Today’s threat environment is forcing organizations to rethink their security tools. Traditional firewalls no longer provide adequate protection at the network perimeter. They are being replaced by next-generation firewalls, which use deep packet inspection, application-level policies and other features to detect and block modern security threats.
These advanced capabilities have made security more effective – and more complicated. That’s why many smaller organizations are looking for a simpler way to manage the security infrastructure.
Unified threat management (UTM) was introduced as a new approach to security management that integrates various security technologies. Typical UTM solutions include a firewall, gateway security, intrusion detection and prevention, anti-malware software, content filtering, and other security features. This functionality is integrated into one solution, making it easier to install, update and maintain than traditional security tools.
In addition, the integration of multiple security engines makes it possible to detect blended threats that employ a combination of attacks — such as a mix of viruses, worms, Trojans and denial-of-service attacks — crafted to circumvent a single line of defense. With UTM, the integrated security engines work together, enabling the system to inspect real-time traffic from multiple vantage points.
For example, a seemingly harmless e-mail that might pass through any antivirus system could contain an HTML-based attachment that ultimately points to a Trojan. Because a UTM solution can use a combination of antispam, antivirus and other security engines, it can detect such blended threats more readily.
Single-console management makes it easier for administrators to enforce detailed security policies throughout the organization, and eliminates the need to investigate multiple alerts generated by various systems for the same event. Automatic security updates protect against emerging and evolving threats without administrator intervention.
In addition to reducing management complexity, UTM solutions can be configured to meet regulatory compliance standards. The more complex the infrastructure, the more complex those configurations will be. However, configuring a single UTM appliance is simpler than separately configuring several security tools.
When selecting a UTM solution, there are a number of things to consider:
Note that the industry lacks consistent nomenclature with regard to UTM. Some vendors call UTM products “security appliances” while others refer to them as next-gen firewalls. ICG can provide you with objective advice on security solutions and help you implement the right tools to protect your business.
The Q2 2015 Cyber Threat Report from cybersecurity firm CYREN reveals that phishing attacks increased 38 percent overall during second quarter. Phishing is a technique used by criminals to bait you into sharing sensitive corporate or personal information. Usernames and passwords, financial account information, social security numbers and basic contact information are the most common targets of phishing attacks. Consumers with PayPal, Apple and Gmail accounts are frequent victims of phishing.
Phishers mimic the logos and websites of legitimate organizations, and pose as friends, business partners, clients, bank officials or IT staff. They hook their targets by fooling people into clicking malicious links or opening attachments that automatically engage and activate viruses and malware. Then, these criminals can use these compromised accounts to spread the misery to others.
Common phishing scams include:
For its Q2 2015 report, CYREN looked beyond these types of attacks to examine phishing campaigns that seek intelligence or financial gain from businesses. The security analysts grouped these sophisticated attacks into two categories:
There are simple ways to protect yourself and your business:
Phishing attacks are reaching epidemic proportions. Make sure your security systems are working properly and your staff is using common sense and extra caution when checking email.
With all of the talk about new technology, new mobile devices and applications, and new models for designing and managing data centers, it can be easy to overlook very basic questions. What web browser are you using? What browser should you be using? Do you even know what a browser is?
Don’t laugh. Ask 10 people what a web browser is and you’ll probably get a handful of entertaining answers.
A web browser is software that connects to the Internet and enables you to access and view web pages and files. The first web browser, WorldWideWeb from Nexus, was released 25 years ago. Other early browsers include Mosaic, Netscape Navigator, and Microsoft’s Internet Explorer (IE), which recently celebrated its 20th birthday with a fairly substantial drop in market share.
According to Net Applications, 51.6 percent of Internet users worldwide used IE for desktop browsing in September 2015, down 7.5 percent from December 2014. Google Chrome has reached an all-time high in browser market share at 29.9 percent, while the 11.5 percent share for Mozilla’s Firefox represents its lowest number in nine years. Apple’s Safari checks in at 5.08 percent.
In the workplace, the IT manager will typically choose a web browser based upon certain criteria and install it on every company-issued device. They’ll consider the browser’s performance, or how quickly it can open a web page. Other factors to consider include compatibility with critical business applications, design and customization options, and employee preferences.
