Harden your #network against attackers with #Microsoft script Net Cease #security

Net Cease - Hardening Net Session Enumeration

Microsoft has released a PowerShell script called Net Cease that will harden machines against reconnaissance which is a key stage within the Advanced Attackers kill chain. According to details of the release on Microsoft TechNet, “once attackers have breached a single end-point, they need to discover their next targets within the victim’s corporate network, most notably privileged users.” Typically administrators will target Domain Controllers (DCs) to run the script.

“The NetCease script hardens the access to the NetSessionEnum method by removing the execute permission for Authenticated Users group and adding permissions for interactive, service and batch logon sessions. This will allow any administrator, system operator and power user to remotely call this method, and any interactive/service/batch logon session to call it locally.”

By default, NetSessionEnum method can be executed by any authenticated user, including network connected users, which effectively means that any domain user is able to execute it remotely.

Mirai IoT #malware from massive DDoS attack goes open source #security

Mirai “internet of things” malware from Krebs DDoS attack goes open source

A bulletin released by US-CERT explains an issue where IoT (also known as Internet of Things) devices  have recently been used to create large scale botnet attacks.

“On September 20, 2016, Brian Krebs’ security blog (krebsonsecurity.com) was targeted by a massive DDoS attack, one of the largest on record, exceeding 620 gigabits per second (Gbps). An IoT botnet powered by Mirai malware created the DDoS attack. The Mirai malware continuously scans the Internet for vulnerable IoT devices, which are then infected and used in botnet attacks. The Mirai bot uses a short list of 62 common default usernames and passwords to scan for vulnerable devices. Because many IoT devices are unsecured or weakly secured, this short dictionary allows the bot to access hundreds of thousands of devices. The purported Mirai author claimed that over 380,000 IoT devices were enslaved by the Mirai malware in the attack on Krebs’ website.”

In order to prevent malware on IoT devices, US-CERT recommends that users, “ensure all default passwords are changed to strong passwords. Default usernames and passwords for most devices can easily be found on the Internet, making devices with default passwords extremely vulnerable.”

Now that the Mirai source code has been released on the Internet you can expect the number of attacks to increase. According to US-CERT, “such botnet attacks could severely disrupt an organization’s communications or cause significant financial harm.”  Cyber-security professionals should harden networks against the possibility of a DDoS attack.

Yahoo! involved in unprecedented privacy violation #security

Yahoo let the NSA read your email before you even opened it.

Website, Fight for the Future is directing people to delete their Yahoo! accounts after it was found that the company had been redirecting all personal emails to the NSA for analysis. “This is an absolutely unprecedented privacy violation. Surveillance experts and former government officials are saying they have never seen such a broad demand for real-time digital surveillance, never mind one that calls for the creation of a new computer program. This program, essentially a wire-tap on the web, is beyond the scope of any of the already overreaching surveillance laws currently on the books.”

The original story broke via Reuters, which stated that, “[Yahoo!] complied with a classified U.S. government demand, scanning hundreds of millions of Yahoo Mail accounts at the behest of the National Security Agency or FBI, said three former employees and a fourth person apprised of the events.”

Personally this makes me a little suspicious of any email web service or social media site now. If Yahoo! complied perhaps Apple, Google, Facebook and Microsoft have also complied with the NSA.

 

Access Parental Controls From Anywhere with #app for #iphone and #android @linksys #wifi #router

Linksys WiFi smart router

Linksys today announced a whole new user interface, design layout, navigation experience, and new innovative features for its Linksys Smart Wi-Fi app. The newly designed app for Apple and Android smartphones provides a more intuitive layout with simple-to-navigate options that enable millions of Linksys Smart Wi-Fi users to simply monitor, manage and control their home networks while at home or away.

New and improved features launched today:
· New contemporary user interface
· New organization for simpler feature discovery and use
· Intelligent router offline notification (Initially available on EA9500 router)
· Easily share guest Wi-Fi name and password – tap and text or email
· Guest access now supports up to 50 guests
· Prioritize internet bandwidth to chosen devices
· Parental controls to block specific sites and internet access for selected devices on a schedule
· More device icons to associate with client devices
· Easily view how much external hard drive space is available

Parental controls for WiFi router
Parental controls for WiFi router

“Being first to market with a router app for managing and monitoring a home network, we wanted to continue to advance the software for a more intuitive approach to make it easier to use and find tools that will make managing and sharing a home network easier,” said Dan Albertson, Linksys senior product manager. “What separates good routers from great routers is the software. The Linksys Smart Wi-Fi app clearly differentiates its home router solutions by providing all the basic and advanced management and control features but also continues to add new features that leverage the intelligence of the home router.”

