Malware – and specifically ransomware – tends to regularly make headlines with some business somewhere in the world reporting having its data encrypted by it. Due to this routine occurrence, companies need to acknowledge that their standard first line defenses such as cybersecurity and backup software no longer completely suffice to detect malware. To augment these defenses, companies need to take new steps to shore up these traditional defenses which, for many, will start with creating a secondary perimeter around their backup stores to detect the presence of malware.
There are two assumptions that IT professionals need to exercise caution before making when evaluating cloud data protection products. One is to assume all products share some feature or features in common. The other is to assume that one product possesses some feature or characteristic that no other product on the market offers. As DCIG reviews its recent research into the cloud data protection products, one cannot make either one of these assumptions, even on features such as deduplication, encryption, and replication that one might expect to be universally adopted by these products in comparable ways.
Yesterday I broke away from my normal routine of analyzing enterprise data protection and data storage technologies to take a closer look at enterprise security. To do so, I stopped by the Omaha Tech Security Conference held at the local Hilton Omaha conference center and visited some of the vendors’ booths to learn more about their respective technologies. In so doing, it quickly became evident from my conversations with a number of security providers that they recognize their need to introduce Big Data analytics into their products to convert the data, events, and incidents that they record and log into meaningful analysis that organizations can consume and act upon.
VMware and its suite of products have largely been designed by geeks, for geeks, with VMware pulling no punches about this claim. VMware’s CEO, Pat Gelsinger, is himself a self-professed geek which is made evident a couple of times in his VMworld keynote. But where he personally and VMware corporately have made big steps forward in the last few years is stripping out the technical mumbo-jumbo that can so easily beset VMware’s product suite and better translating its value proposition into “business speak.” This change in focus and language was put on full display during Gelsinger’s portion of the opening keynotes that kicked off the VMworld 2015 conference.
The closer any new solution comes to being non-disruptively introduced into existing organizational backup infrastructures, the greater the odds that the solution will succeed and be adopted more broadly. By Dell including FIPS 140-2 compliant 256-bit AES encryption and VTL features as part of its 3.2 OS release for its existing and new DR series of backup appliances at no charge, organizations have new options to introduce the DR Series appliances without disrupting their existing backup processes.
Backup software has traditionally been one of the “stickiest” products in organizations of all sizes in art because it has been so painful to deploy and maintain that, once installed and sort of working, no organization wanted to subject itself to that process again. But in recent years as backup has become easier to install and maintain, swapping it out for another or consolidating multiple backup software solutions down to single one becomes much more plausible. This puts new impetus on backup software providers to introduce new features into their products to keep them relevant and “sticky” in their customer environments longer term.
Think “Dell” and you may think “PCs,” “servers,” or, even more broadly, “computer hardware.” If so, you are missing out on one of the biggest transformations going on among technology providers today as, over the last 5+ years, Dell has acquired multiple software companies and is using that intellectual property (IP) to drive its internal turnaround. In this sixth installment of my interview series with Brett Roscoe, General Manager, Data Protection for Dell Software, we discuss how these software acquisitions are fueling Dell’s transformation from a hardware provider into becoming a solutions provider.
DCIG is pleased to announce the availability of its DCIG 2014-15 Security Information and Event Management (SIEM) Appliance Buyer’s Guide. In this Buyer’s Guide, DCIG weights, scores and ranks 29 SIEM appliances respectively from nine (9) different providers. Like all previous DCIG Buyer’s Guides, this Buyer’s Guide provides the critical information that all size organizations need when selecting a SIEM appliance to help provide visibility into their security posture by providing usable and actionable information.
Data security is a part of the IT infrastructure that should take care of itself. Companies have enough to worry about without always looking over their shoulder to make sure no one is stealing vital information. As most organizations recognize, this is NOT the case.
