All posts by Richard

Archiving & Regulatory Retention, compliance, E-mail archiving, Microsoft Exchange, Microsoft Exchange Server, Microsoft Office 365, Mimecast, Research

Mimecast: Email Regulation Issues Leaving Businesses Confused

Corporate email archiving and retention policies are muddled and unclear, with many businesses leaving themselves exposed to potential litigation or compliance issues, according to new research launched today by Mimecast®, the leading supplier of cloud-based email archiving, security and continuity for Microsoft Exchange and Office 365.

The research, which surveyed IT managers on their organizations’ email policies and archiving practices, found that just 20 percent of businesses (23 percent globally) retain archived email for three years or more, with one in four businesses (25 percent U.S.; 26 percent globally) admitting that they do not have a clear policy on retaining email at all.

Key findings:

  • Email retention policies are often ad hoc or based on guesswork – Just
    one in four IT departments (30 percent U.S.; 26 percent globally) have
    an email retention policy designed to comply with industry regulations:
  • Forty-one percent of businesses surveyed (43 percent globally) say
    their archiving policies are based on ‘internal best practice’
    with no consideration given to industry or country specific
    regulations
  • Six percent of U.S. and global businesses admit to deciding their
    email retention policy around a ‘random future date’ with ‘no
    basis’
  • eDiscovery for email is a major area of concern – Many
    businesses are not confident that they would be able to identify all
    emails relating to a specific customer in a timely manner:

    • On average, it would take a U.S. business 15 working days to
      identify all emails relating to a potential litigation
    • Eighteen percent of U.S. businesses do not think they would be
      able to comply with this kind of email eDiscovery request within a
      month
  • Forty-one percent of businesses surveyed (43 percent globally) say
    their archiving policies are based on ‘internal best practice’
    with no consideration given to industry or country specific
    regulations
  • Six percent of U.S. and global businesses admit to deciding their
    email retention policy around a ‘random future date’ with ‘no
    basis’
  • On average, it would take a U.S. business 15 working days to
    identify all emails relating to a potential litigation
  • Eighteen percent of U.S. businesses do not think they would be
    able to comply with this kind of email eDiscovery request within a
    month
  • Concern around email compliance – IT departments are concerned
    that they are leaving their businesses exposed:

    • Just one in four (24 percent U.S.; 27 percent globally) IT teams
      are ‘completely confident’ that their email policies comply with
      all relevant regulations
    • Forty-eight percent (46 percent globally) are ‘mostly confident’
      with 34 percent (23 percent globally) ‘minimally confident’ or
      ‘not at all confident’
  • Just one in four (24 percent U.S.; 27 percent globally) IT teams
    are ‘completely confident’ that their email policies comply with
    all relevant regulations
  • Forty-eight percent (46 percent globally) are ‘mostly confident’
    with 34 percent (23 percent globally) ‘minimally confident’ or
    ‘not at all confident’

“Taking fifteen days to identify all relevant emails sent and received by a client is a massive and unnecessary resource drain,” said Jim Darsigny, CIO, Brown Rudnick LLP. “For IT departments, managing and enforcing email policies can no longer be an ad-hoc approach as the risk potential and time wasted is too high to ignore. In our organization, the cloud enables our business to significantly reduce the pain, costs and resources normally dedicated to sourcing archived email data. With a solid email eDiscovery strategy in place, we are not only able to better serve our clients, but we can also more accurately assess their level of risk.”

“IT departments can and should be doing more to protect their organizations by adopting a more rigorous approach to email archiving,” Eliza Hedegaard, Account Director Legal, Mimecast. “However, the businesses I speak to are not being helped by a regulatory system that is incredibly confusing and difficult to navigate. Regulators should be helping businesses by simplifying the regulatory framework and putting greater emphasis on clearly communicating what organizations need to do to in order to comply instead of adopting scare tactics that focus on what will happen if organizations fall foul of the rules.”

 


compliance, LogRhythm, Payment card industry, Payment Card Industry Data Security Standard, Qualified Security Assessor, Regulatory compliance, VMware, VMware vSphere

LogRhythm Partners with VMware to Automate Regulatory Compliance in Virtualized Environments

LogRhythm today announced that it has partnered with VMware to contribute to its newly introduced VMware Compliance Reference Architectures, a set of resources including solution guides and design architectures intended to simplify compliance for business-critical applications in the cloud era. As part of this initiative, LogRhythm has published the LogRhythm Solution Guide for Payment Card Industry (PCI), an addendum to the VMware Solution Guide for PCI. The LogRhythm solution addendum is a QSA-reviewed guide that outlines how the company’s SIEM 2.0 platform complements existing VMware security capabilities to help customers assure PCI compliance when virtualizing mission-critical business applications with VMware vSphere®.

