Enterprise Security Today

Cisco Tackles BYOD Challenge with 'Smart Solutions'

Wed, 16 May 2012 10:13:13 -0500

Cisco on Wednesday offered up findings from its "bring your own device" study and used the results as a jumping off point to announce new mobility solutions. But can Cisco carve out a niche in the nascent BYOD services space?

The Cisco IBSG Horizons Study surveyed 600 U.S. IT and business leaders to discover the benefits and complexities of allowing workers to use their own mobile devices on corporate networks. A whopping 95 percent of respondents say their organization allows employee-owned devices on the network.

The study also revealed that the average number of connected devices per knowledge worker is expected to reach 3.3 by 2014, up from an average of 2.8 in 2012. All in all, managers are balancing security and support concerns with the very real potential to reap significant cost and productivity benefits from the BYOD trend.

BYOD Meets Virtual Desktops

As Cisco sees it, BYOD is here to stay and managers are seeing the need for a more holistic approach -- an approach that is scalable and addresses mobility, security, virtualization and network policy management -- in order to keep management costs in line and realize savings.

According to Cisco IBSG, Cisco employees pay an average of $600 out-of-pocket for devices that will give them more control over their work experience. The benefits of BYOD vary based on an employee's role and work requirements. Cisco IBSG estimates that the annual benefits from BYOD range from $300 to $1,300 per employee.

While the BYOD trend gains momentum, desktop virtualization is on the rise. Sixty-eight percent of respondents agreed that a majority of knowledge worker roles are suitable for desktop virtualization and 50 percent noted that their organization is in the process of implementing a desktop virtualization strategy.

Cisco's 'Smart Solutions'

Cisco's answer to the opportunity and challenge is the Cisco Unified Workspace, which allows everything...

LiveTime Reduces Government IT Resource Costs

Tue, 15 May 2012 09:24:16 -0500

Newport Beach, CA, May 15, 2012 -- The U.S. Department of Commerce (DoC), and the Department of Defense (DoD) have successfully deployed LiveTime's Service Manager to provide streamlined ITSM services that save time, and reduce costs of Government IT resources.

With a $14B budget and 142,000 employees, the DoC used disparate IT systems to manage all of its business processes, from Request Fulfillment through to Problem, Change and Release Management. The DoC wanted to standardize on a single centralized service management product and identified the need for a scalable cloud-based solution based on ITIL 3 best practices with seamless visibility between processes and integrated across all business units.

A very high level of security was also a minimal requirement for a majority of DoC implementations, so LiveTime's private cloud solution was selected for DoC's own data centers. The deployment provides DoC management with a single consolidated view of all processes and business effectiveness with unparalleled ease of use.

The DoD has also significantly reduced its overall IT budget after replacing more than six separate Remedy installations with LiveTime Service Manager in a matter of weeks. Vital to the deployment's success was the transmission of data from other proprietary Asset Management systems to a centralized CMDB of internal assets and services for managing military support operations around the globe.

The DoD leveraged LiveTime's extensive web services API to feed the integrated CMDB inside LiveTime Service Manager. The improved transparency allows the DoD to handle a significantly greater volume of requests, incidents and change than ever before, to provide a higher standard of IT Service Management.

LiveTime 7, which is expected to debut in Q2 2012, continues to drive open standards and increase user productivity by offering unrivaled ease of use for an ITIL 3 certified...

Security Firm Says Apple Asking for Assessment

Mon, 14 May 2012 14:39:45 -0500

Apple's Macs have been subject to a variety of high-profile security threats in recent months. Now, according to Kaspersky Labs, Apple has asked the security firm for a vulnerability analysis.

According to the chief technology officer for Kaspersky, Apple has approached his company to analyze its platform. Nikolay Grebrennikov told reporters about this development and added that, in his opinion, the computer maker had not previously taken security issues "seriously enough." Apple has not confirmed the arrangement.

'10 Years Behind Microsoft'

As one example, Grebrennikov cited a vulnerability in Java, which was exploited by the Flashback Trojan earlier this year and which infected a reported 600,000 Macs. Apple, he said, released its Java fix several months after Oracle did.

