STE WILLIAMS

During the past couple months, ransomware known as CryptoLocker has made its presence known in homes and businesses around the world. While ransomware is not a new concept, the pervasiveness of CryptoLocker, combined with its strong encryption, make it a particularly nefarious ongoing threat.

CryptoLocker is Windows-based ransomware that encrypts files on local drives and network shares, and then demands payment to unlock them. Funds are requested via untraceable payment methods like Bitcoin and MoneyPak. CryptoLocker uses asymmetric encryption, with the private key held by the author or distributor of the malware. Unfortunately, it uses a strong algorithm that makes it practically impossible to decrypt the data without knowing the key. Here’s a video showing CryptoLocker in action.

CryptoLocker has, to date, been spread predominantly through email attachments and through other malware that has already infected PCs via other means. It has also been seen as a payload in drive-by downloads.

While CryptoLocker itself can be removed, the strong encryption prevents data encrypted by the malware from being unlocked. Thus, the best remedy for an infection is often to wipe the PC, reinstall Windows, and restore data from a backup that was made preinfection.

Fortunately, CryptoLocker is generally preventable. The best endpoint security products not only detect and block known versions of the malware, but also have techniques for identifying new variants and for blocking exploits and known malicious URLs. Perimeter and anti-spam protection can also be employed to reduce the risk of infection.

The irreversible damage to data reminds us of the importance of having an ironclad backup strategy for users’ data. This has to extend beyond simple syncing of local files to a network drive or cloud storage; it must include the ability to recover older versions of files from tape, snapshots, etc. If you haven’t recently assessed what information your users are storing locally and how much it would cost in time and lost productivity if that information became inaccessible, then it may be time to revisit your backup strategy.

CryptoLocker represents an evolutionary step in ransomware: the first really widespread attack that uses strong, irreversible encryption. You can expect that additional evolution will occur. Perhaps the next iteration of CryptoLocker will self-replicate or lock users out of their online accounts, for example. The best security against any future iteration is a layered approach that patches vulnerabilities, detects and blocks exploits, risky URLs, and malicious code throughout your environment, and ensures you can recover systems and data in the event that an attack succeeds. And, of course, a bit of user education always helps, too.

Thanks to Paul Ducklin and my colleagues in SophosLabs, whose research I drew on heavily for this column.

Article source: http://www.darkreading.com/sophoslabs-insights/what-you-need-to-know-about-cryptolocker/240164183

Cybersecurity insurance has long been touted as a way that companies could offset the risk of online attacks and data loss, but insurers continue to lack the data necessary to create a competitive and sustainable market.

The increasing availability of threat intelligence, however, could allow insurers to better gauge the risk that potential customers may face online. An analysis of external data that indicates whether a business may be compromised, for example, has detected significant differences between the security posture of companies in different industries, according to a recent report by security-ratings firm BitSight. The financial, retail and power industries all have fewer compromises and security alerts than the software and technology industry, the firm found.

Such data could help insurers improve their risk picture, says Stephen Boyer, co-founder and chief technology officer for BitSight.

“If they can get good proxies for how an organization is managing risk over time, then they can do a better job at modeling that risk,” Boyer says. “Right now, they don’t have any of that, they basically only have questionnaires.”

Cyber insurance has grown more popular in recent years. A recent Ponemon Institute survey found that 31 percent of companies had a cybersecurity insurance policy in place, while another 39 percent of companies plan to buy a cybersecurity policy.

The lack of security data, however, is hampering the adoption of cyber insurance, according to the study. Companies that do not plan to adopt policies list a variety of reasons all linked to the uncertainty in measuring risks, citing expensive premiums, too many exclusions, and not appreciably different coverage than their property and casualty insurance, the Ponemon survey found.

[Liberty Mutual says it isn’t liable to pay cyber insurance claims filed by grocery chain Schnucks. See Cyber Insurer Sues Grocery Client, Says It Won’t Pay Breach Claims.]