The app has been completely updated and redesigned, providing simple utility, such as looking up and sharing the wireless credentials for up to 50 guests with a few taps on a mobile device. The app will also enable users to change bandwidth prioritization quickly and easily on the fly, ensuring your bandwidth-sensitive video calls and gaming sessions never slow down.

In addition to dozens of new icons to assign to clients’ devices, the app shows how much hard drive space has been used and how much is still available on external hard drives connected to the router.

Parental Controls

Parents can block websites or shut off Wi-Fi entirely for individual devices. Parents can also set up a schedule for blocking access for each device (available in an app update coming later this year). These parental control features will aid in making sure children use the internet appropriately, providing parents with peace of mind that there is also an ample amount of homework time without the distraction of the internet.

Notifications

A home network is dynamic, and notifications can alert users and provide insight on changing conditions. The new router offline notification feature (initially supported with the Linksys EA9500 router) is the first notification feature available that will detect when the router has lost its connection to the internet for any reason, and alert users with a notification on a mobile device. This feature is useful when users are away from home and could be an early warning system for:
· Phone calls from upset household Internet users that the router went offline and there could be a potential issue with the internet connection.
· Ensuring access to critical wireless devices remotely, such as door locks, IP cameras and smart thermostats
· A potential problem with the users’ internet provider

Manage parental controls from your iPhone or Android mobile device
Manage parental controls from your iPhone or Android mobile device

Other Linksys Smart Wi-Fi Features

The main dashboard provides an immediate glimpse into the current status of the home network. It shows the current connection to the internet and the number of connected devices, as well as quick access to the wireless password and options to reset it or share it. Parental control options from the main dashboard make it easy and fast to change settings as well as the device prioritization features and external storage visibility.
· Devices
· Wi-Fi Network
· Guest Access
· Parental Controls
· Device Prioritization
· External Storage (if any external hard drives are plugged into the router)

Advanced settings

· Single Port Forwarding
· Port Range Forwarding
· Port Range Triggering
· MAC Filtering

 

HummingBad Android malware controls tens of millions of devices and generates $300,000 a month #smartphone #security #mobile #privacy

Google’s Android operating system has some pretty serious security issues as of late. The HummingBad malware essentially roots your Android smartphone device.

The malware establishes a persistent rootkit on Android devices, generates fraudulent ad revenue, and installs additional fraudulent apps. HummingBad installs more than 50,000 fraudulent apps per day and displays more than 20 million advertisements per day.

According to a research report from Check Point Software Technologies, “the HummingBad campaign runs alongside a legitimate advertising analytics business, sharing their technology and resources, enabling it to control tens of millions of Android devices [and] generate $300,000 a month.”Remove Android Malware HummingBad

Google pushes out monthly security updates to the Android operating system however phone carriers and manufacturers haven’t held up their end of the bargain with timely update roll outs. According to a Bloomberg Technology report, “the most challenging discussions are with carriers, which can be slow to approve updates because they test them thoroughly to avoid network disruption. Verizon Communications Inc.’s tests can take months, according to a former employee of the largest U.S. wireless provider. It has shaved a few weeks off at the behest of Google and customers, the person said. Shortening it further is difficult because Verizon supports so many different Android phones, which must be tested before updates go live, the person added.”

How to remove Android malware

Most people won’t be able to determine if their phone has been compromised. So how do I know if my phone has been rooted, you may ask. Vancouver Gadgets would recommend downloading and scanning their smartphones with  Lookout Security and Antivirus.

Note that general consumers will be most likely to be affected by the issue since many businesses use mobile device management (MDM) software to lock down smartphone settings. If you have a corporate managed device please check with your IT department before downloading and installing any application from the Google Play Store.

