Entries categorized under “Security”

Since the advent of the TCP/IP protocol, network administrators have had a major blind spot: the ability to reliably determine the identity of an individual device or user. BlackRidge's new Eclipse™ solution, built on BlackRidge's patented Transport Access Control (TAC), uses client drivers or gateway appliances to insert unique identity information to every TCP packet. In this third and final post in our blog interview series, BlackRidge Technology CTO John Hayes and I discuss where BlackRidge is heading and the challenge of managing infrastructures from the perspective of devices rather than networks. (read more)

The keynote given by Symantec's CEO Enrique Salem this past Tuesday and the series of presentations that followed exposed every attendee at Symantec Vision 2012 to just how dangerous today's internet world really has become. Yet the larger threat that every business faces is not putting in place a solution to address them. Rather it is the danger that dealing with these threats will cause organizations to take their eyes off of the ball and fail to focus on where their business needs to go next. (read more)

The world of machine-based data collection is creating an entirely new type of security problem: authenticating machines that have no formal user identity associated with them. Traditional VPNs break down in these environments while RSA Key IDs have no answer. (read more)

Followers of my previous blog entries should recognize the next company in DCIG's Executive Interview series. I have previously discussed both the technical and operational impact of BlackRidge Technology's patented breakthrough technology known as Transport Access Control (TAC). Today, BlackRidge announces their first product, Eclipse, based on their TAC technology. I begin a discussion of this release, in the form of a multi-part interview series, with BlackRidge Technology's CTO John Hayes. (read more)

Managed File Transfer (MFT) companies are kicking off 2012 by positioning their products in the enterprise File Synchronization and Share (FSS) market. Their positioning is based on an organic growth and adoption trend of consumer-FSS by small, medium and large enterprises and organizations. (read more)

Amazon announced their Storage Gateway (beta) on January 25th, about two days before my article on VMWare and Citrix squaring off in the "Dropbox for Enteprise" market. In my article I noted that VMWare and Citrix are exploiting a based limitation of Dropbox, Evernote and Box introduced by supporting a Consumerization of IT (CoIT) product. Consumer-based file-share-and-synch applications cannot be installed in a company's data center. As file-share-synch drives cloud adoption in the enterprise, vendors emerge from all corners. (read more)

MetaFlows is a network security monitoring tool implementing some unique capabilities in today's ever-changing security environment. They are allowing security administrators access to not only aggregated threat information for their own network, but are also alerting them to potential global threats in their enterprise spaces. I am finishing up my interview today with MetaFlows CEO Livio Ricciulli, looking at how they are able to aggregate threat information while maintaining security in a cloud-based solution. (read more)

Network security monitoring is a constantly changing environment of both tools and methodologies. Most of them today, however, have used a lone "cowboy" mentality where datacenter solutions operate independently. MetaFlows is changing that. Today, I am continuing my interview with MetaFlows CEO Livio Ricciulli, discussing how their product is optimizing network security monitoring and performance. (read more)

Enterprise organizations face the daily challenge of ever-growing threats to their network and IT infrastructure. Not only are these threats growing, but they are constantly changing as well, forcing companies to adapt by changing not only their tools but also their training. Today, I'm talking with MetaFlows CEO Livio Ricciulli about how MetaFlows is addressing these problems by delivering network security monitoring using the "Software as a Service" model. (read more)

2012 ushers in the Consumerization of IT (CoIT) within the enterprise as the most strategic opportunity in IT infrastructure. CoIT is generally defined as consuming applications and content within your work life the same way you do it in your personal life. For enterprises to deliver equivalent applications they need more than an Enterprise App Store, they require a storage cloud supporting customers, partners and employees. (read more)

The ubiquitous username and password authentication scheme has been with us since the early days of the Internet. Since then, the Internet has grown tremendously in terms of both size and complexity with the threats faced by network devices and applications growing right along with them even though the means used to authenticate users and devices have stayed pretty much the same. To address these shortcomings, BlackRidge Technology introduced a new transparent means of authentication that adds a more robust layer of security while maintaining usability. (read more)

Information managers can expect data storage companies to drive significant campaigns around Big Data as we enter 2012. Storage is the least of anyone's concerns, according to The Economist Intelligence Unit (EIU) report Big Data: Harnessing a game-changing asset. Information Governance in 2012 requires Data Science strategy and practitioners be added to all business teams. (read more)

One of the more exciting products to come out of this year's VMworld 2011 conference was a phone. This "phone" went well beyond the push-button, touch tone variety as it was an LG phone running a beta version of VMWare's mobile hypervisor for Android that creates what we here at DCIG refer to as "vPhones." (read more)

A few weeks ago I posted a blog entry suggesting that network perimeter security had begun to break down with the advent of the cloud and the use of ubiquitous mobile devices to access resources stored in the cloud. The need of these devices to have a secure yet transparent method to access cloud resources has surpassed the ability of current Internet protocols and solutions to provide them. (read more)

