varies and depends on the type of invader. Some procedures involve a simple virus scan, while others require offline scans and advanced recovery of your files. I categorize ransomware into three varieties: scareware, lock-screen viruses, and the really nasty stuff.To read this article in full or to leave a comment, please click here

Here’s where to buy the Bitcoins to pay a ransom

Ransomware grew into a $1 billion industry last year, and ransom payments now account for nearly 10 percent of the entire Bitcoin economy.Avoiding becoming part of that statistic requires good endpoint security and effective backups. But what if your defenses fail, your backups are inadequate, all attempts to restore the data fail, and you have to pay the ransom after all -- what do you do?First of all, get the ball rolling on improving your security. Second, if the ransomware includes a recommendation for where to buy the Bitcoins, take it with a grain of salt. These guys are, after all, criminals. They might steer you wrong.Instead, go to a reputable exchange.To read this article in full or to leave a comment, please click here

1 2,172 2,173 2,174 2,175 2,176 3,840