“Security and compliance are top concerns for organizations seeking to virtualize critical business systems such as PCI payment processing,” said Parag Patel, vice president, Global Strategic Alliances, VMware. “We’re committed to helping customers address these concerns on their journey to the cloud, and partners like LogRhythm extend our native security capabilities to make this possible. Through our solution guides, VMware and LogRhythm are delivering a validated roadmap that details how organizations can achieve PCI compliance in virtualized environments.”

LogRhythm’s SIEM 2.0 platform delivers the visibility and insight needed to detect, defend against and respond to increasingly sophisticated cyber threats, efficiently meet compliance requirements, and proactively respond to operational challenges. The company provides out-of-the box compliance solutions that enable organizations to meet their requirements for log data collection, review, archive, reporting, and alerting under mandates such as PCI, HIPAA, NERC-CIP, GLBA, Sarbanes Oxley, GPG 13, and other regulatory regimes. LogRhythm’s PCI compliance package features specific investigations, alarms and reports designed to meet PCI reporting requirements, and directly addresses or augments at least 80 individual PCI controls. With fully integrated file integrity monitoring, advanced multi-tenant support, robust reporting, and rapid search and drill-down capabilities, LogRhythm is an ideal solution for addressing PCI compliance requirements in virtual environments. LogRhythm can ensure that sensitive data, such as credit card account information, is not inappropriately accessed by shared virtual resources or unauthorized individuals. LogRhythm is field-proven in numerous deployments where the solution is being used to automate and assure regulatory compliance in virtual environments.

“We’re very pleased to have been selected by VMware to help address the compliance requirements of customers moving their critical systems to virtual and private cloud environments,” said Matt Winter, vice president corporate and business development at LogRhythm. “LogRhythm has a significant track record helping customers meet their regulatory compliance obligations in virtual, physical and hybrid environments. Our compliance capabilities dovetail well with VMware’s native security offerings to create a robust and comprehensive solution. With the VMware Solution Guide for PCI and LogRhythm’s addendum solution guide, organizations can have confidence that there is a detailed, validated path to maintaining PCI compliance in virtualized environments.”

The LogRhythm Solution Guide for PCI has been reviewed by Coalfire, an independent Qualified Security Assessor specializing in IT audit, risk assessment and compliance management, and is available for download on the LogRhythm website and VMware Solution Exchange.


Amazon AWS, AppSpot, Azure, Dashboard, Google, Icloud, Internet Pulse, Joyent, Microsoft, Rackspace, salesforce.com

Introducing Cloud Service Dashboard of Dashboards

We’ve added a one-stop “dashboard of dashboards” that displays all the major cloud service dashboards on one page.

The page contains a “window” for each service status page or dashboard, with live, up-to-date info at a glance. Scroll for specific applications or locations, or click the link to jump to the full status page itself.

We included these services initially:

  • Amazon AWS
  • Google Apps
  • AppSpot
  • Microsoft Azure
  • RackSpace
  • Apple iCloud
  • Salesforce.com
  • Joyent
  • internet Pulse

Have we missed any? If we have leave a comment with the URL and we’ll try to add it.


Authentication, two-factor authentication

New SafeNet Authentication Service Designed for Service Providers

SafeNet, Inc. today announced the immediate availability of SafeNet Authentication Service, a new cloud-based authentication service. The cloud authentication solution was designed and engineered specifically for the service provider environment and allows service providers to rapidly introduce authentication-as-a-service to their enterprise customers. By doing so, it enables service providers to increase their average revenue per user (ARPU), significantly reduce the cost and complexity associated with offering and implementing strong authentication, and strengthen their security and compliance posture.

SafeNet Authentication Service extends the company’s portfolio of two-factor authentication solutions, providing enterprise and government organizations with  choice and flexibility to best customize their authentication solutions to meet current and future security needs.

SafeNet Authentication Service’s automated, customizable cloud platform can reduce authentication-related operational costs through the elimination of manual tasks associated with the provisioning, administration, billing, and management of users and tokens. Service providers can manage their customers from a multi-tier, multi-tenant platform that is vendor-agnostic and will work with an organization’s existing token technology, enabling a quick migration to a centralized cloud environment with minimal disruption to end users. In addition, the service can be white-label branded and completely customizable to the service provider’s needs, enhancing the service brand and overall awareness. In addition, the platform is highly scalable, which enables service providers to accommodate a growing number of customers added to the service without requiring costly infrastructure upgrades.

