WEBINAR: Learn how to monitor BYOD on your network effectively

Forrester’s latest report on mobile adoption in the enterprise found that 66% of employees now use two or more devices every day, including desktops, laptops, smartphones and tablets. A smaller, but notable 12% percent said they now use tablets at work. That’s still far fewer than the 50% who report only using a desktop, or the 82% who use a desktop alone or alongside other devices.

66% of employees now use two or more devices every day

66% of employees now use two or more devices every day

"She won't take much more of this."

“She won’t take much more of this.”

Meanwhile, 55% of organizations stated that supporting a larger number of smartphones was a high or critical priority over the next 12 months, while 52% said the same of supporting tablets like Apple’s iPad.

We invite you to join a webinar presented by Darragh Delaney Head of technical Services at NetFort which will show you how to monitor BYOD activity on your network.

Getting this visibility into exactly what your network users are doing will help you ensure that you network does not suffer due to user actions.

Find out how BYOD is affecting your network on Friday, January 18, 2013 14:00 – 15:00 GMT

Register for this Webinar today: https://www1.gotomeeting.com/register/432130121

About NetFort LANGuardian

LANGuardian captures and analyses the traffic flowing through your network switch, stores it in a database, and displays the details in a web browser.

Read more T4B blog posts on Netfort here

For more information on NetFort LANGuardian and other technology solutions for business and public sector organisations, including where you can purchase from, contact us today

You can follow Technology4Business on Linkedin, Twitter and Facebook, where we’ll keep you up to date on ourlatest blog posts on Technology to help keep your IT Infrastructure and Network secure, safe and always connected.

WEBINAR: Find out what users are doing on your Network

Users interact with the network in many different ways during an average day. They visit websites, send and receive email, download files from the Internet, upload photos and videos, perform online backups, and more. They can also — usually unwittingly — expose the network and themselves to intrusions, malware, viruses, phishing attacks, and other security risks.

Good visibility into user activity on your network can help you to troubleshoot problems when they arise; in many cases, it can help you to anticipate problems and prevent them from arising.

Join NetFort  on December 6th at 15:00 GMT for a webinar presented by Head of Technical Services at NetFort, Darragh Delaney that will give you valuable insight into exactly what users could be doing on your network.

During the webinar, NetFort will show you how to monitor different areas of the network including:

  • Sources of user data
  • Network traffic on the LAN and WAN
  • Internet activity
  • File shares
  • Mobile devices

Register today to reserve your seat.

About LANGuardian

LANGuardian captures and analyzes the traffic flowing through your network switch, stores it in a database, and displays the details in a web browser.

Offering a depth of insight into network activity that is unmatched by products costing ten times as much, LANGuardian helps network administrators troubleshoot bandwidth issues right across the network, perform network forensics on past events, investigate activity on Windows file shares, and keep track of user activity on the Internet.

The list of things you can do with LANGuardian is endless. Every customer finds unique ways to use it, solving problems they cannot solve with other tools.

You can deploy LANGuardian on any size of network, from a small office to a global enterprise.

LANGuardian deployment with multiple core switches

For more information on NetFort LANGuardian and other technology solutions for business and public sector organisations, including where you can purchase from, contact us today

You can follow Technology4Business on Linkedin, Twitter and Facebook, where we’ll keep you up to date on ourlatest blog posts on Technology to help keep your IT Infrastructure and Network secure, safe and always connected.

NetIQ discuss strategies to address the heightened risks introduced by BYOD

The head of security hastily leaves the meeting without excusing herself. Her body language indicates that it is an important call. As she walks back in, all eyes in the room subliminally pose the same question. Without further prompting, the head of security says: “The CEO wants to know why she can’t watch a YouTube video on her iPad. It’s against policy, but we have to make it happen. While we’re at it, she also wants to be able to access her email and calendar on her iPhone”. This actually happened at a large financial institution.

Bring your own device (BYOD) is a trend that will gain visibility at an accelerating pace and is inherently tied to the cloud. As such, there are many parallels when considering the implications. The proof is apparent in that most smartphones leverage the cloud in providing services to consumers. The term “shadow IT” has been used for some time, but it is especially relevant today. At no point in history has it been easier to bypass the IT department, consume cloud services and use non-standard devices on a corporate network than it is today.

Like the example above, there have been cases where it has been the CEO that has gone around the IT department to procure a service in the cloud for business needs.

During the Cloud Security panel at the recent RSA Conference in San Francisco, Chief Information Security Officers from eBay, Sallie Mae, Humana and Bank of America agreed on one thing: security departments need to anticipate these needs and have the answers ready before they are confronted with the issues.