Insurers need to find ways of gather concrete data on the risk, says Andrew Braunberg, research director of for security consultancy NSSLabs.

“The degree to which the insurance companies currently look at the technical controls you have in place to determine the premium for these policies, they are not very sophisticated on how they figure that out, they don’t have good data,” he says.

NSSLabs focuses on helping companies measure their internal controls to gather a better risk picture, while BitSight and other threat-intelligence firms focus on externally available information that could indicate whether a company has been breached.

Yet, companies themselves often do not have their own data or are unwilling to give guidance on their cyber risk. Only 1 percent of Fortune 1000 companies disclosed an actual breach of cybersecurity in their financial filings to the Securities and Exchange Commission (SEC), according to a survey by Willis, a global insurance broker. Seventeen percent of the Fortune 1000 did not disclose any information about their cyber risk, the company found.

Many companies continue to lack the capabilities necessary to discover attacks within their network, Ash Raghavan, principal for insurance in the security and privacy practice at accounting firm Deloitte, said in an e-mail interview.

“They often lack the maturity or means to gather information that resides within their own realms, and the completeness and accuracy of the available data is unclear,” he says.

Some relief may be found in the Cybersecurity Framework, a set of voluntary best practices created by the National Institute of Standards and Technology (NIST) to help companies in securing their systems. While the framework will be finalized next year, many proponents have called for incentives to convince companies to adopt the guidelines. Lower insurance polices could be one such benefit, says NSSLabs’ Braunberg.

“If the insurance companies bought into the framework, it might help them to incentivize companies to adopt the framework by requiring policy holders to implement the best practices,” he says.

Yet, today’s threat intelligence providers need to develop a more mature and consistent set of risk metrics before they will truly be of use to insurers, says Deloitte’s Raghavan. In addition, general threat intelligence is far less useful than information that may apply to companies in a certain geography or sector, he says.

Finally, threat intelligence will never be sufficient for insurance companies to gauge risk, because intelligence sources generally detect attacks after they have already happened, he says.

“The threat landscape evolves quickly,” Raghavan says. “This volatility suggests that today’s threat intelligence may not provide a sufficient basis for insurers to understand how to price their products over the long term, even if the scope of insurance is quite narrow.”

Have a comment on this story? Please click “Add Your Comment” below. If you’d like to contact Dark Reading’s editors directly, send us a message.

Article source: http://www.darkreading.com/threat-intelligence/threat-intel-to-deliver-some-benefits-to/240164215

Email delivery: Hate phishing emails? You’ll love DMARC

China’s fearsome censorship and surveillance apparatus just got even more intimidating after the introduction of new technology to track communications in regional languages other than the Mandarin/Putonghua spoken in most of the country.

The unnamed system was developed by Tsinghua university’s Centre for Intelligent Image and Document Information Processing and is likely to be targeted at trouble makers in regions such as Tibet and Xinjiang.

The technology will allow local cyber snoopers to monitor conversations in every major ethnic minority language in China, as well as Arabic and Japanese, project leader Ding Xiaoqing told the South China Morning Post.

Current surveillance tools employed by Beijing’s vast security forces are apparently only able to deal with one language at a time and require the operator to speak that language.

The new system is also able to detect internet-based messages which can bypass current snooping technologies by encoding them into images.

“An increasing number of messages are passed around on the internet in image format to dodge the government’s surveillance. Most of the equipment in use these days cannot deal with such information,” Ding told the paper.

China is stepping up its monitoring of citizens in trouble-hit areas like Tibet and Xinjiang, especially following the deadly October 28 car bomb attack in Tiananmen Square which is suspected to have been carried out by Uyghur separatists.

Such attacks are extremely rare in the People’s Republic, in part because of the huge resources it devotes to monitoring its citizens and censoring what they can read and post online.

Its success in this field has even helped popularise such systems in North Korea, the Middle East and elsewhere, leading to some lucrative contracts for those technology suppliers prepared to ignore the morality of the whole thing.

