Webroot Revolutionizes Endpoint Security with the Fastest, Lightest, Easiest-to-Manage Protection - The security landscape has changed and traditional signature-based software can’t keep up. A recent study of IT decisionmakers found an overwhelming 95 percent experienced an endpoint-based attack last year . Frustrated by traditional security solutions that consistently fail to protect them and require too much time and resources to adequately maintain, many IT managers have resorted to allocating budget for cleaning up the aftermath of attacks. Webroot, a leader in delivering Internet security as a service, has responded by introducing Webroot® SecureAnywhere™ Business – Endpoint Protection. This new cloud-based protection takes the misery out of security by delivering the fastest, lightest, easiest to manage, and most effective endpoint protection available . IT managers no longer have to waste resources and lose user productivity due to intrusive scans and continuous signature updating, patching, and reimaging.
The Challenge of Web Security - It's not surprising that web security is a major concern for many organisations. Businesses are witnessing unprecendented growth in the number of unique malware variants that are created each day. The total number of unique malware samples that emerged in 2010 alone accounted for 35% to 50% of the total amount of malware signatures ever created.Threat research has seen an 85% increase in malware spreading via the web. This whitepaper using Gartner research investigates the threat and how it can be addressed.
Trusting UC Security to an SBC? - This white paper examines what security risks are associated with Unified Communications (UC), how an enterprise can best manage those risks, and why deploying a session border controller (SBC) may not be sufficient to secure critical UC and Voice over IP (VoIP) applications.
Aberdeen Research: Unified Communications Security: A Best-in-Class Strategy to Unleash Value - The value of Unified Communications (UC) fundamentally comes from aligning enterprise communications capabilities to the needs of the organization. These needs include the ability to impove productivity, raise service metrics, and reducing human latency. However, before all this can occur, businesses must be sure that their collaborative approaches are secure and compliant to ensure that business gains are not offset by new liabilities. This whitepaper shows the business value that has been achieved through the successful adoption and deployment of UC security approaches.
Forgotten Security Part 4: Keeping up-to-date - Many vendors now have a rigorous attitude towards patching and updating their systems. These days, Microsoft is frequently used to demonstrate best practice and other manufacturers are following suit to provide regular updates to their systems.
Forgotten Security - Part 3: Change Control - In the third of our advisory notices on ‘forgotten security’, we advise companies to implement a change control procedure prior to making any changes to their network security. The absence of a change control procedure can result in ad-hoc changes which risk compromising security.
Forgotten Security - Part 2: Routing - Routing can be tricky. If you know where data is going, you’re half way to resolving a large number of application problems. But understanding where data is being routed to and from is crucial in the security arena. Incorrect routing can result in security measures being bypassed or reduced to allow for badly configured networks.
Return on Investment - Threats from the internet are increasing and, as a result, a growing number of large companies have turned to managed security services as a cost-effective way of providing the expertise needed to keep these threats at bay. The decision to outsource security management to experts is taken by large organisations that have done the maths and recognise that it offers the best overall return on investment, protecting both the business and its customers from the disruption and cost of a security breach.
Forgotten Security - Part 1: Monitoring - Companies are protecting themselves from high-profile threats such as malware attacks, but are often leaving themselves vulnerable from the ‘forgotten security defences’. The first of these results from simply not monitoring the applications, hardware and security systems across the business, which can lead to network failure.
The State of International Co-operation on Cybercrime - Political leaders continue to hold conferences and sign treaties as the need to tackle cybercrime at an international level rapidly increases, but ultimately these attempts at agreement fail due to national interests and diplomatic concerns. This whitepaper looks at what has been done and why agreements have failed to be ratified.
Network Computing Webroot Web Security Service Product Review - 2010 - Software as a Service (SaaS) is catching on, but it isn't a universal no-brainer. With each technology step change, suppliers adapt existing products, but this SaaS is purpose designed and uncompromised. Its current version is unusually not important, as users benefit immediately from new releases, centrally delivered by Webroot.
A guide to archiving emails, for IT managers - These days, companies of all sizes are required to meet new industry and regulatory compliance requirements for data retention, and to be able to produce audit trails. In addition, all organisations have found that emails are now mission critical to their business in the same way that letters are. They have found that they need to keep a record of what was sent and received in the past to protect themselves and improve their service to their customers. With the massive increase in email traffic, this task is not trivial and a good deal of planning needs to be undertaken to ensure data is safe and accessible. This paper looks at the issues involved.