In other words, there needs to be a fundamental paradigm shift in the way information security departments operate.

Instead of continuing to say “no” when faced with requests that increase risk, they need to say “yes” and subsequently be creative enough to design a solution while mitigating risks.

At the other end of the corporate ladder, the next generation of workers has never known a world before social media. They are hyper-connected and will demand the ability to use their own devices. In many cases, they cite productivity and efficiency gains. In addition, they may enforce it as a pre-requisite to joining an organisation. The ability to allow this can become an incentive when recruiting candidates, or work against a company that does not.

There are also benefits to be had. Support costs decrease as users tend to research and solve their own issues on their own devices. It may also be the compelling reason for an organisation to move towards a device agnostic, service-oriented architecture; providing development, operational and maintenance cost savings in the long run.

Allowing employees to use their own devices presents many risks, but very few are new for a seasoned security professional. These devices need to be treated as partially trusted endpoints at best, or completely untrusted in the most extreme of cases. The main consideration is that risks are heightened, when it comes to BYOD. Non-standard devices can be more easily compromised by an attacker than traditional, corporate-issued devices that are locked down using far more draconian measures.

Here are some strategies to address the heightened risks introduced by BYOD:

  • Encourage a security culture. If security is not perceived as an integral part of the business, make it so. There needs to be a cultural shift to make this happen. Security must be an enabler and be embedded across all aspects of an organisation. Security cannot be seen as getting in the way of business initiatives.
  • Educate. Test. Repeat. The responsibility must be shared between the organisation and end users. At the recent RSA Conference, renowned security luminary (and former notorious hacker) Kevin Mitnick reiterated that social engineering is still the easiest way to infiltrate a company. In fact, many Advanced Persistent Threat (APT) vectors involve compromising networks through the use of Spear Phishing, which preys on a lack of security awareness on the part of employees. Do not stop at educating employees. They must be periodically tested when they least expect it (and made aware when they have failed) to reinforce the behavioural changes required.
  • Have a BYOD policy that is easy to understand. Do not rely on the user to decipher “security-speak”. E.g. “Ensure your device has our corporate mandated software installed. You can download it from this specified location and install it by following these steps.”
  • Enforce access control policies. These should rely on identity, context and policy to protect resources (e.g. data and applications). Do not allow a device to access resources if systems cannot determine the user’s identity, if it does not meet compliance standards (e.g. screen unlock passcode/PIN not enabled) or if it does not have prerequisite software installed (such as antivirus). Apply context by restricting access based on factors such as location and whether the connection is encrypted.
  • Automate the remediation process. Make it as simple as possible for the user to ensure device compliance by automating a majority of the remediation process. Do not rely on the user to know that they need to download and install a list of software. This can be done by leveraging identity provisioning and configuration management technologies.
  • Monitor with Security Information and Event Management. Monitor all devices accessing resources on the corporate network using a Security Information and Event Management (SIEM) solution that can provide auditable, actionable intelligence that can be tied to identities. In an environment filled with partially trusted, potentially compromised devices, visibility is paramount and incident response time critical.
  • Use identity federation with levels of assurance. Reduce operational overhead in environments with many identity sources in a secure, standards-based manner by federating user identities across segmented zones and rely on trust-levels to enforce access controls. As an example, consider the overlap between internal employee identities and their online identities. Users with their own devices are usually already logged in to their online accounts (such as Twitter). For ease of use and transparent single sign-on, security policies can be implemented to support levels of assurance. If an employee is already signed into Twitter, internal applications can utilise that identity, but at a lower level of trust. So, an employee can potentially use their Twitter credentials to access non-sensitive parts of the intranet. But if they want to access corporate email, they are required to provide their employee credentials thus enforcing a higher level of assurance that the employee is who they claim to be.
  • Provide secure devices. Provide employees with the devices of their choice and ensure these are loaded with the required software and controls. This presents a win-win situation for both organisation and employee. They use a device of their choice without having to pay for it and can access the corporate environment in a secure and compliant manner.
  • Control access from devices. Ensure access to sensitive data is controlled when retrieved via a non-standard device. For example, this can be done by providing remote sessions that allow the employee to work with the information, but never physically stores data on the device.
  • Encrypt sensitive data. Encrypt any data placed on a non-standard device that is deemed to be company property. This may include the employee’s corporate email.

There is no one-size-fits-all approach to addressing BYOD risks. The points listed above are intended to serve as a starting point for thought processes. They can be used independently from each other, or in various combinations that make sense for specific needs.

