Data Center Services Security in Northern Europe Gets a Boost from NTT
Posted on April 24th, 2015 at 5:46 am by Grace

The global data center service industry has been relatively flourishing despite the prevailing economic difficulties in the past couple of years. Business continue to survive, and many of these businesses rely on data center providers for their information handling needs.

Perhaps one indication that the industry is thriving is the recent news that NTT Communications made a move to acquire Secode AB, a leading name in the managed-security and security-consulting arena in Northern Europe. This move has been hailed by many as beneficial to all the parties involved.

NTT Communications is the long distance and international arm of the well known company, NTT. Having established the brand worldwide, it has been the main choice of many businesses. NTT Communications offer various data center services to its customers from all corners of the world. With this acquisition, it only hopes to further strengthen its services in terms of security.

NTT Communications offers data center services in more than 31 cities in 20 countries/regions. Any client can expect excellent quality, characterized by:

  • Full-scale preparations for power outage and fire disaster.
  • Green data center equipped with efficient cooling facilities.
  • Security system installing the latest authentication methods.
  • 24 ⁄ 7 operation and maintenance system
  • System redundancy in power supply, air conditioning and network.
  • Stable network achieved by using backbones and access lines from multiple carriers
  • Quality is certified by NTT Communications Data Center standards.

While the acquisition involves a company local to a certain region, the effects on the security of the data center services of NTT shall certainly be felt system-wide, geographic barriers notwithstanding.

FTC Orders Closure of ISP
Posted on April 17th, 2015 at 5:26 am by Grace

In a first, the FTC has taken a move to bolster their powers on the internet with them ordering the closure of a so-called determined malware ISP that they say has been determined and documented to host several illegal activities such as malware, viruses, pornographic sites and many others. The ISP of course denies all accusations and say they will be fighting the FTC on the matter, claiming they are innocent of all charges. The ISP, PriceWert LLC, has denied all the FTC’s accusations yet the FTC says it has a well documented and solid case. (Read the rest of this story.)

Broad spectrum DLP’s
Posted on April 10th, 2015 at 1:15 am by Avatar

Data Loss Prevention is a term used to define and enforce data classification and uses robust encryption and security. Vendors like Vontu , Reconnex and Titus Labs, all produce software that is classified as data mining technologies and gives the user the function/ability to include the security option which they can define the level that should be applied.
These types of software scans email and their attachments along the files users already have and create giving the users a sign that the said files are in need of protection. They then assign the level/s of protection that are assigned and the file is encrypted with a key. Only authorized clients and users with the right access levels get the key and thus access to the said information eliminating the reliance on the traditional walls for protection.

Be secured using SharePoint Server 2010 Claims based Authentication
Posted on April 3rd, 2015 at 12:42 am by Grace

Sharepoint 2010
Today when duplicity problem has increased a lot, authentication has become a must. Authentication is the process of determining if someone is who they claim to be. It answers the question “Who is this guy really?” Taking advantage of SharePoint Server 2010 Claims Based Authentication feature may help you curb this duplicity issue. Even if you are a SharePoint Foundation 2010 user, you can enjoy the same feature to authenticate the user identity.
Most enterprise applications need some basic user security features. At a minimum, they need to authenticate their users, and many also need to authorize access to certain features so that only privileged users can get to them. Some apps must go further and audit what the user does. On Windows®, these features are built into the operating system and are usually quite easy to integrate into an application. By taking advantage of Windows integrated authentication, you don’t have to invent your own authentication protocol or manage a user database. By using access control lists (ACLs), impersonation, and features such as groups, you can implement authorization with very little code. Indeed, this advice applies no matter which OS you are using. It’s almost always a better idea to integrate closely with the security features in your OS rather than reinventing those features yourself.

In the real world, we face the following challenges:
* Privacy regulations and other pieces of legislation are impacting what kind of information we are allowed to capture and store about users, so in some cases we can’t just demand that people give us all of their personal details.
* Businesses want to inter-operate with other businesses, and government organizations want to provide more integrated services to citizens. However, different systems use different authentication systems and businesses want to integrate in a secure, legally compliant manner.

Consequently, claims based authentication in SharePoint Server is designed to address the two challenges mentioned above. Claims based authentication addresses privacy and other compliance concerns by requesting less specific, less personal information about people, and by trusting other parties or systems to do the “proof of identity” check. Claims based authentication addresses integration of different systems by allowing communications using open standards, and by providing a platform for developing more specialized ‘identity connectors’ between systems.