In March a Reporters Without Borders report singled out as “enemies of the internet” French spyware firm Amesys, which is claimed to have sold to the Gadaffi regime; UK/German spyware maker Gamma International; and Italian firm Hacking Team, which provides “lawful interception” kit; among others.

Just this week El Reg came across Hong Kong-based biz Semptian, which appears to be marketing an off-the-shelf Great Firewall product. ®

Email delivery: Hate phishing emails? You’ll love DMARC

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/11/22/china_surveillance_xinjiang_terrorist/

Julie Yeates of SophosLabs (thanks Julie!) alerted us earlier today to a spam campaign that seemed to originate from a whole raft of different security and anti-virus companies.

The messages have a variety of subject lines, such as:

Windows Defender: Important System Update - 
  requires immediate action

AVG Anti-Virus Free Edition: Important System Update - 
  requires immediate action

AVG Internet Security 2012: Important System Update - 
  requires immediate action

Kaspersky Anti-Virus: Important System Update - 
  requires immediate action

Microsoft Security Essentials: Important System Update - 
  requires immediate action

The emails are all very similar, claiming to include an important security update to deal with “the new malware circulating over the net”.

The parts shown in pink above vary from email to email, but the bulk of the content stays the same:

Important System Update – requires immediate action

It’s highly important to install this security update due to the new malware circulating over the net. To complete the action please double click on the system patch KB923029 in the attachment. The installation will run in the silent mode. Please pay attention to this matter and inform us in case there is a problem.

The email doesn’t explicitly mention the CryptoLocker ransomware that locks your files and tries to sell them back you.

But there is little doubt that many recipients, having heard of the ongoing saga of CryptoLocker, will be more inclined than usual to read on.

It’s all a pack of lies, of course.

There is no “system patch KB923029,” and even if there were, neither Microsoft nor any other reputable company would send out security updates as email attachments.

Also, if you are a native speaker of English, you should spot a number of niggling errors of usage and grammar in the text of the email.

→ The fact that an email is grammatically flawless, in English or any other language, is not an indicator of legitimacy. But language blunders in English, in an email purporting to come from the New York office of a legitimate software company, are a strong indicator of bogosity. If the crooks can’t even be both to trying rite and spel decent, you may as well use their linguistic sloppiness against them.

The ZIP file contains an EXE (a program file); that program file is one of the many variants of the Zbot malware, also known as Zeus, that we see on a regular basis.

You’re expected to open the ZIP and run the program inside, which has a name like this:

HOTFIX_patch_KB_00000...many digits...56925.exe

There’s nothing wrong with having an EXE inside a ZIP file.

But a ZIP that contains only an EXE, and that was delivered by email, is just as suspicious as a plain EXE that arrives as an attachment.

If you do run it, the EXE installs itself into:

C:Documents and Settings%USER%Application Data

with a random filename, and adds itself to the registry key:

HKEY_CURRENT_USERSoftwareMicrosoftWindows
   CurrentVersionRun

so that it gets launched every time you reboot or logon.

We shouldn’t need to remind you, but we’ll do so in case you want to remind someone else:

• Don’t open email attachments you weren’t expecting.
• Don’t believe emails that claim to be sending you a security patch – by email.
• Don’t ignore clues such as poor grammar or spelling in emails that claim to be official.
• Don’t neglect to keep your software patches up to date – but never by email.

Follow @duckblog

Note. Sophos Anti-Virus on Windows detects this malware proactively (and very likely a high percentage of related variants still to appear) as HPMal/Zbot-C. Sophos on non-Windows platforms, including gateway products, detects the malware’s various components as Troj/Agent-AEWF and Troj/Agent-AEWG. Sophos web and email filters proactively quarantine attacks of this sort by identifying the ZIP file as suspicious.

Article source: http://feedproxy.google.com/~r/nakedsecurity/~3/GYeGS5K4_Qo/

5 ways to reduce advertising network latency

South Korean electronics giant LG has confirmed that some of its smart TVs have been logging their owners’ viewing habits without their permission and has promised a patch.

