A Closer look at Processor Vulnerabilities

A Closer look at Processor Vulnerabilities

The past few years has been rough on processor security, this especially for Intel as one of the biggest processor vulnerabilities Meltdown and Spectre was for nearly all their modern CPUs.  Although patches came out almost immediately to solve these issues, this was just the start to the security vulnerabilities as other attacks such as MDS (Microarchitectural Data Sampling) have been popping up.  So why are these vulnerabilities and security flaws only now coming to light?  These issues actually are quite complex and would need a further understanding of the advances of CPU technology such as the following below:

  • L1/L2/L3 caches
  • Speculative execution
  • Pipelines and buffers
  • Hyper-Threading

If you are unfamiliar with the above technologies, they basically function as ways to help improve the speed of the CPU.  In theory, without these components, we could have a much more secure processor at the cost of performance.  Vendors are caught in a predicament of wanting to increase performance but also have to consider the security implications of newer technology.  This shows in the patches for recent vulnerability fixes which brought performance down of the CPU by 5-30%.  The latter number can be alarming but does not usually affect home users as the 30% is more frequent for servers.

Although vendors are still working on improving their security to prevent future vulnerabilities from happening, there are still ways to make sure that your data is protected like adding an additional layer of security.  With the help of 3rd party security vendors such as Trend Micro can help with products such as Deep Security through virtual patching.

To get a more in depth understanding of the processor vulnerabilities, you can refer to this article here.  To learn more about Trend Miro Deep Security, you can visit our page here or contact us directly at 893-9515 and we will be more than happy to answer your inquiries!

Cisco Umbrella: Camuto Group Case Study

Cisco Umbrella: Camuto Group Case Study

The Challenge

A US footwear and lifestyle brand company, the Camuto Group, has been thriving in their industry due to the unique designs that sets them apart from the competition.  However, the company’s creativity is also one of its IT’s main pain points when it comes to security.  With almost 100 employees working remotely and another 250 roaming laptop users, it makes it difficult for IT to allow the flexibility to access the wide range of edgy sites which many web filtering solutions block incorrectly.

Tom Olejniczak, Camuto Group’s network engineering manager says that they found the traditional approach to securing the web experience (Proxy servers) caused too many problems that needed manual resolution.  Meaning whenever someone could not access a site, someone from IT had to go to that user to help resolve the issue, which was not feasible for them given the multiple remote and roaming users.

They needed to find a network security solution that protected on and off-network devices which didn’t add to their latency that could help them as malware and social media started to cut into the productivity of the users.

The Solution

Tom says that the company has been following Umbrella as their first line of defense since it was still OpenDNS.  However, to test if there were better alternatives, they decided to try two similar products to Umbrella.  The result of the test was that Umbrella outperformed both products whether it was by malware protection and overall user experience.

This was achieved by deploying Umbrella’s virtual appliances.  This gave them the visibility to see if internal networks or Active Directory users were infected or targeted by attacks without the need to touch devices or reauthenticate users.  Users working out of the corporate network are protected via Umbrella’s roaming client which was simple to put in place as adding someone to a group in Microsoft Active Directory.

The Camuto Group saw immediate impact on the security, almost four hundred detections of malware were redirected on a daily basis.  The solution itself also was great for user experience as it is unobtrusive and even helped improve the speed of the internet slightly, about five to ten percent.

The ability to white and black list sites was one of the main concerns of the company that Umbrella helped solve quite easily.  Tom says that they are able to choose safe and HR-acceptable categories for content filtering fast, it would usually take them about 3 minutes make a change.

To learn more about the Cisco, you may check out our product page here or you can contact us directly at 893-9515 for more details!

Trend Micro Awards CT Link as Partner of the Year for 2018!

Trend Micro Awards CT Link as Partner of the Year for 2018!

On February 26, 2019, Trend Micro hosted their annual Partners Appreciation Night, at the B1 Sports lounge New World Makati, to celebrate the achievements that each partner has contributed to help make 2018 a successful one.  Here they presented CT Link Systems, Inc. with four awards, which included the biggest award of the night, Partner of the Year!  This award is to acknowledge the partner with highest total of new and renewal revenues of all TM products for the year.

Below is the full list of awards CT Link received:

  • FY18 Partner of the Year – CT Link Systems, Inc.
  • FY18 User Protection Champion – CT Link Systems, Inc.
  • FY18 Sales Person of the Year – Malou Cruz
  • FY18 Sales Engineer of the Year – Bren Natal

Trend Micro awarded CT Link with the FY18 User Protection Champion award to acknowledge our efforts in providing endpoint security solutions to our customers.  These solutions include the following:

OfficeScan – provides advanced endpoint and ransomware protection for Windows, Mac and Virtual Desktop Infrastructure

Vulnerability Protection – prevents network-based exploits and zero-day ransomware threats via vulnerability shielding

Endpoint Encryption – secures data with full disk, folder, file and removable media encryption

Integrated Data Loss Prevention – guards private data and intellectual property with integrated modules

Keep your data secure. Contact CT Link Systems, Inc. via our contact form or through our landline 893-9515.

Ransomware Lunch & Learn With Cisco!

Ransomware Lunch & Learn With Cisco!

Ransomware is becoming more prevalent now as more companies are starting to have their networks infected with these disruptive malware.  With this in mind, Cisco has been improving their security portfolio to keep your IT infrastructure same from these malicious malware attacks.  Learn more about it from our Cisco experts on July 17, 2018 at Discovery Primea at our Ransomware Lunch & Learn event!  Get a chance to win a Smart TV and other goodies as well as you learn more about how you can stay safe from ransomware attacks.  To learn more about the event or how to register for it, please contact us at 893-9515!

Your Data at Large: Some of the Common Security Pitfalls

Your Data at Large: Some of the Common Security Pitfalls

With data mobility’s rise, you would expect that security of data would increase as well.  However, many of the controls to mitigate the risk of data exposure still rely on traditional protection.  Direct attacks, simple mistake, and even negligence are still major reasons as why data is lost.  Below are some of the most common examples of common security pitfalls:

  • Loss or destruction of endpoints
  • Using consumer-grade collaboration and file sharing tools
  • Transferring files over insecure media including USB drives
  • Emailing sensitive information to personal email accounts
  • Social engineering (i.e. phishing) – the human factor and malware

These days, we use new IT services built on multiple cloud infrastructures to work in conjunction with the legacy and custom applications (business critical apps) built on-prem, this results in business data sprawled across multiple devices and locations.  This makes the traditional enterprise perimeter almost completely eroded.  The industry’s response has been to solve each gap in security with slew of security products, which each have their own unique policies, capabilities and limitations.  This creates even more complexity in the already complex problem which can do ultimately do more damage than help.

In the global study from Citrix and The Ponemon Institute, they  discovered that:

  • 64 percent of respondents say their organization has no way to effectively reduce the inherent risk of unmanaged data (e.g. downloaded onto USB drives, shared with third parties, or files * with no expiration date)
  • 79 percent of respondents are worried about security breaches involving high-value information
  • 52 percent of respondents do not feel that their security infrastructure facilitates compliance and regulatory enforcement with a centralized approach to controlling, monitoring and reporting of data

That requires a purpose-built architecture, one that is designed and hardened for security from the ground up. Integral to this architecture is the inherent security Citrix provides by:

The solution to the problem?  Control must be given back to IT while delivering security to the business without affecting the users experience.  This type of architecture is inherent in the security Citrix provides by:

  • Centralizing and keeping data off endpoints
  • Containerizing and encrypting data on mobile devices
  • Controlling access to data contextually
  • Using file level access and control (DLP and IRM) for data in motion
  • Partnering with industry leaders to protect data

At the end of the day, people need and want to work efficiently, if we make data sharing onerous it would create more problems rather than help solve them.

To learn more about Citrix products, please visit our product page or call us directly at 893-9515.

CT Link Systems, Inc. joins Security TRENDs 2017!

CT Link Systems, Inc. joins Security TRENDs 2017!

Enterprises and organizations are facing next-tier, multifaceted threats that are both familiar and uncharted. As the cloud and the Internet of Things (IoT) ecosystem become more interconnected, it is essential for organizations tore-evaluate and redefine their understanding of threats, risks, and solutions in an ever-changing landscape.

With that, organizations and enterprises must ask: what threats should they prepare for? What risks are involved? What processes and procedures should be implemented?

In the face of next-tier threats, businesses must step up their game and LEVEL UP their defence against these threats.

In lieu of this, CT Link Systems, Inc. has joined Trend Micro’s Security TRENDs 2017 Executive Threat Defence Summit as an exhibitor to help educate businesses in the Philippines on the importance of Cyber Security.

To learn more or register to the event, please visit the site Here!

Introducing the Threat Grid for Meraki MX

Introducing the Threat Grid for Meraki MX

When Cisco announced the integration of Cisco Advanced Malware Protection with the Meraki MX last July, it was to provide a simple and effective way for MX customers to monitor, detect and remediate advanced threats.  Now they are taking it a step further, they have now integrated their Threat Grid into the Meraki MX platform.   This integration allows security teams to be able to better understand, prioritize and mitigate attacks by combining advanced sandboxing with threat intelligence.

With how advanced today’s malware and other advanced attacks are, it is harder for companies to just to rely on their first line of defenses.  Even with some of the best security tools in place, it is still highly likely some of them will eventually get into your system.  However, with Threat Grid, you can be able to avoid these situations.  It rapidly analyzes files and suspicious behavior across your environment while providing your security team context-rich analytics.  It also provides threat intelligence so your team will know what a file is doing or attempting to do which helps in quickly responding to the threats.

