Category: News and Events

Improve your Zero trust Strategy with Pulse Zero Trust Access!

Arby News and Events , , , , , , , , ,
Improve your Zero trust Strategy with Pulse Zero Trust Access!

Digital transformation is changing the business norms. Access and connectivity are becoming more flexible as devices, users, applications, and infrastructure adapt to a new era of hyper-connectivity. This has prompted enterprises to consider how to secure access for their users and applications while managing cybersecurity risks in a network with little to no boundaries. This is where Zero Trust solutions like Pulse Zero Trust Access (PZTA) comes into play.

The PZTA platform enables diverse users from any location to access public, private, and multi-cloud applications as well as data center resources securely while staying user friendly. Be it a hybrid cloud or pure cloud strategy, PZTA can help organizations enhance their security, productivity, and compliance while also improving administrative and user experience.

Below are a few key areas in which PZTA can help improve:

On-premises, SaaS and Hybrid Cloud Applications

PZTA allows you to have Zero Trust Secure access remotely or on-site to your corporate applications whether they are located in your network perimeter or in the cloud (private or public). Users and devices are authenticated continuously while maintaining secure entry points for your network and user device through the use of encryption channels.

Keeping user and application traffic
within the corporate network

Organizations can be confident when users from any location access any application using any device. All user traffic is directed to PZTA which acts as a middleman where user requests are fulfilled by PZTA accessing data from the corporate network on their behalf. Since data are not accessed directly by users, this lowers the area of attack of compromised accounts and devices.

Difficulty of managing
resources in the cloud

The PZTA cloud-based service emulates the same access and management experience as an on-prem solution. This means that you can enable the same level of visibility, compliance, enforcement, and analytics as you would in an on-prem solution.

Visibility, Enforcement and Compliance Reporting

PZTA provides a single pane-of-glass visibility of all users connecting to your network, regardless of the location of the user, application, or resource.

Visibility gaps

From the PZTA dashboard, administrators can get holistic visibility of users, devices, infrastructure, and applications as all access is authenticated and authorized by it. These are also logged in the dashboard for reporting and auditing purposes.

Ensuring user endpoint compliance

PZTA first goes through a set of policies during authentication to see if devices trying to access the corporate network are compliant. Users can then follow pre-defined remediation given set by the administrators so that they may access the network.

Measuring users’ risk factors

User activities are measured and given a “risk score” based on users’ behavioral patterns. Stricter authentication or restrictions can be dynamically applied to verify the user’s identity once there is behavior outside the norm detected. This continuous anomaly and malicious activity detection is used to ensure the network’s security.

These are just a few ways in which Pulse Zero Trust Access can help companies improve their visibility and security. If you would like to learn more about Pulse Secure solutions, you may fill out the form below and we will contact you as soon as we can!

Protect Confidential Data outside the office with Microsoft AIP!

Arby News and Events , , , ,
Protect Confidential Data outside the office with Microsoft AIP!

Data is the cornerstone of a business; this is why security is a major factor in any IT environment. However, security does not safeguard your data once it leaves the network perimeter, whether it was shared within or outside the network. Many companies are aware of this and are now looking into ways to solve it. This is where Rights Management solutions such as Azure Information Protection comes in.

What is AIP?

AIP is a cloud-based solution that gives organizations the ability to classify and protect its sensitive data such as documents and emails by using labels. Labeling can be done automatically by either administrators who define rules and policies, manually by users, or even a combination where users are given recommendations.

Labeling can be used to classify which files in your organization are confidential. Depending on the level of sensitivity, several restrictions can be placed on data that leave the network control. These are some examples on how the restrictions can be applied::

Limiting access to users of your organization or those who are granted permission.

Users cannot forward an email or copy information from it that contains news about an internal reorganization.

Locking the forwarding option, adding recipients on replies and copy paste functions on emails.

Setting a time limit for accessing files (such as for price lists)

Besides protecting your data, AIP’s labeling can also help a company’s visibility over its data. This is done through the data classification page which shows how data is being used by the users and how users are applying labels. Below are some of the information you can get through the page:

The number of items that are classified as sensitive and what they are classified as

A summary of actions users did with the sensitive data

The location of sensitive data

With AIP, organizations using Office products can rest assure that they will have a maintained level of visibility on their data and that these will stay confidential. Now, collaboration can be empowered from inside and outside your organization by protecting sensitive information such as emails and documents with encryption, restricted access and rights, and integrated security in Office apps.

