Solutions for every stage: Where are you with your endpoint security project?

by Viewfinity 27. June 2014 16:02

Improving endpoint security is a difficult, but necessary task. The good news is that Viewfinity offers resources to help you during every stage of your project; whether your head is swimming trying to navigate the ever changing security landscape, you are just learning what application control can do for your organization, you’ve removed admin rights and are ready for the next steps, or you are currently employing all of the top security strategies and are looking for an easier way to manage your processes.

Take some time to check out the resources below that match your needs best, or reach out directly to Viewfinity and we can walk you through the process as smoothly as possible.

  • I am not familiar with application control and would like a high-level overview: IT Security’s 50 Shades of Grey
  • I am thinking about removing admin rights: Viewfinity’s Free Local Admin Discovery tool
  • I have removed admin rights but am experiencing IT help desk overload: Case Study – Fortune 500 Energy & Utilities Company
  • I have a homegrown / Native MS system in place but would like to learn about streamlining the process: Sign up for a One-On-One demo with a Viewfinity Engineer
  • I am making a decision soon and want to see your product: Register for a Trial Eval

Viewfinity offers flexible application control and privilege management solutions to meet whatever cyber security needs your company is currently facing. Let us work with you to make this daunting process as seamless as possible.

 

Do you feel safe from insider threats?

by Viewfinity 10. April 2014 14:19

The bad news, astonishingly a recently study published by Ovum revealed that a mere 9% of organizations feel that they are safe from insider threats. The good news, 66% of those surveyed did say that they were looking to invest more spending in IT security, specifically to help combat insider threats. You can read more on the Ovum study here: http://www.infosecurity-magazine.com/view/37826/less-than-10-of-companies-feel-safe-from-insider-threats/

Unfortunately, “insider threats” is a vague term and they are often difficult to mitigate if not handled properly. First, one must understand the different types of insider threats that organizations face each day. The most obvious threats are those internal users who act with malicious intent to either harm the organization or for their own personal gain. Second are the users who accidentally or unknowingly cause harm through lack of knowledge or preparation. Finally, there are the targeted attacks that work from the outside in. These actors target highly privileged users and utilize their credentials as a way to get access to even the most protected parts of a network. These actors are by far the most dangerous, they use advanced evasion techniques (AETs) to execute advanced targeted attacks across multiple network layers. They are difficult to defend against and even more so to detect.

So, how does an organization begin to combat these elusive threats? Obviously the first step is to enable strong perimeter controls, followed by a completely locked down desktop environment. Operating in a least privilege environment helps to prevent threats, which do make their way through the defenses, from gaining access to privileged data and applications.

Additionally, measures such as application whitelisting can help further protect organizations through a default-deny model, ensuring that only trusted applications, files, and executables can run on the endpoints and servers.

Organizations must go one step further though, to employ next-generation monitoring and forensics capabilities. In order to protect against these evasive threats, full and real-time visibility of all activities within a network is paramount. This will help organizations detect and mitigate any breaches early and effectively.

This multi-layered approach is the only way to protect against the sophisticated modern day threats that all organizations are facing today. here is an interesting whitepapter that discusses just that: Layers of Cyber Security - Modern Security Threats. Give it a read and pass it along. It's vital that the community understand the necessity for a next-generation, layered approach to cyber security.

Trouble Ahead for Windows XP Users

by Viewfinity 5. December 2013 10:52

 

 

This week Zach Epstein of BGR wrote an article that we feel is important for anyone still using Windows XP. Epstein describes the outlook which faces current XP users come the April sunset date, including massive security risks, virus and malware onslaughts and critical system flaws which will no longer be fixed.

Read the full article here.

It’s highly recommended that anyone still using Windows XP begin a migration to either Windows 7 or 8 to avoid these serious security issues; however, despite the risks, over 30% of desktops and laptops currently running are still using XP.

