Archive for October, 2021

« Older Entries
Newer Entries »

Singapore’s Fullerton Health Hit By Data Breach

Posted in Commentary with tags on October 28, 2021 by itnerd

Singapore healthcare provider Fullerton Health says a third-party data vendor, Agape Connecting People, which facilitates with appointment booking, suffered a data breach on October 19 that compromised patients’ personal data containing names, contact details and banking information:

We detected on 19 October 2021 that client information was compromised due to unauthorised access by a malicious third party.

The intrusion was identified and we acted immediately to prevent further compromise. The system was isolated and suspended. None of our core infrastructure has been compromised. Based on the information gathered to date, we are confident that our security controls were effective in limiting the impact of the incident.

The incident appears to have been contained to our client Fullerton Healthcare. The customer information that may have been compromised were limited to the following: Personal identifiable information such as name and contact details. We have established that no credit card information and password has been exposed.

We are in the process of confirming that no other clients of Agape Connecting People were affected.

This could lead to identity theft and fraud on a large scale. Which of course is not good. And it could go beyond this one client. Yan Michalevsky, CTO and Cofounder, Anjuna had this to say in terms of how to stop this sort of attack from happening:

“Taking over company servers enables attackers to laterally move within the organizational infrastructure and compromise sensitive data. In addition to existing measures, technologies such as Confidential Computing and Secure Enclaves can protect applications and data even in the case of an attacker taking over the servers, as in the case of the Fullerton Health data compromise.”

Companies should consider taking these steps to protect their data, and customer data.

Leave a comment »

Guest Post: Half Of Women Claim They Are Responsible For Tech Decisions At home Says NordVPN

Posted in Commentary with tags on October 27, 2021 by itnerd

Half of women (54%) consider themselves responsible for decisions on IT software purchases and solving tech issues, while a third feel comfortable delegating the task to their partners. This might include anything from purchasing a VPN to troubleshooting a malfunctioning device.

However, when men are asked the same question, 75% of them claim to be running tech-related questions, and only 14% of respondents admit they leave the responsibility to their other half.

The older women are, the more they consider themselves responsible for tech questions.

Young women are twice as likely to address their parents with tech issues, as compared to young men. In general, both genders between the ages 19 and 24 still lean on their parents the most for help with tech questions. 

Another interesting finding of the research is that 45- to 74-year-old women tend to delegate the responsibility of taking care of their software and its malfunctioning to their children, while men are less inclined to do so.

Despite not taking full responsibility for their digital tools, women are better at cybersecurity and protecting themselves online, research by NordPass suggests. Women are more concerned about the potential harm of their personal online accounts being hacked. They also tend to use unique passwords more often than men.

“The study by NordVPN only adds to that finding. Among those who admitted they are highly concerned about cybersecurity, women and men seemed to be equally concerned,” said Daniel Markuson, a digital privacy expert at NordVPN.

“The ever-growing demand for cybersecurity tools like VPN signals the rising awareness of the need to be protected online. From our customer surveys we know that approximately 80% of them choose NordVPN because of privacy and protection. This is a comforting trend, as more and more people take precautions to protect their netizenship,” says Daniel Markuson.

NordVPN’s survey of the adult population (1,000 respondents) in the US was carried out in August 2021. 

Leave a comment »

StorCentric & Robin.io Announce Cloud-Native Solutions For VM-as-a-Service & Virtual Desktops

Posted in Commentary with tags on October 27, 2021 by itnerd

Robin.io and StorCentric today announced the general availability (GA) of hyperconverged cloud-native solutions that simplify and accelerate channel solution providers’ and end users’ journey to the private cloud. The joint offerings allow the Robin Cloud Native Platform (CNP) to be coupled with StorCentric’s Nexsan Unity enterprise-class unified storage or with StorCentric’s Nexsan E-Series high-density, high-performance, highly scalable storage to deliver powerful solutions for enterprises that require agility and as-a-service application delivery, where cost has been a major impediment. 