It should be clear by now that having a BYOD policy is not actually about mandating that employees bring their own devices while freeing the company from having to provide equipment. It is really about having a strategy to manage devices accessing corporate data in a secure manner. It is about dealing with the consumerisation of IT and the fact that employees are beginning to blend their personal and business lives on devices, whether provided by the organisation or purchased on their own.

BYOD has become the designated term used to address this consumerisation of business IT. Adoption will continue to accelerate. It will happen faster than expected and be driven by multiple factors. If an organisation is not in a position to address the risks posed by BYOD, they will be left behind.

Ian Yip is the product and business manager for Identity and Security Management across the Asia Pacific region at NetIQ Australia. NetIQ, a business unit of the Attachmate Group, provides identity, access, security and compliance management solutions.

For more information on NetIQ and other technology solutions for business and public sector organisations, including where you can purchase from, contact us today

You can follow Technology4Business on LinkedinTwitter and Facebook, where we’ll keep you up to date on our  latest blog posts on Technology to help keep your IT Infrastructure and Network secure, safe and always connected.

Global Stock Exchanges use Red Hat Linux Enterprise because of its reliability, scalability and performance.

The worldwide financial services industry is a prominent example of Red Hat’s leadership.  Customers in this sector quickly realised the value of open source software and Red Hat Enterprise Linux.  Stock exchanges around the world – from NYSE Euronext to the Tokyo Stock Exchange – deploy Red Hat Enterprise Linux because of its reliability, scalability and performance.  Today, 28 stock exchanges across 24 countries run Red Hat Enterprise Linux to handle more than 50 percent of the world’s trading volume.

Recommended video interview below with Steve Rubinow, CIO of NYSE Euronext, where he talks about why the NYSE chooses Red Hat solutions for flexibility and reliable, fast-paced performance.

Red Hat take their commitment to meeting the security needs of customers seriously because they know that security is a key evaluation criterion for our customers running high-intensity, mission-critical stock exchange environments. NYSE Euronext turned to Red Hat Enterprise Linux for a high-speed, cost-effective platform that offers freedom from vendor lock-in and strong security capabilities.

For more information on Red Hat and promotions as well as other technology solutions for business, including where you can purchase from, request information here

Sony Online Entertainment Replaces Oracle with EnterpriseDB

Massively Multiplayer Online Gaming
Sony Online Entertainment LLC (SOE) is a recognised worldwide leader in massively multiplayer online games, with millions of gamers around the globe having enjoyed the company’s products over the years. SOE has developed or published many ground-breaking and genre-defining games, including EverQuest®, EverQuest II®, Star Wars Galaxies®, PlanetSide®, The Matrix Online®, and many more.

SOE’s database needs are considerable, and its database applications are the very definition of mission-critical: hundreds of thousands of online users play SOE’s games around the clock, and each game is an extraordinarily database-intensive application. Before SOE selected EnterpriseDB, dozens of Oracle 9i RAC clusters were in use. In addition, SOE deploys databases in its back-office operations and to support its user forum and online auction websites.

Examining its business, SOE found that its Oracle databases were extremely expensive and that Oracle’s licensing practices were inflexible and restrictive. At the same time, the company experienced a constant demand for the creation and maintenance of additional databases. Like many other companies today, SOE hoped that open source software might provide a solution to this business challenge.

Building on a History of Open Source Success
SOE has a history of success with open source software. The company has already successfully deployed Linux, Tomcat, Apache, and Hibernate. As early as 2005, the company began to investigate open source alternatives to Oracle that would have both a lower TCO and greater licensing flexibility.  SOE also sought to leverage their valuable asset of in-house Oracle talent. SOE used four primary criteria in its selection of an open source database:

  • Ability to leverage its existing database administrator and developer talent
  • Ease of moving SOE’s existing Oracle applications to the new database
  • Commercial-grade quality and reliability, including backup and recovery standards, to support mission-critical applications
  • Scalable, high performance execution

EnterpriseDB: A Clear Winner
At the end of a thorough review and selection process, SOE chose Postgres Plus® Advanced Server. An important factor in SOE’s decision was Postgres Plus Advanced Server’s ability to run database applications written for Oracle. SOE found that 80% of the applications it had selected to move from Oracle ran on Postgres Plus Advanced Server with little or no modification and that its Oracle-trained staff could immediately work comfortably and efficiently with Postgres Plus Advanced Server. Another important factor was Postgres Plus Advanced Server’s PostgreSQL foundation, which guaranteed the reliability and stability that SOE required. Finally, Postgres Plus Advanced Server was available for only a small fraction of the cost of Oracle.