To be safe from future malware issues be sure that app installations outside of Google Play are not allowed on your device by following these steps:

  • Scroll down from top of phone
  • Click the Settings “cog”
  • Scroll down and click Security
  • Find “Unknown Sources” and make sure the option to Allow installation of applications from both trusted and unknown sources is NOT checked. If you have a corporate managed device you may find this option is grayed out or unavailable.

It is believed the organization behind the malware is based in China at Yingmob, a Chinese mobile ad server company. As reported by Motherboard, “… based in Beijing’s Chaoyang District, Yingmob, a subsidiary of MIG Unmobi Technology Inc., markets itself like any other advertising firm. Its professional-looking website claims its easy-to-deploy ads support text, pictures, and video, and don’t affect the user experience. It offers pop-up, sidebar, and in-app adverts.”

If you need help resolving Android malware issues please let us know and leave a comment below.

iWitness Personal Safety App works with Seattle University

iwitness

personal safetyThousands of people are the victim of assault each day in the United States.  Now, there’s a personal safety app for iPhone and Android devices aimed at preventing attacks. It’s called iWitness and it gives people a way to protect themselves using their smartphones.

Seattle University is the first college campus to encourage students to use this service.

“My goal is to ensure the safety of the Seattle University community not only when they are on the SU campus, but in their daily lives,” said Tim Marron, Executive Director of Public Safety and Transportation for Seattle University. “iWitness is an additional tool that we are presenting to our community. While using the application can potentially serve as a preventive measure, we believe the very act of installing the application will serve as a catalyst for heightening a student’s awareness.”

Here’s how it works. You simply download the iWitness app to your smartphone. You touch ‘record’ and ‘arm’ your phone if you’re walking alone, in an uncertain situation, or just feel uncomfortable. The app records a video clip – and automatically uploads it to a cloud server. The video does not stay on your phone. There’s nothing anyone can do to get the video off your phone, because it’s not there.

iWitness also calls 911 automatically, can sound an alarm, and  informs the student’s friends and family that they feel endangered.

A few daily crime statistics:
-1 in 6 women have been the victims of an attempted or completed rape
-Every 2 minutes, someone in the U.S. is sexually assaulted
-5,000 people are treated for assault in an ER each day

“Our mission is clear. We put safety in the hands of every person,” said iWitness founder David Remer. “We want to make sure that students have access to tools that will help them stay safe. iWitness helps parents provide their kids an added layer of protection as they head off to college, whether it be just down the road or across the country.”

About iWitness
iWitness is a personal safety tool that was developed to help prevent crime. Once you download the application on your smartphone, you have an “eyewitness” whenever you need one. The service is available for download on iOS and Android mobile platforms. iWitness is headquartered in Seattle.

CONTACT:  Melissa Milburn, Milburn Communications, melissa@milburncommunications.com, 206.972.9096

SOURCE iWitness

RELATED LINKS
http://www.iwitness.com

BlueCat Threat Protection allows organizations to defend against malware, botnets and other attacks

bluecat

BlueCat Threat Protection adds an additional layer of security for all devices across all applications to defend against bluecatmalware, botnets and other attacks.

Recent well-publicized attacks have demonstrated that both traditional mobile devices and non-traditional devices such as Point of Sale (POS) systems are increasingly being targeted by malware, botnets and other attacks. To combat these growing threats that are pervasive to all devices, BlueCat, a leading provider of IP Address Management solutions, has released BlueCat Threat Protection for DNS/DHCP Server. BlueCat Threat Protection stops malicious activities in DNS before they can reach business-critical applications or data. The solution creates a ‘DNS firewall’ that blocks devices from ever accessing a known malicious site or host by providing rapid, cloud-delivered threat data updates to customers’ DNS infrastructure.

Leveraging DNS to Secure the Business

The growth in the number and type of new devices connecting to the network has exposed holes in typical enterprise security. Security solutions tend to focus on particular devices or protocols and cannot provide a broad-based solution that covers all devices and applications. All devices use the Domain Name System (DNS) to connect to applications and sites. BlueCat Threat Protection provides an additional layer of defense against malicious Internet content and infected devices.

