SearchSecurity: The new breed of unified threat management tools

Unified threat management devices have traditionally been suited for small and medium-sized business networks. UTMs combine a number of essential technologies, including firewall, perimeter antimalware and antispam, VPN, Web content filtering and more, but historically have not been capable of handing the traffic load of a large enterprise network. Now, UTM vendors are integrating a host of new features in an attempt to become more competitive against other enterprise-grade security appliances.

You can watch the five minute screencast that I did for SearchSecurity here. I cover several different products, including Fortinet, Sophos, Checkpoint and Juniper.

Dice: Time to Reassess Your Network Access Rights

At the heart of the celebrated case of Edward Snowden lies one important fact: The infamous contractor gained access to the trove of documents that he ultimately leaked to journalists by escalating his access rights. And despite this very real poster boy having been in the news for the past several months, many enterprises haven’t done much with reeling in — or even auditing – the access rights they have in place.

You can read the story posted on Dice here.

Top security stories for the week

The latest and most interesting security stories of the past week, as culled for the portal of the Dice Security Talent Community page.

Most interesting security stories of the week

In my weekly efforts to keep up to date on the latest and greatest security stories for the Dice Security Talent Community, here they are:

FedTech magazine: Cisco’s ASA-5512-X review

dashboard betterTo better protect the enterprise network, organizations need stronger firewalls. Cisco Systems’ Adaptive Security Appliance 5512-X delivers a solid set of features to address those needs: Zero-day malware protection, application-aware software and integration with endpoint device control for end-to-end security.

You can read my review here for FedTech Magazine.

Network World: Mobile Device Manager Review

airwatch 2Mobile Device Managers (MDMs) make a lot of sense when you are trying to control whom can access your enterprise network and applications from particular phones and tablets. But to effectively evaluate these products, you should first consider what exactly are you trying to control: the apps on particular devices, the pairing of a user with his or her device, the device itself, or the collection of files on each device. Each MDM has a somewhat different perspective, and has strengths and weaknesses in terms of what it can control best.

In my review today for Network World, I looked at six different products: AirWatch (pictured above), Apperian’s EASE, BlackBerry’s Enterprise Server 10 (BES10), Divide, Fixmo, and Good Technology’s Good for Enterprise. No single MDM product won this review; all had serious flaws that would prevent them from being successfully deployed, depending on your circumstances.

The need for better mobile security is obvious: witness this story from last year about a hospital volunteer taking pictures of patient records with his phone and them selling them. Sadly, most current MDMs still wouldn’t be able to prevent something this overt.

The MDM arena is still pretty immature, akin to where the anti-virus world was decades ago. Security profiles are somewhat clunky to install and administer and some vendors don’t support vintage versions of iOS or Android. Topping this off: once you find phones that have been compromised, there is no easy way to return them back to a pristine condition, largely through the fault of the mobile OS vendors.

Expect to pay between $20 to $75 per user or per device per year, which can add up if you have a lot of phones to protect. Few vendors are transparent about their pricing (Airwatch and Blackberry are notable exceptions).

Good and BlackBerry do the best jobs of protecting your messaging infrastructure, so if that is the primary reason for picking an MDM product you should start with these two. Divide had the most appealing management console and overall simplest setup routines, and also supports licensing unlimited devices per user. And Apperian is great for corporations that have developed a large collection of their own apps and want a consistent set of security policies when deploying them.

You can see the full range of screenshots for my review in this deck.

Integrating single sign-on across the cloud

Single sign-on isn’t new: it has been around for more than a decade to help enterprises manage multiple passwords. And given the number of leaked passwords as of late it is becoming increasingly important as a security tool. What is new however is that an SSO tool can secure both local server and cloud-based ones.

You can read more of my thoughts for a custom white paper I wrote for McAfee here.And here is a link if you would like to read my review of 8 different SSO tools that I did for Network World earlier this year, including McAfee’s and Okta’s products.

Top ten security stories of the week

The top security stories of the past week, as part of my work to help curate the Dice Security Talent Community portal.

Top security stories for the week – Turkey edition

Yes, there are some real security turkeys out there this week, and here are links to my favorite ones for my work curating the Security Talent Community at Dice.

The widening Adobe breach

Like many of you, I heard last month about the Adobe breach and didn’t give it much mindshare. Turns out things keep getting worse, and I was foolish to ignore what happened. Mea culpa. Here is a catch-up column along with lotsa links that go into further details, and why you should be worried.

adobeWhen I first heard about it, I thought: I don’t have anything to worry about. I am not a user of their products. And then I thought, so big deal: a few emails and passwords released to the bad guys. Wrong, wrong and wrong.

First of all, it now turns out there are 130 million email-password combinations that can be used for all sorts of mischief. And my name is most certainly in that list, mainly because somewhere along the line I did register for something that Adobe now owns. So is yours in all probability. The file includes both active members and inactive names. Who knew that Adobe kept the inactive accounts around?

Second, security researchers have been data mining the list and have come up with ways to figure out what the passwords are, so you can bet the bad guys are actively downloading the list and doing the same. Because of the large amount of data, it is fairly easy, based on the password hints which are also part of the file, to crack the very weak methods (I hesitate to call this encryption, because it almost like using a simple substitution code) that Adobe used. One author has published the more popular passwords that show up in the file: ‘123456’ seems to be one password that will never go out of style, having shown up almost 2 million times!

Third, other site operators such as Facebook (how ironic!), Eventbrite and even Diapers.com (yes, that is a real site) have already jumped in and sent emails to their users warning them to change their account passwords. This is  because there is a good chance that you used the same password to login to their services. I got one of those emails but somehow deleted it unread last week.Boo-hoo for me.

At least Adobe is asking you to change your account password when you do finally check in. Thanks Adobe, that was a nice touch and the least that you could do..

Finally, there is some chatter that credit card information also might be stored as poorly as the passwords. I don’t think that I ever gave Adobe this data but given the state of my memory, I can’t be sure.

So take the time to change your accounts with passwords that you might have shared with Adobe, either by intent or by accident, before someone starts using one of them for nefarious purposes. While you are changing things, use a password manager and stronger passwords too. And you might want to audit your Facebook, Twitter and LinkedIn accounts as I mention here to ensure that the apps that can access these accounts are still what you wish.

The links to the numerous stories and specifics can be found below: