Your Data at Large: Some of the Common Security Pitfalls

Your Data at Large: Some of the Common Security Pitfalls

With data mobility’s rise, you would expect that security of data would increase as well.  However, many of the controls to mitigate the risk of data exposure still rely on traditional protection.  Direct attacks, simple mistake, and even negligence are still major reasons as why data is lost.  Below are some of the most common examples of common security pitfalls:

  • Loss or destruction of endpoints
  • Using consumer-grade collaboration and file sharing tools
  • Transferring files over insecure media including USB drives
  • Emailing sensitive information to personal email accounts
  • Social engineering (i.e. phishing) – the human factor and malware

These days, we use new IT services built on multiple cloud infrastructures to work in conjunction with the legacy and custom applications (business critical apps) built on-prem, this results in business data sprawled across multiple devices and locations.  This makes the traditional enterprise perimeter almost completely eroded.  The industry’s response has been to solve each gap in security with slew of security products, which each have their own unique policies, capabilities and limitations.  This creates even more complexity in the already complex problem which can do ultimately do more damage than help.

In the global study from Citrix and The Ponemon Institute, they  discovered that:

  • 64 percent of respondents say their organization has no way to effectively reduce the inherent risk of unmanaged data (e.g. downloaded onto USB drives, shared with third parties, or files * with no expiration date)
  • 79 percent of respondents are worried about security breaches involving high-value information
  • 52 percent of respondents do not feel that their security infrastructure facilitates compliance and regulatory enforcement with a centralized approach to controlling, monitoring and reporting of data

That requires a purpose-built architecture, one that is designed and hardened for security from the ground up. Integral to this architecture is the inherent security Citrix provides by:

The solution to the problem?  Control must be given back to IT while delivering security to the business without affecting the users experience.  This type of architecture is inherent in the security Citrix provides by:

  • Centralizing and keeping data off endpoints
  • Containerizing and encrypting data on mobile devices
  • Controlling access to data contextually
  • Using file level access and control (DLP and IRM) for data in motion
  • Partnering with industry leaders to protect data

At the end of the day, people need and want to work efficiently, if we make data sharing onerous it would create more problems rather than help solve them.

To learn more about Citrix products, please visit our product page or call us directly at 893-9515.

CT Link Systems, Inc. joins Security TRENDs 2017!

CT Link Systems, Inc. joins Security TRENDs 2017!

Enterprises and organizations are facing next-tier, multifaceted threats that are both familiar and uncharted. As the cloud and the Internet of Things (IoT) ecosystem become more interconnected, it is essential for organizations tore-evaluate and redefine their understanding of threats, risks, and solutions in an ever-changing landscape.

With that, organizations and enterprises must ask: what threats should they prepare for? What risks are involved? What processes and procedures should be implemented?

In the face of next-tier threats, businesses must step up their game and LEVEL UP their defence against these threats.

In lieu of this, CT Link Systems, Inc. has joined Trend Micro’s Security TRENDs 2017 Executive Threat Defence Summit as an exhibitor to help educate businesses in the Philippines on the importance of Cyber Security.

To learn more or register to the event, please visit the site Here!

Introducing the Threat Grid for Meraki MX

Introducing the Threat Grid for Meraki MX

When Cisco announced the integration of Cisco Advanced Malware Protection with the Meraki MX last July, it was to provide a simple and effective way for MX customers to monitor, detect and remediate advanced threats.  Now they are taking it a step further, they have now integrated their Threat Grid into the Meraki MX platform.   This integration allows security teams to be able to better understand, prioritize and mitigate attacks by combining advanced sandboxing with threat intelligence.

With how advanced today’s malware and other advanced attacks are, it is harder for companies to just to rely on their first line of defenses.  Even with some of the best security tools in place, it is still highly likely some of them will eventually get into your system.  However, with Threat Grid, you can be able to avoid these situations.  It rapidly analyzes files and suspicious behavior across your environment while providing your security team context-rich analytics.  It also provides threat intelligence so your team will know what a file is doing or attempting to do which helps in quickly responding to the threats.

The integration starts with the AMP for Meraki integration.  Files that pass through MX will be queried against AMP which will respond with a disposition of clean, malicious or unknown.  The clean files are allowed through while malicious files are blocked and the unknown files are automatically sent to Threat Grid to be analyzed.  After the analysis is complete, a detailed report and threat score will be displayed on the Meraki Security Center.  Files with threat scores of 95 and higher are considered malicious which will trigger an alert as to notify the security team so they can remediate it ASAP.

Threat Grid for MX is available now as an add on to the MX Advanced Security license. Customers must have the Advanced Security License to purchase Threat Grid. To find out more contact us at 893-9515 and we will be happy to help!

Click here for more information.

Arup: Engineering Firm Transfers Files Worldwide with Citrix ShareFile

Arup: Engineering Firm Transfers Files Worldwide with Citrix ShareFile

Arup Group Ltd. is a multinational professional services firm headquartered in London, U.K., which provides engineering, design, planning, project management and consulting services for all aspects of the built environment. The firm has over 13,000 staff based in 92 offices across 42 countries and has participated in projects in over 160 countries.