If you are interested in learning more about AIP or Office 365, fill out our contact form below and we’ll get back to you as soon as we can!

Protect users from browser based-attacks with Citrix Secure Workspace Access

Arby News and Events , , , , , ,
Protect users from browser based-attacks with Citrix Secure Workspace Access

The way we work has changed. The imposed strict social distancing rules due to the global pandemic, combined with the growing representation of the digital-savvy millennials in the workforce were catalysts in moving organizations forward in their digital transformation journey to increase employee mobility.

However, this shift in workplace culture has increased the security risks brought about by the proliferation of BYO devices of employees that access resources via VPN. When not secured properly, these devices serve as additional entry points for cybercriminals to the organization’s network.

Key challenges in traditional security controls

Mishandling of data and misuse of network access have become a growing concern, increasing the demand for more control and visibility over the users’ granular access to permissions to data.

Threats that may come from malicious websites, such as spoofing web conferencing sites, should be isolated from the corporate network to protect corporate data.

Employees may knowingly (or unknowingly) access restricted websites such as pornographic or social media web pages. The organization must block those attempts to protect its assets.

To address these challenges is a big step forward for organizations to improve their digital transformation journey. Although this is easier said than done, Citrix may have the answer to help you address these challenges.

Citrix Secure Workspace Access

The Citrix Secure Workspace Access service provides a unified experience by integrating single sign-on, remote access, and content inspection into a single solution for an end-to-end Secure Workspace Access. It does this by providing your administrators the ability to:

Configure a workspace to securely add, manage and deliver access to apps from any device

Configure web filtering to allow/block websites that can be accessed by the end-user

Isolate web browsing to protect the corporate network from browser-based attacks with no user device configuration needed

With these, administrators can rapidly roll out secure browsers, providing instant time-to-value. By isolating internet browsing, IT administrators can offer end users safe internet access without compromising enterprise security.

This is only the tip of what Citrix Secure Workspace Access can provide to your organization, if you would like to learn more, you may fill out the form below and we will get back to you as soon as we can!

Protecting your Data: 4 Key Reasons on Why You Should Have a Backup Solution

Arby News and Events , ,
Protecting your Data: 4 Key Reasons on Why You Should Have a Backup Solution

Data is something all businesses would agree is their most important asset, this is why they take multiple steps to ensure its security. However, when it comes to data protection, most companies are lax in its measures in the Philippines. This is alarming as data loss is not as uncommon to businesses as most seem to believe. Below are a few common scenarios in which a Backup solution can immediately address:

User Error

One of the highest reason of data loss can be attributed to user mistakes or error. In multiple surveys, human error is at 25% of data loss. This could be from accidental deletion or even accidental overwrites. With a proper backup, you can always revert to it to find the data or even go through different versions of files.

Data Corruption

Files can become corrupted due to bugs or even malware without a moments notice. Backup solutions can help safeguard your data from this spontaneous data loss.

Hard Drive Failure

Just like data corruption, your hard drive can fail due to multiple reasons. With no proper backup in place, this can mean important data can be lost indefinitely.

Retention and Archiving

Some businesses need long data retention or historical archiving of files. This is to ensure proper auditing, or a need arises that the data must be pulled out for review. Backup solutions can be customized to solve these requirements.

Does BCDR = Backup?

There are multiple steps in creating a data protection strategy, the first step being to put a backup solution in place and the last step being to have a BCDR plan. This goes without saying, you should not jump in steps when you are implementing a data protection strategy.

BCDR strategy is not a replacement for a backup solution. The key difference between the two is how the recovery is done. Without the initial backup solution, how can you plan for a disaster recovery when the first step of protecting your data for day-to-day activities is not yet in place?

BCDR is reserved only for cases when disasters occur that would cause business operations to halt. An example of this would be from natural disasters such as fires that would cause your servers to become inoperable, and the entire database will need to be recovered.

While preparing for a disaster is important, ensuring that your data is protected from more common and recurring threats should come first. Short term goals should first be implemented to help achieve your long term goals in data protection.

To learn more about Backup solutions, you may send us a message via the form below!

Images are courtesy of Freepik (1, 2, 3, 4) and Vecteezy

CT Link Partners with RSA Security!

Arby News and Events , , , , ,
CT Link Partners with RSA Security!

The new year has finally arrived, and we are starting our year by introducing a new solution to help your mobile workforce securely access your corporate data remotely. We are happy to announce that CT Link Systems, Inc. has partnered with RSA Security to better our security portfolio to address the growing concern of identity assurance and to complement our remote access and workspace solutions.