Hull, UK–based developer Jason Huntley, aka “DoctorBeet,” was first to notice the spying behavior when he analyzed network traffic coming from his LG TV and found that it transmitted the names of TV channels and media files he was watching, even when a data-collection feature was supposedly disabled.

On Thursday, a second blogger tried to replicate Huntley’s results and found that his own set was also transmitting the names of media files hosted on his local network.

LG has since investigated the matter and has now issued a statement essentially admitting that all of these findings are true – although it doesn’t see them in quite the same light as LG smart TV owners are likely to.

The statement, which was obtained by security researcher Graham Cluley, begins with the usual assurances that LG values its customers’ privacy and that it is always aiming to improve its smart TV experience. It then goes on to acknowledge that some LG TVs do transmit data about what the viewer is watching, even when that feature is turned off, but it hastens to add that no one should take this personally.

“Information such as channel, TV platform, broadcast source, etc. that is collected by certain LG Smart TVs is not personal but viewing information,” the statement explains. The information is collected, it says, in order to provide “more relevant advertisements and to offer recommendations to viewers based on what other LG Smart TV owners are watching.”

And the part about the TV scouring the local network in search of media files? That’s true, too, LG says – the behavior was implemented for an upcoming feature – but it shouldn’t worry anyone, either.

“This feature … was never fully implemented and no personal data was ever collected or retained,” LG’s statement says.

LG says it is working on a firmware update for the affected TVs that will stop the transmission of viewing information when that feature is disabled and also remove the network-scanning feature. No date for the patch was given, but LG says it is being prepared “for immediate rollout.” ®

5 ways to prepare your advertising infrastructure for disaster

Article source: http://go.theregister.com/feed/www.theregister.co.uk/2013/11/22/lg_tv_spying_statement/

AUSTIN, TX – November 20, 2013 – ‘Tis the season for reflecting on another year’s success, kicking off 2014 planning and preparing for… security attacks? With Cyber Monday and the holidays fast approaching, businesses need to prepare for the prevalence of malware hidden in cheerful holiday greetings, shopping offers and heartfelt holiday videos that are designed to tempt employees to click. SolarWinds (NYSE: SWI), a leading provider of powerful and affordable IT management software, today outlined four best practices for businesses looking to keep a mindful watch on their IT infrastructure security as employees (and hackers) take part in the biggest online shopping day of the year.

1. Fortify firewalls – Firewalls are only as good as the rules that you’ve built. Regardless of network size, firewalls accumulate an ever-growing list of redundant rules and objects, along with conflicting rules and unused rules, all of which can cause mayhem in firewall management during the highly vulnerable holiday online shopping season. Ensure firewall rules are up to date in the case you are exposed from the outside or within.

2. Perfect patches – Organizations are prime targets for infestations when businesses assume that their most recent application version is security-proof, they are not up-to-date on their patches, or when they don’t have full account of all the applications installed by end users. Reduce malware exploitations when employees are susceptible to cleverly disguised holiday deal scams by keeping your patches up to date.

3. Monitor internal traffic – Identify where users are chasing shopping deals by continuously monitoring user workstation activity and behavior. With a proxy server, businesses can block certain sites, for example “no shopping,” detecting users who are trying to circumvent the policies in place. Bottom-line: If you allow it, monitor it. If you don’t, make sure it’s blocked.

4. Be on top of bandwidth – With an increased spike and concentration of users utilizing the Internet to browse holiday deals online, this strain will likely impact network bandwidth. Don’t lose sight of attackers who may strike while you’re focused on keeping your network up and running. Be prepared by monitoring network bandwidth and traffic. Additionally, take appropriate action by pinpointing users who are abusing privileges.

Security Management for Every IT Pro, Organization

For IT pros that don’t spend their day thinking about security yet need the tools to tackle everyday operational security challenges, SolarWinds offers IT pros a number of powerful, easy-to-use and affordable products with security functionality built-in. From Security Information and Event Management (SIEM) to firewall and patch management and more, IT pros can assess their environment and deploy SolarWinds’ IT management products on a need-by-need basis to achieve end-to-end security visibility.

