[*] [+] [-] [x] [A+] [a-]  
[l] at 9/13/19 3:09pm
What's lurking in the shadows of YOUR organization? What you don't know can hurt you. Insider Pro columnist Mike Elgan looks at how your business is at risk and offers six steps to minimize it.

[Author: Mike Elgan] [Category: IT Strategy, Internet of Things, IT Management, Security]

[*] [-] [-] [x] [A+] [a-]  
[l] at 9/11/19 12:51pm

The internet of things (IoT) has been top of mind for network and security professionals for the better part of the past five years. This has been particularly true for the area of industrial IoT (IIoT). Connected industrial devices are nothing new, but most IT people aren’t familiar with them because they have been managed by operational technology (OT) teams. More and more, though, business leaders want to bring OT and IT together to drive better insights from the combined data set.

While there are many advantages to merging IT and OT and having IIoT fall under IT ownership, it has a profound impact on the cybersecurity team because it introduces several new security threats. Each connected endpoint, if breached, creates a backdoor into the other systems.

To read this article in full, please click here

[Author: Zeus Kerravala] [Category: Internet of Things, Networking, Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 9/11/19 4:00am
These are the security and compliance decisions you need to make when deploying Microsoft Teams.

[Category: Security, Windows]

[*] [+] [-] [x] [A+] [a-]  
[l] at 9/6/19 10:27am
The California Consumer Privacy Act (CCPA) is, in some ways, similar to Europe's GDPR. This rule, which goes into effect in 2020, gives individual users more ownership over their own data. Users can even refuse to allow companies to sell their online data. As the compliance deadline approaches, CSO Online contributor Maria Kolokov and senior editor Michael Nadeau discuss with Juliet how CCPA may shift business models, change online behavior and reveal where exactly our data has been. Some tech companies, like Google, are even trying to exempt themselves from regulation. Failure to adhere to the rule could be an "extinction level" event.

[Category: Security, GDPR, Data Privacy, Privacy, FTC, FCC]

[*] [+] [-] [x] [A+] [a-]  
[l] at 9/5/19 10:00pm

It’s not just speeds and feeds anymore, it's intelligent software, integrated security and automation that will drive the networks of the future.

That about sums up the networking areas that Keerti Melkote, HPE's President, Intelligent Edge, thinks are ripe for innovation in the next few years.He has a broad perspective because his role puts him in charge of the company's networking products, both wired and wireless.

Now see how AI can boost data-center availability and efficiency

“On the wired side, we are seeing an evolution in terms of manageability," said Melkote, who founded Aruba, now part of HPE. "I think the last couple of decades of wired networking have been about faster connectivity. How do you go from a 10G to 100G Ethernet inside data centers? That will continue, but the bigger picture that we’re beginning to see is really around automation.” 

To read this article in full, please click here

[Author: Michael Cooney] [Category: Networking, SD-WAN, Security, Internet of Things, Data Center]

[*] [+] [-] [x] [A+] [a-]  
[l] at 9/5/19 1:15pm
The FTC hit yet another tech company with a seemingly massive fine for mishandling user data. This time, YouTube, owned by Google, is forced to pay $170 million for collecting data about children under 13 without parental consent. The Federal Trade Commission slapped Facebook with a $5 billion fine just a few months ago. In this episode of TECH(feed), Juliet asks whether or not these fines are effective in regulating the tech industry.

[Category: Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 9/5/19 7:01am

A security group discovered a vulnerability in three models of Supermicro motherboards that could allow an attacker to remotely commandeer the server. Fortunately, a fix is already available.

Eclypsium, which specializes in firmware security, announced in its blog that it had found a set of flaws in the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11.

[ Also see: What to consider when deploying a next-generation firewall | Get regularly scheduled insights: Sign up for Network World newsletters ]

BMCs are designed to permit administrators remote access to the computer so they can do maintenance and other updates, such as firmware and operating system patches. It’s meant to be a secure port into the computer while at the same time walled off from the rest of the server.

