WebProNews

Tag: enterprise security

  • Georgia Prison CIO Gives Google Cloud Credit for Saving Millions

    Georgia Prison CIO Gives Google Cloud Credit for Saving Millions

    Georgia’s Department of Community Supervision has gone virtual via Google Apps and Chromebooks. With staff increases and with significant amounts of time outside of their offices, The State of Georgia was looking for a more economical and cost-efficient solution to getting things done in their offender supervision programs. They made the decision to go 100 percent virtual office and 100 percent Google.

    “We decided to try something that had never been done in Georgia state government history: eliminate the majority of our offices entirely and allow hundreds of our 2,100 staff members to work remotely instead,” said Phil Sellers, Director, Information Technology Georgia State Board of Pardons and Paroles, writing in the Google for Work Blog. “Our existing desktop computers and office applications didn’t have the features to support remote workers, so we started looking into alternatives. I was familiar with Google’s cost-cutting, collaborative and mobile-friendly features, so my team led the switch to Google Apps for Work and Google Chromebooks.”

    He says that they have saved literally millions of dollars by not paying for expensive hardware and enterprise licensing contracts, not to mention the increased productivity of employees who can now work anywhere, anytime. “We no longer have dedicated IT services for routine storage and email support, and our small IT staff of 35 doesn’t need to roll out patches and antivirus software. If an officer closes her Chromebook or loses power, she doesn’t have to worry about trying to recover lost data. If we need to replace a device, it’s inexpensive and fast to get someone back up and running.”

    Many government agencies and large corporations have been leery of cloud solutions because of possible security breaches, which could include crucial data exposures. Georgia’s Department of Community Supervision believes the opposite is true. “Officers used to store their data on laptops, so if their device was lost or stolen, they’d lose sensitive information about parolees and probationers,” said Sellers. “With Chromebooks, we store everything in the cloud and can easily wipe and replace a device if needed. Officers use a 2-step authentication to enter our systems, which adds another layer of security.”

    The agency is often field-based away from the office, so using Chromebooks and Android phones lets their officers work wherever they are and collaborate with colleagues via Google Docs, Google Drive and Google Hangouts. “Since we’ve adopted the policy, officers are more productive, and sick leave and employee turnover have decreased,” added Sellers.

    Google is pushing the concept of Chromebooks, Google Drive Apps and Android as one enterprise level platform for businesses to operate. They are competing with established players such as Microsoft, Salesforce and to some extent Amazon. They are working to distinguish the Google approach by tying in their Android OS and phones, Chromebook tablet, the Google Cloud Platform and their many office related apps and chat tools so that businesses have a much less expensive alternative than the competitors.

    Google recently touted how its platform is the most secure. “We’re talking about stuff that you’ve seen in “Mission Impossible”– biometrics, lasers, vehicle barriers, bollards. All of this is custom-built, also, to make the data center more secure,” said Neal Mueller, Security and Networking lead for Google Cloud.

  • Mobile Malware to Lead Security Concerns in 2014

    As the tech industry has shifted to become more mobile in recent years, cybercrime has also quickly adjusted to the times. McAfee Labs is now predicting that mobile exploits will be where the most growth of the security industry will be focused in 2014.

    McAfee is predicting that mobile malware in particular will drive growth for the security industry next year. Mobile attacks could include malicious software that steals data from legitimate apps or software that is installed via NFC. The company bases its prediction on what it has seen this year, including a 33% increase in Android malware samples during the second half of 2013. In contrast, McAfee has not seen an increase in the amount of new PC malware.

    Social networks will also be a up-and-coming security concern in 2014. According to McAfee so-called “social attacks” will commonplace by the end of next year. Attacks through social networks are expected to target user data, which could be valuable in the case of certain persons.

    “With target audiences so large, financing mechanisms so convenient, and cyber-talent so accessible, robust innovation in criminal technology and tactics will continue its surge forward in 2014,” said Vincent Weafer, SVP of McAfee Labs. “The activity in mobile and social is representative of an increasing ‘black hat’ focus on the fastest growing and most digitally active consumer audiences, in which personal information is almost as attractive as banking passwords. The emergence and evolution of advanced evasion techniques represents a new enterprise security battlefront, where the hacker’s deep knowledge of architectures and common security tactics enable attacks that are very hard to uncover.”