How to implement Claims based authentication?
The claims-based authentication is implemented in the following way:
* From a developer’s point of view, the platform that Microsoft is providing is called the Windows Identity Foundation. Earlier, it was called the Geneva framework. It provides a programming library suitable for building claims-aware applications. This library is also used by SharePoint 2010
* Active Directory Federation Services implement services to create, accept, and transform tokens that contain claims.
* Cardspace provides a user interface for users to select which “identity card” they wish to use for a particular system

Claims based authentication won’t address the lifecycle management of identity information.
Claims based authentication may let our system know that a user is a contractor from a partner company, but it alone won’t let us specify a rule that says “all of my company’s financial spreadsheets must not be seen by contractors”. Not only does claims based authentication not provide this capability, but neither do the role-based access controls provided by SharePoint. In fact SharePoint’s role-based access control model itself is too limited to address this. It still needs substantial improvements.

Claims based authentication feature was not available in MOSS 2007; SharePoint Server 2007 uses a native Active Directory-based authentication between machines and systems. In addition to claims based authentication, take advantage of other exclusive features in SharePoint Server 2010 and also enjoy some free SharePoint templates or web parts that come with SharePoint products.

Microsoft’s Windows 7 – Opening Pandora’s Box
Posted on March 26th, 2015 at 11:59 pm by Grace

Microsoft UacThere has been much talk about the problem associated with the so-called Pandora’s box that is Microsoft’s UAC or User Account Control. This is one of the most unforgettable features of Vista where it first appeared as the ever present annoying pop-up window that asked for permission on almost each and every mouse click (exaggerated). The danger is that the said control feature seems to fail to revert to default security settings after a user has signed into the system as the systems administrator. After this event, use of all applications thereafter have been found to have default settings of the admin without reverting to previously set security settings that can be a wide open door for hackers to exploit. (Read the rest of this story.)

Cisco-Servers with Built-in Protection
Posted on March 19th, 2015 at 11:18 pm by Avatar

Cisco, one of the world�s leading producers of network servers that are deployed on the internet and in large corporations has announced the release of their Self-Defending Network version 3.0. This is after they have finalized the acquisition of security software Ironport Systems Inc. Ironport is responsible for the development of a powerful e-mail and web monitoring service called SenderBase. The said system collects information from almost 100,000 internet providers, schools, universities and corporations globally. Checking for more than 110 parameters for any available active web server connected to the internet which allows it to verify, inspect and check e-mail that passes through them (their massive database/s are reported to get at least 5 billion requests per day).

Cybercrime on the Rise (Part 2)
Posted on March 12th, 2015 at 9:55 pm by Avatar

cc2.jpgImagine the case of the botnets that Microsoft says they have ended, they were the same programs initiated and running constantly for many years before people even found them and found ways of disabling them. They were running all the time and nobody raised a finger to get them off-line because, they were driving the IT security industry to some extent. That is paradoxical for the IT security industry is alive because of these threats. Old ones revived with new routines and made to do more mischief, stealing information, credit card numbers and more. The cyber-world may be more secure but as long as people are at the helm, there will be holes and these holes will be seen and used for profit, sometimes by the people entasked with providing security themselves.

Sensitive Data Protection (Part 2)
Posted on March 5th, 2015 at 9:00 pm by Avatar

datasec2.jpgEncryption is also now being applied extensively in offices so if ever information does get out and falls into the wrong hands it is rendered useless without the proper cipher key. The use of military-grade encryption has random generators and multi level encryption technologies which were previously available only to the military forces. Hardware based encryption is also another developing technology where hardware components such as hard disks, network cards and other such peripherals are embedded with encryption technology on a chip thus preventing unauthorized data being useable that is transmitted or contained within them. All these technologies along with promising technologies in development such as faster multi-processors allow higher encryption levels without sacrificing performance as today�s technologies are limited to (the faster the processor, the faster the coding/decoding of information that would become almost unperceivable with future computers).

Security Issues in Web Applications
Posted on February 26th, 2015 at 7:45 pm by Hannah

There is an alarming increase of security issues in Web Applications and these include problems on access control and insecure storage. Problems on access control include unauthorized access of user accounts. Also, under this falls the increase in users abusing the freedom of web applications functions making them use these for illegal purposes and benefits arising to spams and viruses. On the other hand, there are as well problems related to insecure storage. Nowadays, the increase in users didn’t only lead to an increase in market of these web applications but also to the increase in unauthorized users that result to personal information being illegally accessed. This led to the rise of web applications that involve weak protection. There are more to these two stated issues which users should always be cautious about. These issues, if taken for granted, may lead to even more serious problems such as system breakdown.

Official mails are with you even when you are meandering around Paraguay!
Posted on February 19th, 2015 at 5:48 pm by Grace

Paraguay is a country that flaunts striking natural assets and enormous dams made by humans. Amidst this beautiful trip what if you will have to access your mail urgently? In such case get your mobile phone synchronized with hosted Microsoft Exchange Server. The capability to contact your Exchange email on a mobile phone is based on the phone that you are carrying.

Paraguay is a country with maximum Spanish speaking populace. However lingo is never an impediment while accessing Exchange Email hosting feature. Exchange 2010 hosting is available in varied languages making it easier for the people of Paraguay to utilize free hosted exchange. (Read the rest of this story.)

« Previous Entries