How identities are the new security perimeter

  • Privileged credentials for accessing an airport’s security system were recently for sale on the Dark Web for just $10, according to McAfee.
  • 18% of healthcare employees are willing to sell confidential data to unauthorized parties for as little as $500 to $1,000, and 24% of employees know of someone who has sold privileged credentials to outsiders, according to a recent Accenture survey.
  • Apple employees in Ireland have been offered as much as €20,000 ($22,878) in exchange for their privilege access credentials in 2016, according to Business Insider.
  • Privileged access credentials belonging to more than 1 million staff at a top UK law firm have been found for sale on the Dark Web.

There’s been a 135% year-over-year increase in financial data for sale on the Dark Web between the first half of 2017 and the first half of 2018. The Dark Web is now solidly established as a globally-based trading marketplace for a myriad of privileged credentials including access procedures with keywords, and corporate logins and passwords where transactions happen between anonymous buyers and sellers. It’s also the online marketplace of choice where disgruntled, angry employees turn to for revenge against employers. An employee at Honeywell, angry over not getting a raise, used the Dark Web as an intermediary to sell DEA satellite tracking system data he accessed from unauthorized accounts he created to Mexican drug cartels for $2M. He was caught in a sting operation, the breach was thwarted, and he was arrested.

Your most vulnerable threat surface is a best seller

Sites on the Dark Web offer lucrative payment in bitcoin and other anonymous currencies for administrators’ accounts at leading European, UK and North American banking institutions and corporations. Employees are offering their privileged credentials for sale to the highest bidder out of anger, revenge or for financial gain anonymously from online auction sites.

Privileged access credentials are a best-seller because they provide the intruder with “the keys to the kingdom.” By leveraging a “trusted” identity, a hacker can operate undetected and exfiltrate sensitive data sets without raising any red flags. This holds especially true when the organizations are not applying multi-factor authentication (MFA) or risk-based access controls to limit any type of lateral movement after unauthorized access. Without these security measures in place, hackers can quickly access any digital businesses’ most valuable systems to exfiltrate valuable data or sabotage systems and applications.

81% of all hacking-related breaches leverage either stolen and weak passwords, according to Verizon’s 2017 Data Breach Investigations Report. A recent study by Centrify and Dow Jones Customer Intelligence titled, CEO Disconnect is Weakening Cybersecurity (31 pp, PDF, opt-in), found that CEOs can reduce the risk of a security breach by rethinking their Identity and Access Management (IAM) strategies. 68% of executives whose companies experienced significant breaches in hindsight believe that the breach could have been prevented by implementing more mature identity and access management strategies.

In a Zero Trust world, identities are the new security perimeter

The buying and selling of privileged credentials are proliferating on the Dark Web today and will exponentially increase in the years to come. Digital businesses need to realize that dated concepts of trusted and untrusted domains have been rendered ineffective. Teams of hackers aren’t breaking into secured systems; they’re logging in.

Digital businesses who are effective in thwarting privileged credential access have standardized on Zero Trust Security (ZTS) to ensure every potentially compromised endpoint, and threat surface within and outside a company is protected. Not a single device, login attempt, resource requested or other user-based actions are trusted, they are verified through Next-Gen Access (NGA).

Zero Trust Security relies upon four pillars: real-time user verification, device validation, access and privilege limitation, while also learning and adapting to verified user behaviors. Leaders in this area such as Centrify are relying on machine learning technology to calculate risk scores based on a wide spectrum of variables that quantitatively define every access attempt, including device, operating system, location, time of day, and several other key factors.

Depending on their risk scores, users are asked to validate their true identity through MFA further. If there are too many login attempts, risk scores increase quickly, and the NGA platform will automatically block and disable an account. All this happens in seconds and is running on a 24/7 basis ― monitoring every attempted login from anywhere in the world.