  • Samsung Launches Consumer Version of KNOX

    Samsung Launches Consumer Version of KNOX

    In addition to its household appliance and smartphone announcements during its IFA presentation, Samsung also focused a bit on software. Of particular note is that the Korean company has now launched a consumer version of its KNOX security software.

    The KNOX software, which has been available to enterprise customers since earlier this summer, allows companies to lock off “containers” of smartphone apps and information that will not interact with employees private data, while protecting business data from misuse or malware. The new consumer version of KNOX could be used by smartphone owners to store private data in a more secure place.

    “We are delighted to see Samsung KNOX provide advanced data and privacy protection for both enterprises and consumers,” said Injong Rhee, SVP of KNOX at Samsung. “The availability of Samsung KNOX to consumers will accelerate the adoption of Samsung devices for BYOD as prosumers can now readily experience Samsung KNOX with ease at no cost.”

    The KNOX software is secure enough that it has been approved by the U.S. Department of Defense. Samsung is currently expanding its enterprise solutions business. With KNOX, the company is betting that as more businesses shift to allow employees to bring their own smartphone into their workflows, both employees and employers will need a security solution to keep their private and professional lives separate on the same device.

  • Samsung Expanding its Enterprise Solutions Business

    Samsung Expanding its Enterprise Solutions Business

    As Samsung continues to increase its share of the global mobile phone market (and the Android smartphone market in particular), it is also continuing to expand its business into other areas of the worldwide tech segment. Today, rumors have surfaced stating that Samsung may soon aggressively expand its enterprise soultions.

    DigiTimes today reported that Samsung’s new enterprise security suite, Knox, is the first move in a Samsung strategy to expand its enterprise market share. The report’s unnamed “sources from the PC industry” have stated that new Samsung initiatives will focus on integrated solutions for both hardware and software in the “bring your own device” segment. Knox allows companies to limit employees’ devices, approving only business applications while still allowing them to use their preferred hardware.

    As the DigiTimes report points out, Lenovo, Asus, and Acer have also recently expanded their enterprise solution offerings. As PC shipments decline the PC industry faces the prospect of an industry-wide contraction, PC manufacturers are turning to enterprise solutions as a possibility for future expansion. HP, one of the largest PC manufacturers in the world, last year expanded its enterprise security initiatives. HP has also reorganized to better emphasize data initiatives from Autonomy and other HP companies.

    (via DigiTimes)

  • HP Releases Cyber Security Risk Report, Organizes Its Security Research

    Though the focus of the tech press this week will certainly be on the Mobile World Congress in Barcelona, security researchers are having their own RSA conference this week in San Francisco.

    HP has managed to find itself at both conferences, straddling the line between its classic form as a hardware manufacturer and the enterprise products it sees as its future. While the newly announced HP Slate 7 might not have the hardware to truly compete in the mini-tablet market, HP is still hoping that its enterprise security offerings might be just the thing businesses are looking for.

    At the RSA conference today, HP has released its 2012 Cyber Security Risk Report. The report shows, predictably, that total security vulnerabilities are rising, keeping pace with the growing technology infrastructure. Although the report also shows that “critical vulnerabilities” are down, it warns that the existing vulnerabilities are getting harder to fight.

    The report looked at 100,000 different URLs and found that well-known vulnerabilities (such as cross frame scripting) are still common throughout the web. In fact, 40% of the vulnerabilities found could be placed into just four different categories.

    Mobile vulnerabilities were found to have risen significantly (68%) from 2011 to 2012, mirroring the growth of mobile applications. Of the mobile applications tested by HP, 48% of them were found to have unauthorized access vulnerabilities.

    The report’s statistics are reminiscent of other recent security reports, such as the HP-sponsored 2012 Cost of Cyber Crime Study or Verizon’s 2012 Data Breach Investigation Report, which found that anonymous “hacktivism” is on the rise. Though it may seem that such reports are, literally, trying to scare up business, its clear from many sources that the security risks faced by businesses and governments of all sizes are complicated and increasing.