Due to IE’s somewhat checkered history caused by security issues and unnecessary add-ons, Microsoft is replacing it with Microsoft Edge in Windows 10. Edge is said to be faster, more secure and more modern-looking than IE. While Edge is certainly a more stripped-down browser with fewer features than IE, it does have newer features that have raised eyebrows.
Web Note is a new tool that lets you “write” on websites using a virtual pen or highlighter. You can then add a personal note, sign your name, and share it with a coworker. No other browser offers this functionality. Edge also enables you to create a Reading List so you can save web pages for later reading. The Reading List includes a headline and photo for each item and appears above bookmarks and favorites.
However, Edge has yet to support extensions that let you add services and features to a web browser. Extensions are supported by Chrome, Firefox and Safari. Even more shocking is that Edge’s page load times are a full second longer than its predecessor, although IE is faster than its top competitors. The slow speed is due in part to more advanced security features, and Microsoft claims that Edge will eventually be faster than IE could ever be.
Each browser has its pros and cons. Chrome is known for speed and security, and the options to browse privately and customize the dashboard. Firefox is known for the simplicity of its user interface and the ability to learn preferences and suggest relevant content. Opera, a relatively new browser, is known for its speed and bandwidth efficiency. Safari is known for delivering the best possible experience for Mac users. It’s too early to make a call on Microsoft Edge, which is only available on Windows 10 and is likely to see dramatic improvements in the next few months.
As elementary as web browsers may seem in the grand scheme of things, it’s important to choose a browser that is best suited for certain use cases within your organization. Let ICG help you determine what exactly you need from your browser and choose options that help your employees do their jobs better.
Many organizations first resisted the bring-your-own-device (BYOD) model in which employees use their personal laptops, smartphones, tablets and other devices in the workplace. IT managers were concerned about device and data security, supporting and managing a wide variety of devices and applications, and a general lack of IT control in a BYOD environment.
However, as employees have continued to push to use their own devices at work, many IT managers have relented and even embraced the BYOD model. Proponents say BYOD boosts productivity and employee satisfaction, enables greater flexibility, and reduces technology costs. In fact, Gartner predicts that nearly four in 10 organizations will stop issuing company devices and rely exclusively upon BYOD by 2016. By 2020, 85 percent of companies will have a BYOD policy of some kind.
While BYOD has garnered much of the attention, the choose-your-own-device (CYOD) model has experienced slow, stealth-like growth. Somewhat of a compromise between BYOD and the traditional model, CYOD requires employees to choose from a group of company-approved devices. The desire to corral BYOD, eliminate management and security complexity, and create a more standard corporate IT environment led IDC to predict in 2013 that CYOD would render BYOD obsolete.
That hasn’t happened. BYOD is doing just fine. Cloud services have become more widely used, and employees can access cloud resources from their own devices without going through the corporate network. Organizations are relying more upon temporary and contract workers, and it doesn’t make sense to supply each of these individuals with a company-owned device. In some cases, BYOD is used on a limited basis for certain departments. For example, a simple change in phone number could affect a salesperson’s relationships with industry contacts.
But CYOD is growing, too. As data breaches continue to occur at an alarming rate, organizations and employees are becoming more sensitive to the issue of cybersecurity. CYOD enables IT to simplify device management and control how devices are used. Devices are preconfigured and security software is preinstalled. Also, concerns about employee satisfaction are overblown at times, as employees will typically end up with a device that makes them happy when CYOD is properly implemented.
Many organizations turn to CYOD because of the legal complications of BYOD. How do you differentiate work time from personal time and compensate employees accordingly? Where do you draw the privacy line between personal data and company data? Does your BYOD policy hold water with various state, federal and industry regulations?
When deciding between BYOD, CYOD and a hybrid approach, start by analyzing how employees use their mobile devices. Find out what applications are most popular with your employees and how these tools help them perform their job functions. If you don’t have employee buy-in, your model won’t work.
