Cisco Umbrella cloud service shapes security for cloud, mobile resources

In these days of always-on, but zero trust enterprise applications, concerns over how to keep the bad guys out 24-7 is a huge IT challenge. In an attempt to address such anxieties Cisco today announced Umbrella, a secure, cloud-based gateway, based on technology from OpenDNS and other technologies it acquired such as CloudLock as well as existing Cisco security services that together ultimately promises to offer secure business access to resources even when users are not using the safety of a VPN.To read this article in full or to leave a comment, please click here

Intel’s Ticking Atom Bomb

clock

It started somewhat innocently. Cisco released a field notice that there was an issue with some signal clocks on a range of their networking devices. This by itself was a huge issue. There had been rumblings about this issue for a few months. Some proactive replacement of affected devices to test things. Followed by panicked customer visits when the news broke on February 2nd. Cisco looked like they were about to get a black eye.

The big question that arose was whether or not this issue was specific to Cisco devices or if it was an issue that was much bigger. Some investigative work from enterprising folks like Tony Mattke (@tonhe) found that there was a spec document from Intel that listed a specific issue with the Intel Atom C2000 System on Chip (SoC) that caused it to fail to provide clock signal for onboard chips. The more digging that was done, the more dire this issue turned out to be.

Tick, Tick, Tick

Clock signaling is very important in modern electronics. It ensures that all the chips on the board are using the correct timing to process electronic impulses. If the clock signal starts drifting, you start Continue reading

30% off Microsoft Foldable Keyboard for iOS, Android, and Windows devices – Deal Alert

This folding keyboard from Microsoft pairs with any combination of 2 iPads, iPhones, Android, Windows tablets, and Windows Phones. It features a water repellent keyset and fabric to protect against accidents. Unfold to turn on, and fold to turn off. Pairs quickly and reliably with Bluetooth 4.0 technology. Its built-in rechargeable battery lasts up to 3 months on a single charge. It currently averages 4 out of 5 stars on Amazon (read reviews) from nearly 200 reviewers, and its list price of $100 is currently reduced to $70. See the discounted Microsoft keyboard now on Amazon.To read this article in full or to leave a comment, please click here

Review: Arlo Pro cameras offer true flexibility for home security

Netgear’s Arlo brand of home security, network-connected cameras continues to improve, defeating every real or perceived criticism about the devices with an upgrade or improvement. Want to place in an area where there’s no network cable? Bam! Wi-Fi connection. Need to place in an area where there’s no power outlet? Bam! Battery powered! Don’t like replacing batteries? Bam! Rechargeable batteries and a quick-charge battery adapter.The latest version of this system is the Arlo Pro – it’s the most flexible camera system I’ve come across so far. After a few weeks of testing, I’ve determined that anyone who has a problem with this system (or think that it can’t do something) is just a cynical old crank.To read this article in full or to leave a comment, please click here

Review: Arlo Pro cameras offer true flexibility for home security

Netgear’s Arlo brand of home security, network-connected cameras continues to improve, defeating every real or perceived criticism about the devices with an upgrade or improvement. Want to place in an area where there’s no network cable? Bam! Wi-Fi connection. Need to place in an area where there’s no power outlet? Bam! Battery powered! Don’t like replacing batteries? Bam! Rechargeable batteries and a quick-charge battery adapter.The latest version of this system is the Arlo Pro – it’s the most flexible camera system I’ve come across so far. After a few weeks of testing, I’ve determined that anyone who has a problem with this system (or think that it can’t do something) is just a cynical old crank.To read this article in full or to leave a comment, please click here

Introducing Docker Secrets Management

Containers are changing how we view apps and infrastructure. Whether the code inside containers is big or small, container architecture introduces a change to how that code behaves with hardware – it fundamentally abstracts it from the infrastructure. Docker believes that there are three key components to container security and together they result in inherently safer apps.

A critical element of building safer apps is having a secure way of communicating with other apps and systems, something that often requires credentials, tokens, passwords and other types of confidential information—usually referred to as application secrets. We are excited to introduce Docker Secrets, a container native solution that strengthens the Trusted Delivery component of container security by integrating secret distribution directly into the container platform.

With containers, applications are now dynamic and portable across multiple environments. This  made existing secrets distribution solutions inadequate because they were largely designed for static environments. Unfortunately, this led to an increase in mismanagement of application secrets, making it common to find insecure, home-grown solutions, such as embedding secrets into version control systems like GitHub, or other equally bad—bolted on point solutions as an afterthought.