In April, shortly after the extent of the widely distributed Flashback Trojan on Macs became known, Kaspersky Lab CEO and co-founder Eugene Kaspersky charged that Apple was "10 years behind Microsoft in security," and he predicted that Apple products would increasingly become a more inviting target for malware.

While the comments of Kaspersky executives could well be seen as self-serving, Apple appears to have gotten at least some of this message. In February, developer previews of the new OSX 10.8 Mountain Lion included a new feature called Gatekeeper. This optional setting will enable Mac owners to allow only apps that have a free, signed certificate provided to legitimate developers by Apple.

For years, Macs have enjoyed a reputation -- undeserved, according to most experts -- of being virtually impervious to malware. But, as their sales have increased, so has their appeal as a target.

Last month, security firm Sophos reported that it had conducted a study which showed that as many as 20 percent of all Macs had some form of malware -- which had actually been designed for Windows machines. In addition, the study, which surveyed 100,000...

Computer Crashes and Lost Data: Avoid the Next Mishap

Tue, 15 May 2012 09:33:23 -0500

Most computer users live in fear of a crashed computer and lost data, or are frustrated by a computer that seems to take hours to perform the simplest task. The trick is to learn from these problems and either fix the computer before the worst happens, or at least make sure it never happens again.

This is not work that can only be performed by experts. Even a blue screen can be helpful, since Windows uses it to deliver a Bug Check Code, which gives some hint about the cause of the problem.

Thus, the message KMODE_EXCEPTION_NOT_HANDLED indicates a problem with a driver. Microsoft provides a complete list of all check codes -- and possible solutions -- online. Such tips are necessary; otherwise any effort to fix a computer can quickly turn into a waste of time.

"Unfortunately, the diagnosis is anything but easy," says Hans Ludwig Stahl, director of the Institute for Computer Science at the Cologne University of Applied Sciences. Problems can stem from issues with either hardware or software. Or the PC could be having resource issues related to working memory or hard drive space.

Viruses and other forms of malware can also make the computer unusable, which is why everyone should have up-to-date anti-virus software.

Stahl recommends seeking the source of the problem in the recent past. "Maybe the problem cropped up right after putting in a new piece of hardware or installation of some new software." If that's the case, remove the potential source of the problem as a test. Maybe the computer will work fine without it.

Sometimes combinations of hardware, software and operating system simply don't work, says Stahl. "That can always happen with open systems like Windows."

In a worst case scenario, that can mean living without the problem hardware or software. Sometimes a patch or a new driver...

Court Won't Order Google-NSA Interactions Released

Tue, 15 May 2012 09:35:40 -0500

A federal appeals court has turned down a Freedom of Information Act request to disclose National Security Agency records about the 2010 cyberattack on Google users in China.

The Electronic Privacy Information Center, which focuses on privacy and civil liberties, sought communications between Google and the NSA, which conducts worldwide electronic surveillance and protects the U.S. government from such spying. But the NSA refused to confirm or deny whether it had any relationship with Google. The NSA argued that doing so could make U.S. government information systems vulnerable to attack.

A federal district court judge sided with the NSA last year, and on Friday, a three-judge panel of the U.S. Court of Appeals for the District of Columbia upheld the ruling.

In 2010, Google complained about major attacks on its Web site by Chinese hackers and suggested the Chinese government may have instigated them. The Chinese government denied any involvement. Soon after, there were news reports that Google was teaming up with the NSA to analyze the attack and help prevent future ones.

The privacy center's FOIA request drew a "Glomar" response, in which an agency refuses to confirm or deny the existence of records. The term refers to a case in the 1970s, when the CIA refused to confirm or deny the existence of the Glomar Explorer, a ship disguised as an ocean mining vessel that the CIA used to salvage a sunken Soviet submarine. Courts consistently have upheld Glomar responses.

"In reviewing an agency's Glomar response, this court exercises caution when the information requested" involves national security, Judge Janice Rogers Brown wrote in the unanimous appeals court panel's ruling. "NSA need not make a specific showing of potential harm to national security in order to justify withholding information" under one of the law's exemptions because Congress has already, in enacting the FOIA statute,...