Network Box Wins 2011 Hong Kong Awards for Industries - Technological Achievement Grand Award - Network Box’s new ‘Z-Scan’ anti-malware technology focuses on reducing the time taken to obtain malware samples, and to produce anti-malware signatures. The purpose of ‘Z-Scan’, is to bring that timeframe down from the current industry standard of several hours, to less than one minute. Indeed, best times of just 3 seconds are being seen in the field.Traditional anti-malware technology is important, and has its place, dealing with the roughly 6.8 million computer worms, Trojans, spyware and viruses out there. ‘Z-Scan’ however, is a new approach which deals new ‘zero day’ viruses, which may be making the rounds on the Internet at any given time. When ‘Z-Scan’ was first launched, there were typically less than 150 zero day viruses live on the internet. Right now, there are more than 53,000 such viruses, and the numbers are continuing to grow exponentially.
Network Box awarded five-star rating by SC Magazine - Network Box’s IDP solution is just one component of its unified threat management (UTM) managed service (it was competing with pure-play IDP systems in the test). In addition to IDP, Network Box includes firewall, VPN, anti-virus, anti-spam, anti-malware, and content filtering within its UTM service. Its service is continually updated using PUSH technology, which literally pushes new signatures and updates to each Network Box device as soon as it is available, with no need for manual updates (or expensive annual upgrades). This makes it exceptionally good value for money compared with individual products. As the review states: “this product offers a solid value for the money as it can be set up to be a fully managed UTM device”.
Securing social media series - Part 6: Peer-to-Peer - Guidelines for companies on peer-to-peer networks, such as BitTorrent, on the company network.
Securing social media series - Part 5: Instant Messaging - We are often asked by clients how to block a particular application, most notably one that includes instant messaging (IM), such as Facebook, Skype, MSN etc. But the problem with blocking an application is that it will often find a way through a firewall – either using ‘tunnelling’ software, or by searching through all available ports until it finds one open (a problem that can be solved through security systems such as Network Box). So securing the application, and creating user policies on how and when to use it, may be a more effective solution than simply blocking IM altogether.
Securing social media series - Part 4: Facebook - Guidelines for companies on creating policies around employees' access to social networking sites, such as Facebook, during work hours
Securing social media series - Part 3: Twitter - It seems you can’t open a newspaper or look at a news site without seeing Twitter all over the headlines. From Barack Obama’s use of Twitter during his election campaign, or reports that the primary school curriculum will include teaching children about Twitter, to growing concerns about identity theft on the site, it is clear that the micro-blogging platform is in a phase of enormous growth.
Securing social media series - Part 2: Social networks - Guidelines for companies on securing social networking sites, such as Facebook, during work hours.
Securing social media series - Part 1: Blogging - Corporate bloggers need to pay as much attention to the security of their blogs as they do in writing them, to avoid being hacked. This Guide to Secure Blogging gives bloggers clear and simple guidelines to keeping blogs - and their readers' safe from hackers.
Information Commissioner’s Office Powers: A Guide to Compliant Security in the UK from Network Box - Legislation on protecting data in the UK – such as the Data Protection Act 1998 (revisions, that take effect in April 2010, were introduced to the Act in 2009) and PCI DSS – have made good security even more important for businesses. Since the introduction of the Data Protection Act in 1998, a company breaching data security rules could be served an enforcement notice by the Information Commissioner and made to clean up its act. In January this year, the Information Commissioner was given greater powers of enforcement, and the ability to fine companies breaching data security up to £500,000.
Guide to IT security for car dealerships - Car dealerships rely on IT systems and internet connections now more than ever before. Whether it is to provide an open connection to a third-party supplier database, to download manuals, to connect online with customers, or to use bespoke applications to provide inventory information, security is of increasing importance in this environment.
Intrusion Detection & Prevention System - Network Box includes multiple Intrusion Detection and Prevention Systems (IDPS) working together in combination with the core routing and firewall functions, to provide a highly-flexible and modular approach to the problem of securing network traffic.
Voice over Internet Protocol: The New Way In? - As Voice Over Internet Protocol (VoIP) is taken up with enthusiasm by companies searching for greater functionality, reduced costs and improved flexibility, the focus on security needs to be maintained. Just as we were in the 1990’s when email and web were being adopted at a great rate, companies are leaving themselves vulnerable to being exploited by application level attacks that many security solutions designed for VoIP are not able to protect against.This paper gives examples of what these vulnerabilities are and how they can be exploited. These attacks are aimed at the application level where firewalls and Session Border Controllers are not designed to protect, in the same way that these devices cannot protect against viruses in emails or web applications.