Once you choose a model, make sure you develop a security strategy that will protect your data inside and outside of the workplace, and create an incident response plan to minimize the impact of a breach. All of these decisions involve more than IT, so include legal, human resources and finance from the planning phase through implementation.
ICG understands pros and cons of CYOD and BYOD as they relate to the unique needs of small businesses and their employees. Let us help you devise a plan that prioritizes security and strikes the right balance between productivity, cost efficiency and employee satisfaction.
The Bring Your Own Device (BYOD) phenomenon has spawned an array of new product categories that promise to help IT cope with the onslaught of user-owned devices. In our last post we talked about mobile device management (MDM), which focuses on provisioning, supporting, securing and controlling the mobile devices themselves.
Mobile application management (MAM) provides a somewhat different set of functions, including enterprise application delivery, security, configuration, licensing and maintenance, along with usage tracking, reporting and policy enforcement. MAM enables IT to control which applications are provisioned to which devices, based upon device type, user, role and other criteria.
There is some overlap in functionality between MDM and MAM but the viewpoint is different. Instead of deciding which devices can access which corporate resources, IT is deciding which applications can be pushed out or downloaded to each device and securing those applications.
MAM also reflects the shift in how enterprise applications are provisioned and used. Traditionally, IT supplied and managed both the endpoint device and a set of enterprise applications the employee was allowed to use. The user experience was limited to those devices and apps. Today, end-users bring not only their own devices but their own apps, including apps downloaded from public app stores. Because IT does not have complete control over the device or app, a new application management strategy is needed.
Locking down the entire device does not address the security concerns associated with third-party apps. Changing usage patterns warrant a more granular approach to security in which authentication, encryption and remote wipe take place selectively, at the application level.
So-called “app wrapping” forces third-party apps to use multifactor authentication or a VPN, and ”geofencing” limits app usage based upon the user’s location or the time of day. IT should enforce passcode policy compliance across all app types and maintain control over organizational data. MAM enables IT to do all that instead of tinkering with the user’s device.
MAM also facilitates a transition toward a device-agnostic paradigm. This is increasingly important as mobile technology evolves. Organizations are beginning to manage tablets as well as smartphones and each has its own application management requirements. The number and type of devices is only going to escalate, making device-agnostic management imperative.
Google just announced that its MAM solution is now supported on iOS as well as Android. The solution allows Apple device users to separate personal and business apps, gain single sign-on capabilities across Google Apps for Business, and download and install approved iOS apps from Google’s Device Policy.
As BYOD continues to grow and evolve, a number of experts have debated whether it makes more sense to manage the applications accessed by mobile devices or the devices themselves. Some contend that MDM is still needed to provide end-to-end enterprise mobility management. However, end-users often balk at giving IT controller over their personally owned devices. MAM shifts the focus from managing devices to securing the applications and data the devices access.
If your employees are using their own devices for work, you need to take steps to protect sensitive applications and data. Contact ICG to discuss the best approach for your mobile device strategy.
In our previous post, we discussed that small-to-midsize businesses (SMBs) are turning to the cloud to take advantage of “anytime, anywhere” access to applications, data and infrastructure through mobile devices. These capabilities give employees the flexibility to work remotely while maintaining the highest levels of productivity, collaboration and customer service. As a result, small businesses are investing in mobile-friendly, cloud-ready infrastructure.
Once considered a nice-to-have luxury, mobility has become essential for day-to-day SMB operations. According to Manta’s SMB Wellness Index, four in five small business owners use their mobile phones for business purposes every day. One in four use mobile phones at least every hour, and 78 percent use them while sitting in front of a desktop computer. Some of the most common tasks include scheduling, customer communication, creating to-do lists and banking.
While mobility delivers obvious business benefits and makes employees happy, it also creates a number of risks. Are employees using applications or software that could drag down network performance, increase the risk of compliance violations, or open the door for cyber criminals? Is data being stored securely? Are company data and applications getting mixed up with personal data and applications? How do you keep them separate? What happens if a mobile device is lost or stolen? These and other questions need to be answered before diving headfirst into the mobility pool.