U.S. Natural Gas Sector Hit by Coordinated Cyber Attacks

Wed, 09 May 2012 13:54:09 -0500

The U.S. government is moving quickly to respond to an ongoing series of cyber attacks on companies in the natural gas pipeline sector, according to the Industrial Control Systems Cyber Emergency Response Team, or ICS-CERT, at the Department of Homeland Security.

In a daily report released Tuesday, DHS reported that the coordinated cyber intrusions targeting natural gas companies began in December last year and have continued for the past five months. "Analysis of the malware and artifacts associated with these cyber attacks has positively identified this activity as related to a single campaign," ICS-CERT noted earlier this month.

These cyber attacks are being launched through the use of so-called spear-phishing attempts, which specifically target individuals within a company or organization. Phishing attacks generally involve e-mail spoofing or instant messaging activities that direct users to a fake online destination masquerading as a legitimate Web site, where the victims are asked to submit additional data.

With respect to the ongoing attacks on private natural gas companies, ICS-CERT noted that the number of persons targeted appears to be tightly focused. "In addition, the e-mails have been convincingly crafted to appear as though they were sent from a trusted member internal to the organization," ICS-CERT explained in a statement.

A Coordinated Response

ICS-CERT has asked all private companies operating natural gas facilities to submit the requisite data for identifying the scope of the infection as well as for developing a plan for mitigating the damage and eradicating the threat from the infected networks. According to the U.S. industry publication Natural Gas Intelligence, Obama administration officials and Senate staff met Monday to discuss the ongoing threat to the nation's energy production infrastructure.

"DHS is coordinating with the FBI and appropriate federal agencies, and ICS-CERT is working with affected organizations to prepare mitigation plans customized to their current network and security...

Cloud Has a Silver Lining for Interop Conference

Wed, 09 May 2012 11:41:26 -0500

The annual Interop Las Vegas conference has been under way this week, running May 6-10, but some question whether the show is losing steam. Interop's organizers bill the long-running IT expo and conference as the only event to offer an unbiased understanding of all the latest innovations, including cloud computing, virtualization, mobility and data center advances.

Indeed, more than 70 exhibitors are on hand at the Mandalay Bay Convention Center, including Adobe Systems, Cisco, LG, Net Optics and Citrix, as well as a majority of lesser known companies hoping to make a name for themselves in the business technology market.

But is Interop living up to its promise this year? Is the event losing its influence? Or is it still as vital as ever thanks to the rapid evolution of new trends like cloud computing and BYOD (bring your own device)?

Still A Draw

We asked Laura DiDio, a principal analyst at Information Technology Intelligence Consulting, for her views on Interop. DiDio has been covering Interop since the early years and offered us some perspectives on the state of this year's convention.

"Interop is still a big draw, although the era when legions of reporters and half of a company's IT staff would take a week off to attend Interop -- or any of the other major trade shows -- is long over," DiDio said.

Still, she said, Interop does provide a terrific venue for networking, seeing the latest new product introductions and attending seminars. She said the fact that it's being held in Las Vegas means it will be a "larger-than-life spectacle and extravaganza," as Vegas conference attendees have come to expect over the years.

Heavy Cloud Focus

With regard to hot topics at this week's Interop show, DiDio pointed to cloud computing, virtualization, mobility and wireless, as well as some interesting gaming products and initiatives....

Patch Tuesday Breeds Confusion with Hodgepodge Bulletin

Wed, 09 May 2012 09:40:19 -0500

Microsoft on Tuesday issued seven security bulletins to address 23 vulnerabilities in its products. Redmond rated eight of those vulnerabilities critical, four are rated important -- and one of them is causing IT admins plenty of confusion.

"The remote code-execution vulnerability used against Microsoft Office, Windows and .NET Framework tie back to the TTF vulnerability used by Duqu," said Joseph Chen, engineering director of Security Technology and Response at Symantec. "We recently found a new Duqu sample showing that the threat is still active. Microsoft has provided some further patching, in addition to the already issued patch for the used vulnerability at the end of 2011."