RSA alleviates this problem through its wide variety of security solutions such as SIEM (Netwitness) and multifactor authentication (SecurID).  With over 30 years of experience, RSA has continually grown and adapted its technology to improve its user experience while maintaining a high level of security. It also has a wide selection of authentication methods that organizations can choose from to authenticate their users.

About RSA

RSA Security is a leading provider of cybersecurity solutions for businesses and organizations worldwide. The company offers a range of products and services designed to help customers manage and mitigate risks related to information security.

One of RSA Security’s core offerings is its SecurID platform, which provides two-factor authentication solutions to help protect against unauthorized access to corporate networks and applications. The company also offers a variety of other security solutions, including identity and access management tools, threat detection and response services, and encryption solutions.

RSA Security was founded in 1982 and is headquartered in Bedford, Massachusetts. The company has a global presence, with offices and operations in North America, Europe, Asia, and the Middle East.

In addition to its commercial offerings, RSA Security is also a leading provider of security standards and guidelines. The company has been involved in the development of numerous industry standards, including the Secure Sockets Layer (SSL) protocol, the Public Key Infrastructure (PKI) standard, and the Security Assertion Markup Language (SAML) standard.

If you are interested in learning more about the RSA Security portfolio, please visit our RSA product page to see what it has to offer for your business. You may also contact us directly via the form below and we will contact you shortly!

CloudSec 2020: Register Today!

Arby News and Events
CloudSec 2020: Register Today!

CLOUDSEC 2020 is the must-attend business and technology experience, delivering a content experience unlike any other virtual event with access to a community of cloud and cyber security pioneers, leaders and technical experts. 72 hours of non-stop innovation, you’ll connect with experts from around the world while personalizing your own experience.

About CLOUDSEC

Founded in 2011, CLOUDSEC has established itself as a global community for cyber security experts and professionals. The event aims to inspire technology professionals and users to embark on a continuous learning journey to explore and learn about industry trends, best practices and new technologies to secure the digital infrastructure and manage the technological risks of their organizations in safely supporting their corporate goals. 

Registration is now open, there is no cost to attend this virtual event, Save the Date for November 24th to 26th and secure your spot today to stay connected, informed and on track with your #CloudSecurity journey.

About Trend Micro

Trend Micro is a global leader in cybersecurity solutions, dedicated to making the world safer for exchanging digital information. Founded in 1988, Trend Micro has grown to become a trusted provider of cutting-edge security solutions for businesses and consumers alike.

Trend Micro’s comprehensive range of cybersecurity solutions includes endpoint security, network security, cloud security, and security management services. These solutions are designed to protect against a wide range of threats, including malware, ransomware, phishing attacks, and other forms of cybercrime.

One of Trend Micro’s core strengths is its ability to stay ahead of emerging threats. The company employs a team of experts who constantly monitor the latest cyber threats and develop innovative solutions to counter them. Trend Micro’s solutions are designed to provide proactive, real-time protection against both known and unknown threats.

Trend Micro’s commitment to cybersecurity extends beyond its products and services. The company is also dedicated to raising awareness about the importance of online safety and promoting best practices for cybersecurity. Trend Micro regularly publishes research and insights on the latest cybersecurity trends and hosts events to help educate businesses and individuals about the importance of cybersecurity.

Security Advisory: Zerologon, a level 10 Critical Vulnerability

Arby News and Events ,
Security Advisory: Zerologon, a level 10 Critical Vulnerability

It was recently discovered that a new Critical vulnerability, named Zerologon, has been found for windows which is so severe that the Common Vulnerability Scoring System (CVSS) has given it a score of 10 out of 10 and Microsoft itself has rated it as a severe vulnerability.

What is Zerologon?

The vulnerability was found in Netlogon which is the protocol used by Windows systems to authenticate against a Windows Server running as a domain controller. The vulnerability in Netlogon allows for attackers to:

  • Impersonate the identity of any of computer on your network during an authentication attempt on a domain controller
  • Disable security features in the Netlogon authentication process
  • Change a computer’s password on the domain controller’s Active Directory

The only limitation for the vulnerability is that the attack can only be done if the threat actors already have gotten into your network.

What can I do?

Firstly, it is highly recommended that you update your Microsoft security to avoid this vulnerability. This is the most important step into making sure that your network is not affected by this critical vulnerability. You can find the Microsoft security advisory CVE-2020-1472 here.