Securing the Public Sector - Recent years have seen a number of high-profile security breaches hit the public sector. Data privacy in particular is a serious concern, and is more tightly governed than ever before, with higher penalties for organisations that don’t comply effectively with legislation. At the same time, more public service business is conducted online, as information is distributed to citizens through web-based applications.
Authentication – Who are you? - Identity fraud is rising. It is increasingly simple, with more ways of doing it than ever before. As more and more applications become available to us over the Internet, there is a growing need to prove our identity, in order to prevent criminals from taking advantage of us.
Online Privacy and Browser Security - In the past year there have been a number of debates on the need for online privacy. Some commentators (Sir David Omand and Scott McNealy) have argued that privacy online must be sacrificed for progress and security whilst others insist on privacy being paramount in a free society (Sir Tim Berners-Lee and Sir Ken Macdonald).There are two forms of attack on privacy which will be discussed in this document:1. Data gathering by government and industry2. Data leakage as a result of issues with browsers
NetworkBox Facebook Guidelines - Guidelines for companies on creating policies around employees' access to social networking sites, such as Facebook, during work hours
Network Box Mail Portal Feature - Sun Tsu once wrote that "the control of a large force is the same principle as the control of a few men: it is merely a question of dividing up their numbers". The Network Box Mail Portal system addresses just that - control itself, and the delegation of that control. While the Network Box web interface permits the administrator to view and control the Mail policies of the organization, at the gateway, Mail Portal allows the administrator to delegate that control to end-users and put them in control of their own email (while still being restricted by overall company policy).
Network Box Pre-Scanning Feature - Email envelope pre-scanning functionality, is a new technology which allows Network Box systems to make a very sound judgment on whether an email is from a spammer or not; without even needing to actually download and scan the email itself. Pre-scanning emailenvelopes can improve throughput, and also free up valuable Internet bandwidth from being wasted.
Network Box Guide to Safe Data Transit - Losing sensitive data in transit is a burgeoning issue for individuals whose data has been lost, as well as businesses. Not only is data loss damaging to the reputations of companies involved, it can have other far-reaching implications, such as leaving businesses open to financial attacks from hackers, or causing intellectual property to land in the hands of competitors. Employees themselves also have reason to worry, with the proposal of legislation that could see individuals who negligently disclose personal information imprisoned for two years.
From WEP to WPA: Securing Wireless Networks With The Flick Of A Switch - At Network Box, one of the most common questions we're asked by IT directors and managers is how to protect wireless networks. Obviously, there are many security technologies on the market that are capable of securing wireless networks; but what businesses and home users don't appear to understand is that they can greatly increase the security of their wireless networks simply by switching protocols from wired equivalent privacy (WEP) to wi-fi protected access (WPA).
How to choose the right security personnel - The continual success of the network security industry is only as effective as the security professionals that run it. This means recruiting high-calibre security professionals is essential for any organisation wishing to be protected from the external and internal threats. Identifying, training and retaining security personnel is hard, often proving to be a time-consuming and expensive process.
Parasitic Malware - In late 2006, an old technique became popular again with the blackhats. They resurrected parasitic malware, a technique whereby malware is added to existing files on a system. During 2007, this form of malware flourished with McAfee Avert Labs identifying 150 new variants of parasitic malware, Philis and Fujacks. New viruses using this technique were also discovered, such as Grum-A, and it seems that this technique has made a comeback.
IP-ATM Security - As the world of ATMs evolves and they become connected to the Internet, IT security is fast becoming a pressing concern, which needs to be addressed before a major incident causes the public to lose confidence in this very useful tool.
Skype: friend or foe? - As broadband connectivity spreads, companies are beginning to use it for voice telephony. This is known as Voice over Internet Protocol or VoIP. One of the most popular VoIP systems is Skype. But just how safe is it? While it's great for end users, from the network administrator's point of view, and from the security point of view, the doors may be wide open.
Phishing with good bait - Phishing is fraudulently attempting to acquire sensitive information like passwords, credit card details etc. It is tied into the growing crime of identity theft and, over the past two years, there has been a big increase in this form of crime. So what can a company do to protect itself from this form of attack?
Managing your greatest new security risk - Senior managers outside the IT department will most likely have a very hazy impression of what is meant by the terms blogging, iTunes, MySpace or MSN messenger. Yet the use of these new technologies at work is a major threat to their businesses.