“The explosion of network-connected devices is exposing businesses to new security threats and risks,” says Andrew Wertkin, CTO, BlueCat. “Not only do our customers need to secure traditional devices such as a desktops, laptops, smartphones and tablets, but also non-traditional devices including VoIP, Point-of-Sale systems, security cameras and RFID. The Domain Name System is a critical component of any defense in-depth security strategy. BlueCat has delivered a DNS Firewall that is connected to up-to-the-minute cloud-delivered threat data and centrally controlled and orchestrated by our BlueCat Address Manager IPAM solution. Threat Protection provides additional value to our customers without having to purchase or maintain additional appliances.”

Lawrence Orans and Jeremy D’Hoinne of Gartner write that, “The traditional defense-in-depth components are still necessary, but are no longer sufficient in protecting against advanced targeted attacks and advanced malware.”1

BlueCat Threat Protection Empowers Enterprises to:

  • Secure the business by stopping malicious activities in DNS before they can reach business-critical applications or data.
  • Leverage core network services to add a new layer of security across all connected devices, both traditional and non-traditional.
  • Take action based on up-to-the-minute data about known sources of malicious content including malware, botnets, exploits, viruses and spam delivered by the hosted BlueCat Security Feed.
  • Configure policies to allow threat requests to be blacklisted, black-holed, redirected or whitelisted.

BlueCat Threat Protection can be quickly and easily added to existing BlueCat customers’ DNS servers or can be purchased as a stand-alone solution to quickly and easily augment the DNS infrastructure companies already have in place. The solution can also be integrated with leading SIEM solutions including IBM QRadar and HP ArcSight via pre-built connectors for immediate notification of a security risk.

About BlueCat

BlueCat IP Address Management, DNS and DHCP solutions provide the foundation to build elastic networks that scale to match the ever-changing and unique demands on your infrastructure. We enable the reliability of your core network services and securely connect the people, physical devices, virtual machines and applications that drive your business. Enterprises and government agencies worldwide trust BlueCat to solve real business and IT challenges – from device on-boarding for BYOD to network consolidation and modernization to managing and automating virtualization, cloud and the Internet of Things.

SOURCE: BlueCat

 

 

 

Finally the end of credit card fraud

credit card fraud

We have probably all received the dreaded call from Visa or Mastercard Security Services at one time or another, “Madam (or Sir) did you make a purchase in ?” More often than not the reply is that we have never been to England, Russia, China or wherever the rogue purchase had been made. The pain that follows is a huge inconvenience and may mean being without a credit card for several days while a new one is en route. Not to mention all the payees and automatic payments that need to be notified of your latest credit card number. Well this may all soon be over thanks to a couple of new patents filed by a company called De Sonneville.

De Sonneville has filed two U.S patent applications that are the solution to end the systemic U.S. credit card fraud epidemic. According to Forbes the United States loses an estimated $190 billion per year to credit/ debit (“payment”) card fraud, which is more than the country spends on energy.

In recent years, certain technological advances have been introduced to combat the counterfeiting of payment cards. Such advances include the introduction of Chip and PIN, which is also known as EMV (Europay, MasterCard, Visa). It is apparent from works such as the University of Cambridge’s Chip and Pin is Broken, and the BBC’s Newsnight’s New flaws in chip and pin system revealed, that Chip and Pin is far from fool proof, let alone a firm security and defense against fraudsters. Such sophisticated fraudsters continue to find ways to circumvent the Chip and Pin protocol, and defraud people of billions of dollars every year.

In the case of SIM cards, the same is taking place. Sophisticated fraudsters have discovered ways to by-pass the security features and gain access to mobile networks to commit crimes under assumed identities and to use the network without payment. According to the Communications Fraud Control Association (CFCA), “Experts estimate 2013 fraud losses at $46.3 billion (USD), up 15% from 2011.” And, “The main reason for the relative increase in fraud is due to more fraudulent activity targeting the wireless industry.”

As recorded and filed in De Sonneville’s U.S. patent application on April 9th, 2014, its microchip self-authenticates before it can perform any subsequent action or function. Simply put, if the chip does not authenticate itself, through the authentication circuit, it does not allow the chip to proceed to process a payment at a point-of-sale (POS) or, in the case of a SIM card, to access the mobile network. This has obvious benefits in protecting against the counterfeiting of payment cards and SIM cards.