A recent Forrester Research thought leadership paper titled, Adopt Next-Gen Access to Power Your Zero Trust Strategy (14 pp., PDF, opt-in), provides insights into how NGA enables ZTS to scale across enterprises, protecting every endpoint and threat surface. The study found 32% of enterprises are excelling at the four ZTS pillars of verifying the identity of every user, validating every device using Mobile Data Management (MDM) and Mobile App Management (MAM), limiting access and privileges and learning and adapting using machine learning to analyze user behavior and gain greater insights from analytics.

NGA is a proven strategy for thwarting stolen and sold privileged access credentials from gaining access to a digital business’ network and systems, combining Identity-as-a-Service, Enterprise Mobility Management (EMM) and Privileged Access Management (PAM). Forrester found that scalable Zero Trust Security strategies empowered by NGA lead to increased organization-wide productivity (71%), reduced overall risk (70%) and reduced cost on compliance initiatives (70%).

Additionally, insights gained from user behavior through machine learning allow for greater efficiency — both on reduced compliance (31% more confident) and overall security costs (40% more likely to be confident), as well through increased productivity for the organization (8% more likely to be confident). The following graphic from the study ranks respondents’ answers.

Conclusion

Making sure your company’s privileged access credentials don’t make the best seller list on the Dark Web starts with a strong, scalable ZTS strategy driven by NGA. Next-Gen Access continually learns the behaviors of verified users, solving a long-standing paradox of user experience in security and access management. However, every digital business needs to focus on how the four pillars of Zero Trust Security apply to them and how they can take a pragmatic, thorough approach to secure every threat surface they have.

Firefox Focus tweaked with improved browsing features


Clare Hopping

3 Oct, 2018

Firefox Focus, Mozilla’s private browsing experience update has now been revealed, with new features, such as custom tabs, a tracker counter and a full-screen mode. 

All the core features of Firefox Focus are now presented on the homescreen of the application, offering hints and tips for users about how to protect their identity while browsing online. 

You can also get search suggestions from the homescreen, although this is only activated if you wish it to be via the settings, because the whole point of Firefox Focus is so no one knows what you’re searching for. But to switch it on, just heard to the Firefox Focus settings and choose to turn it on.

The design of Firefox Focus has also seen quite an overhaul to be more in line with Android Pie. The update for Android users includes new icons, a customised URL bar and simplified settings menu to make it almost look part of Google’s operating system.

iOS users arguably get the tastiest new features, including Siri Shortcuts, which allows them to set their favourite websites and open them on demand, just by using their voice through Siri. They will also be able to erase their history and erase activity in the background using shortcuts.

Underneath the UI, Firefox Focus has been updated at a more core level. In fact, Mozilla explained it’s completely revamped the underlying framework. Focus is now built on GeckoView, Mozilla’s own mobile engine to make it more focused on security and privacy. Specifically, it means no third parties will be able to collect data.

Mozilla promised that although there doesn’t seem to be a huge amount of changes in this version, there’s a lot more coming soon to protect users’ privacy while browsing on mobile.

What Is Your IT department Good for: Efficient Service or Unwanted Workout?

A midsize or large organization with dozens, hundreds, or even thousands of PCs is difficult to imagine without Microsoft System Center Configuration Manager (SCCM). This hardware and software administration solution allows handling asset management, software distribution, remote maintenance, license monitoring, reporting, and software threat defense from a single, centralized console. Eliminating countless manual tasks helps […]

The post What Is Your IT department Good for: Efficient Service or Unwanted Workout? appeared first on Parallels Blog.