The integration starts with the AMP for Meraki integration.  Files that pass through MX will be queried against AMP which will respond with a disposition of clean, malicious or unknown.  The clean files are allowed through while malicious files are blocked and the unknown files are automatically sent to Threat Grid to be analyzed.  After the analysis is complete, a detailed report and threat score will be displayed on the Meraki Security Center.  Files with threat scores of 95 and higher are considered malicious which will trigger an alert as to notify the security team so they can remediate it ASAP.

Threat Grid for MX is available now as an add on to the MX Advanced Security license. Customers must have the Advanced Security License to purchase Threat Grid. To find out more contact us at 893-9515 and we will be happy to help!

Click here for more information.

Arup: Engineering Firm Transfers Files Worldwide with Citrix ShareFile

Arup: Engineering Firm Transfers Files Worldwide with Citrix ShareFile

Arup Group Ltd. is a multinational professional services firm headquartered in London, U.K., which provides engineering, design, planning, project management and consulting services for all aspects of the built environment. The firm has over 13,000 staff based in 92 offices across 42 countries and has participated in projects in over 160 countries.

The Challenge

Transferring their work to their clients all across the globe.  Sending Digital Models, Documents and CAB files from their custom built transfer system (which was capable of handling files of up to 2GB) proved to be inadequate as the years went as the size and amount of files needed increased.  Longer upload speed and download speed frustrated both employees and their clients.  This caused 60% of their employees to start using personal file transfer services, however these 3rd party services lacked effective security and control.

The Solution

Arup looked at many file based sharing solutions, but they ultimately chose to go with Citrix ShareFile Enterprise.  The simplicity of sending files of any size and the ShareFile Microsoft Outlook Plug-in which allows for file sending within the email client for optimal use and convenience were big factors in their decision.  Not only did this solution give them a better way for file sharing, but it also helped increase their employee agility by securing the access of files from their mobile devices.  Also by setting up multiple storage zones in each region to serve as local storage, it helped increase the speed of sharing to the point that their employees now use it for any file over 5 MB.

The Key Benefits

Below are the key benefits that Arup experienced when they adopted Citrix ShareFile

  • Increased Productivity by accelerating workflows
  • Improved client service through more effective file sharing
  • Secured and controlled shared files

Arup is still expanding its ShareFile Implementation and plans on introducing mobile functionality soon while already viewing Citrix as one of its key technology partners.

Join us in our upcoming event Cisco Start!

Join us in our upcoming event Cisco Start!

On June 29, 2017, Comstor, in partnership with CT Link Systems, Inc., will be hosting an educational event for white space companies, Cisco Start!  Learn more about Cisco’s brand new offerings 2017 for their datacenter, networking and security products in an informative seminar from 11:00 AM to 5:00 PM at the Makati Diamond Residences.  Get freebies while learning how you can improve your business efficiency and workforce performance!  Be able to get a chance as well to win our grand raffle prize, a Sony PS4!  For inquiries on how to register, please call us at 893 -9515.

 

VeloCloud Launches a SD- WAN Security Technology Partner Ecosystem!

VeloCloud Launches a SD- WAN Security Technology Partner Ecosystem!

The SD-WAN market is growing at a very fast pace.  It is estimated to exceed $6 billion in revenue worldwide by 2020 while still compounding an annual growth rate of more than 90% over a forecast period between 2015 to 2020.  By 2018, it is also expected that about 82% of North American enterprises will be using SD-WAN which is remarkable considering the technology is still in its early days.

With the option to choose what kind of link is best in a given situation (MPLS, broadband, LTE, or any combination of these), besides optimizing your WAN link, you will also be able to provide additional capacity to avoid blackouts and brownouts.

With such features, VeloCloud makes sure to take the necessary steps to ensure that your data will be secure when using its comprehensive SD-WAN solution.  Recently, VeloCloud has taken a big step towards a more comprehensive security ecosystem which it calls the “SD- WAN Security Technology Partner Program”.  A multifaceted effort of collaboration between a wide range of technology companies to help protect users’ branch, data center and cloud networks which results in a top notch end-to-end security option for SD-WAN which seamlessly includes both on premise and cloud networks.

Partners are given access to VeloCloud’s APIs through a formal software development kit which helps simplify the process for partners who are interested in developing security solutions for VeloCloud’s SD-WAN architecture.  VeloCloud has also opened up a virtual network function (VNF) framework to its partners in the security ecosystem to help develop their own security VNFs within its framework.  VeloCloud also allows for cloud security by allowing third party security vendors to bring their own services into marketplaces operated by service providers such as Azure and Amazon.

Besides the security ecosystem, VeloCloud also has its own security capabilities which are integral parts of its SD-WAN architecture.  One example would be its zero-touch deployment model in which you can be shipped a non-configured VeloCloud edge to any of your branches or remote locations and once connected to your link it will securely authenticate and encrypt across your network.  With its unique way of key management for vCPEs on your network, it will be able to help check your tunnel integrity while helping with scalability and your dynamic multipath VPN.

To learn more about VeloCloud’s security, please read the article here!