SolarWinds Log Event Manager – SIEM; endpoint data loss monitoring

SolarWinds Firewall Security Manager – Firewall security management

SolarWinds Patch Manager – Endpoint vulnerability management

SolarWinds User Device Tracker – User and device tracking

SolarWinds Serv-U Managed File Transfer (MFT) Server – secure file transfer and sharing

About SolarWinds

SolarWinds (NYSE: SWI) provides powerful and affordable IT management software to customers worldwide from Fortune 500 enterprises to small businesses. In all of our market areas, our approach is consistent. We focus exclusively on IT Pros and strive to eliminate the complexity that they have been forced to accept from traditional enterprise software vendors. SolarWinds delivers on this commitment with unexpected simplicity through products that are easy to find, buy, use and maintain while providing the power to address any IT management problem on any scale. Our solutions are rooted in our deep connection to our user base, which interacts in our online community, thwack, to solve problems, share technology and best practices, and directly participate in our product development process. Learn more today at http://www.solarwinds.com/?CMP=PUB-PR-SWI-prq413_SW_Holiday_Security-X-SWHP.

Article source: http://www.darkreading.com/end-user/it-security-best-practices-for-cyber-mon/240164173

Frisco, TX – November 19, 2013 – The Health Information Trust Alliance (HITRUST) is announcing today new and enhanced offerings to the HITRUST Cyber Threat Intelligence and Incident Coordination Center (C3) aimed at moving the healthcare industry forward with regards to preparing for and responding to cybersecurity threats and attacks.

Recognizing the growing threats posed by cyber attacks targeted at healthcare organizations, HITRUST almost two years ago established a fully functional cyber threat intelligence and response capability to protect the U.S. healthcare industry from disruption by these attacks. The HITRUST C3 is the single best source of intelligence on threats targeted at healthcare organizations and medical devices, providing actionable information for strategic planning and tactical preparedness, and coordinated response for both large and small organizations. The center facilitates critical intelligence sharing through integration with the Department of Homeland Security and U.S. Department of Health and Human Services.

“As interest in the HITRUST C3 has grown, HITRUST has realized that the center must be able to support the varying levels of maturity and sophistication of the participating organizations in need of threat intelligence and response coordination,” said Daniel Nutkis, chief executive officer, HITRUST. “When it comes to cyber awareness and preparedness there is not a one-size-fits-all solution. The significant updates being made to the HITRUST C3 are aimed at the needs of the entire industry.”

Supported by a new partnership between HITRUST and Booz Allen Hamilton, the HITRUST C3 will offer expanded and enhanced services in three key areas for improving cyber threat intelligence in the healthcare industry. First, subscribers will now have access to more frequent anticipatory threat intelligence through daily alerts and warnings of future attacks that may threaten a healthcare organization. The probability-based warnings of future cyber attacks make it possible for an organization to anticipate an attack, understand the chances of an attacker’s success and take proactive action as needed. Second, community situation awareness is being improved with daily intelligence summary products that highlight key threats, incidents and trends of global threat actors. These daily threat intelligence services will improve an organization’s ability to address risks and questions regarding global threats. Finally, an increased level of customization is being offered to subscribers with the alerting and warning service tailored to the specific risks and threats for each subscriber, ensuring that the resulting threat intelligence is actionable and relevant to their organization.

Recent experience shows that cyber attacks are evolving more quickly than organizations can mount effective defenses, leading to increased risk in the healthcare sector. An effective security posture requires anticipatory and predictive intelligence as well as passive listening so that an organization can get ahead of these threats, assess risks and take appropriate defensive actions – before an attack actually occurs or in the event of a breach to expedite analysis. In addition, the information disseminated needs to be consumable based on the level of organizational maturity and information security sophistication and not only size or revenue.