DCIG is pleased to announce the release of its 2014 Mobile Data Management (MDM) Buyer’s Guide that weight, score and rank over 100 features. Like previous Buyer’s Guides, this Buyer’s Guide provides the critical information that organizations need when selecting Mobile Data Management software to help meet the security, compliance and Bring-Your-Own-Device (BYOD) challenges in an ever increasing mobile enterprises.
Security-in-depth is rarely discussed without including desktop antivirus with antivirus software being a cornerstone of corporate network protection since the advent of the computer virus. The danger that antivirus software presents is that within most organizations it presents the last line of defense so any threat capable of breaching this defense has the ability to wreak havoc within the enterprise.
In the last few years security has shifted from being an issue that organizations only deal with when a crisis occurs to one with which they must now daily confront. This is putting pressure on organizations to stop taking a knee jerk reaction as their means of ongoing security management and instead adopt a systematic approach to effectively deal with both external and internal threats. The problems that internal threats present and why they are so difficult to detect were openly discussed this past Wednesday morning during that morning’s keynote at Symantec Vision 2013.
Information Technology Divisions (I.T.) traditionally does not deal with securing a device that has not been issued and controlled by them. Bring Your Own Device (BYOD) has exploded across industries. Rapid adoption of iPhone and Android devices displaced Blackberry Enterprise Server (BES) in the mobile enterprise email space. Adoption of new devices drives the need for Mobile Device Data Management software to assert control.
In part 2, we continue our discussion with GroupLogic’s Anders Lofgren, Vice President of Marketing and Product Management, by exploring licensing options and how the enterprise mobility space has opened up a new market for the company. As well, we dig deeper into activEcho and learn how it is designed to provide flexible and secure file-sync-and-sharing in the enterprise IT organization while being as simple and easy to use as one of the most popular–but unsecure–consumer grade file-sync-and-share cloud services today.
Earlier this year, DCIG interviewed the executive team at GroupLogic. GroupLogic shared with us how they approach the market for “enterprise file sharing” or what DCIG has been calling File-Sync-and-Share. In addition, we had the privilege of talking to Chris Broderick, CEO of GroupLogic who covered some of the company’s history.
Since the advent of the TCP/IP protocol, network administrators have had a major blind spot: the ability to reliably determine the identity of an individual device or user. BlackRidge’s new Eclipse™ solution, built on BlackRidge’s patented Transport Access Control (TAC), uses client drivers or gateway appliances to insert unique identity information to every TCP packet. In this third and final post in our blog interview series, BlackRidge Technology CTO John Hayes and I discuss where BlackRidge is heading and the challenge of managing infrastructures from the perspective of devices rather than networks.
The keynote given by Symantec’s CEO Enrique Salem this past Tuesday and the series of presentations that followed exposed every attendee at Symantec Vision 2012 to just how dangerous today’s internet world really has become. Yet the larger threat that every business faces is not putting in place a solution to address them. Rather it is the danger that dealing with these threats will cause organizations to take their eyes off of the ball and fail to focus on where their business needs to go next.
The world of machine-based data collection is creating an entirely new type of security problem: authenticating machines that have no formal user identity associated with them. Traditional VPNs break down in these environments while RSA Key IDs have no answer.
Followers of my previous blog entries should recognize the next company in DCIG’s Executive Interview series. I have previously discussed both the technical and operational impact of BlackRidge Technology’s patented breakthrough technology known as Transport Access Control (TAC). Today, BlackRidge announces their first product, Eclipse, based on their TAC technology. I begin a discussion of this release, in the form of a multi-part interview series, with BlackRidge Technology’s CTO John Hayes.
Amazon announced their Storage Gateway (beta) on January 25th, about two days before my article on VMWare and Citrix squaring off in the “Dropbox for Enteprise” market. In my article I noted that VMWare and Citrix are exploiting a based limitation of Dropbox, Evernote and Box introduced by supporting a Consumerization of IT (CoIT) product. Consumer-based file-share-and-synch applications cannot be installed in a company’s data center. As file-share-synch drives cloud adoption in the enterprise, vendors emerge from all corners.