The advent of cloud computing and storage clouds has resulted in enterprises bending to the breaking point the concept of segregated "internal" and "external" networks. n security parlance the "external" network is viewed as a dangerous and untrustworthy place and treated with respect bordering on fear. On the other hand the "internal" network has for the most part been treated as a safe place by IT departments. This basic concept, little changed since the 1990s, is rapidly reaching obsolescence in today's hybrid cloud-centric world. (read more)

As part of his opening remarks during his keynote on Tuesday morning, Symantec's CEO Enrique Salem shared a comment that was made to him by a Symantec user, "We are in the middle of a time of profound meaningful change." Truer words were never spoken as enterprises of all sizes are facing a broad spectrum of technology changes that are unequaled in this modern era of computing. (read more)

Last week I wrote about Symantec's introduction of the Data Insight feature into its Data Loss Prevention (DLP) product. But afterwards a number of questions came to my mind as to how the DLP product itself worked, especially when compared to other solutions in the eDiscovery, search and storage management space, as well as how the Data Insight feature is implemented. So to get those questions answered, I got back on the phone with Robert Hamilton, Symantec's Senior Product Marketing Manager for DLP. (read more)

An organization can come up with any number of reasons why it does not encrypt data stored to tape. Encryption is too hard or expensive to implement. The management of the encryption keys is too complicated. The business does not have the time or manpower to deal with encryption right now. These are all valid excuses for not implementing encryption. However, if storing sensitive data to tape remains a part of an organization's long term data management and retention plan, then the growing list of federal and state regulations means it can no longer ignore the need to encrypt its data. (read more)

The current recession's wrath has spared few, and technology has seen its hard times just like all industry sectors, but one area that appears poised to be one of technology's biggest benefactors is healthcare. When the Stimulus bill was passed, President Obama made it a point to bring healthcare technology front and center by providing $19 Billion dollars for the implementation of an electronic medical record (EMR). $19 Billion dollars certainly gets companies attention and most are either positioning themselves, or renewing their focus on healthcare to glean their share of this substantial investment of dollars. (read more)

Backup software is, if nothing else, a "Me-Too" space with each vendor adding new features to each release of its product to try to match what its competitors are doing as well as trying to add a few new twists of their own to differentiate themselves from the crowd. Today's CA announcement of ARCserve r12.5 continues this trend. To remain competitive, r12.5 adds data deduplication as a core component of ARCserve, improves users' abilities to recover guest VMs on virtual server operating systems and more tightly integrates ARCserve with popular applications. CA seeks to differentiate ARCserve from competitors with new native SRM reporting capabilities and providing assurance that organizations can restore their deduplicated backup data. (read more)

In this final entry in a three-part series, I finish my conversation with Deepak Mohan, Symantec's Information Management Group SVP, as he takes a look at some of the current gaps in data protection and recovery today, tape's evolving role in enterprises and why Symantec still views tape as a viable technology and why large enterprises in general and healthcare IT specifically can benefit from Symantec's suite of products. Mohan provides some specifics on data protection and recovery gaps in different market segments, why the transition from tape to disk is going to occur gradually and why enterprise organizations need an enterprise software solution that addresses all of the needs of today's organizations from the end-user to the data center. (read more)

In this second of a three-part series, DCIG lead analyst, Jerome Wendt, continues his discussion with Deepak Mohan, Symantec's SVP of its Information Management Group. In this conversation, Mohan provides some specifics on how Symantec differentiates itself from competitors in the market by providing customers a full ecosystem of integrated products that encompass data protection, data management and data security. He specifically highlights some of the new product features that are resulting from synergies between Symantec's data protection and security groups. (read more)

Most businesses small and large have many IT needs but one that they continue to focus on as they move into a completely paperless world is data protection and, more specifically, data recovery. They know their current in-house backup and recovery processes are often less than adequate so when they ask hard questions like, "How long can I afford to be without my data?" and "What does losing that data mean to the company and the company's public reputation?", they don't like the answers. But what IT managers are surprised to learn as they look to move to a SaaS offering based on a cloud-based computing architecture for their backup and recovery services, they find there are many options from which to choose. (read more)

It is common for users to tell me they are just going to add some SATA disk trays to their existing primary storage while others have said they are going to just purchase the cheapest possible JBOD system that they can. There are a couple of concerns I have with either of these two approaches. In these examples, they are way too focused on the short-term cost savings that JBOD offers and they fail to fully consider the protection and preservation of their archived data over the long-term. If enterprises really did not need the archived data, then they are better off directing their IT staff to just completely remove the data from their environment anyway. (read more)

The risks inherent to the payment card industry (PCI) and the consumers using credit cards are well documented. High profile PCI data breaches such as the TJX data breach are a painful reminder of the importance of securing consumer information and the need for security standards such as the Payment Card Industry Data Security Standards (PCI-DSS). Originally created when Visa, Mastercard, Discover and American Express aligned their individual data security policies, PCI-DSS version 1.2 that was released in October 2008 provided clarification and updates to meet today's payment card security challenges. One such example is anti-virus software will be required on all systems regardless of operating system. (read more)