Organizations running on XP who are not looking to migrate any time soon need to consider utilizing 3rd party security solutions, which go above and beyond traditional anti-malware software. Organizations need to lock down their endpoint environment and employ tactics like application whitelisting and privilege management in order to try and stave off potentially devastating zero-day attacks and malware.

Windows 7 and 8 users should be implementing these techniques as well. Organizations of all sizes are subject to data breaches and cyber-attacks. A Windows 7 or 8 migration is the perfect time to implement better security practices through endpoint lockdown, application whitelisting and privilege management solutions.

Viewfinity can help ease the pain incurred by Windows 7 and 8 migrations, visit our website to find out how.

 

ILTA’s 2013 Technology Survey

by Viewfinity 22. November 2013 14:02

Peggy Wechsler, Program Director with International Legal Technology Association (ILTA) shared the published results of their annual Technology Survey. The 2013 Technology Survey reports the input of 494 firms, representing more than 88,000 attorneys and 189,000 total users.  This year’s report, while admittedly featuring the legal industry, should at the very least be skimmed by all IT professionals as it highlights some key technology shifts and findings, including:

  • The adoption of Microsoft Office 2010 jumping almost 30% (not surprising)
  • More firms seem to be supporting single platforms than in previous years (a little surprising)
  • A large shift as firms move back toward more desktop use and less laptop use (pretty surprising, perhaps due to more tablet use?)

Overall, the general consensus is that there is a constant struggle for IT professionals in the legal industry to find that perfect balance between user productivity/adoption and having a secure/affordable/compliant/up-to-date network environment. You can read the full ILTA 2013 Technology Survey to find out the results that matter most to you. In the meantime, we wanted to highlight a few key findings that came out of the survey, relating to IT Security.

In relation to a subject that is relevant to our solution, the report included a section on next-generation endpoint security.  The survey found that an overwhelmingly large number of firms are not using any sort of next-generation endpoint security solution. Most firms are simply using traditional anti-virus solutions.

Legal firms in particular handle massive amounts of sensitive/personal client data. A data breach from an advanced persistent threat or a zero-day attack could be devastating to a legal firm financially, as well as destroying any law firm’s greatest asset- its reputation. 

 

 

We think this 89% statistic is an eye-opener and timely.  Just last month Sean Power, CIO at Lathrop & Gage was our featured speaker on a webcast that addressed next-generation endpoint security. His insight was spot-on and it’s worth taking the time to watch the recording. For those looking for some comparison information, we do have this one page chart that explains the similarities and differences between AppLocker and Viewfinity.

 

 

Lawrence Pingree, Gartner Analyst, Mind Map for Information Security Technologies and Markets

by Viewfinity 3. October 2013 12:44

Lawrence Pingree, Gartner Analyst, Mind Map for Information Security Technologies and Markets

http://www.lawrencepingree.com/security/information-security-technologies-and-market-mind-map/

 

Government Shut Down: What it means for cyber security

by Viewfinity 1. October 2013 15:16

A government shutdown is the ideal situation for cyber terrorist. While most employees are sent home and the essential workers are scrambling to keep things running to the best of their ability, it leaves the door wide open for an undetected security breach. And, even if the anti-malware and firewall system that are in place detect these intrusions, no one is going to be in the office to notice or rectify the situations.

This environment harks back on the same dangers that organizations and government agencies face when dealing with natural disasters. Cyber looting is a real threat, which we hope the U.S. government is taking into account. Proper privilege management and application control and help reduce the changes that a hacker can cause damage to an organization’s network.

All organizations should be prepared, whether their shut down is government mandated, disaster induced, or even just a freak occurrence that keeps a network off line or unattended for an extended period of time.

Check out this FULL ARTICLE on Security-Daily (www.security-daily.com) to learn how the Viewfinity solutions can help secure your organization when disaster hits.

Windows XP is 21 Times More Likely to be Infected by Malware than Windows 8

by Viewfinity 28. August 2013 08:48
Check out this infographic from Windows IT Pro, by Rod Trent, it explains all the details.
 