Strong authentication has also become a major challenge for today’s “extended enterprise,” in which remote employees, partners, customers, and other third parties require access to an organization’s systems, applications, and data. With no infrastructure required, enterprises can quickly turn to service providers for SafeNet Authentication Service to simplify the implementation of strong authentication in this environment—providing “security without borders” from a fully automated, high-assurance, trusted cloud environment.

In addition, SafeNet Authentication Service enables service providers to free up their customer’s IT staff to focus on higher-value activities. By doing so, this automation facilitates real-time policy application to ensure regulatory compliance and improved business efficiency.

According to Chris Morales of the 451 Research Group, “The consumerization of IT, the adoption of mobile computing and SaaS applications, and the incipient growth of desktop virtualization places identity front and center of emerging security and management concerns. As identity assumes more centrality for IT (in terms of both industry and organizational function) in coming to terms with these trends, securing the integrity of the identity assertion, characterizing it in terms of risk assessment, and supplementing (or supplanting) user name and password comprise the initial set of security hurdles. Also, as enterprises and organizations assess the requirements for authentication against the cost and flexibility of the options available from incumbent vendors, authentication-as-a-service, and new form factors or channels such as smartphone tokens and one-time passwords delivered as an SMS have gained in appeal.”

SafeNet Authentication Service reflects the combined offering resulting from SafeNet’s acquisition of Cryptocard in March 2012. This new service combines SafeNet’s market-leading authentication solutions with Cryptocard’s innovative, scalable, and flexible platform.


Apica, Apica WebPerformance, AppDynamics, Application programming interface, Google Analytics, Performance testing, SPDY, Tools

Apica WebPerformance Now Supports HTML5, Integrates with AppDynamics, Cloud Services, and Google Analytics

Enhancements to Apica WebPerformance portal, introduced today, include integration with AppDynamics and Google Analytics, HTML5 support, real browser monitoring from leading browsers, and provides an API solution for advanced monitoring capabilities.

Apica WebPerformance monitors the delivery of all web content and application functionalities from more than 100 locations worldwide, providing a controlled perspective on application performance. Using Apica WebPerformance’s powerful analytics, users can drill down to the code level to better understand the capacity, scalability, and responsiveness of their applications; troubleshoot bottlenecks; and take measures to proactively improve performance.

The latest enhancements to Apica WebPerformance include:

  • Integration with AppDynamics and Google Analytics. Real-time data
    from third-party accounts is fed directly into the Apica
    WebPerformance portal to provide deeper insight into the correlation
    of performance and traffic from a single location.
  • Websockets/HTML5 and SPDY standards support. To optimize the
    performance of live, rich media content such as real-time game
    updates, stock feeds, and status indicators, Apica WebPerformance
    includes Kaazing support, a commercial full-duplex communication
    server using Websockets and HTML5.
  • HTML5 GUI. The entire Apica WebPerformance portal now supports
    HTML5, which means that it can be accessed from laptops, smartphones,
    or tablets. The interface adjusts itself to the chosen platform so
    customers can keep track of their web performance wherever they are
    located.
  • Expanded real browser monitoring. Apica
    WebPerformance now supports browser checks from Google Chrome, in
    addition to Internet Explorer and Firefox. This provides a true
    end-user view of performance from the most popular browsers used today.
  • API access. Developers can embed monitoring results and
    performance check summaries into native programs using real-time data
    from Apica’s
    global network of monitoring agents.
  • Self-service functionality. Users can easily record scripts on
    their own and immediately begin reviewing and analyzing the
    performance of their website.

“Consumer demand for high-performing websites and applications is constantly increasing. Fast response times are no longer a luxury; they are expected,” says Sven Hammar, CEO of Apica. “Performance testing as part of the development process, not just after launch but prior to launch as well, is necessary to avoid problems that can cost businesses time, money, and poor brand reputation. We’ve enhanced our WebPerformance solution with more standards support and integration so users can correlate data from multiple instances and locations across the globe to get a transparent look at application performance and improve the end-user experience. We give businesses the power to optimize their web performance and identify issues before they impact customers.”