Deloitte Named Technology Sponsor of @CloudEXPO NY | @Deloitte @DeloitteUS #Cloud #CIO #IoT #Serverless #DevOps

“Deloitte” is the brand under which tens of thousands of dedicated professionals in independent firms throughout the world collaborate to provide audit & assurance, consulting, risk and financial advisory, risk management, tax, and related services to select clients. These firms are members of Deloitte Touche Tohmatsu Limited, a UK private company limited by guarantee (“DTTL”). Each DTTL member firm provides services in particular geographic areas and is subject to the laws and professional regulations of the particular country or countries in which it operates.

read more

Atmosera Named “Technology Sponsor” of @CloudEXPO NY | @Atmosera @Azure #Cloud #DevOps #CIO #DataCenter #Monitoring

Atmosera delivers modern cloud services that maximize the advantages of cloud-based infrastructures. Offering private, hybrid, and public cloud solutions, Atmosera works closely with customers to engineer, deploy, and operate cloud architectures with advanced services that deliver strategic business outcomes. Atmosera’s expertise simplifies the process of cloud transformation and our 20+ years of experience managing complex IT environments provides our customers with the confidence and trust that they are being taken care of.

read more

Retail, advertising and marketing are furthest on the road to hybrid cloud

Every industry is moving towards a hybrid cloud world – with retail, advertising and marketing making the biggest push.

That’s the key finding from a new report by container and cloud technology provider Mesosphere. The study, which focused its responses on more than 700 Mesosphere users, found that almost two thirds (64%) of retail and eCommerce respondents polled said they had hybrid environments.

This is considerably more than advertising, marketing and PR (42%) and IT consulting (40%), which came next in the list. The lowest performing industry is education, with only one in five (21%) proffering hybrid.

Not one respondent in the healthcare industry said they had a primarily cloud-based stack; 71% were on-prem and 29% had hybrid. For education, 64% have wholly cloud and only 14% were on-premise. “Healthcare is going straight from on-prem to hybrid and skipping cloud-only altogether. This is likely due to the size of the data and confidentiality requirements,” the report noted. “Education still trails, possibly due to a large footprint in high performance computing infrastructure.”

The figures don’t correlate with company size. 38% of organisations with 10,000 employees or more are hybrid, compared with 35% for 5,001-10,000 and 39% for 1,001 to 5,000.

Container adoption is seeing steady progress. 84% of Mesosphere users are running containers in production today, up significantly from 62% in 2016. Not surprisingly, Kubernetes was top dog among the respondents. On average, users are running three or more frameworks on Mesosphere, with Kubernetes the most popular ahead of big data service Kafka and open source server Jenkins. The vast majority of those polled (97%) said they were using Kubernetes to simplify deployment.

“The growth of Kubernetes usage on Mesosphere clearly echoes its popularity in the market,” the report notes, “and customers are adopting Kubernetes and leveraging the Mesosphere platform for automation and management.”

Writing in a company blog, Dayna Rothman, Mesosphere VP marketing, explained: “Clearly, the main drivers for implementing Kubernetes on Mesosphere are around simplicity, scale, and flexibility. These drivers are especially critical for enterprise organisations and companies who need to operate multiple Kubernetes clusters.”

Multi-cloud has also gone up considerably in the past couple of years. In the 2016 report, 86% of respondents said they were using only one cloud provider, a number which had gone down to 76% this time around.

Microsoft, Amazon and Google infrastructure-centric: Why the cloud is increasingly ‘magic’

Opinion We hear the term ‘the year of the cloud’ many times. I profess that it is ‘the decade of the cloud’ – and what’s more, we haven’t even really started yet.

Having been in the cloud industry for more than 12 years, and had a wealth of opportunity to engage with business across vertical sectors – from small local businesses to global enterprises and across geographic regions – I have witnessed an evolutionary change in acceptance of cloud technologies. This has gone from adamant “we resist” no-cloud policies through to “all in” cloud-first strategies.

We seem to have settled down now into a world where there is acceptance that cloud options should always be considered and the fear of cloud has diminished to a point where questions are asked and diligence done – rightly so, but as a necessary checkpoint, rather than a barrier to progressing.

Cloud is going to rapidly proliferate, not through the name – who says ‘I want some cloud’? – but due to the accelerated and rapid growth of emerging technologies powered by cloud somewhere or somehow. These are fast becoming the norm in everyday life and are appearing on business agendas across sectors. We find big data, AI, IoT, VR, and even drones all appearing in ever more interesting and applicable ways, with their prices becoming consumable by even the smallest of firms. By 2020, we can expect to be seeing AI and IoT increasingly in our everyday lives – often transparent to us, and with cloud hidden away powering their wonderous delivery.

