A Better Way to Do Multifactor Authentication with Authentify xFA

xFA can add multifactor security to any web service with a few lines of code. We tested xFA on a small network in August 2014. It has cloud-based components to manage multifactor security, along with apps for iOS and Android.

Price: $19.95 per user per year


Fingerprint authenticators for iPhone 5 and Samsung Galaxy are expected for the near future.

Network World: Citrix Xen Mobile rates a spot on your MDM short list

xen phone security optionsWhen we reviewed six mobile device management products for Network World back in 2013, Citrix declined the opportunity to participate, but the company has changed its mind with the recent release of Xen Mobile v9.0 MDM. In our testing, we found that the software stacks up nicely against AirWatch and Good Technology, the two leaders from that review, and should be on any IT manager’s short list, particularly if you already use other Citrix connectivity products. (A view of its extensive security options can be seen on the right.)

You can read my review today in Network World here.

AT&T Blog: Network Security, The Moving Line of Defense

lock-and-key-icon-thumb355812The days of defending the perimeter are over. Look at what happened to a major retailer in late 2013 as an example. Someone posing as a trusted contractor was able to enter the retailer’s network and do all sorts of damage — to the tune of 40 million compromised customers. This attack occurred because the retailer wasn’t looking at insider threats carefully enough. Indeed, the perimeter has become more and more porous, and network defenses based on this traditional barrier are no longer enough to protect an organization’s business interests and objectives

You can read the post on AT&T Networking Exchange blog here.

Webinar: Best Practices for Protecting Sensitive Data from Insider Threats

Join me and Tina Stewart, the VP of Marketing for Vormetric, in an interesting webinar on 7/22 at 11 am PT. Insider threats have shifted to include both traditional insiders – individuals with access to critical data as part of their work, and privileged users — and the compromise of legitimate users’ credentials by sophisticated malware and advanced persistent threats (APTs). According to the latest Insider Threat Report from Vormetric, organizations are still wrestling with this growing problem, and struggling to find an appropriate security response.

We will talk about these issues and some of the ways that IT managers can mitigate these threats. Here is the link to view the webinar recording from Virtualization Review.

SearchSecurity: Things to watch out for when buying UTM products

I offer guidance to help enterprises find the unified threat management (UTM) product that best suits their organizational needs when they’re buying security. In this article, I discuss UTM functionality, features, pricing and more.

You can read the first of four parts of my article series in SearchSecurity here.

SearchSecurity: Cyberthreat intelligence market is getting crowded

UntitledWhen it comes to dealing with zero-day threats, time is of the essence. The quicker an IT security team can respond and repel an attack, the safer the organization. Many security teams rely on pattern matches and malware databases, but these methods have become less effective as custom viruses, created almost continuously, make algorithms obsolete. Crowdsourcing threat data so that a community can act quickly and repeal potential invasions is delivering results for more enterprises. (The illustration is a typical threat workflow from CyberSquared’s ThreatConnect.)

You can read my article for InfoSec Magazine here where I talk about the various community-based threat operations such as OTX, MAPP and Threat Radar.

Network World: Unisys unveils invisibility cloak for network traffic

unisys stealth advantages2If you are ultra paranoid, what could be better than hiding your network traffic in such a way that no one could possibly intercept it? This is what Unisys is offering with its new Stealth appliance, which could make man-in-the-middle attacks and keylogger exploits obsolete, or at least more difficult to mount.

Stealth uses four layers of security (see diagram): each packet is encrypted with AES256, then split into three separate pieces and dispersed across the network, destined for a particular group of users that have to be running its protocols. Stealth has been around since 2005, and you can read my review of Stealth for Network World here.