NetworkBox Cybergangs - The era when script kiddies were the primary online threat has long since passed. Today, hacking and malicious code are big business. Too big, it would seem, for some blackhats to manage single handed.
Evaluating IT Security - This brochure has been written for IT managers who aren't security specialists, but who want to make good decisions about IT security.
Endpoint Security: Could a PDA take down your network? - As users blur work and personal Internet use, particularly on their own devices, you could find your organization exposed to malware simply because of their ignorance. Businesses need to think laterally when it comes to protecting their networks from attacks that may come in through a growing array of network endpoints – including smart phones, PDAs and laptops – that are being used to access social networks, blogs and micro-blogs, and photo and video-sharing sites.
Securing schools from social media threats - Schools today face increasing internet security risks from the number of new platforms and technologies used by pupils and teachers in and out of the classroom. The proliferation of social networks such as Facebook, Bebo and MySpace, instant messenger (IM) platforms, and file-sharing and peer-to-peer applications and software mean that the IT teams in schools have to cope with an even greater number of threats than many corporate networks.
Browser Privacy and Online Security - According to figures from IDC, 20 per cent of businesses use Google Docs ‘widely’ within their businesses, with this figure likely to increase in 2010. But as businesses move away from traditional working practices and towards more flexible (and often free) communications services, they may be compromising privacy, and data security.This guide gives companies the information they need to decide whether or not they should use free email hosting, browser and document storage services.
A guide to IT security for hotels - In 2009, the Radisson hotel group revealed that it had been the subject of a server hack that compromised the personal details (including credit cards) of guests for six months. In January this year, V3 reported that the international hotel group Wyndham Hotels announced that it too had been the subject of a hack, with data and credit card details stolen.
Defending Sports Clubs - The nature of how sports clubs interact with fans has changed significantly over the past few years. More tickets, kits and souvenirs are bought online; games are streamed live on club websites; and some clubs are even creating entire online communities to connect fans, shareholders and players. But although technology is changing the way sports clubs interact, the essence of sport is that it is a physical, not a virtual activity, and so technology is often not a primary concern for a club. Many clubs outsource the running of their website to a third party organisation, and it is left to a small IT team, or single IT manager to make sure the systems that connect into that site are secure.
In the Matter of the Data Protection Act - James Pickering was asked to give advice and guidance to Network Box Corp (UK) Limited in relation to the application and effect of the Data Protection Act 1998 (“DPA 1998”). In particular, he was asked to outline the obligations imposed on businesses and their potential liabilities in the light of a number of significant amendments recently made to the DPA 1998 in response to a number of high profile contraventions.
Denial of Service Attacks - Denial of service attacks continue to grow in sophistication. This article considers the gains that such attacks can offer criminals, and examines the various types of attacks used today. (First published in NESE http://www.elsevierscitech.com/nl/ns/home.asp)
Securing Voice Over IP Systems - The increasing popularity of Voice Over IP (VOIP) for businesses inevitably leads to an increased focus on the security of VOIP as a business technology. VOIP is, broadly, subject to the same level of threats as the rest of the corporate network, and so businesses must pay the same level of attention to its security. However, VoIP also brings with it additional concerns such as privacy issues, ‘vishing’ attacks and application vulnerabilities which are all factors that businesses must protect against.
The Future of Network Security - Cyber threats are high on the agenda, with the UK government focusing on the threat of cyber-terror, as a result of the National Security Council’s report into the issue in October 2010. The government has even announced a £500 million fund for a national cyber security programme over the next four years, and has indicated that experience will be drawn from both the public and private sectors to provide this programme. And yet, businesses still aren’t prepared, according to a 2010 survey that found 71 per cent of network security managers believe they have ‘inadequate cyber security protection’. This paper looks at the issues that organisations will face in 2011.
Webroot Email Security Service - Network Computing Jan-Feb 2011 - Email communications have become so utterly vital that organisations need more than just an email infrastructure. Webroot Email Security Service provides the things you know you need - email hygiene - but challenges your way of working to the limit, offering classy options.
Protecting Telephone-based Payment Card Data - In face-to-face and e-commerce environments, risk-mitigating technologies have helped significantly reduce fraud rates, resulting in a shift of card fraud towards the Mail Order / Telephone Order (MOTO) space.Additionally, a number of regulatory bodies are requiring some companies to record and store telephone conversations in a range of situations. The Payment Card Industry Data Security Standard (PCI DSS), however, stipulates that the three-digit or four-digit card verification code or value printed on the card cannot be retained after authorization, and full primary account numbers (PANs) cannot be kept without further protection measures.As such, there is a risk that organizations taking customer payment card details over the telephone may be recording the full cardholder details to comply with various regulatory bodies, thereby causing them to be in contravention of PCI DSS requirements and potentially exposing cardholder data to unnecessary risk.