Mobile device management (MDM) software can help SMBs address these concerns by enabling IT to centrally deploy, manage, monitor and secure both company-owned and employee-owned devices. Security and compliance policies, antimalware, access controls, passwords, encryption, and applications are updated and managed remotely. Data can be remotely wiped from a lost or stolen device, and jailbroken devices can be automatically detected and flagged. MDM not only protects company data and applications, but also ensures optimal performance and functionality for employees.
MDM software can be licensed to a single device or to a single user who utilizes multiple devices. One license per device is ideal for small companies in which each employee uses a single mobile device. For companies with employees who use smartphones, tablets and laptops, a per-user license is typically the more cost-effective approach.
This is the model most SMBs use with Microsoft Windows Intune, which provides MDM capabilities for Office 365 products. In addition to Windows, Intune can be used to monitor, secure and optimize Outlook clients on Android and iOS devices. Intune is capable of defining and enforcing policies and access controls at the device level. If a device is lost or stolen, Intune uses selective wipe functionality to remotely delete company data and applications without touching personal data.
Of course, Intune is just one example of an MDM solution for SMBs. There are a number of other products available, as well as free software and apps built into the devices themselves. Some enterprise-class MDM platforms are now available in a cloud model, making them more affordable for small businesses.
Although MDM helps SMBs reduce many of the risks associated with mobility, it is rather complex to implement and manage. Let us help you deploy, configure and remotely manage your MDM software and keep your mobile environment secure.
One of the core drivers behind the emergence of cloud-based services for small-to-midsize businesses (SMBs) is flexibility. Having the flexibility to access applications, data and infrastructure anytime, from anywhere, leads to faster decision-making, improved customer service and responsiveness, greater productivity, more collaboration and more innovation.
In fact, a recent study found that 91 percent of organizations using the cloud have at least one employee working remotely. Nearly one in five companies say the majority of their workforce works remotely.
SMBs are increasingly turning to an Infrastructure-as-a-Service model in which applications, hardware, software, storage and other tools and services are hosted by a third-party service provider and accessed on virtually any Internet-connected device. These resources can be scaled on demand and shift the financial burden of IT procurement, management and maintenance to the provider.
Of course, another big reason for the popularity of the cloud is the popularity of smartphones and tablets. Mobility and the cloud are speeding forward side by side as employees demand the highest levels of performance and reliability when accessing the corporate network from their favorite mobile devices. To meet this demand, organizations are making investments in mobile-friendly infrastructure and ensuring that devices, applications and data are running in the cloud.
The cloud fills a very basic need for the mobile workforce – the ability to remotely access files and applications. Documents can be reviewed, edited, stored and sent from any device. Manager approvals no longer require a trip back to the office.
Unified communications and collaboration tools allow employees to use a variety of channels to seamlessly communicate with colleagues and customers. Videoconferencing no longer requires high-tech conference rooms and complex planning. All an employee needs is a smartphone or tablet and login information.
The key advantage of the cloud – anytime, anywhere access to network resources – also creates a downside. Organizations that rely upon the cloud to support mobility are also relying upon mobile employees to establish and manage their own Internet connectivity. This can lead to service degradation, which prevents users from taking full advantage of a flexible working arrangement. The cost of access to cloud resources, if not monitored and controlled, can quickly wipe out any financial gains of cloud computing. Finally, security can be compromised by users who visit questionable websites, download malicious software, utilize unsecure networks, or fall prey to phishing scams.
Mobile policy management (MPM) can overcome these issues by establishing and automatically enforcing policies that provide greater control over how the cloud is used. Networks used to connect to the Internet are prioritized and selection is controlled by policy. This can significantly reduce support costs and optimize data usage while simplifying the user process for accessing cloud resources. From a security standpoint, MPM protects corporate data and applications by preventing the use of rogue networks that are often labeled as “free Wi-Fi.” It also allows users to roam between networks without security or compliance issues.
ICG’s IT-as-a-Service (ITaaS) solution is focused on making businesses more flexible and agile. It includes virtualized server infrastructure, hosted email, automated and managed backup, Microsoft Office licensing, remote desktops, and a comprehensive suite of security tools. Let ICG show you how our cloud services can help you take full advantage of mobility and flexible working.