So, what does this mean for you? Well it’s good news if you’ve managed to upgrade to Windows 7 or 8.  Or you may be taking your chances and putting your organization at higher risk as Windows XP is a primary target for hackers.  With the XP sunset date fast approaching, the threat offered by hackers and malware for these systems is growing exponentially. Once XP is no longer supported/serviced by Microsoft, next April, the problem is only going to get worse.

There is a new breed of hackers out there today, they have evolved and are working in ways that XP was just not built to combat. According to the Windows IT Pro article, “Infographic: Tying the Death of Windows XP to the Evolution of Security Threats”, Windows XP is 21 times more likely to get infected by malware than Windows 8.

With 87% of small organizations and 93% of large reporting security breaches, the financial tolls are rising. The average cost of a breach ranges from $50-100k for small companies all the way up to a whopping $1.3 Million for large companies. Come April 2014, these numbers could drastically increase for companies still using Windows XP.

Windows XP was built during a time of low-budget, wide spread, random attacks. XP is no match for the highly targeted, often highly funded attacks of today. The obvious answer to this issue is to “simply” migrate from XP to Windows 7 or 8. Obviously this solution isn’t a simple fix though. Some companies are not in the financial position to make this switch, and for those that are, the obstacles that a Windows migration poses can be quite overwhelming.

No matter what your circumstance is though, something needs to be done to protect these vulnerable networks, and fast. Proper endpoint and network security measures can help foster a least risk environment; Viewfinity is up for the challenge, even if your operating system isn’t. Here are a few resources that delve into ways to better secure your environment even while still running Windows XP: 
 
Published: 28 June 2012 ID: G00235013
Gartner Analyst(s): Michael A. Silver | Neil MacDonald | Stephen Kleynhans
 
Microsoft & Viewfinity webinar: “Windows 8 Endpoint and Application Security”.

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

application control | Desktop Lockdown | Privilege Management

The Skinny on Hactivists: When hacking is trendy, everyone needs to watch out

by Viewfinity 15. August 2013 09:16

The term Hactivist is quite the buzz word lately, with everything from groups promoting social change to comic books and radio stations dedicated to this trendy word, people are beginning to lose sight of the dangers behind these activities.

Dictionary.com defines hactivism as “the practice of gaining unauthorized access to a computer system and carrying out various disruptive actions as a means of achieving or social goals”

With groups out there like Anonymous, touting thousands of followers who are claiming to pursue and combat political and social injustices, it’s important to understand the difference between activism and hacking – with the hactivism trend that line is becoming more and more blurred.

What organizations and agencies need to remember is that a hack is a hack is a hack. The fact that hacking has become the trendy thing to know/do has created a serious security problem. Unlike even just a few years ago, hackers no longer need to be IT experts in order to execute their breaches. All someone needs to know is some basic computer skills and have the ability to watch a few online videos that will help with the rest. With this capability now in the hands of everyone who wants it, for whatever means they deem “important”, it’s vital that organizations, both small and large, understand how to protect their sensitive corporate and customer data.

In February 2012* the group Anonymous, in an attempt to expose alleged corporate misconduct, hacked the Strategic Forecasting system and leaked some 5 million emails. Included in these emails were some 60,000 credit card numbers and the personal information of roughly 860,000 customers.

* http://www.informationweek.com/security/attacks/9-ways-hacktivists-shocked-the-world-in/240145117?pgno=1

This hack was not just embarrassing for the organization; it was harmful to their customers and put a lot of people at risk.

Antivirus and anti-malware programs alone are not going to stop these Advanced Persistent Threats and highly-targeted cyber attacks. Organizations need to consider more advanced measures of protection, like whitelisting reinforced with managed administrative privileges and file origin tracking in order to lock-down and continuously monitor their environments against both internal and external threats.