Symantec also reports a much larger patch of vulnerabilities affecting Microsoft Excel. Chen said the patches are rated important rather than critical because the user still gets a prompt to download or open the malicious content rather than it infecting automatically, but it could still be used as a targeted attack.

"The .NET vulnerabilities are also prominent in this month's patches," Chen said. "Exploits for this vulnerability are likely to be hosted as drive-by downloads on maliciously created or otherwise compromised Web sites. So, as always we strongly advise avoiding sites of unknown or questionable integrity, to protect from attacks seeking to use these security holes."

The Confusion Factor

We caught up with Andrew Storms, director of security operations at nCircle, to get his thoughts on the latest round of patches. He told us May offers a mixed bag of bulletins and MS12-034 stands out for its confusion factor.

"This bulletin affects a hodgepodge of products including Windows, .NET, Silverlight and Office, and dissecting its contents has the potential to make IT security teams heads explode," Storms said. "The core of this bug fix is related to the vulnerabilities leveraged by Duqu -- a problem Microsoft fixed...

CTIA Wireless Kicks Off in New Orleans

Tue, 08 May 2012 13:17:22 -0500

CTIA Wireless, the U.S. cellphone phone industry's annual trade show that starts Tuesday, is drawing heavy participation not just from the cellphone industry, but from MasterCard, Visa, and other companies in the business of moving money around.

At a pre-show event Monday in New Orleans, MasterCard unveiled a suite of services to enable "mobile wallets," secure applications that run on phones and can hold virtual payment cards, transit tickets, coupons and other valuable.

The credit-card companies are hoping to stake a claim in what the industry expects to be a world where cellphones take over some of the function of regular wallets. A handful of phones can already be used on payment terminals in drugstores and fast-food restaurants, but wide adoption is probably still years away.

Gary Flood, president of global products and solutions at MasterCard, speaks Tuesday, and is followed by John Partridge, the president of Visa, on Wednesday.

In pre-show news, T-Mobile USA announced Tuesday morning that Ericsson and Nokia Siemens Networks will supply the network equipment for its new "4G LTE" network, a $4 billion project. On Monday, AT&T Inc. announced a big push into home security and automation. It will sell installation and services nationwide through its stores.

Samsung Electronics Co. will be at the show, likely showing off samples of the Galaxy S III, its new flagship smartphone. It was unveiled last week at an event in London, and hits European shelves at the end of the month. The Galaxy line, which combines big touch screens with light weight has proven to be a rare successful competitor to Apple Inc.'s iPhone.

Epicom Honored as SugarCRM Partner of the Month

Tue, 08 May 2012 09:18:25 -0500

AUSTIN, Texas, May 8, 2012 -- SugarCRM, the world's fastest growing customer relationship management (CRM) company, announces Epicom as Partner of the Month for May and is the only partner to receive the award three times. Epicom was recognized for its successful SugarCRM implementation and integrations with its customer TengoInternet, the largest wireless Internet provider in the outdoor hospitality industry.

"Epicom did a really good job of helping us focus on how we wanted to use Sugar. They helped us define the process flows and cover all the details. And through the migration they made sure we didn't lose any of our customer histories. That was a big thing," said TengoInternet CEO & Co-Founder Eric Stumberg.

SugarCRM started its Partner of the Month program in November of 2010 to recognize the achievements of its partners throughout the U.S. and overseas. Sugar's Partner of the Month recognition is awarded on a monthly basis to a partner that has delivered significant measurable results to a customer. Of the more than 100 North American SugarCRM partners, Epicom continues to stand out for its ability to deliver excellent work, as seen with its customer, TengoInternet.

When Tengo decided to migrate to SugarCRM, the main objective was to come up with a centralized platform that would seamlessly integrate all of its customer activity and data for easy, long-term management.

After working with Epicom on requirements gathering, consulting, and training, Tengo was up and running in just over a month with all of its information in one place.

With an integration to Quickbooks, TengoInternet saves an average of 30 hours per week with automated posting to the accounting system. Additionally, its integration to Twilio, a cloud communications platform used for voice, conference and SMS applications,...