“With other offerings focused primarily on operational-level information and not industry specific, we believe the HITRUST C3 is the only service that takes into account the critical need in the healthcare industry for both technical and management intelligence reporting and education,” said Roy Mellinger, chief information security officer, WellPoint.

An increasingly critical area in need of additional protections is the unauthorized access to medical devices and electronic health records, and the need for better security and controls incorporated into these systems. While evolving regulations and vendor actions are beginning to address cybersecurity issues, much work remains to understand and remediate cybersecurity vulnerabilities in networked medical devices and complex electronic health record systems.

The HITRUST C3’s unique ability to characterize both the complex targeted systems and the capabilities and motivations of potential threat actors provides an unprecedented capability to identify threats as they emerge and before an attack. This capability includes being able to track a threat’s actions against health information systems and devices using automated collection and analysis tools, in addition to existing cyber intelligence gathering. The new and enhanced offerings available through the HITRUST C3 will address cyber threats being planned against these systems and potential targeted organizations, as well as other critical needs facing the healthcare industry.

“Medical devices introduce cyber risk; thus, with thousands of devices residing in an average hospital, the knowledge on what devices are being targeted and how is crucial in managing that risk,” said Michael Pinch, chief information security officer, University of Rochester Medical Center.

The monthly threat briefings offered through the HITRUST C3 are also being enhanced to allow participants to garner greater and more actionable knowledge on recent and prospective cyber threats and events. Participants may use the briefings to interact with HITRUST C3 analysts to better understand the information being presented, shared and discussed. To help familiarize organizations with the concepts and resources available through the HITRUST C3 and better aid the industry in the use of cyber threat intelligence, HITRUST is offering complimentary access to the December Threat Briefing to any qualified healthcare organization. To request access to the December 13 Threat Briefing, please visit http://tinyurl.com/k87zj2q.

Subscribers to the HITRUST C3 have options for real-time alerting and daily, weekly and monthly products and services. A basic subscription level has been added to the HITRUST C3 to ensure the service is supporting the needs of the entire healthcare industry without a significant cost barrier.

For additional information on the items discussed in this release, please use the following resources:

HITRUST C3 – Visit HITRUSTAlliance.net/c3.

December Monthly Threat Briefing – to participate, please visit http://tinyurl.com/k87zj2q

About HITRUST

The Health Information Trust Alliance (HITRUST) was born out of the belief that information protection should be a core pillar of, rather than an obstacle to, the broad adoption of health information systems and exchanges. HITRUST, in collaboration with healthcare, business, technology and information security leaders, has established the CSF, a certifiable framework that can be used by any and all organizations that create, access, store or exchange personal health and financial information. Beyond the establishment of the CSF, HITRUST is also driving the adoption of and widespread confidence in the framework and sound risk management practices through awareness, education, advocacy and other outreach activities. For more information, visit HITRUSTAlliance.net.

Article source: http://www.darkreading.com/government-vertical/hitrust-expands-cyber-threat-intelligenc/240164174

Zurich, Switzerland – November 21, 2013 – CloudSigma, a public cloud IaaS provider with advanced hybrid hosting solutions, today announced the general availability of advanced network policy management across all its cloud locations. With this new feature, customers can create, manage and apply enterprise-grade networking policies in relation to their cloud infrastructure in a fully integrated way. By removing complexity and stressing usability, CloudSigma’s new networking policy features enable customers to enhance their security, while also saving time.

“We take security very seriously, and so do our customers,” said Robert Jenkins, CEO of CloudSigma. “We’ve received many requests from our customers about offering this enterprise-grade firewalling. We listened and delivered. We didn’t want to deliver a half-baked product. By allowing customers to create policies independent of servers, multiple requirements can easily be maintained, adjusted and reapplied over time.”