Business Processes, Content Management, Customer Relationship Management, GlobalSCAPE, Mobile device, Salesforce, salesforce.com

TappIn Pro Edition Includes Salesforce.com Integration

TappIn, Inc., a wholly-owned subsidiary of GlobalSCAPE, Inc. announced today the launch of the new TappIn Professional Edition. TappIn’s Professional Edition offers 10 GB of secure transactional cloud storage, enhanced secure mobile access features, integration with Salesforce, and group management capabilities designed for professional users, businesses, and an increasingly mobile workforce, by creating a go-to service for remote access to all content regardless of where it resides.

“The increasingly mobile nature of today’s workforce, coupled with the rapid diversification of content sources and storage repositories, has forced a re-envisioning of how IT manages the access device landscape,” said Maureen Fleming, analyst with IDC. “Content is no longer stored on just a computer or server, it’s stored across collaboration platforms like Salesforce and Microsoft Exchange, on NAS drives, and in cloud repositories—public, private, and personal. As mobile devices put our lives at our fingertips, businesses and their employees will look for solutions that also streamline access to these content sources, increasing efficiency and eliminating the need for redundant copies and storage.”

“If we have learned anything from the BYOD revolution, it’s that people are looking for the simplest way to manage and access everything they need via a mobile device,” said Chris Hopen, President of TappIn, Inc. “TappIn Professional Edition is the next evolution of our approach to access and management, allowing users to go to a single place on their mobile device and securely access or share all of their important content—whether it resides on a home computer, business server, or SaaS application such as Salesforce. TappIn is the one place they can go for access to all of their content without having to move it all to one place.”

 

 


Content Management, Small business

Marketecture Business Center 3.0 Offers Integrated Online SMB Platform

Marketecture today announced the full platform launch of the Marketecture Business Center 3.0, its turnkey website solution for micro and small businesses, which allows small business owners to establish and grow their business online without having to build their own software or become Internet experts.

Marketecture Business Center 3.0 provides a suite of integrated online business management and marketing tools. The new platform leverages proprietary, scalable software and includes the following features:

  • Custom Website Design – Build a website in minutes using
    Marketecture’s intuitive drag-and-drop functionality
  • Content Management – Upload as many images, video, music and data
    files as desired with Marketecture’s unlimited storage and hosting
    space
  • Social Marketing Management – Monitor and manage the social
    environment surrounding a small business with deep social media
    integration for Facebook, Twitter, Pinterest, Google+, LinkedIn and
    foursquare
  • Online Marketing Management – Work alongside Marketecture’s experts to
    deploy a variety of online business strategies, including SEO, PPC,
    viral, content and local marketing
  • Customer Relationship Manager – Track visitor analytics from one
    simple interface
  • Communications Manager – Unlimited email accounts, webmail access,
    newsletter and drip campaigns
  • E-Commerce – Set up a merchant account to collect money directly from
    the SMB’s website and use Facebook integration to enable customers to
    reserve services, purchase products and fill out forms and signups
    directly from the business’ Facebook page
  • Business Tools – Blogs, secure document editing and sharing,
    scheduling and reservations
  • Custom Logo Design – Use easy software tools to build great logos, or
    work side-by-side with Marketecture’s designers to create a logo to
    establish a brand

“After honing our platform for the past two years, we are thrilled to offer the full integration of the Marketecture Business Center,” said Oliver Bigler, chairman and CEO of Marketecture. “For years, thousands of micro and small businesses have benefited from aspects of our online platform and we pride ourselves in now being able to provide all the essential components needed to thrive on the web. For too long, small business owners have been unfairly offered select solutions by Internet software solution companies marketing their individual app. Marketecture’s all-in-one website solution and business system helps small business owners across the country build, market and grow their online business and adapt to an increasingly Internet-based economy.”

According to a 2011 report by research firm Borrell & Associates, most small and medium business (SMB) owners do not have the time or the expertise necessary to successfully conduct business online; in fact, 46 percent of SMBs in the U.S. have no online presence. Of the SMBs with an online presence, 80 percent are a simple “business card” site without embedded revenue generation. Marketecture addresses both deficiencies in its easy-to-use, all-in-one system, which helps clients build and maintain their website, find and retain customers and generate revenue.


LogNormal, M&A Activity, Mobile application development, Performance management, Performance testing, SOASTA

SOASTA Acquires Real User Measurement Company

SOASTA today announced the acquisition of LogNormal, the leading performance measurement company delivering real user measurement and monitoring for mobile and web applications. The acquisition extends SOASTA’s platform to deliver actionable intelligence for both marketing and operations executives on real user behavior.

