Network World 9-vendor multifactor authentication roundup

Due to numerous exploits that have defeated two-factor authentication, many IT departments now want more than a second factor to protect their most sensitive logins and assets. The market has evolved toward what is now being called multi-factor authentication or MFA, featuring new types of tokens and authentication methods.

For this review in Network World, we looked at nine products, five that were included in our 2013 review, and four newcomers. Our returning vendors are RSA’s Authentication manager, SafeNet’s Authentication Service (which has been acquired by Gemalto), Symantec VIP, Vasco Identikey Authorization Server, and TextPower’s SnapID app. Our first-timers are NokNok Labs S3 Authentication Suite (pictured above), PistolStar PortalGuard, Yubico’s Yubikey and Voice Biometrics Group Verification Services Platform.

All of these products are worthy of inclusion in this review as representative of where the MFA market is heading. In addition, if you want to stay on top of MFA developments, we recommend you follow our Twitter list here.

My review also features a collection of screencaps here, and an overall trends rundown as well here.

 

Network World: Google’s Pixel C Android tablet is sexy but won’t replace your laptop

NexusRYUKey_O_SILVER_TQFPixel C is the first all-Google Android tablet. It has a 10.2 inch screen and is designed to be used with a companion keyboard that also doubles as a protective cover. The tablet isn’t quite a total replacement for your laptop but it could qualify as the sexiest Android tablet on the market. The Pixel C shouldn’t be confused with an earlier Pixel model, which is a fully decked out Chromebook laptop that costs twice as much.

In my review today for Network World, I talk about the pros and cons for this tablet, and the unique magnetic keyboard that is its most interesting feature.

PC Magazine: the evolution of spreadsheet analytics

Like some of you, I got my first introduction to the PC from the spreadsheet. It has been around for more than 35 years in one form or another, and most of us have at least a basic working knowledge of how to use it for rudimentary calculations. In my computing career I have seen numerous spreadsheet abuses – it is amazing what people can force a spreadsheet to do for them. I actually wrote about this in 2014 for Intuit’s blog here.

One of the reasons that Excel and other spreadsheets are so abused is that it can be a very addictive tool, and users are fearful of having to learn something else. Another reason is given by Ron Shaich, the CEO of Panera Bread who says that too often middle managers “manage from the spreadsheet, viewing it as an oracle.They make decisions believing the numbers of the past loaded into the spreadsheet foretell future outcomes.” Sadly, the future is never as certain as we might hope.

If you can break from its charms, you can make use of your computer for a lot more useful activities such as data collaboration and analysis. For the former, you often see the spreadsheet context as a way to share a simple database (not surprisingly, Intuit sells one of these tools) among a work team. For the latter, there is the category of what has been called self-service business intelligence tools. I looked at the best of these for a review I did for PC Magazine last month of ten different BI tools.

The hard part is that these collaboration and analysis tools often have steep learning curves and make it trying to understand their user interfaces. Some products are better at data exploration than data analysis and reporting, so keep that in mind as you look at them. Some tools also cost five or more figures and thus aren’t very appropriate for smaller businesses. Finally, these BI tools come in several different versions, including browser-based SaaS and desktop and server versions: keeping the features straight among them will require some careful study.

Still, spreadsheets are reaching the end of their utility as work teams spread out across the globe and as we want to build better and more useful data models to run our businesses. At their core, the spreadsheet is really a souped-up calculator, not a way to model and share data. Spreadsheets lose their potency when they grow to beyond a single screen to display your calculations or hold a sparse matrix that doesn’t neatly line up in rows and columns.

PowerBI field editorIf you are going to break free of the spreadsheet’s orbit, you probably want to start off with Microsoft’s PowerBI tool (the controls are shown in the screenshot at right). This is free and works both in conjunction and independently from Excel. For a free product, it is amazingly capable. For example, you can query Mailchimp email lists so you can monitor data and trends about your campaigns, reports and individual subscribers, and also query Quickbooks online data. There are both desktop and browser-based versions and a huge collection of learning resources to help you over the hump of getting started.

Besides Microsoft, there are more than several dozen different BI tools: I have looked at a total of ten for PC Magazine, and each has some advantage over a simple spreadsheet. Does this spell the end of the spreadsheet? Hardly. But it does show the beginning of a new market that is worth looking into. As Shaich says in his post, “A spreadsheet is merely a way to organize data. Its numbers generally capture trends of the past, but it is in no way predictive of what’s to come.”

Network World: ten best enterprise password managers reviewed

In my 2013 review I looked at several different password managers, some suitable for enterprises and some primarily for consumers. Since then the field has ballooned and there are now more than two dozen different products on the market. As a data point, even the popular TV show “Shark Tank” evaluated a password manager startup in its current season.

LM1 2factorFor my own current season, I looked at ten tools: Dashlane for Business, Keeper Security’s Enterprise, Lastpass’ Enterprise (now part of LogMeIn), Lieberman’s Enterprise Random Password Manager, LogMeOnce Enterprise Edition (shown at right), Manage Engine’s (now part of Zoho) Password Pro, Agilebits’ 1Password for Teams, StickyPassword, SplashID’s TeamsID, and SingleID. The two strongest products in terms of protecting individual user logins are Lastpass and Keeper.

You can read the full review here, along with a description of some larger issues and overall trends with using these tools.

BizTech review: Brother MFC-J5920DW Offers Ink-Efficient Printing

brother-MFC-J5920DWIn the digital age, printers get a bad rap as outdated and inefficient. But some new all-in-one devices still bring value and convenience to today’s offices. Brother’s multifunction MFC-J5920DW printer offers a full complement of features typical of a modern printer/scanner/fax machine.

You can read my review in CDW’s BizTech magazine here.

Detecting malware with Sophos XG Firewall and Security Heartbeat

Sophos has developed an interesting and innovative new security product that bridges the gap between its endpoint and network protection products. Called Security Heartbeat, it requires a Sophos XG firewall and any of Sophos’ cloud-based endpoint protection agents. The entry level firewalls start at $300 and larger models can go for ten times that, with support contracts extra.

//fast.wistia.net/assets/external/E-v1.js

We tested the Sophos products during November 2015. Sophos is not as well known as other firewall vendors, but the use of the heartbeat is such an obvious benefit and the kind of innovation that you wonder why it hasn’t been done before.

Network World review of Carbon Black and Cylance

Most of us know by now that traditional anti-virus doesn’t work, or at least doesn’t work well enough to be the sole line of defense against potential endpoint exploits. Last year Symantec SVP Brian Dye told the WSJ that traditional AV only catches 45% of malware, and many security professionals think the number is even lower. These days, most enterprises need more, or at least want an endpoint product that can actual prevent zero-day infections and exploits from happening and be more proactive.

CB tor exit node bahviourWe looked at two relatively new protective products, Carbon Black (now owned by Bit9, with a screen shot shown above) and Cylance Protect (with a screenshot of its threat analysis shown below). Both are designed to approach securing your endpoints from a different and more complete perspective. To be effective, a modern endpoint security tool needs to be both a gatherer and a hunter: being able to find a needle in the proverbial haystack, when you don’t even know what the needle looks like. That is where this new breed of tools comes into play.

cy threat detailsYou can read the review published today here.