To read this article in full, please click here

[Author: Andy Patrizio] [Category: Security, Network Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 9/5/19 7:01am

A security group discovered a vulnerability in three models of Supermicro motherboards that could allow an attacker to remotely commandeer the server. Fortunately, a fix is already available.

Eclypsium, which specializes in firmware security, announced in its blog that it had found a set of flaws in the baseboard management controller (BMC) for three different models of Supermicro server boards: the X9, X10, and X11.

[ Also see: What to consider when deploying a next-generation firewall | Get regularly scheduled insights: Sign up for Network World newsletters ]

BMCs are designed to permit administrators remote access to the computer so they can do maintenance and other updates, such as firmware and operating system patches. It’s meant to be a secure port into the computer while at the same time walled off from the rest of the server.

To read this article in full, please click here

[Author: Andy Patrizio] [Category: Security, Network Security]

[*] [-] [-] [x] [A+] [a-]  
[l] at 9/4/19 4:00am
Microsoft recommends setting up multi-factor authentication in Windows 10 for better security, but you have to disable basic or legacy authentication first.

[Category: Security, Windows, Office 365]

[*] [-] [-] [x] [A+] [a-]  
[l] at 9/3/19 4:04pm

Even in the planning stages of a deployment, IoT security is one of the chief stumbling blocks to successful adoption of the technology.

And while the problem is vastly complicated, there are three key angles to think about when laying out how IoT sensors will be deployed in any given setup: How secure are the device themselves, how many are there and can they receive security patches.

Physical access

Physical access is an important but, generally, straightforward consideration for traditional IT security. Data centers can be carefully secured, and routers and switches are often located in places where they’re either difficult to fiddle with discreetly or difficult to access in the first place.

To read this article in full, please click here

[Author: Jon Gold] [Category: Internet of Things, Security]

[*] [-] [-] [x] [A+] [a-]  
[l] at 8/29/19 8:06am
Real IT users evaluate network access control solutions: Cisco Identity Services Engine, Aruba ClearPass and ForeScout CounterACT. (Download the 27-page comparison.)

[Author: IT Central Station] [Category: Networking, Access Control, Security]

[*] [-] [-] [x] [A+] [a-]  
[l] at 8/28/19 4:00am
Phishing is a method of trying to gather personal information using deceptive e-mails and websites. Here's what you need to know about this increasingly sophisticated form of cyberattack.

[Category: Security, Phishing]

[*] [-] [-] [x] [A+] [a-]  
[l] at 8/25/19 10:00pm

Even though Brother International is a supplier of many  IT products, from machine tools to head-mounted displays to industrial sewing machines, it’s best known for printers. And in today’s world, those printers are no longer stand-alone devices, but components of the internet of things.

That’s why I was interested in this list from Robert Burnett, Brother’s director, B2B product & solution – basically, the company’s point man for large customer implementations. Not surprisingly, Burnett focuses on IoT security mistakes related to printers and also shares Brother’s recommendations for dealing with the top five.

To read this article in full, please click here

[Author: Fredric Paul] [Category: Internet of Things, Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 8/23/19 7:26am

All things cloud are major topics of conversation at the VMworld user conference next week, ratcheded up a notch by VMware's $4.8 billion plans to acquire cloud development firm Pivotal and security provider Carbon Black.

VMware said during its quarterly financial call this week it would spend about $2.7 billion on Pivotal and its Cloud Foundry hybrid cloud development technology, and about $2.1 billion for the security technology of Carbon Black, which includes its Predictive Security Cloud and other endpoint-security software.  Both amounts represent the enterprise value of the deals the actual purchase prices will vary, experts said.

To read this article in full, please click here

[Author: Michael Cooney] [Category: Cloud Computing, Security]

[*] [-] [-] [x] [A+] [a-]  
[l] at 8/22/19 1:53pm
Nearly two dozen cities in Texas have been hit by a ransomware attack executed by a single threat actor. These attacks beg the question: Is it ever worth it to pay a cyber attacker’s ransom? In this episode of TECH(feed), Juliet discusses the pattern of ransomware attacks on local governments, how municipalities have responded and how to prevent a ransomware attack in the first place.

[Category: Security]

[*] [-] [-] [x] [A+] [a-]  
[l] at 8/22/19 9:21am

For years, IT departments have been railing about the dangers of shadow IT and bring-your-own-device. The worry is that these unauthorized practices bring risks to corporate systems, introducing new vulnerabilities and increasing the attack surface.

That may be true, but it’s not the whole story. As I’ve long argued, shadow IT may increase risks, but it can also cut costs, boost productivity and speed innovation. That’s why users are often so eager to circumvent what they see as slow and conservative IT departments by adopting increasingly powerful and affordable consumer and cloud-based alternatives, with or without the blessing of the powers that be. Just as important, there’s plenty of evidence of that enlightened IT departments should work to leverage those new approaches to serve their internal customers in a more agile manner.

To read this article in full, please click here

[Author: Fredric Paul] [Category: Internet of Things, Security]

[*] [+] [-] [x] [A+] [a-]  
[l] at 10/23/18 4:00am

You know you need to protect your company from unauthorized or unwanted access. You need a network-security tool that examines the flow of packets in and out of the enterprise, governed by rules that decide whether that flow is safe, malicious or questionable and in need of inspection. You need a firewall.

Recognizing that you need a firewall is the first – and most obvious -- step. The next crucial step in the decision-making process is determining which firewall features and policies best-suit your company’s needs.

Today’s enterprise firewalls must be able to secure an increasingly complex network that includes traditional on-premises data center deployments, remote offices and a range of cloud environments. Then you have to implement and test the firewall once it's installed. Perhaps the only element more complex than configuring, testing and managing a next-generation firewall is the decision-making process regarding which product to trust with your enterprise security.

To read this article in full, please click here

(Insider Story)

[Author: Sheryl Hodge] [Category: Firewalls, Security, Networking, IDG Insider]

[*] [+] [-] [x] [A+] [a-]  
[l] at 7/27/18 9:06am

When selecting VPN routers, small businesses want ones that support the VPN protocols they desire as well as ones that fit their budgets, are easy to use and have good documentation.

We looked at five different models from five different vendors: Cisco, D-Link, and DrayTek, Mikrotik and ZyXEL. Our evaluation called for setting up each unit and weighing the relative merits of their price, features and user-friendliness.

[ Learn who's developing quantum computers.]

Below is a quick summary of the results:

To read this article in full, please click here

(Insider Story)

[Author: Eric Geier] [Category: Networking, Router, Security, Cisco Systems, Small Business, IDG Insider]

[*] [-] [-] [x] [A+] [a-]  
[l] at 5/9/18 4:57pm

"I am all about useful tools. One of my mottos is 'the right tool for the right job.'" –Martha Stewart

If your "right job" involves wrangling computer networks and figuring out how to do digital things effectively and efficiently or diagnosing why digital things aren't working as they're supposed to, you've got your hands full. Not only does your job evolve incredibly quickly becoming evermore complex, but whatever tools you use need frequent updating and/or replacing to keep pace, and that's what we're here for; to help in your quest for the right tools.

[ Don’t miss customer reviews of top remote access tools and see the most powerful IoT companies . | Get daily insights by signing up for Network World newsletters. ]

We've done several roundups of free network tools in the past, and since the last one, technology has, if anything, sped up even more. To help you keep up, we've compiled a new shortlist of seven of the most useful tools that you should add to your toolbox.

To read this article in full, please click here

(Insider Story)

[Author: Mark Gibbs] [Category: Network Management, Security, Infrastructure, Networking, IDG Insider]

As of 9/15/19 10:06am. Last new 9/11/19 1:17pm.

First feed in category: Scientific American