Introducing Docker Secrets Management

We fundamentally believe that apps are safer if Continue reading

Introducing Docker Datacenter on 1.13 with Secrets, Security Scanning, Content Cache and more

It’s another exciting day with a new release of Docker Datacenter (DDC) on 1.13. This release includes loads of new features around app services, security, image distribution and usability.  

Check out the upcoming webinar on Feb 16th for a demo of all the latest features.

Let’s dig into some of the new features:

Integrated Secrets Management

This release of Docker Datacenter includes integrated support for secrets management from development all the way to production.

This feature allows users to store confidential data (e.g. passwords, certificates) securely on the cluster and inject these secrets to a service. Developers can reference the secrets needed by different services in the familiar Compose file format and handoff to IT for deployment in production. Check out the blog post on Docker secrets management for more details on implementation. DDC integrates secrets and adds several enterprise-grade enhancements, including lifecycle management and deployment of secrets in the UI, label-based granular access control for enhanced security, and auditing users’ access to secrets via syslog.

Image Security Scanning and Vulnerability Monitoring

Another element of delivering safer apps is around the ability to ensure trusted delivery of the code that makes up that app. In addition to Continue reading

Cisco grows cloud menu, brings Microsoft Azure Stack into UCS

Cisco today said it would expand its hybrid cloud offerings by integrating Microsoft Azure Stack into its Unified Computing System. The turnkey package, officially known as the Cisco Integrated Solution for Microsoft Azure Stack, grows Cisco’s Microsoft portfolio and let application developers and IT managers more easily deploy, manage and grow enterprise applications. Azure Stack expands Cisco’s hybrid cloud offerings for customers who want the advantages of a single API for private and public cloud applications. +More on Network World: Cisco: Faulty clock part could cause failure in some Nexus switches, ISR routers, ASA security appliances+To read this article in full or to leave a comment, please click here

Cisco grows cloud menu, brings Microsoft Azure Stack into UCS

Cisco today said it would expand its hybrid cloud offerings by integrating Microsoft Azure Stack into its Unified Computing System. The turnkey package, officially known as the Cisco Integrated Solution for Microsoft Azure Stack, grows Cisco’s Microsoft portfolio and let application developers and IT managers more easily deploy, manage and grow enterprise applications. Azure Stack expands Cisco’s hybrid cloud offerings for customers who want the advantages of a single API for private and public cloud applications. +More on Network World: Cisco: Faulty clock part could cause failure in some Nexus switches, ISR routers, ASA security appliances+To read this article in full or to leave a comment, please click here

Microsoft readies Vista for retirement

Microsoft will stop all support for Windows Vista in two months, ending the problem-plagued operating system's usefulness when it issues final patches on April 11.The OS won't be missed: According to analytics vendor Net Applications, which estimated user share by counting unique visitors to tens of thousands of websites, Vista ran on less than 1% of all personal computers powered by Windows last month. Still, even that small percentage translated into approximately 14 million PCs when using Microsoft's claim that 1.5 billion devices run Windows.Vista was never a break-out hit for Microsoft, as were both its Windows XP predecessor and its successor, Windows 7.To read this article in full or to leave a comment, please click here

Facebook shareholders would have uphill climb ousting Zuckerberg from board

A move by a watchdog group and a small group of shareholders to oust Facebook CEO Mark Zuckerberg from his post as chairman would be an uphill battle that would be unlikely to succeed and could hurt the company, analysts said.It would completely destabilize Facebook," said Patrick Moorhead, an analyst with Moor Insights & Strategy. "Zuckerberg still makes most of the key decisions and without him it would be a major risk… I don't see a single piece of upside in removing Zuckerberg from the board."It's also unclear whether Zuckerberg could even be removed as chairman, since any shareholder vote would be advisory only.The proposal is being led by Facebook shareholders who are members of SumOfUs, an international consumer watchdog group focused on "curbing the growing power of corporations."To read this article in full or to leave a comment, please click here

Kim Stevenson’s exit from Intel hints at problems in the PC business

Kim Stevenson, who served as the second-in-command at Intel’s PC chip division, has left the company after just six months in her new role.Stevenson tweeted last week that she had left the company after serving more than seven years at Intel, and she would move “on to new adventures.”  She served as the chief operating officer for its Client and Internet of Things Business and Systems Architecture group—a catchall for Intel’s consumer-focused products, including its traditional PC business. Stevenson reported to Murthy Renduchintala, the group’s president. LinkedIn Kim Stevenson has left Intel for "new adventures."ent.To read this article in full or to leave a comment, please click here