With CloudSigma’s new network policies, customers are able to configure and constrain both inbound and outbound traffic while defining these policies in a simple fashion within the Web interface or directly over the API. The policies range from a single rule that blocks all external public IP traffic, to complex schemes that only allow connections to certain ports from a set of IPs. Network policies are saved and then applied to one or more virtual servers as required. Furthermore, network policies can be reconfigured and reapplied to running servers without service disruption. CloudSigma understands that convenience drives usage and real security requires convenient, easy-to-use security features; its new networking policies deliver that.

“Firewalls are still the fundamental building block for security,” said Sergio Loureiro, co-founder and CEO of SecludIT. “CloudSigma’s network policies are very powerful and some of the most complete that I’ve used on an IaaS platform. Being able to control everything via the API is a big plus. On top of that, CloudSigma provides solutions to help customers manage the complexity of the network policies for big deployments and to avoid misconfigurations.”

“This feature is very important for us because we can use policies to restrict communication within our private network,” said Sbastien Ruel, President of QCCT. “We don’t need to configure dedicated firewalls and this saves us money. Using network policies is fast, easy and granular. We also use this feature to add security to our exposed firewall servers. No other IaaS provider has such flexibility. Without CloudSigma we could not do business the way we do.”

About CloudSigma

CloudSigma is a pure-cloud infrastructure-as-a-service (IaaS) provider that’s enabling the digital industrial economy through its highly-available, flexible, enterprise-class hybrid cloud servers and cloud hosting solutions, both in Europe and the U.S. CloudSigma is the most customizable cloud provider on the market, giving customers full control over their cloud and eliminating restrictions on how users deploy their computing resources. With CloudSigma, customers can provision processing, storage, networks and other fundamental computing resources as they please, as well as extend private networks out of existing infrastructure and elastically into CloudSigma’s IaaS cloud to create easy to manage and transparent hybrid cloud solutions. For more information, please visit www.CloudSigma.com or find the company on Twitter, Facebook, LinkedIn and Google+.

Article source: http://www.darkreading.com/management/cloudsigma-adds-advanced-network-policy/240164177

ORLANDO, Fla., Nov. 21, 2013 /PRNewswire/ — At the 2013 Enterprise World conference in Orlando, Florida, OpenText(TM) (NASDAQ: OTEX, TSX: OTC), the global leader in Enterprise Information Management (EIM), today announced the release of two new secure messaging services designed to help organizations share information easily in a secure and integrated cloud environment. Secure Mail and Secure MFT (Managed File Transfer) are new messaging solutions that support information exchange processes, enhance productivity, shorten transaction cycles, and improve customer communication – all while helping to strengthen compliance, data sovereignty and security measures.

Heightened concerns over security and compliance combined with global demands for information sharing are driving organizations to examine their information exchange methods for productivity, security and compliance gaps. Today’s methods for sharing information are fragmented and can include a combination of unsecure systems such as email, FTP servers, unmanaged consumer cloud sharing services and mailing of physical media such as USB drives. These ad-hoc, fragmented solutions are resource-intensive, not user friendly, and unable to provide the level of security and auditing needed to meet today’s compliance requirements.

“Organizations need easy, integrated, and trusted solutions to support all business information exchange processes both inside and outside of the organization,” said Gary Weiss, senior vice president, Information Exchange and Cloud, OpenText. “Today’s release of an integrated set of secure messaging services is a milestone toward realizing our vision of exchanging information between anyone, anywhere, in any format. No matter the distance or the device, securely exchanging information should be easy for the user and flexible to meet their changing environments.”

Secure Mail is a cloud-based secure messaging solution for encrypting, tracking and preventing the leakage of confidential information. Combined with Secure MFT, a managed file transfer solution for the secure sharing of large files, users can quickly and easily send secure messages with attachments of any size from standard desktop tools such as all browsers, mobile clients, and email applications. Each service is designed to support the flexible and efficient exchange of information, while instilling confidence that the information is accessible and secure.