Payment Card Privacy - The Payment Card Industry Data Security Standard (PCI DSS) is the worldwide industry standard for ensuring the security and integrity of data related to credit cards and payment card transactions. In early 2011, the PCI Security Standards Council issued guidelines outlining the PCI DSS compliance implications of Voice-over-IP (VoIP) and related Unified Communications technologies. This whitepaper summarises the findings relevant to VoIP and how Sipera's award winning UC-Sec Appliance helps companies resolve the issues raised.
SIP Trunking: A Business Case - High performance communications technologies are a critical need for any modern enterprise – large or small. Without the ability to talk to customers, suppliers, shareholders or the public, no business can survive for long. Unfortunately, due to the difficult economic climate, many businesses have delayed spending scarce capital on upgrading or replacing existing corporate telephone systems, many of which have exceeded their useful life and are becoming a maintenance headache. When replacing these legacy systems and networks, corporations are seeking ways to keep IT budgets under control while also delivering new tools to employees that can help them increase productivity and compete effectively in today’s markets.
Unified Communications Security - Feb 2011 - Big rise in attacks on UC: 50% increase in attacks from 2009 to 2010 from hackers targeting enterprise UC servers (source: VIPER Lab honeypots). Now up to 25% of all hacking attacks in the wild (open Internet) are against the voice and UC vector, up from single digits in previous years (rest of attacks are classic database and network layer attacks).
Tolly Group Test: M-Series M-285 Internet Security Appliance - Network Box provides the same protection across all its boxes from the smallest S-35 unit to the enterprise ready E-4000. The Tolly Group evaluated how effectively the Network Box M-285 solution detected malware. Using malware samples from the WildList, augmented by additional samples provided by AV-Test, engineers evaluated the detection rates across the HTTP, POP3 and SMTP protocols. The Network Box M-285 model successfully detected 100% of the malware contained in this Extended WildList across all three protocols: HTTP, POP3 and SMTP.
Voice Security - According to the Communication Fraud Control Association (CFCA), the body that monitors communication fraud, the crime of ‘Phreaking’ (hacking into a PABX and using it to route calls) actually costs UK businesses £1.3 to £1.5 billion per annum. The UK is ranked as one of the top 5 countries in the world affected by this crime.This whitepaper sees Redscan's Dominic Schmidt-Rieche discuss the security of VoIP with other industry leaders and Paul German of Sipera.
How to set your definition of spam, and then detect it - The problem with spam detection is how to define spam. This guide examines current techniques on how to define and then detect spam; and how spamming itself evolved... and how to avoid detection.
A guide to IT security for sports clubs - The nature of how sports clubs interact with fans has changed significantly over the past few years. More tickets, kits and souvenirs are bought online; games are streamed live on club websites; and some clubs are even creating entire online communities to connect fans, shareholders and players.But although technology is changing the way sports clubs interact, the essence of sport is that it is a physical, not a virtual activity, and so technology is often not a primary concern for a club. Many clubs outsource the running of their website to a third party organisation, and it is left to a small IT team, or single IT manager to make sure the systems that connect into that site are secure. At Network Box, we work with a number of sports clubs – particularly football clubs, such as Tottenham Hotspurs, Sunderland FC and Norwich City – to support the in-house IT team and keep the club’s networks secure.
Hacks, Hoaxes and Horrors - Most of the hoaxes people encounter these days come to them via the Internet. The number of opportunistic and targeted Internet-based crimes and misdemeanours carried out every day results in stolen data and damaged systems, and costs companies many hundreds of thousands of pounds. Other threats are more personal, attacking individuals and stealing their money and in extreme cases, much worse. However, the vast majority of users’ day-to-day experiences are positive, and being aware and prepared can help prevent them from falling victim to cyber-crime.
Securing remote workers - Whether you allow your users to work from home, from the airport, or from anywhere else and remotely access resources on the company LAN, there are some important and serious security implications you need to consider to ensure that your remote workstations, laptops, and especially data, are properly protected.
Backscatter Spam - 'Back-scatter' is the deluge of messages the 'sender' receives after a mailing has gone out. It is caused by systems that accept mail during delivery, but then cannot deliver the mail. The system then sends back a bounce message. This whitepaper gives more information on Backscatter Spam and how the Network Box deals with it.