If you have a few minutes, take a look at this Webinar with Viewfinity CEO, Leonid Shitlman and featured Gartner Analyst Neil MacDonald: "Application Control Gains Adoption By Providing Tighter Control Against Advanced Persistent Threats."

Be the first to rate this post

  • Currently 0/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags: , ,

application control | Desktop Lockdown | Privilege Management

A Street Car Named Google

by Viewfinity 7. August 2013 10:37

Someone on the Viewfinity team spotted the Google Street View car on the way into work this morning. Several of us were excited because we’d never seen one of these elusive and sometimes controversial cars. I (being directionally challenged as I am) love the idea of this car, zipping around, doing all of the hard navigational work for me. That sentiment, however, is not shared by everyone. Cue the work place privacy debate.

Many people complain about the privacy issues that these cars are causing. With the constant and often unfiltered stream of information that is recorded by these cars, people are becoming weary of personal privacy encroachments. In fact, in several European countries the legality of the Street View cars is in question all together.

Now, of course, this whole debacle got me thinking – and that train of thought circled back to IT security (as it usually does).

When it comes to privacy, individuals are so eager to lock down their homes, literally and figuratively. Whether we’re talking dead bolts and alarm systems or blocked phone numbers and hedges to increase security and privacy, protecting personal assets is inherent to most people. So, why is it that when we move to the corporate setting so much of that inherent wisdom is lost? You lock down your house for security: close your blinds at night so no one can see in, lock the door to let in only the people you want and set up a security system to alert you when someone is trying to break into your house. Leading me to the perfect segue…  companies can do the same for their business through whitelisting and by removing local administrator rights from users.

On the most basic level, Viewfinity allows you to lock your doors (privilege management) and only give the keys to the people of your choosing (application control/whitelisting). For those of you out there who want a little more info, check out this white paper that explains the different Levels of Cyber Security that your organization can employ.

Currently rated 5.0 by 3 people

  • Currently 5/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

application control | Desktop Lockdown | Privilege Management | Security | Security Protection

Launch of our NEW Application Control Solution

by Viewfinity 16. July 2013 12:32

Launch of our NEW Application Control Solution

This week we announced the launch of a new product: Viewfinity Application Control.   This is the only software solution in the industry that incorporates application whitelisting, managing trusted sources, forensic analysis, application reputation and monitoring all reinforced with managed administrative privileges.  This combination fortifies the cyber-security landscape, offering protection against advanced persistent threats, malware and other security breaches.  

View a 2 minute flash presentation that provides an overview of the solution: 

 

 

Also, you’ll want to be sure to view this webinar with
Viewfinity CEO, Leonid Shtilman and featured Gartner Analyst Neil MacDonald:

"Application Control Gains Adoption By Providing Tighter Control Against Advanced Persistent Threats." 

 

Please visit our website to find out more information on how it works and how you can work to deploy it within your organization!

Currently rated 1.5 by 26 people

  • Currently 1.5/5 Stars.
  • 1
  • 2
  • 3
  • 4
  • 5

Tags:

application control | Desktop Lockdown | Desktop Management | Privilege Management | Security | Security Protection | Viewfinity

Powered by BlogEngine.NET 1.4.5.0
Theme by Mads Kristensen

Calendar

<<  July 2014  >>
MoTuWeThFrSaSu
30123456
78910111213
14151617181920
21222324252627
28293031123
45678910

View posts in large calendar

About Viewfinity

Viewfinity provides privilege management and application control for desktops, laptops and servers, empowering enterprises to meet compliance mandates, reduce security risks, and lower IT costs. The Viewfinity solution allows enterprises to control end user and privileged user rights for applications and systems which require elevated permissions. Viewfinity's granular-level control enables companies to establish and enforce consistent policies for least privilege Windows-based environments based on segregation of duties. For more information, visit www.viewfinity.com.

Follow us on Twitter: viewfinity
Find us on LinkedIn: www.linkedin.com/companies/viewfinity
Become a fan on Facebook: www.viewfinity.com/facebook