The joint solutions are delivered as a hyper-converged appliance and offer a cloud-like experience for hosting virtual machines (VMs) and virtual desktop infrastructure (VDI). Compared to public cloud offerings, the solutions offer 2x improved performance and 50% faster application provisioning, with a 50% reduction in operating costs. 

Cloud Native HCI Solution from Robin and StorCentric 

Rising datacenter complexity is overwhelming IT organizations. As a result, they have begun turning to hyper-converged infrastructure (HCI) for simplicity and ease-of-use. Using Robin CNP with StorCentric Nexsan E-Series or Nexsan Unity storage provides a software-defined infrastructure on which containerized and non-containerized applications can be delivered as-a-service and deployed in minutes instead of hours, offering a high degree of automation for lifecycle operations. 

As Kubernetes scales inside the enterprise, users are looking to leverage the technology for running mission-critical workloads such as stateful applications like databases, big data and AI/ML applications. Unlike stateless applications, these applications have important storage and networking requirements. The Kubernetes community has focused on the need to support stateful workloads—the work done around Stateful Sets is a good indicator of this progress. But this effort is far from mature and there exists operational overhead in provisioning the clusters needed for persistent volumes. Many IT organizations are spending multiple cycles to get Kubernetes set up for stateful workloads, leading to friction and delays. 

The problem grows larger when big data and other data-intensive workloads become part of the equation. Beyond the operational overhead, performance is also a critical criterion for these workloads. The enterprise decision makers are torn between selecting a DIY approach to running stateful workloads on Kubernetes and finding the right platform that is suitable for data-intensive workloads. 

To learn more, please visit: https://www.robin.io/featured-solution-brief/private-cloud-made-easy-with-robin-and-storcentric/

Leave a comment »

Salesforce and DocuSign Team Up

Posted in Commentary with tags on October 27, 2021 by itnerd

Salesforce and DocuSign today announced an expansion of their global strategic partnership to build new joint solutions that make it easier for customers to accelerate how agreements are facilitated around the world. New innovations will automate the contract process with AI-based, smart solutions that improve the customer experience of preparing, signing, and managing agreements, drive faster ROI, and increase collaboration amongst organizations with Slack functionality.

New innovations

Companies must maximize productivity and collaboration in an all-digital, work-from-anywhere world. Salesforce and Slack enable organizations to build their digital HQ by improving employee collaboration both internally and externally with customers and partners – no matter where, when, or how they work. 

Salesforce’s expanded partnership with DocuSign will offer new ways to make it easier to prepare contracts, quotes, and invoices, track and enforce contract terms, and manage the entire contract lifecycle management (CLM) process efficiently across DocuSign, Salesforce, and Slack platforms. New applications will be jointly designed and developed natively in Salesforce Customer 360:

  • Agreement collaboration with DocuSign and Slack platforms: This integration aims to accelerate the broader agreement collaboration process for customers, right from within Slack. New workflows will notify teams on agreement progress and action items, enabling them to work quickly to review, edit, monitor, and execute agreements, without ever leaving their digital HQ. DocuSign eSignature for Slackis available now; DocuSign CLM for Slack will be available in 2022.
  • DocuSign Gen for Salesforce Billing: Customers can close, bill, and recognize revenue faster through branded invoices, directly inside Salesforce Billing, with configurable templates. Customers can also schedule batch invoice generation and delivery or generate an invoice, on-demand, driving more on-time payments and fewer customer service issues. DocuSign Gen for Salesforce Billing is available now.
  • DocuSign Gen for Salesforce CPQ Plus: Customers can automatically generate professional, customizable agreements from Salesforce with just a few clicks. The entire process can be configured and controlled from Salesforce, saving customers time, eliminating errors, and speeding up the path to revenue.DocuSign Gen for Salesforce CPQ Plus is available now.
  • DocuSign CLM for Salesforce Field Service: Customers will be able to automate Obligation Management by tracking, enforcing, and updating key contract terms across departments. Obligations and terms from contracts executed via DocuSign CLM, such as warranties and service level agreements (SLAs), can be mapped into Service Cloud contract objects. This will enable smarter and more automated service experiences, and efficient service contract execution. DocuSign CLM for Salesforce Field Service will be available in 2022.