“SOASTA is focused on constantly improving the user experience on mobile applications,” said Tom Lounibos, SOASTA’s CEO. “SOASTA has been delivering a fast, affordable and scalable performance solution for enterprise customer for years. The acquisition of LogNormal extends our vision of delivering the full life cycle of development, testing and measurement solutions to ensure the optimal user experience for our customers. We are excited to have LogNormal as part of SOASTA, especially Buddy and Philip with their dedication and experience in performance management.”

“SOASTA is the leader in mobile and web performance testing and we are excited to combine our expertise to deliver performance testing, monitoring and measurement in a single platform,” said Buddy Brewer, LogNormal’s CEO. “The combination of LogNormal’s expertise and SOASTA’s real-time analytics engine will provide unprecedented insight into mobile behavior.


AppNeta, Managed services, Network performance, Partnerships, PathView Cloud

AppNeta Launches Global MSP Partner Program

AppNeta today announced the launch of a new partner program for Managed Service Providers (MSPs). The AppNeta MSP Partner Program is designed to offer easy, revenue-generating services for assuring performance of critical applications such as VoIP, video conferencing, virtualization and web-based services. Today, AppNeta’s MSP Partners seamlessly and easily integrate AppNeta services into existing managed service contracts and create enhanced service offerings including network assessments, continuous monitoring, proactive troubleshooting, and scheduled reporting and alerting.

AppNeta’s PathView Cloud network performance service provides channel partners with unmatched breadth of insight and time to value, enabling them to see across multiple customer infrastructures in one view, and then pinpoint exactly where problems are occurring and why. The new MSP Partner Program offers unique pricing terms, centralized dashboards and alerts, white-labeled custom branded interface and a utility-based MRR billing model.

“We understand the demands on customer networks today, especially as business applications become more performance-sensitive. It is absolutely necessary for MSPs to have 24/7 performance visibility,” said Jim Melvin, CEO of AppNeta. “AppNeta is partnering with MSPs to develop an easy-to-implement service assurance program that will not only improve customer satisfaction, but will create new revenue sources at the same time.”

“Bandwidth Management Group is thrilled to be part of the AppNeta MSP Partner Program. We can now measure the performance of our customers’ wide area networks and cloud applications with continuous remote site monitoring,” said Christian Fedor, president, Bandwidth Management Group. “The new billing and training programs have made it easy for us to integrate the AppNeta solution into our existing managed service portfolio.”

While AppNeta has a long-standing partner program with more than 400 partners around the world, the new MSP Program is enhanced with key benefits to partners managing ongoing services and delivering critical applications to their global customer sites. The AppNeta MSP Partner program features:

  • Monthly, consumption-based billing
  • Easy, cloud-delivered implementation and automatic service upgrades
  • Simple, straightforward licensing
  • Regular upsell opportunities to customers


App Store, Apple, Icloud, iOS, iPad, iPhone, Mobile, Mobile phone, Smartphones, Social

CaptureToCloud Extends Social Workspace to iOS Devices

CaptureToCloud’s  Social Workspace has been extended to all iOS devices. This is the first mobile app that can capture a full copy of Internet content while it’s being viewed on an iPhone or iPad, and immediately make it available for social media sharing and collaboration. This  app is used by professionals and businesses to capture mobile content into their CaptureToCloud workspace where it can be organized, shared and discussed alongside other important content. The new iOS app is included in both the free and premium services – available in the Apple App Store and at www.capturetocloud.com.

According to a recent study by the Pew Research and American Life Project, “some 88% of U.S. adults own a cell phone of some kind as of April 2012, and more than half of these cell owners (55%) use their phone to go online.” Viewing Internet content on an iPhone or iPad is one of the most common uses. With CaptureToCloud, users can be viewing that content and immediately save a copy, share it with colleagues, discuss it and read it offline.

“In today’s world, people expect a seamless transition from their desktops to their mobile devices and to be constantly connected to their apps and important content,” said Ramon Nunez, CEO, CaptureToCloud. “Mobile access is a key component of our anywhere, anytime workspace and capturing mobile content is a natural extension of what we provide on the desktop.”

CaptureToCloud aims to make it easy for professionals and businesses to incorporate Internet content into their daily work. The iOS app not only gives users access to all content in their CaptureToCloud library while they’re away from their desktop, but also allows them to capture and share new content they find with an iOS device, keeping them just as productive and engaged with projects and discussions.