Even the smallest of small-to-midsize businesses (SMBs) have finally let go of their old-fashioned paper filing systems, and now store most of their data electronically. Many have become more advanced, using sophisticated applications and leveraging data in new ways to support business strategy. Of course, advanced use of technology and data requires more advanced data protection.
Even if you have implemented a data backup solution, you’ll lose a certain amount of data because of an outage, whether it’s caused by equipment failure, a major weather event, or a downed utility pole outside of your office. How much data can you afford to lose? How fast can your data be restored? What kind of impact will an outage have on your business?
By establishing recovery point objectives (RPOs) and recovery time objectives (RTOs), organizations provide concrete answers to these questions. The RPO is the maximum age of a file that needs to be restored in order to resume business operations. In other words, RPO tells you how much data loss will be tolerated. For example, if a certain type of data is backed up every night at 10 pm and that system crashes tomorrow at 1 pm, any data changed between 10 pm and 1 pm will be lost.
The RTO is the maximum period of time that an application, service or network can be unavailable after a failure occurs. Basically, the RTO tells you how much downtime and lost revenue your organization can tolerate. Of course, the impact of downtime isn’t just financial. A prolonged outage can affect the confidence of customers, business partners and vendors.
RPOs and RTOs help you determine how frequently backups should occur, what kind of backup infrastructure you need, and what your disaster recovery strategy should be. Generally speaking, as RPOs and RTOs become shorter, the risks associated with downtime and data loss are reduced.
There are several technologies organizations can use to meet the increased demand for faster RPOs and RTOs:
Without an advanced data protection infrastructure and strategy, downtime can potentially cripple an SMB. Let the experts at ICG help you better understand these issues and technologies so you can implement a solution that minimizes the risk of downtime.
In our previous post, we discussed the pending deadline for switching to Europay, MasterCard and Visa (EMV) payment cards. Although switching to EMV cards is voluntary, merchants who process fraudulent purchases with non-EMV card readers after October 1, 2015, will be liable. The cards themselves will provide additional security at the point of sale (POS), but organizations will need to update their POS systems to minimize the risk of fraud.
In the midst of all of these changes, the 2015 Mid-year Point-of-Sale (POS) Security Health Assessment from Bit9 + Carbon Black revealed that more than half of organizations are using POS systems with unsupported Windows XP operating systems. 94 percent of organizations use antivirus software, but 26 percent believe antivirus is not enough. Also, one in four companies that increased their security budgets continued to invest in antivirus protection. While antivirus is an essential part of security, these statistics indicate an overreliance on tools that are incapable of detecting or stopping advanced threats.
Most Windows XP embedded operating systems, including some used on POS devices and ATMs, are still being supported until early next year, but that shouldn’t give merchants peace of mind. POS systems generally are weakly supported by IT. Most are using outdated platforms that are rarely if ever patched and maintained. Many use default configurations and passwords, making them easy targets for hackers. In addition to inadequate defenses, POS malware attacks continue to increase in number because POS systems provide a gateway to a number of systems within the corporate network.
New forms of malware have been designed specifically to attack popular POS systems, scrape credit card data, steal passwords, and upload data to remote servers. Some of these threats are capable of downloading updates on their own to add features and eliminate bugs. Although Windows XP users are easy targets, newer versions of Windows are also at risk, and hackers are always looking for new ways to infect POS systems.
Just as hackers understand the opportunity created by outdated POS systems, merchants need to understand the risks, be more proactive and follow security best practices. Around-the-clock network monitoring enables organizations to track network activity in real time, monitor remote access software and detect suspicious behavior. Two-factor user authentication, as well as updated firewalls and antivirus software, will help to prevent unauthorized access to the POS. Of course, all systems must be regularly patched and maintained in order to be effective.
Organizations that continue to use Windows XP on their POS systems are knowingly increasing the risk of a security breach. In the very near future, all XP support will be cut off. Those who don’t start planning now will be left scrambling for an effective replacement. This is bad for business and bad for your customers. Let ICG evaluate the state of your POS systems and implement the updates you need to keep criminals at bay and protect your data.