For more detail on the partnership, please visit https://www.docusign.com/solutions/salesforce.

Leave a comment »

Cradlepoint Unveils Enhanced Wireless Edge Solutions To Relieve The IT Burden Of A Growing Global Remote Workforce

Posted in Commentary with tags on October 27, 2021 by itnerd

Cradlepoint today announced updates to its E100 Series Enterprise Routers to provide organizations, worldwide, with the performance and capabilities to meet the connectivity, security and IT management demands of today’s work-from-anywhere world.  

Cradlepoint designed its E100 Series Enterprise Routers specifically for work-from-anywhere use cases leveraging LTE cellular connectivity. The upgraded E100 wireless edge router includes a faster LTE cellular modem (CAT7) that has double the downlink speeds for added performance and triple the uplink speeds to support applications such as video conferencing. The E100 began shipping to the U.S. and Canada this month. To further support the company’s commitment to global expansion, the new E102 wireless edge router is designed to accommodate international certifications and standards. It features the same, faster LTE modem as the E100 and launches in mid-November. 

The Cradlepoint E100 Series Enterprise Routers: 

  • Offer a scalable, easy-to-manage solution that can extend to thousands of remote workers at any location and can manage these new user populations with limited-to-no incremental staff.
  • Provide IT organizations with complete control over security, availability, and management as well as device access and traffic usage. 
  • Emphasize network standards and interoperability to insert easily into existing networks.

The Era of Work from Anywhere  

Fluctuating pandemic conditions have delayed return-to-office dates and are giving rise to hybrid work environments. The number of employees working from home more than quadrupled during the pandemic and 50 per cent of IT organizations expect that this remote work population will remain permanently expanded*, according to Enterprise Management Associates (EMA). As a result, the stress on networks will continue to grow. For example, EMA also found 95 per cent of network operations report that work-from-home has led to an increase in real-time communications application traffic (voice, video, online meetings) on their networks.  As a result, IT staff need to provide a network infrastructure to support work-from-home and work-from-anywhere on a more permanent basis, and for many, do it with the same staff and resources they have today.  

More immediate solutions to tackle this challenge have provided limited results. For example, VPN client solutions on laptops often can be used at the discretion of the employee which doesn’t sufficiently protect corporate networks and assets. And solutions relying on an employee’s home network introduce real security risks and may have uneven performance with critical applications due to sharing the network with bandwidth-intensive home traffic, like streaming and gaming services. Additionally, IT lacks the visibility and control they need to ensure security and performance, and to troubleshoot work-from-home related problems. Even SD-WAN is not a good option, in most cases, because it does not address the shared home network problem.  

Without a dedicated wireless connection, companies also face a lack of segmentation between work and home traffic that opens enterprises up to security risks while users face performance challenges. Only by providing a dedicated, IT-controlled wireless connection to the home – which is easily done through cellular – can organizations address these inherent risks and ensure cost-effective IT support for remote workers. 

Enter Cradlepoint: The Solution for a Work From Anywhere Future 

Using a dedicated wireless WAN connection, Cradlepoint can extend secure connectivity to the employee home with the same IT capabilities and end-user experience as the office network.  Cradlepoint NetCloud establishes and controls the security policies through the router, meaning the VPN connections no longer are at the discretion of the end-user. Flexible options support different office and cloud access and security models, including corporate VPN extension, direct internet access, and a hybrid of the two. Using dedicated WAN and Wi-Fi networks isolates work devices such as laptops and printers to meet security and compliance policies. Organizations can uphold company-wide security standards and extend this protection to all connected company assets.  

Both the Cradlepoint E100 and E102 Enterprise Routers provides simple, IT-centric management, enabled with a cloud-based management platform – NetCloud Manager – to monitor, control, and troubleshoot wireless edge routers in employees’ homes. Policies can also be instituted to support traffic shaping and better performance for applications. Additionally, zero-touch deployments ease installations as pre-configured routers with pre-activated SIMs installed can be shipped to the home for easy setup.   

