Having trouble finding the right security products for your business? You’re not the only one.
Today’s market is filled with hundreds of vendors and plenty of marketing hype. But figuring out which solutions are worthwhile can be a challenge, especially for businesses with little experience in cybersecurity.
So we asked actual buyers of enterprise security products for tips, and here’s what they said.Damian Finol, security technical program manager at a major internet firm
Businesses have to do their research. That means looking at customer recommendations instead of relying on what vendors say. Testing the security products in house is also highly advised.
There's a growing threat on the cybersecurity scene that could drain millions from unsuspecting businesses and leave them vulnerable to hacking threats.
It isn’t a new strain of ransomware. It’s the cybersecurity industry itself.
It's ironic, but the products vendors sell, and the marketing they use, sometimes leave buyers misinformed and less secure, according to several business directors who actually buy the tech.
“There’s definitely a lot of vaporware,” said Damian Finol, an IT security manager at a major internet company. “There are definitely products that have really exaggerated claims about what they actually do.”
For some vendors, it's more about the sale than about security, IT executives say. To close a deal, bad vendors tend to overpromise features that they claim will be added down the line but never materialize. That makes a buyer's job harder.
The Surface Laptop stole the show at Microsoft’s May 2 event. The focus may have been on education, Windows 10 S, and affordable laptops for classroom use, but the oohs and ahhs went to the Surface Laptop for its beautiful display and Alcantara-clad keyboard, not to mention its light weight and long battery life. College kids are the Surface Laptop’s purported target user, but a lot of regular folks are intrigued by this new addition to Microsoft’s premium Surface family—and, frankly, many students won’t be able to afford it anyway.
Microsoft’s taking aim at Chromebooks and MacBooks alike with Windows 10 S, a new version of Windows 10 designed foremost for educational use. But schools alone aren’t Microsoft’s target audience, and while the new operating system shares the same underlying bones as the standard version of Windows 10, there are some stark differences too.
Here’s everything you need to know about Windows 10 S, mostly from a mainstream consumer perspective—and starting with the question everybody’s asking.Okay, so what’s the S for?
Windows chief Terry Myerson claims it stands for four different aspects of the operating system:
Most businesses hire third-party providers to fill in when they lack in-house resources. It is often necessary to allow third-party vendors access to their network. But after Target’s network was breached a few years ago because of an HVAC vendor’s lack of security, the focus continues to be on how to allow third parties access to the network without creating a security hole.
The use of third-party providers is widespread, as are breaches associated with them. Identity risk and lifestyle solution provider SecZetta claims that on average, 40 percent of the workforce make up third parties. A recent survey done by Soha Systems notes that 63 percent of all data breaches can be attributed to a third party. “The increased reliance on third-party employees, coupled with the growing sophistication of hackers, has led to the current identity and access management crisis that most businesses are faced with today — whether they realize it or not,” a SecZetta blog post stated.
To mom, with love
Image by Ultimate Ears, Looking Glass Design, ThinkGeek, Vik Muniz and MoMA Store
If you're looking for Mother’s Day gift ideas that are less about gadgets and more about stellar product design, this is the collection for you. The tech quotient is low, but the design bar is high. The creators are artists, craftspeople and industrial designers – and their inspiration comes from science, technology, engineering and math.
Oracle's chief Java architect has proposed tweaks to Java's modular plan. The revisions were said to be not in response to recent objections by Red Hat and IBM, but they do appear to address one of the concerns.
In a post to an openjdk mailing list on Thursday, a proposal by Oracle's Mark Reinhold, chief architect of the Java platform group, centers on an "AutomaticModuleNames" feature. He also referenced the plan on his twitter feed, tweeting, "Module names should be reverse-DNS and so automatic modules can be given stable names." An Oracle representative said the proposal was just ongoing work on issues that continue to be under discussion and was separate from Red Hat and IBM's issues.
There’s plenty about Microsoft’s new Windows 10 S that’s not fully understood, not the least of which is its built-in upgrade path to Windows 10 Pro. Which Windows 10 S device you buy and where you buy it, however, will decide whether you’ll pay a $49 fee for the the upgrade—or have Microsoft pay you with a year’s subscription to Office 365.
With most Windows 10 S devices reserved for closely managed classrooms, there's arguably only one Windows 10 S device where the transition from Windows 10 S to Windows 10 Pro becomes an important decision: Microsoft's Surface Laptop, designed for college students. But as hardware vendors start shipping more laptops with Windows S installed, more users will have to consider how they handle this upgrade path. We'll explain what we know so far.
Uber Technologies is reportedly under a criminal investigation by federal prosecutors in the U.S. over its use of secret software, which helped the company avoid officials seeking rides to investigate the ride-hailing service, according to news reports Thursday.
Their accounts appear to tally with a report last month by the Portland Bureau of Transportation, which stated that the City of Portland was notified by the U.S. attorney of the Northern District of California that Uber is the subject of a federal inquiry. The city is cooperating with the on-going probe.
Soon after the use of the so-called “greyballing” technology in many countries was reported by the New York Times in early March, Uber said it would prohibit the use of the technology to target action by local regulators.
Google has stopped Wednesday’s clever email phishing scheme, but the attack may very well make a comeback.
One security researcher has already managed to replicate it, even as Google is trying to protect users from such attacks.
“It looks exactly like the original spoof,” said Matt Austin, director of security research at Contrast Security.
The phishing scheme -- which may have circulated to 1 million Gmail users -- is particularly effective because it fooled users with a dummy app that looked like Google Docs.
A sophisticated Russian cyberespionage group is readying attacks against Mac users and has recently ported its Windows backdoor program to macOS.
The group, known in the security industry as Snake, Turla or Uroburos, has been active since at least 2007 and has been responsible for some of the most complex cyberespionage attacks. It targets government entities, intelligence agencies, embassies, military organizations, research and academic institutions and large corporations.
"Compared to other prolific attackers with alleged ties to Russia, such as APT28 (Fancy Bear) and APT29 (Cozy Bear), Snake’s code is significantly more sophisticated, it’s infrastructure more complex and targets more carefully selected," researchers from Dutch cybsersecurity firm Fox-IT said in a blog post Wednesday.
After about half a decade, Intel is wiping the confusing E5 and E7 monikers off its Xeon chips and rebranding them to bring more clarity about the performance and features that come with the processors.
Xeon chips are used in servers and workstations like Mac Pro. Xeon chips being released mid-year will be broken down into Platinum, Gold, Silver, and Bronze processors.
The naming scheme -- derived from metals -- is a mix of Olympic medals and branding of credit cards from companies like Delta. A person familiar with Intel's plans earlier said the chips will likely be widely referred to as Xeon-P, Xeon-G, Xeon-S, and Xeon-B, with the P for Platinum, G for Gold, etc.
AppDynamics' application monitoring tools played an important role in ensuring that Credit Suisse's FX trading platform was able to handle the market price fluctuations brought about by the UK Brexit vote, just two weeks after a major outage took its systems offline.
The Swiss financial services firm conducted its 'proof of value' (PoV) of the AppDynamics tools in the run up to the EU referendum, and the increased financial market volatility helped prove the return on investment immediately.
When it comes to silver linings, this is a pretty thin one, but the Swiss firm isn't renowned for its risk taking, and the speed with which it adopted the app monitoring system following a trial process is an indication of how the software impressed upper management.
Sometimes you look at the world and you just want to have a good cry. Other times you decide you have to do something.
Grass-roots goodwill efforts have been around ever since the Good Samaritan hauled a stranger out of the road, proving that upper body strength could be effective currency back in the day. Giving is satisfying. But grass-roots goodwill efforts don’t always scale.