Also, conveniently, De Sonneville has developed its’ self-authenticating SIM card as an encrypted payment SIM card that can be accepted at any radio-frequency (RF) or near-field communication (NFC) (“contactless”) POS. The self-authenticating SIM cards contain the same payment data as a payment card (in an encrypted form), and are operable to a contactless POS. Currently, contactless transactions are limited to an average of approximately $50 per transaction. De Sonneville’s payment cards and payment SIM cards will be used for any amount that the user’s payment limit allows.

“Convenience does not have to be a choice over security”, said De Sonneville’s Chairman and technology co-inventor Dennis van Kerrebroeck .

He went on to say, “Companies have become accustomed to payment card fraud as a cost of doing business, which is wrong. In this day and age, merchants and consumers have the right to be assured by their payment network providers that their payment card purchases are conducted without compromise. According to the study conducted by Lexis Nexis, [The True Cost of Fraud – 2009], in the U.S., over the next 10 years, the payment card fraud losses will equate to more than $1.9 trillion, unadjusted, and that is simply not acceptable. Ultimately, these costs are passed on to the consumers and the merchants; we want to eliminate these costs by giving consumers and merchants a better option.”

The payment account information on De Sonneville’s chips cannot be intercepted. If the chip does not perform its’ patent pending self-authentication, the card does not allow itself to transmit the payment data through to the POS and then on to the network, and therefore would instead terminate the attempted transaction as counterfeit. This eliminates pre-play attacks, man-in-the-middle attacks , cloning and the like.

Before a De Sonneville SIM card can gain access to its mobile network, it must first perform its patent pending self-authentication, therefore ensuring the SIM, the subscriber, the communication or a mobile payment is authentic. This stops call and text message interception. Other applications include ID cards, passports, and access systems. De Sonneville’s payment SIM cards protect the payment data in the same manner as its’ traditional payment card. In the future, and as required, the Company would be able to seamlessly integrate digital currency transactions throughout its payment network, POS terminals, payment cards, and SIM cards.

It is the mission of De Sonneville and its potential partners in banking, wireless communications, networking and large retailers, to build a new global payment network that will include encrypted payment cards and encrypted point-of-sale terminals all the way through to bank settlements, thus working towards eliminating payment card and SIM card counterfeiting, as well as the subsequent fraud that accompanies it.

Current global payment networks process in excess of $6 trillion annually. The average merchant discount in the United States is 1.9%, and the average interchange fees break-down as 0.1% goes to the acquirer, 1.7% to the issuer, and 0.09% to the network.

There are currently approximately 6 billion SIM cards in use in the world.

The Company is currently in the process of selecting an investment bank to represent its private capital needs for development of its technology, and in an anticipated subsequent initial public offering.

 

Reference:

[1] M. Bond, O. Choudary, S.J. Murdoch, S. Skorobogatov, R. Anderson. Chip and Skim: cloning EMV cards with the pre-play attack, Computer Laboratory, University of Cambridge, UK. September 10, 2012. http://www.cl.cam.ac.uk/~rja14/Papers/unattack.pdf

[2] S.J. Murdoch, S. Drimer, R. Anderson, M. Bond. Chip and PIN is Broken, University of Cambridge, Computer Laboratory, Cambridge, UK. 2010 IEEE Symposium on Security and Privacy. http://www.cl.cam.ac.uk/research/security/banking/nopin/oakland10chipbroken.pdf

[3] Choudary, O. The smart card detective: a hand-held EMV interceptor. Master’s thesis, University of Cambridge, June 2010. http://www.cl.cam.ac.uk/~osc22/scd/

[4] S. Watts. New flaws in the chip and pin system revealed. Newsnight, BBC. http://www.bbc.co.uk/blogs/legacy/newsnight/susanwatts/2010/02/new_flaws_in_chip_and_pin_syst.html

 

SOURCE De Sonneville International Ltd.

Trend Micro releases Heartbleed scanners for computers and mobile devices

heartbleed detector

To help Internet users protect themselves from the Heartbleed bug that is eroding SSL security features on websites worldwide, Trend Micro Incorporated  today announced the release of two free Heartbleed scanners for computers and mobile devices designed to verify whether they are communicating with servers that have been compromised by the Heartbleed bug.

The solutions, Trend Micro™ Heartbleed Detector, a Chrome browser plug-in, and an Android mobile app, are accessible in the Chrome Web Store and Google Play app store, respectively.

heartbleed scannerAvailable for Mac and Windows-based computer users, the Trend Micro Heartbleed Detector is a multi-platform plug-in for Chrome that enables users to check for vulnerable URLs and installs with a single click. Trend Micro researchers have also discovered that mobile apps are just as vulnerable to the Heartbleed bug as websites are. To mitigate this threat, Trend Micro has developed the Heartbleed Detector to check apps on a user’s device and the servers they communicate with, to determine if installed apps are vulnerable to the OpenSSL bug. If vulnerable apps are, the detector then prompts the user with the option to uninstall the app.

“Trend Micro has responded to the Heartbleed threat by offering tools to all Internet users as a solution to protect their personal data,” said Raimund Genes, Chief Technology Officer, Trend Micro. “With in-app purchases and financial transactions on mobile devices becoming the norm, Trend Micro felt it was vital to offer users a solution designed to enable them to continue operating their devices without worry. Heartbleed is a problem that may never entirely go away, but we are committed to providing and updating our solutions to best protect the data of our customers, and provide essential security on each device they use.”

Effective today, users can download Trend Micro’s Heartbleed Scanners for their computers and mobile devices by visiting https://chrome.google.com/webstore/detail/trend-micro-openssl-heart/cmibjcgebllecchcmkiafonmflkeeffo or the mobile link.

About Trend Micro
Trend Micro Incorporated, a global leader in security software, strives to make the world safe for exchanging digital information. Built on 25 years of experience, our solutions for consumers, businesses and governments provide layered data security to protect information on mobile devices, endpoints, gateways, servers and the cloud. Trend Micro enables the smart protection of information, with innovative security technology that is simple to deploy and manage, and fits an evolving ecosystem. All of our solutions are powered by cloud-based global threat intelligence, the Trend Micro™ Smart Protection Network™ infrastructure, and are supported by over 1,200 threat experts around the globe. For more information, visit TrendMicro.com.

SOURCE Trend Micro Incorporated

CanSecWest hacking conference lands in Vancouver

CanSecWest

CanSecWest is in Vancouver this week at the Sheraton Wall Centre hotel and is a gathering of security tech professionals. CanSecWestPeople can come from anywhere in Canada and across the globe to learn and share information and experiences on applied digital security.

Security professionals who attend CanSecWest work in government, the private sector or as independent contractors. They often find flaws in apps they or others develop and come to CanSecWest to look at ways to protect them from being hacked.

While I am not a developer I found both the subject and premise of the conference interesting. One would think that this is a conference that teaches people how to hack. A little digging reveals something else entirely.

“CanSecWest is really about anything says Saurabh Harit, Director of Security Research and Senior Security Consultant for Security Compass. It’s not just mobile security. Being curious about how something works and try to make it work in an undesired way can be both fun and interesting. Hacking doesn’t have to be bad all the time either.”

Android/iOS Hacking and Securing Workshop

Harit’s workshop, Android/iOS Hacking and Securing, helps students discover mobile hacking techniques for Android and iOS. It also helps them understand mobile app security including what hackers look for in mobile apps. Hacking apps themselves will equip them with the skills required to protect their own apps from attacks.

“At Security Compass, we care about iOS and Android security. There are many things offered to protect your applications from security risks. Those include application permission, physical security and encryption” notes Harit.

Android and iOS both support encryption but the model used by iOS is more robust.

“Android encryption happens at the software level says Harit and does not encrypt your devices SD Card. We don’t recommend saving information on SD Card as a result.  iOS does so at the hardware level right on the chip. This makes it faster to encrypt and protect.”

Harit was the only workshop leader I spoke to so I urge you to check out the CanSecWest website and its Dojo section. The wide range of topics on security is very interesting. I’ll also be keeping an eye out for next year’s conference!

Wedge Networks to combat cyber threats for Canadian Government

wedgenetworks

The Government of Canada has announced it has chosen technology from wedgenetworkssmallWedge Networks™, the leader in Cloud-Based Security Services to protect its information systems from advanced security threats. The WedgeOS™ platform is a first-of-its-kind solution that melds patented network traffic inspection capability with software defined networking (SDN) and Network Functions Virtualization (NFV) to deploy a rich set of security services for large populations of computing devices, from traditional servers and personal computers, to mobile computing devices, to the modern “internet of things”.