If patching cannot be done immediately, one way to help mitigate an attack is to prevent attackers from getting into the network. As stated above, the limitation of this attack is centered on them getting inside the network, however, once they do, it means that they will be able to take control of your whole network.

Trend Micro Solution

For our Trend Micro customers, Deep Security or Apex One can be used to do virtual patching to help mitigate the attacks to help ensure that your network is safe. Below are the IPS rules that may help you strengthen your defense if patching cannot be done immediately:

IPS Rules

Deep Security and Cloud One – Workload Security, Vulnerability Protection and Apex One Vulnerability Protection (iVP)

  • Rule 1010519 – Microsoft Windows Netlogon Elevation of Privilege Vulnerability (CVE-2020-1472)
  • Rule 1010521 – Microsoft Windows Netlogon Elevation of Privilege Vulnerability Over SMB (CVE-2020-1472)

Please note that both rules are already set to Prevent.


Other Inspection / Detection Rules

Deep Discovery Inspector

  • Rule 4453: CVE-2020-1472_DCE_RPC_ZEROLOGON_EXPLOIT_REQUEST
  • Rule 4455: CVE-2020-1472_SMB2_ZEROLOGON_EXPLOIT_REQUEST

For those interested in learning more about the attacks, Trend Micro is also hosting a webinar this coming September 29, 2020 to talk more in detail about the vulnerability. You can register for the free webinar here.

If you have any questions with regards to either Zerologon or the Trend Micro solution to help prevent the attacks, please just contact us via email (rcruz@www.ctlink.com.ph) or through our landline 88939515 and we would be happy to answer your inquiries!

Texture vector created by macrovector

Zero Trust Security: 6 reasons Why Companies are Adopting it

Arby News and Events
Zero Trust Security: 6 reasons Why Companies are Adopting it

As we are more than halfway through the year, we have seen that the Covid Pandemic has accelerated the need of many companies to provide a better remote access solution not just for sales, but for many other divisions. Although many have been concerned with performance of their applications with this new setup, many are also starting to see the need to improve their security for these solutions as well.

A global study was done by Cybersecurity Insiders which showed that many are already looking into incorporating it into their Secure Access Architecture. Below are a few key findings from the study:

  • Over 60% of participating organizations find the Zero Trust tenets of continuous authentication and authorization, trust earned through entity verification, and data protection as most compelling for their organization
  • Over 40% of participating organizations expressed privilege management, insecure partner access, cyberattacks, shadow IT risks, and vulnerable mobile and at-risk device resource access as top challenges to secure access to applications and resources
  • 45% of participating organizations are concerned with public cloud application access security, and 43% with BYOD exposures
  • 70% of organizations plan to advance their identity and access management capabilities
  • 30% of organizations are seeking to simplify secure access delivery including enhancing user experience and optimizing administration and provisioning
  • 41% of participating organizations are looking to re-evaluate their secure access infrastructure and consider Software Defined Perimeter (SDP) – with the majority requiring a hybrid IT deployment and a quarter adopting a SaaS implementation.

On a global scale, we can see that the trend of remote access solutions is becoming the new norm for many organizations. While we move forward, our IT Security team has to deal with the increased security risks as we open new security flaws with unauthorized and non-compliant devices.   

This is where security vendors with Zero Trust Security products and solution providers like us can help your organization. We have been helping many clients throughout the lockdown to find the right solution for them whether it has been for improving remote access performance or security.

The Zero Trust Model can be summarized by the following questions: Can the user prove their identity and of the device they are using? Are they allowed to access this application? Is the network they are using secure? If they cannot answer yes to either of these questions, they should not gain access to the network.

If you are interested to learn more about the solution, you may read more here, or you may contact us directly at 88939515 for us to better assess your situation and find the right solution for you!

Image Provided by Vecteezy

WFH/BCP Challenges: Improving VPN Firewall Security Concerns

Arby News and Events
WFH/BCP Challenges: Improving VPN Firewall Security Concerns

Before the Covid-19 pandemic, many companies did not provide their workforce with client VPN access due to the concern on the security of data. However, most companies were caught flat-footed when the government suddenly announced the Enhanced Community Quarantine (ECQ). This forced many companies to adopt a short-term remote access solution by enabling the Client VPN feature that came with their firewalls. As the quarantine extended, many have come to realize that their Client VPN firewall feature would not be enough as a long-term solution.

