admini – Page 159 – CyberSecurity Institute

Firewall Vendors Look to Automate Policy Changes

Posted on June 20, 2008December 30, 2021 by admini

AlgoSec this week unveiled FireFlow, which automates policy change management and integrates with existing processes — such as the e-mail and Web-based forms typically used by department heads to request adding or removing a user’s access. News of AlgoSec’s new release, which is due to ship next quarter, comes a few weeks after rival Tufin Technologies announced version 4.2 of its flagship SecureTrack product.

“It’s not uncommon for folks to have 40,000 to 50,000 rules across hundreds of firewalls in today’s large environments, and having a dedicated application to manage them is gold,” Lindstrom said. When coupled with a sprawling, international staff, this process of tracking user rights and privileges often proves even more taxing. For instance, global enterprises with offices in different countries often have to implement different rules to achieve the same results. “Some of our clients who are large financial institutions find that they have to apply different policies in different countries, because the laws are different,” Shaul Efraim, vice president of marketing at Tufin, told InternetNews.com.

http://www.internetnews.com/software/article.php/3754241

StoneFly Intros Encrypted IP SAN

Posted on June 18, 2008December 30, 2021 by admini

Now available as an integrated part of the StoneFly Integrated Storage Concentrator (ISC) line of high-availability IP SANs, the new SAN-based encryption will also be offered with other StoneFly IP SANs later this year.

http://www.byteandswitch.com/document.asp?doc_id=156842

Data thieves get focused (but buyers get sloppy)

Posted on June 12, 2008December 30, 2021 by admini

The report summarizes the latest trends in the cybercrime marketplace over the first six months of 2008.

One of the biggest among those trends is the growing commoditization of some kinds of stolen data, according to Yuval Ben-Itzhak, chief technology officer at Finjan. Until recently, he said, credit card numbers and bank accounts with personal identification numbers (PIN) were considered valuable items in the underground market.

Technologies from Citrix Systems Inc. are being used by an increasing number of health care organizations to enable remote network access, Ben-Itzhak said, and stealing Citrix log-in credentials often allows data thieves to gain single sign-on access to a wide range of health-related information from inside hospital networks.

There’s a growing focus on stealing log-in credentials that provide remote access to business networks as well. For instance, Finjan recently discovered a Argentina-based server containing over 500MB of stolen data and another server containing over 1.4GB of similar information in Malaysia. For instance, one of the servers had a cache of data that included passenger reservation data and flight scheduling information stolen from a major airline.

http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9100338&source=NLT_AM&nlid=1

When it comes to data security breaches, the general public doesn’t need to know

Posted on June 12, 2008December 30, 2021 by admini

E-mail is the most popular method of transferring confidential data (over 70% allow staff to transfer confidential data via e-mail), and yet over a quarter of businesses (26%) admit to losing data via e-mail.

While the threat of data loss or breach continues to increase, there are still organizations that have not invested in data security.

Respondents indicated the following as the top three reasons why: 21 percent feel that data loss prevention is not a security threat, 37 percent do not have the budget to invest in data loss prevention solutions, and 16 percent trust their employees to follow the corporate policy.

When asked about the possible impact of data breach notification legislation, 49 percent of respondents that do not currently adhere to data breach notification legislation envision their annual IT spend increasing by at least 10 percent. In comparison, only one in five (20%) respondents who currently adhere to data breach notification legislation said they have seen no change in their IT spending since the legislation’s introduction.

http://www.net-security.org/secworld.php?id=6222

PGP Releases Bre-Boot Data Encryption For Mac OS X

Posted on June 10, 2008December 30, 2021 by admini

“We try to be sensitive to that and make sure the machine is still usable while you’re encrypting,” said John Dasher, director of product management at PGP.

The encryption solution comes at a time when Macs are becoming more ubiquitous in the enterprise environment. With the success of the iPhone and iPod, more and more businesses are incorporating Macs into their network environments, experts say.

A March Forrester Research study reported that the enterprise adoption of Macs tripled to 4.2 percent last year, while a Yankee Group survey found that 87 percent of companies now have at least some Macs in their offices — a statistic which has risen 48 percent from two years ago.

Execs tout the product as the the only one on the market that can accommodate an integrated environment for both Windows and OS X. Looking at the broader picture, Dasher said that the data encryption solution addresses the growing need for enterprises to protect critical data, which has become increasingly mobile, and as a result, increasingly vulnerable to loss.

It also comes at a time when companies are required to implement beefed up security to protect intellectual property and corporate brand quality, as well as sensitive customer information.

http://www.crn.com/security/208402993

Gartner Details Real-Time ‘Adaptive’ Security Infrastructure

Posted on June 4, 2008December 30, 2021 by admini

“We can’t control everything [in the network] anymore,” MacDonald says.

Among the key features of an adaptive security infrastructure are security platforms that share and correlate information rather than point solutions, so the heuristics system could communicate its suspicions to the firewall, for example. “Then the firewall could block the IP address” while the signature-based scanner could create a new signature for the threat, MacDonald says.

Other features would be finer-grained controls, automation (in addition to human intervention), on-demand security services, security as a service, and integration of security and management data.

A major change with this model of real-time, adaptive security is shifting authorization management and policy to an on-demand service that contains details and policy enforcement that matches compliance and can adapt to the user’s situation when he or she is trying to access an application, for instance.

MacDonald admits that the reality of an adaptive security infrastructure seems futuristic and faces plenty of challenges in adoption, but there are some of the building blocks available today, such as virtualization, authorization management, and deep packet inspection, for example.

Among the trends driving this vision is the increase in targeted attacks, as well as what Gartner sees as an explosion in the number of perimeters given mobile users, network guests, and business partners, for instance.

http://www.darkreading.com/document.asp?doc_id=155538&f_src=darkreading_section_296