For more information on Cradlepoint’s remote work solutions, please visit https://resources.cradlepoint.com/remote-work.   

Leave a comment »

HelpSystems Acquires Enterprise Data Loss Prevention Leader Digital Guardian

Posted in Commentary with tags on October 27, 2021 by itnerd

HelpSystems announced today the acquisition of Digital Guardian, the industry’s only SaaS provider of data loss prevention (DLP) solutions for large and mid-sized organizations. Digital Guardian’s solutions give customers visibility and protection of their data across many operating systems and applications. The company also provides a popular managed service that operates as an extension of their customers’ security teams to protect sensitive data from threats originating inside and outside the organization.

The team and solutions from Digital Guardian will fit into HelpSystems’ data security portfolio, and combine with powerful security solutions such as GoAnywhereClearswiftAgari, and Titus. In addition to extending HelpSystems’ DLP capability, this acquisition further improves the company’s ability to categorize, or classify, data and protect it across a wide set of applications and operating systems.

This marks the 6th acquisition by HelpSystems in 2021; the company acquired PhishLabs last week.

Macquarie Capital served as exclusive financial advisor to Digital Guardian.

Leave a comment »

ServiceNow Launches New Messaging Service Using Twilio Tech

Posted in Commentary with tags on October 27, 2021 by itnerd

ServiceNow today announced ServiceNow Messaging Service to help organizations drive better service experiences from issue to resolution.  

Leveraging the Twilio platform, ServiceNow Messaging Service allows organizations to purchase SMS and WhatsApp directly from ServiceNow, making it easier to quickly integrate popular messaging platforms with ServiceNow workflows. This gives organizations another channel to engage with customers and employees, regardless of their location, and help quickly solve customer requests for a more seamless end‑to‑end experience.

As the global economy expands at its strongest post‑recession pace in 80 years, organizations must adapt to deliver compelling customer and employee experiences in any environment to thrive in a new economy and a hybrid world of work. According to Gartner®, “by 2025, 80% of customer service organizations will have abandoned native mobile apps in favor of messaging for a better customer experience.”1

ServiceNow Messaging Service helps organizations meet heightened customer expectations, enabling transparent, two‑way conversations between businesses and customers. Customers can find answers, get help, and request services through popular messaging services, and businesses can resolve issues fast, leveraging the power of the Now Platform to unite the front, middle and back office with digital workflows, break down silos and automate processes across teams. ServiceNow Messaging Service also helps organizations respond to employees wherever they are, allowing them to get help and request services across departments – including IT and HR – via WhatsApp and SMS.

ServiceNow Messaging Service is an expansion of Twilio and ServiceNow’s ongoing and evolving partnership. The companies have worked together since 2019 to make messaging a core part of how businesses interact with their key stakeholders.

The announcement comes on the heels of ServiceNow’s Rome Platform Release, which includes critical Customer Workflow and Employee Workflow innovations to help companies deliver great end‑to‑end customer service experiences from anywhere, improve employee productivity and satisfaction, and scale automation across the enterprise. Rome updates include Conversation Autopilot, which allows an agent to transfer a chat to a virtual agent for repetitive tasks, Customer Service Playbooks: Focused layout, a new feature that pairs agents with a virtual coach to guide them through each step of a customer service request, and Rich Messaging, which elevates tasks such as appointment booking that require more than simple text to deliver a great customer experience. Also announced in Rome is Employee Center, a single, connected portal for employees to find personalized information, complete tasks, get help across departments.

Availability and additional information

Source: Gartner Press Release, “Gartner Predicts 80% of Customer Service Organizations Will Abandon Native Mobile Apps in Favor of Messaging by 2025, January 12, 2021.

Leave a comment »

Acalvio ShadowPlex Achieves “FedRAMP Ready” Designation

Posted in Commentary with tags on October 27, 2021 by itnerd

Acalvio Technologies, the leader in Autonomous Deception, today announced that it has been approved as “FedRAMP Ready” for Agency Authorization. Acalvio achieved FedRAMP Ready status at the Moderate Impact Level for its ShadowPlex platform on Amazon Web Services (AWS). ShadowPlex is now listed in the FedRAMP Marketplace.