The Challenge

Transferring their work to their clients all across the globe.  Sending Digital Models, Documents and CAB files from their custom built transfer system (which was capable of handling files of up to 2GB) proved to be inadequate as the years went as the size and amount of files needed increased.  Longer upload speed and download speed frustrated both employees and their clients.  This caused 60% of their employees to start using personal file transfer services, however these 3rd party services lacked effective security and control.

The Solution

Arup looked at many file based sharing solutions, but they ultimately chose to go with Citrix ShareFile Enterprise.  The simplicity of sending files of any size and the ShareFile Microsoft Outlook Plug-in which allows for file sending within the email client for optimal use and convenience were big factors in their decision.  Not only did this solution give them a better way for file sharing, but it also helped increase their employee agility by securing the access of files from their mobile devices.  Also by setting up multiple storage zones in each region to serve as local storage, it helped increase the speed of sharing to the point that their employees now use it for any file over 5 MB.

The Key Benefits

Below are the key benefits that Arup experienced when they adopted Citrix ShareFile

  • Increased Productivity by accelerating workflows
  • Improved client service through more effective file sharing
  • Secured and controlled shared files

Arup is still expanding its ShareFile Implementation and plans on introducing mobile functionality soon while already viewing Citrix as one of its key technology partners.

Join us in our upcoming event Cisco Start!

Join us in our upcoming event Cisco Start!

On June 29, 2017, Comstor, in partnership with CT Link Systems, Inc., will be hosting an educational event for white space companies, Cisco Start!  Learn more about Cisco’s brand new offerings 2017 for their datacenter, networking and security products in an informative seminar from 11:00 AM to 5:00 PM at the Makati Diamond Residences.  Get freebies while learning how you can improve your business efficiency and workforce performance!  Be able to get a chance as well to win our grand raffle prize, a Sony PS4!  For inquiries on how to register, please call us at 893 -9515.

 

VeloCloud Launches a SD- WAN Security Technology Partner Ecosystem!

VeloCloud Launches a SD- WAN Security Technology Partner Ecosystem!

The SD-WAN market is growing at a very fast pace.  It is estimated to exceed $6 billion in revenue worldwide by 2020 while still compounding an annual growth rate of more than 90% over a forecast period between 2015 to 2020.  By 2018, it is also expected that about 82% of North American enterprises will be using SD-WAN which is remarkable considering the technology is still in its early days.

With the option to choose what kind of link is best in a given situation (MPLS, broadband, LTE, or any combination of these), besides optimizing your WAN link, you will also be able to provide additional capacity to avoid blackouts and brownouts.

With such features, VeloCloud makes sure to take the necessary steps to ensure that your data will be secure when using its comprehensive SD-WAN solution.  Recently, VeloCloud has taken a big step towards a more comprehensive security ecosystem which it calls the “SD- WAN Security Technology Partner Program”.  A multifaceted effort of collaboration between a wide range of technology companies to help protect users’ branch, data center and cloud networks which results in a top notch end-to-end security option for SD-WAN which seamlessly includes both on premise and cloud networks.

Partners are given access to VeloCloud’s APIs through a formal software development kit which helps simplify the process for partners who are interested in developing security solutions for VeloCloud’s SD-WAN architecture.  VeloCloud has also opened up a virtual network function (VNF) framework to its partners in the security ecosystem to help develop their own security VNFs within its framework.  VeloCloud also allows for cloud security by allowing third party security vendors to bring their own services into marketplaces operated by service providers such as Azure and Amazon.

Besides the security ecosystem, VeloCloud also has its own security capabilities which are integral parts of its SD-WAN architecture.  One example would be its zero-touch deployment model in which you can be shipped a non-configured VeloCloud edge to any of your branches or remote locations and once connected to your link it will securely authenticate and encrypt across your network.  With its unique way of key management for vCPEs on your network, it will be able to help check your tunnel integrity while helping with scalability and your dynamic multipath VPN.

To learn more about VeloCloud’s security, please read the article here!

An Advisory from CT Link Systems, Inc. for WannaCry Ransomware Attacks

An Advisory from CT Link Systems, Inc. for WannaCry Ransomware Attacks

You may have heard over the weekend of the recent attacks of ransomware called WannaCry, which has targeted almost 200,000 computers across 150 countries.  While a killswitch has been found to help lessen the spread of WannaCry, many still believe that a new strain of WannaCry will soon come out which will bypass this quick fix.

Microsoft has released its statement on this issue while also providing its customers the solution to prevent the malicious software from affecting you, installing the security update MS17-010  and more recently they released security patches for older operating systems such as XP which can be found on this link.  However, for those of our current Trend Micro users who cannot update their patches as soon as possible we have work arounds in which you can do in the meantime.  Below are the products of Trend Micro that can be used to prevent the attacks (please make sure to follow the correct patch or pattern for the product):

For our clients who are not using Trend Micro, we strongly urge you to patch your Windows with MS17-010 (for versions such as XP please refer to this link).  For any questions or inquiries you have with regards to ransomware or how you can protect you system, please contact us at 893 9515 and we will be happy to help!