From Oracle to EnterpriseDB
SOE has evaluated the move of the massively multiplayer game The Matrix Online from Oracle to Postgres Plus Advanced Server, and the transition is planned for later this year. SOE is very pleased with the results of its testing to date, and it anticipates that new massively multiplayer online games will be deployed on EnterpriseDB in 2009. When the deployments are complete, Postgres Plus Advanced Server will be running on hundreds of SOE servers around the world.

High Availability on Postgres Plus Advanced Server
SOE’s online games require high-availability database solutions. To achieve this, SOE will run Postgres Plus Advanced Server on a multi-node cluster with an idle node available for failover. Tests run by SOE have shown a very reasonable failover time using EnterpriseDB in this configuration when scripted at the operating system level. The renowned stability of PostgreSQL additionally means that Postgres Plus Advanced Server’s failover capability will seldom be needed.

Online Game User Forums on Postgres Plus Advanced Server
SOE uses custom J-Forums to power the user forums for its online games. Previously, SOE used a hosted forum solution that ran on MySQL. When SOE found that the hosted solution couldn’t easily be modified and new features couldn’t easily be added, J-Forum was brought in-house and run on Postgres Plus Advanced Server. The deployment so far has been a resounding success. Half of SOE’s online forums are now live on Postgres Plus Advanced Server, and the remainder will go live on EnterpriseDB in the coming months.

World-Class Technical Support
SOE is receiving terrific technical support from the EnterpriseDB team. Callbacks have been rapid, and the abundance of helpful solutions and example code compares very favorably with the technical support SOE receives from Oracle.

What’s Next for SOE and EnterpriseDB?
SOE is extremely pleased with the success it has already had with EnterpriseDB and plans to continue moving applications from Oracle to Postgres Plus Advanced Server to realize even greater cost savings. SOE’s future massively multiplayer online games are expected to be deployed solely on EnterpriseDB and, within 18 months, hundreds of servers around the world will run Postgres Plus Advanced Server. Open source software from EnterpriseDB has provided SOE with a solution to its business challenge: SOE has found a way to reduce its database TCO by nearly 80% and has realized a licensing flexibility that is critical to its organisation.

For more information on EnterpriseDB, Open Source solutions as well as other technology solutions for business, including where you can purchase from, request information here

Bitdefender integrates with VMware vShield 5 Endpoint, reducing operating costs and performance bottlenecks for organisations

Bitdefender, the award-winning provider of innovative security solutions, announced the integration of VMware vShield 5 Endpoint and Security for Virtualized Environments. The combined technologies give customers de-duplication capabilities of antimalware functions, using a series of proprietary cache mechanisms, which greatly improves consolidation ratios in VMware environments.

Until now, organisations have been forced to take traditional security approaches to protecting virtual environments, which created high operating costs and significant performance bottlenecks. The new approach to security saves resources and maximizes consolidation ratios in virtualized datacenters without sacrificing security

Click image to enlarge

“We congratulate Bitdefender for meeting all VMware requirements for complete integration with VMware vShield 5 Endpoint™ security technologies,” said Parag Patel, Vice President, Global Strategic Alliances, VMware. “The combined virtualisation and security expertise of VMware and Bitdefender will deliver on-going value to our customers by offloading key antimalware functions to a security virtual machine for improved performance.”

“Given the complexity and growth of virtualised environments, traditional endpoint security approaches are highly inefficient, lacking in scalability and quickly proving to be ineffective,” said Bogdan Dumitru, CTO, Bitdefender. “Working with industry leaders in virtualisation, our security solutions leverage technologies like VMware vShield to optimize performance and ensure that enterprises protect their valuable data, while reducing financial and operational burdens associated with other security approaches.”

For more information on Bitdefender products and promotions as well as other technology solutions for business, including where you can purchase from, request information here

Leading Industry Analyst Firm Includes Kerio Control in its Magic Quadrant for Unified Threat Management

Kerio Technologies has been placed in Gartner, Inc.’s March 2012 Unified Threat Management Magic Quadrant. The global analyst firm defines the UTM market as devices that provide small and midsize businesses with multiple network security functions in a single appliance.

Kerio Control 7.3 is ideal for organisations that demand robust network protection, traffic analysis, and user-based reporting. The Kerio Control UTM is available in a wide range of form factors, including two hardware firewall appliances, a bootable ISO software appliance, virtual appliances for VMware and Parallels, or an application on Windows Server software.

“As a rising vendor in the security space, we are delighted to be included in the Magic Quadrant report,” said Scott Schreiman, CEO Kerio Technologies. “Strong growth in our customer base and partner network will solidify Kerio Control as a viable alternative to some of the more difficult to use in the space.”