For instance, imagine if three carpenters agreed to help an underprivileged family repair their rundown house. In reality, the family needs carpenter, a plumber and an electrician. The talents of two of the carpenters would be wasted.
Now imagine if Habitat for Humanity decides to help five families with new housing. Habitat can organize carpentry, electrical and plumbing resources, clustering the work by neighborhood and optimizing where and when repairs are done to ensure that talent is available. Efficient use of resources is proportional to the resulting benefits.
The EU's General Data Protection Regulation (GDPR) is fast approaching but with significant resource investment required, many organisations are struggling to meet the May 2018 deadline. According to Google executives, moving data to the cloud will help take some of the pain out of upgrading security practices and data protection standards in line with the regulations.
GDPR is the biggest change to data protection regulations in two decades, and is a major challenge for many businesses. A survey from analyst firm Gartner released yesterday showed that around half of those affected by the legislation - whether in the EU or outside - will not be in full compliance when the regulations take effect.
Microsoft today asked enterprise customers to test a new anti-malware, anti-exploit technology in Windows 10's baked-in browser.
Windows 10's latest preview, tagged as build 16188 and released Thursday, includes Windows Defender Application Guard, a virtualization-based feature that isolates the contents of a tab in Edge, the OS's default browser, from the rest of the system.[ Further reading: Fighting ransomware: A fresh look at Windows Server approaches ]
While Application Guard was announced in September, and went through limited testing in the months since, today marked its first appearance to all Insiders running Windows 10 Enterprise. Users must manually toggle on Application Guard from a setting dialog, then open a tab within Edge by selecting "New Application Guard Window" from the browser's menu.
China already has the world's fastest supercomputer and has now built a crude quantum computer that could outpace today's PCs and servers.
Quantum computers have already been built by companies like IBM and D-Wave, but Chinese researchers have taken a different approach. They are introducing quantum computing using multiple photons, which could provide a superior way to calculate compared to today's computers.
The Chinese quantum computing architecture allows for five-photon sampling and entanglement. It's an improvement over previous experiments involving single-photon sourcing, up to 24,000 times faster, the researchers claimed.
Blockchain technology is hard to ignore as practically everybody’s talking about it. That’s understandable because it’s predicted to disrupt the value flows that underpin business transactions and economies as well as create new business models. It has enormous power to solve business problems. But is a blockchain “distributed ledger” secure?
Blockchain is still in its infancy, so company leaders are naturally concerned about whether it can be manipulated. Organizations worldwide are seeking to take advantage of the new opportunities and disruptive power of blockchain — organizations that understand the magnitude of potential security issues. It has been rigorously tested in pilots and at scale by many governments, institutions and companies that have found the technology is incredibly secure.
When Microsoft made it possible for enterprises to quickly resolve incompatibilities between their applications and new Windows versions, it didn't intend to help malware authors as well. Yet, this feature is now abused by cybercriminals for stealthy and persistent malware infections.
The Windows Application Compatibility Infrastructure allows companies and application developers to create patches, known as shims. These consist of libraries that sit between applications and the OS and rewrite API calls and other attributes so that those programs can run well on newer versions of Windows.
Shims are temporary fixes that can make older programs work even if Microsoft changes how Windows does certain things under the hood. They can be deployed to computers through Group Policy and are loaded when the target applications start.
Following a $3.7 billion acquisition, AppDynamics is already looking to access Cisco's enterprise customer network as it plans to keep up the pace with the big hitters in the new wave of enterprise software vendors.
Cisco completed the acquisition of AppDynamics in March this year for a reported $3.7 billion (£2.86 billion), nearly double its pre-IPO unicorn valuation of $1.9 billion (£1.47 billion).
Speaking at the AppD Summit in London recently, CEO David Wadhwani said that the primary reason for the acquisition from Cisco's side was its belief in the underlying streaming data model that had been built at AppDynamics, not just in how it could help Cisco, but in its ability to further penetrate the enterprise market.