Today the traditional network perimeters are evaporating.” Said Hongwen Zhang, PhD, Co-Founder and CEO of Wedge Networks “Data is in the cloud, consumerization of IT is embraced, we have a mobile workforce where users co-mingle multiple types of devices throughout the day, and almost everything – phones, tablets, cars, medical equipment, point of sale systems and even thermostats – has an internet connection. We built the WedgeOS™ platform to deliver security protection for users as they embrace the cloud computing model.” he said.

Deployed in the data centres of Shared Services Canada, WedgeOS™ will protect the Government’s critical information systems being shared across diverse departmental networks, and in the future will protect information being shared between Canada and other countries.

Before being awarded the contract, WedgeOS™ was deployed in the Government’s verification networks to validate all functions, including advanced data leakage protection and anti-malware. WedgeOS™ software can provide Government networks with accurate and transparent web security by inspecting all content – both inbound and outbound for malicious activity and making sure advanced threats are detected and contained.

Honourable Diane Finley, Minister of Public Works and Government Services, recently visited Wedge Networks 2013 to announce the government contract awarded to Wedge Networks under the Build in Canada Innovation Program (BCIP) and said: “Cyber security is critically important in this online age. So we are excited about WedgeOS. It is a software platform that conducts a full inspection of content within Internet traffic in real time. A cutting-edge innovation such as this one could bring many benefits to the IT industry so I am very pleased to announce this contract.”

About Wedge Networks™

Wedge Networks™ is transforming the way security is delivered. Its innovative WedgeOS™ is a true cloud security platform designed to combat the shifting threat landscape associated with the consumerization of IT. Unlike first generation security products, cloud-assisted appliances or even dedicated security clouds, WedgeOS™ enables inline inspection of both inbound and outbound traffic embedded within the cloud layer across all platforms and device types without latency. WedgeOS™ is deployed globally, delivering security protection for tens of millions of users in Fortune 500 companies, government agencies, Internet Service Providers and across all industry verticals.  Wedge Networks is headquartered in Calgary, Canada and has international offices in Sunnyvale, USA; Beijing, China; and Manama, Bahrain.

For further information:please visit www.wedgenetworks.com

Cloud Computing Considerations: How Safe is it?

Microsoft announced today that it was taking the ever popular Office program to the cloud as it unveiled its revamped online version of Office. I’d been thinking about this concept of cloud computing for a while and what it actually means. With some computer bacgkround and understanding of how networks work, I thought I’d take a little closer look.

What is cloud computing? No its not those big puffy shapes in sky but cloud computing “is the next stage in the evolution of the Internet, providing the means through which everything — from computing power to computing infrastructure, applications, business processes to personal collaboration — can be delivered to you as a service wherever and whenever you need.”

Now the concept of cloud computing has been around for a few years. Though I’d only recently taken an interest in it, the idea that everything is  available through the internet is fascinating. The concept actually reminds me of computing before local area networks, with dummy terminals connecting to a central mainframe to get data and the necessary information they require. Except now you could connect to your office and everything you need for your daily job via the internet. All you need is a web browser and an internet connection and you are off to the races.
It’s not quite that simple though.

The Dummies.com website notes that someone needs to take responsibility for the governance of data or services living in a cloud. Cloud service providers must provide a predictable and guaranteed service level and security to all their constituents. This will clearly fall to or has already been placed on the shoulders of internet providers and other companies who provide the current infrastructure for IT and computing needs. There is sure to be intense competition in this area and cloud computing has a number of stumbling blocs.

The most significant is security which as highlighted in a recent Globe and Mail article as high profile companies such as Sony and Google and its popular Gmail service may slow the development of the cloud. This is a concern to be sure as no company wants to be vulnerable to the recent attacks like those suffered by Sony in April.

This technology is not only adjusting the rules of the game, it could change them completely and take things in an entirely new direction. However one better have an “umbrella” on hand should they get hit by a storm from cloud computing. The consequences could be disastrous.

Featured image courtesy of Technorati