We now hear the terms edge computing and fog computing, as well as wider use of ‘as a service’ as the cloud sector matures. With this maturing comes a wave of change in the underlying delivery mechanisms and platforms.

We started with hosting, data centres hosting your own racked equipment, or providing racks where you could remotely install your applications onto your own single tenancy instance. Heading towards 2020, we are seeing an acceleration of re-platforming and customers moving their workloads to the public cloud, where the early concerns have gone and we now see compute and storage costs constantly reducing on what is known as the race to zero (who will be the first to give it away?). This whilst performance, reliability and function have increased. We have never seen a time in compute previously where the power and function went up at as high an exponential as prices are coming down.

Compounding this is technology vendors who are themselves re-platforming, moving their SaaS offerings from their own hosted data centres to the likes of the big three – AWS, Azure, or Google. We have seen major technology SaaS firms doing this and, in my experience, both where I have worked and those I know well in the sector, this is increasingly commonplace. Cloud firms are realising their core is the IP and expertise, not running the traditional cloud infrastructure itself. Add to this that we are seeing a growth of hosting firms, traditionally fighting against these public cloud giants, not getting on board, instead reselling their hosting and wrapping their cloud expertise around the unbeatable ‘compute power <> price’ ratio that the goliaths can deliver.

By 2020, we can expect cheaper prices throughout the cloud chain, the emergence of eye-opening new tech at home and in the workplace – and a change under the covers of how the cloud providers themselves deliver and monetarise their own offerings.

Ian Moyse is a cloud industry thought leader and cloud sales director at Natterbox.

https://www.cybersecuritycloudexpo.com/wp-content/uploads/2018/09/cyber-security-world-series-1.pngInterested in hearing industry leaders discuss subjects like this and sharing their experiences and use-cases? Attend the Cyber Security & Cloud Expo World Series with upcoming events in Silicon Valley, London and Amsterdam to learn more.

How to Use the Mac Touch Bar with Windows Applications in Parallels Desktop 14

This is part of a series of blog posts about the new features in Parallels Desktop 14. Last year in Parallels Desktop® 13 for Mac, we added Touch Bar™ support for Windows applications. This proved to be so popular that we increased Touch Bar support in Parallels Desktop 14. Applications with built-in support Touch Bar […]

The post How to Use the Mac Touch Bar with Windows Applications in Parallels Desktop 14 appeared first on Parallels Blog.

Jim Donovan Joins @CloudEXPO NY Faculty | @Wasabi_Cloud @Wasabi_Jim @Wasabi_Dave #Cloud #Storage #DataCenter

Cloud Storage 2.0 has brought many innovations, including the availability of cloud storage services that are less expensive and much faster than previous generations of cloud storage. Cloud Storage 2.0 has also delivered new and faster methods for migrating your premises storage environment to the cloud and the concept of multi-cloud. This session will provide technical details on Cloud Storage 2.0 and the methods used to efficiently migrate from premises-to-cloud storage. This session will also discuss best practices for implementing multi-cloud environments.

read more

Intel Named Technology Sponsor of @CloudEXPO New York | #Intel #Cloud #CIO #DevOps #IoT #Blockchain #DigitalTransformation

Intel is an American multinational corporation and technology company headquartered in Santa Clara, California, in the Silicon Valley. It is the world’s second largest and second highest valued semiconductor chip maker based on revenue after being overtaken by Samsung, and is the inventor of the x86 series of microprocessors, the processors found in most personal computers (PCs). Intel supplies processors for computer system manufacturers such as Apple, Lenovo, HP, and Dell. Intel also manufactures motherboard chipsets, network interface controllers and integrated circuits, flash memory, graphics chips, embedded processors and other devices related to communications and computing.

read more