Gartner’s Magic Quadrant report researches and evaluates UTM vendors in terms of their “completeness of vision” and “ability to execute.” The Magic Quadrant aims to provide a qualitative analysis into a market and its direction, maturity and participants. 14 vendors were included in the UTM Magic Quadrant report.

For more information on Kerio products and promotions as well as other technology solutions for business, including where you can purchase from, request information here

Free Technical Webinar Alert! Contains information about managing physical, virtual and mobile devices

Attend this month’s Novell Technical Training Webinar for information about managing physical, virtual and mobile devices, BrainStorm GroupWise training, and Novell Vibe 3.3.

The March webinar will be:

Date: March 20, 2012
Time: 11:00 am to 2:00 pm Eastern (GMT -4)
Link to register: http://www.grouplink.com/event/128

The agenda will be as follows. You have the choice to attend one, two, or all of the sessions:

11:00- 11:45 am “Delivering the Dynamic Workplace” – Darryl Burns & Bryan Huls, Matrix42

12:00- 12:45pm “10 Things You Should Be Using in GroupWise” – Alex Evans, BrainStorm

1:00- 1:45 pm “Preview of Novell Vibe 3.3” – Tracy Smith, Novell

If you cannot attend during these times, you can still register and we will send you a recorded copy of the sessions.

With the overwhelming response for the last webinar, we anticipate this webinar to fill up fast, so register now!

Promotion Alert! Available in Europe (EMEA) Only

We are pleased to announce the immediate availability of the Value Pack for Novell GroupWise, a joint initiative of Novell, GWAVA and SKyPRO.

Value Pack for Novell GroupWise 2012

With the Value Pack, GWAVA and SKyPRO offer an add-on for Novell customers who have purchased Priority Maintenance for GroupWise:

The Value Pack for Novell GroupWise is combining GWAVA “Vertigo” a leading eMail management product, and SKyPRO GWTalk – Basic, integrated solution offering SMS, Instant Messaging and Skype functionalities, all integrated in the GroupWise mailbox… and it is free-of-charge!!!

For more information on Novell products and promotions as well as other technology solutions for business, including where you can purchase from, request information here

Adoption of Virtualisation Predicted to be Highest amongst SMB’s in 2012

According to new research from Acronis, small and medium sized businesses (SMBs) around the world are planning to adopt server virtualisation in 2012 at a faster pace than large enterprises. However, the survey also identified widespread backup and disaster recovery shortcomings for virtual servers amongst SMBs. Meanwhile, previous enthusiasm for cloud infrastructure has, at least so far, failed to turn into reality.

IT managers at 6,000 SMBs in 18 countries were surveyed for the Acronis Global Disaster Recovery Index 2012. They predict that 29% of their servers will be virtualised by the end of the year, a growth rate of 21%. This is 50% higher than the pace identified in a recent Gartner* report that predicted virtualisation adoption by enterprises is to increase by 14% over the same period.

In the UK, virtualisation adoption is predicted to increase by 63%, with virtual machines accounting for almost a third (31%) of SMB servers by the end of 2012. A mere 13% of organisations in the UK still have no virtual servers in their current IT infrastructure.

For the full report visit: http://bit.ly/wrlDNs

For more information on Acronis and other technology solutions for business, including where you can purchase from, request a call today: http://bitly.com/AAtB94

SMBs still need to improve when it comes to offsite data backup

Local SMBs are feeling more confident than ever about their ability to backup and recover data after a disaster, but one-third still aren’t employing an offsite backup strategy, despite experiencing a year marred by flooding and cyclones.

According to the Acronis Global Disaster Recovery Index 2012, while Australian SMBs confidence about their ability to recover data after a disaster remains below average, it more than doubled in 2011, growing 136 percent.

This report may be on Australian SMB’s but these figures don’t differ much across the globe. 

Underlying this rise is perceived improvements about having the right resources and the technologies to recover data. Confidence in these two criteria more than doubled over the past 12 months.

Another contributing factor to the increase is that 66 percent of SMBs now check their backup and disaster recovery plans more regularly, possibly as a result of the natural disasters which hit many regions in 2011, including destructive flooding in Australia, Brazil and Thailand, deadly earthquakes in New Zealand and Turkey, storms across the United States and the devastating tsunami in Japan.

The survey also found downtime as a result of disaster-related data loss costs a business an average of US$366,363 per year – which can mean the difference between a business’ survival and closure in many cases.

 

For more information on Acronis and other technology solutions for business, including where you can purchase from, request a call today: http://bitly.com/AAtB94