Samsung Galaxy S8: What we know so far

Samsung is expected to announce its next flagship smartphone, the Galaxy S8, in April, but it looks like we won't have to wait that long to see the final product. Evan Blass from VentureBeat, who has a reputation for reporting legitimate smartphone leaks, published images last week showing the designs of the two forthcoming Samsung Galaxy S8 models.Based on the images, it looks like past reports from The Guardian were correct: The new Galaxy S8 will be available in two sizes, featuring thin bezels allowing for more screen real-estate than the Galaxy Note 7 in a smaller form factor.To read this article in full or to leave a comment, please click here

PHP vs. Node.js: An epic battle for developer mind share

It’s a classic Hollywood plot: the battle between two old friends who went separate ways. Often the friction begins when one pal sparks an interest in what had always been the other pal’s unspoken domain. In the programming language version of this movie, it’s the introduction of Node.js that turns the buddy flick into a grudge match: PHP and JavaScript, two partners who once ruled the internet together but now duke it out for the mind share of developers.In the old days, the partnership was simple. JavaScript handled little details on the browser, while PHP managed all the server-side tasks between port 80 and MySQL. It was a happy union that continues to support many crucial parts of the internet. Between WordPress, Drupal, and Facebook, people can hardly go a minute on the web without running into PHP.To read this article in full or to leave a comment, please click here

What cyberinsurance gotchas companies must be ready for

Insurance challengesImage by ThinkstockBusinesses shelled out $2 billion in cyber insurance premiums in 2015 but current projections show that astronomical growth rates will result in a market of over $20 billion by 2025. The single biggest challenge faced by insurance companies today is the lack of actuarial data on cyber attacks which makes pricing these cyber insurance policies very difficult. As a result, insurance companies are increasingly resorting to other methods to assist them in more accurately pricing these policies which is good news for them but which will result in a number of challenges for businesses.To read this article in full or to leave a comment, please click here

What cyberinsurance gotchas companies must be ready for

Insurance challengesImage by ThinkstockBusinesses shelled out $2 billion in cyber insurance premiums in 2015 but current projections show that astronomical growth rates will result in a market of over $20 billion by 2025. The single biggest challenge faced by insurance companies today is the lack of actuarial data on cyber attacks which makes pricing these cyber insurance policies very difficult. As a result, insurance companies are increasingly resorting to other methods to assist them in more accurately pricing these policies which is good news for them but which will result in a number of challenges for businesses.To read this article in full or to leave a comment, please click here

Can the FTC save the IoT?

Nobody in the IT industry would argue that the Internet of Things (IoT) is becoming more secure. Pretty much the opposite.But not for lack of effort. There have been multiple, ongoing initiatives over the past decade, both public and private. There have been dire warnings, publication of various standards and best practices, technology improvements, legislation to encourage threat information sharing and exhortations from government agencies, congressional committees, security firms and conference speakers.Unfortunately, none of them has worked very well so far.In spite of some of the best minds and technology improvements in the world focused on it, most of the IoT’s billions and billions of connected devices remain catastrophically insecure, lacking what experts call the most basic “security hygiene.” The flaws include hard-coded credentials, simple and default user names and passwords and the lack of any way to patch or update exploitable vulnerabilities.To read this article in full or to leave a comment, please click here

Can the FTC save the IoT?

Nobody in the IT industry would argue that the Internet of Things (IoT) is becoming more secure. Pretty much the opposite.But not for lack of effort. There have been multiple, ongoing initiatives over the past decade, both public and private. There have been dire warnings, publication of various standards and best practices, technology improvements, legislation to encourage threat information sharing and exhortations from government agencies, congressional committees, security firms and conference speakers.Unfortunately, none of them has worked very well so far.In spite of some of the best minds and technology improvements in the world focused on it, most of the IoT’s billions and billions of connected devices remain catastrophically insecure, lacking what experts call the most basic “security hygiene.” The flaws include hard-coded credentials, simple and default user names and passwords and the lack of any way to patch or update exploitable vulnerabilities.To read this article in full or to leave a comment, please click here

1 2,297 2,298 2,299 2,300 2,301 3,819