    The security report is part of a new initiative within HP to organize its security investments under the banner of the HP Security Research (HPSR) group. HP security products such as DVLabs, which finds and analyzes vulnerabilities, and the Zero Day Initiative, which investigates cyber attacks and security breaches.

    “It’s a way of combining intelligence research that was already happening at HP,” said Mark Painter, product marketing manager at HP. “Really what we’re trying to do is give organizations actionable intelligence research.”

    That “actionable intelligence” phrase is one that came up repeatedly when Painter spoke with WebProNews. It’s one of the goals of HPSR, along with trying to “drive innovation” and publish security research. To that end, the group will be providing free bi-weekly threat intelligence briefings that are available to the public. The HPSR will also seek to publish white papers and intelligence research, and will be releasing podcasts in conjunction with the threat briefings.

  • HP Beefs Up Its Enterprise Security Solutions

    Amid the spectre of job cuts and huge losses, HP seems to be reinventing itself. As many aging hardware manufacturers have, the company is beginning to restructure its business and focus its efforts on providing quality B2B enterprise solutions.

    Hewlett-Packard (HP) announced today that it has updated its enterprise security solutions. Its updated offerings run the gamut from “intelligent” solutions for the public sector to comprehensive networked printer security.

    HP’s new focus for enterprise security is proactively protecting their clients, rather than waiting to respond to an attack. Sanjay Raja, director of product marketing for TippingPoint at Hewlett-Packard, told WebProNews that HP is recognizing customer concerns in three areas: cloud security, mobility, and big data.

    “The perimeter has gone away,” said Raja. This is a theme he returned to often, emphasizing that HP is now focusing on a more proactive approach to enterprise security. Raja pointed out that networks are beging to sprawl as mobile technology becomes more ubiquitous. He said HP is developing solutions that understand all the different, disparate parts of networks.

    HP has updated its ArcSight Enterprise Security Manager to version 6.0c to help protect a multitude of networked devices. ArcSight is HP’s security monitoring and compliance solution that identifies cyber threats across a network infrastructure and prioritizes security concerns.

    Alongside ArcSight is HP’s intrusion prevention system (IPS), TippingPoint NX. Raja calls TippingPoint NX a next-generation IPS. It adds deep packet traffic inspection and a modular architecture designed to scale automatically to threats. HP claims its new IPS will save companies both rack space and power costs.

    HP has also updated its public sector security offerings. This includes an update to its Assured Identity solution, which allows simple credential and access management. In addition to its identity and access controls, Raja stated that Assured Identity can help with the sharing of information for people who are properly credentialed.

    As for mobile, HP has announced a free mobile app for WebOs, iOS, and Android that monitors current and trending cyberthreats. The data used in the app is taken from HP’s Digital Vaccine Labs (DVLabs), HP’s award-winning security research lab. Raja said the app provides trending, monitoring, and real-time security threats. “It’s basically a kind of early-warning system,” said Raja.

    One of the more niche areas that HP is specializing in is enterprise security solutions for networked printers. Though not often thought of as a large security threat, Raja said that HP’s clients are seeing a growing number of attacks that use printers as an entry point. HP offers imaging and printing security assessments to minimize security risks, as well as an updated imaging and printing solution center that implements a policy-based solution.

    Printer intrusion is especially concerning for the healthcare industry, which uses printers for sensitive healthcare data. Raja pointed out that hospitals and doctors in the U.S. have to stay compliant with HIPAA, a law passed in 1996 that mandates certain security and privacy requirements with regards to patient health data.

    Raja said that HP’s Access Control Printing Solutions have been expanded specifically with the healthcare industry in mind. Aside from providing secure authentication and secure pull printing, it’s management tool provides metrics, password management, and ensures compatibility across the network.

    “Cybersecurity threats are growing exponentially, and without a proactive information risk management strategy, enterprise growth, innovation, and efficiencies are hindered,” said George Kadifa, executive vice president of HP Software.

    Verizon’s 2012 Data Breach Investigation Report backs up Kadifa’s claim, showing that intrusions are becoming more grassroots and political in their intent.