Holes in traditional VPN Firewall Solutions  

Existing Firewall solutions were used by majority of companies here as a band-aid fix to their BCP/WFH needs during this crisis. They quickly realized that after enabling this feature, that their firewall was not equipped to accommodate the large amount of client VPN users. This is either due to the limitation on the number of concurrent users, or the hardware has a limited throughput for VPN users leading to a poor user experience.

Another concern with traditional firewall-based VPN is that it provides full access to remote users with minimal control and visibility on what the users are doing, which leaves the IT team unaware if most users are accessing the corporate network with security compliant devices. In fact, with an increase of varying location, time of access, and device used, it makes it even harder to spot malicious activity. This can increase the chances of your company from suffering a data breach or experience data leakage.

In fact, even malware residing on the user’s home PCs can traverse over the VPN and arrive to your corporate network if not properly secured. VPNs are used more to encrypt your data so that outsiders are not able to view your data or hijack it. It does not mean that infected files from unsecured endpoints will be scanned through a VPN.

Zero Trust Secure Remote Access Solutions

Companies need to fortify their security capabilities to prevent and contain cyberattacks and data leakage. With the help of more advanced remote access solutions like Pulse Connect Secure, your company can solve beyond the traditional dilemmas while ensuring future scalability.

With Pulse Connect Secure, it always enforces the strategy of verification before trust to ensure that only authenticated users with compliant devices can connect to authorized applications and corporate resources at any time, from any location, over any network. By always verifying, it is ensured that:

  1. The user trying to access the network is who they claim to be to keep the wrong people out, through a multi-factor authentication in place
  2. The device used to connect to the network is an authorized device (i.e. company-issued laptop) or has met the specific corporate security requirements to decrease the possibility of malware infiltration and data loss
  3. Users can only access authorized resources based on their roles to limit access to confidential information and reduce chances of data leakage

To learn more about secure remote access solutions, send an email to rcruz@www.ctlink.com.ph or contact your CT Link Account manager today!

Images were provided by Vecteezy (1, 2)

Reducing Business storage costs with vSAN and Dell EMC

Arby News and Events
Reducing Business storage costs with vSAN and Dell EMC

Technology is growing at a fast pace. When you consider the situation, many are going through now, many have to adapt to new technology to ensure their place with their consumers. Adapting to new applications are key now. This means that those that adopt new technology are also starting to feel the growing data requirements that come with it.

Maximizing storage efficiency is becoming more difficult as new applications are added into your network. This can become problematic as it can start slowing down your systems infrastructure, affecting the user experience.

To fix the issues traditionally, means upgrading your current infrastructure to match with the growing needs of the company. This however can become costly as you move forward without considering the future needs of your organization. So how do you properly scale your business infrastructure while keeping your costs at a minimum?

This is where solutions like software defined storage solution can help, vSAN in particular. With its simplistic approach to a complicated architecture, you can ensure that your company will be able to scale its infrastructure optimally and securely through its virtualized shared storage model.

As a software defined solution, you are also able to pair your vSAN solution with hardware that you choose. Deciding on a hardware to run vSAN is also an important step to your growth when considering future directions of your company. This is why partnering with a reliable hardware vendor is key to ensure that your solution is running optimally for your present and future needs.

This is where Dell EMC’s vSAN ready nodes excel in. They are pre-configured and validated building blocks that reduce deployment risks, improve storage efficiency while allowing you to scale storage quickly and easily as needed. Below are a few key considerations to note on to consider Dell EMC hardware when using vSAN:

Reduce project risk

Dell EMC vSAN Ready Nodes are jointly validated solutions in tested and certified server configurations for accelerating vSAN deployment. Dell EMC and VMware have collaborated on vSAN for more than five years, putting the technology through thousands of hours of testing.

Improve storage efficiency

Dell EMC vSAN Ready Nodes improve storage efficiency while reducing capital expense (CapEx) with server‑side economics, affordable flash and grow‑as‑you‑go scaling. Reducing the time and effort it takes to deploy and manage compute and storage infrastructure reduces operational expense (OpEx).

Scale quickly

Dell EMC vSAN Ready Nodes enable easy deployment with factory‑installed, pre‑configured and pre‑tested configurations for a range of needs. Faster configuration, fewer update steps, and reduced time for maintenance, troubleshooting and resolution all add up to a solution that scales quickly.

To learn more about Dell EMC and vSAN, contact your CT Link account manager or email us at marketing@www.ctlink.com.ph