Acalvio’s award-winning Autonomous DeceptionTM platform, ShadowPlex, enables organizations to detect, investigate and respond to malicious activity inside the perimeter. Acalvio’s solutions are anchored on innovations in Distributed Deception, and Artificial Intelligence (AI), enabling security teams to cut through the cycle of endless alerts and accelerate threat detection by focusing on high fidelity detections, all while minimizing the incidence of potential false positives. 

ShadowPlex patented architecture allows distributed and autonomous deployment of effective deception, with minimal IT overhead across On-premises and Cloud workloads and remote user machines. A comprehensive and extensible deception palette covers both IT and OT environments and reduces attacker dwell time by detecting malicious activity with precision and speed.

Solutions authorized at the FedRAMP Moderate Impact Level protect the government’s sensitive unclassified data in cloud environments, including data where the loss of confidentiality, integrity, and availability would result in serious adverse effects on a Federal agency’s operations, assets, or individuals. 

The FedRAMP Ready status adds to the SOC 2 and NIST 800-171 certifications previously achieved by Acalvio Technologies.

Leave a comment »

Guest Post: Frances Haugen’s Evidence Reminds Us That Online Harm Thrives In The Absence Of Transparency, Says GlobalData

Posted in Commentary with tags on October 26, 2021 by itnerd

Following Facebook whistleblower Frances Haugen’s appearance in front of MPs investigating online harm, 

Laura Petrone, Principal Analyst in the Thematic Research team at GlobalData, a leading data and analytics company, offers her view:

“Haugen’s testimony shows that social media companies must become more transparent. Until platforms such as Facebook can be held accountable for the content they post, online harm will continue to thrive. Social media companies must be forced to clearly state their rules on speech and make them consistent with established human rights legislation.

“Facebook has forged an ad-funded business model centered on opaque algorithms that determine what content users see. Online harm and misinformation are side effects of ad-funded platforms that aim to hold the user’s attention for as long as possible, with little care for the harm they do to society, including children. Regularly publishing transparency reports for content moderation and conducting annual risk assessments will help tackle the proliferation of harmful content.

The UK’s proposed online harms legislation, which introduces a duty of care on social media platforms, is certainly a step towards ensuring greater social media accountability. However, it remains to be seen to what extent it will tackle the most pressing issues, such as the ability to check the algorithms tech companies use to tailor their content.”

Leave a comment »

Check Point Software Brings Infosec Institute’s Award-Winning Security Awareness Training To Leading Cyber Solutions Platform

Posted in Commentary with tags on October 26, 2021 by itnerd

Infosec Institute, a leading cybersecurity education company, today announced it has partnered with Check Point Software Technologies to bring its award-winning security awareness training and phishing simulator to the Check Point Technology Partner Alliance. Check Point Software is a leading provider of cybersecurity solutions to governments and corporate enterprises globally.

The new partnership equips Check Point Software clients with additional resources to secure the human element of cybersecurity with access to over 2,000 Infosec IQ awareness training modules, phishing simulations, assessments, supporting resources and more. More than 100,000 organizations can now purchase Infosec IQ with Check Point learning credits to boost employee security awareness, reduce business risk and meet compliance.

A Leader in the 2020 Forrester Wave for Security Awareness and Training, Infosec IQ equips organizations with everything needed to prepare employees to detect, report and defeat cybercrime. The platform also features the newly released Infosec IQ Cybersecurity Culture Survey, an innovative way for Check Point customers to measure security culture by analyzing employee attitudes and perceptions towards cybersecurity and security training efforts.

Check Point Cybersecurity Learning Credits (CLCs) enable customers to maximize their cybersecurity investment and easily purchase credits for multiple services. Check Point Software clients can redeem CLCs for many enablement packages, including certification training, pentesting training, exam vouchers, CPX,  consulting, optimization, virtual labs, security awareness and more.

 www.checkpoint.com/training/smartawareness/ to enroll in Infosec IQ and Check Point’s Security Solutions.

Leave a comment »

« Older Entries
Newer Entries »