This release delivers a single, unified interface for messaging services for secure mail and managed file transfer. Key features include:

— Secure Messaging – Protect emails and attachments with enterprise level

encryption and password protection

— Large File Acceleration – Transfer very large files up to 80x times

quicker than traditional methods through our patent-pending Storm

protocol

— Data Loss Prevention – Control the type of information that leaves the

organization and prevent unintended disclosure

— Real-time Audit Trail – Track every event in the e-mail lifecycle after

it leaves your outbox with a patented delivery slip

— Desktop, Mobile and System Integrations – Leverage everyday tools, such

as Outlook or any business system, for a seamless user experience

— Extensive API’s -Integrate secure messaging services directly into

existing applications and processes The new products are architected around a platform of integrated cloud services which help organizations quickly adopt secure messaging services as needed, to support the goal of meeting corporate and sovereignty guidelines. As business requirements expand, additional messaging services can quickly be deployed as part of this integrated suite.

Availability

OpenText Secure Mail and OpenText Secure MFT are available immediately from OpenText and select partners. To learn more, please visit www.opentext.com/securemessaging.

Learn more about OpenText EIM:

— Get breaking news on OpenText Enterprise World 2013 and engage with

attendees and OpenText experts on Twitter by following #OTEW2013

— Read the blog of Mark Barrenechea, OpenText’s CEO

— Connect with OpenText:

— Twitter: @OpenText

— LinkedIn: www.linkedin.com/company/OpenText

— Facebook: www.facebook.com/opentext About OpenText OpenText provides Enterprise Information Management software that helps companies of all sizes and industries to manage, secure and leverage their unstructured business information, either in their data center or in the cloud.

Over 50,000 companies already use OpenText solutions to unleash the power of their information. To learn more about OpenText (NASDAQ: OTEX; TSX: OTC), please

visit: www.opentext.com.

Article source: http://www.darkreading.com/applications/opentext-launches-new-secure-messaging-c/240164178

Los Angeles (Gartner IAM), Nov. 19, 2013 — Ping Identity, The Identity Security Companytrade, today announced a new generation identity gateway that will change the way customers use Web Access Management technologies. PingAccess provides access for users, apps and devices by combining traditional web access management with mobile and API access management. The lightweight solution reduces deployment time from months to minutes, and easily integrates with the customer’s existing SSO and identity systems.

“Traditional, proprietary WAM solutions do not address the new age where mobile and API access control is as important as web access management. Customers are paying the price. Expensive licensing models and time-intensive integrations are contrary to the idea of building a modern, connected business,” said Patrick Harding, CTO, Ping Identity. “Customers want a single solution that is simple and secure, and addresses all their access control requirements for web, mobile and API-based applications. We’re delivering this with PingAccess so our customers can concentrate on bigger IT initiatives.”

PingAccess provides greater interoperability than traditional WAM solutions, as it can use standards-based web session management (JWT), authentication (OpenID Connect), and API access management (OAuth 2.0) for modern identity environments.

“Many organizations are seeking to leverage existing WAM products in order to exploit the API economy,” said Charles Horton, senior director of identity and access management at information security consulting and integration services firm, FishNet Security. “We see PingAccess as an exciting next-generation WAM tool with the ability to address multiple use cases and provide strong integration options without some of the historic issues that have challenged our clients when achieving their enterprise-wide goals. With PingAccess, we believe our customers can achieve those goals without sacrificing security, functionality, or compliance.”

PingAccess identity gateway manages user, application, and device access consistently. The standards-based identity gateway also works in concert with PingFederate to extend SSO inside and outside the enterprise. It grants privileges, enforces policies and tracks activity for complete visibility.

More information about PingAccess is available at www.pingidentity.com/products/pingaccess/.

About Ping Identity | The Identity Security Company

Ping Identity believes secure professional and personal identities underlie human progress in a connected world. Our identity and access management platform gives enterprise customers and employees one-click access to any application from any device. Over 1,000 companies, including half of the Fortune 100, rely on our award-winning products to make the digital world a better experience for hundreds of millions of people. Visit pingidentity.com for more information.

Article source: http://www.darkreading.com/management/ping-identity-announces-pingaccess/240164179