One could argue that the IT profession today is where the medical and legal professions were two centuries ago. There’s no formal training, testing or governmental approval required to become an IT practitioner.  Some believe it’s time for that to change. They postulate that in a world where all networks are connected to one another through the global Internet, an incompetent network admin can be responsible for grave damage to companies, individuals and national infrastructures.

Does the current move toward the cloud provide an opportunity to rethink the qualifications for IT positions? What are the pros and cons of going to a “licensed professional” model?

Licensing isn’t reserved for just those “high end” professions mentioned above. From amusement ride inspectors to well diggers, plumbers to hairdressers, the state and/or professional organizations regulate occupations of all sorts at all levels of income. Some states license dog breeders, palm readers, boxers, egg handlers and other unlikely occupations. New York State licenses 126 occupations. The rationale is protection of the public and those individuals or companies who utilize the services, although of course there is almost always a monetary cost to the licensee, which may or may not cover or exceed the actual cost of administering the licensing program.

Licensees are usually required to complete a certain amount of continuing education in their fields in order to renew their licenses on a specified regular basis (which of course means additional on-going costs). A disadvantage (to the public) of licensing is that it can drive up the cost of the services performed by the licensed personnel, both by imposing costs on them that must be recouped and by creating an artificial shortage of qualified personnel. Of course, this is beneficial to those who are licensed professionals.

Some argue that licensing requirements stifle competition by imposing extra cost and sometimes irrelevant educational prerequisites on those who want to practice an occupation or profession, and that issuance is sometimes based on subjective criteria, which can allow those within the profession to exclude others they deem “undesirable” for reasons that have nothing to do with job abilities. In addition, licensing boards are usually made up of political appointees who may have their own agendas.

The closest thing to licensing that the IT industry has had, for a long time, is certification. There are hundreds of different IT certs available. Software vendors operate programs to train and test IT pros in the use of their products and issue certifications such as the MCSE (Microsoft), IBM DBA (IBM) or CCIE (Cisco) in recognition of demonstration of competency according to their standards. Vendor-independent organizations such as CompTIA and SANS also provide testing and certification in network administration and security that are not tied to particular product lines.

The big difference between licensing and certification is that the latter isn’t mandatory in order to get a job in the profession, although certified professionals may command higher pay and find it easier to get a job. Companies can set hiring policies that require certification, but they’re free to hire uncertified IT pros if they want. Generally, performing the duties of a licensed professional without a license can carry heavy penalties, such as fines or even imprisonment under the criminal laws, and/or civil lawsuits.

Those who favor the licensing model for IT pros point out that the complexity of computer networking approaches that of law and medicine, and that the ramifications of mistakes on the part of IT professionals can have similar negative impact. Those who are not in favor of licensing argue that the standards for legal and medical professionals, as well as those for most other licensed occupations, are much more established and grew out of centuries of evolution of those occupations.

Computer networking has only been around since the 1950s and widespread Internet connectivity for businesses and individuals didn’t come about until the 1990s, less than half a century ago. Thus those standards are much less absolute. Creating licensing exams that truly measure a candidate’s ability to do the job would be a challenge. Certification exams tend to be very specific, focusing on a particular vendor’s product(s) or on a specialty area (such as security) or be overly broad and high level to the point where the cert doesn’t guarantee any real in-depth knowledge of the subject matter. There is also the issue that some people who can do a job well don’t perform well on written exams, and hands-on exams (such as the CCIE) are very time-consuming and expensive to administer.

For the IT pros themselves, there would be both benefits and drawbacks to a licensing mandate. Those who made the cut might enjoy increased compensation and greater status – but entering the profession would be considerably more difficult. Am I in favor of licensing IT pros? No. Do I believe it’s inevitable, sooner or later? Probably.

Like our posts? Subscribe to our RSS feed or email feed (on the right hand side) now, and be the first to get them!

About 10 years ago, I got my first precursor to the modern “smart phone” – an HP iPAQ running Microsoft’s Pocket PC operating system. At that time, I never could have dreamed that one day the phone in my pocket would have more RAM and a more powerful processor than the desktop computer I was using back then. Today’s smart phones are handheld computers in every sense of the word, and workers are using them that way, both for personal and work-related tasks.

Mobile technology is a great convenience for users and the BYOD trend has saved companies money, but security got substantially more difficult when all those roaming endpoints came into the picture. It’s far easier to control on-premises workstations that stay put; with smart phones, tablets and laptops, you never know where they’ve been and what their users/owners have been doing with them prior to connecting them to your company network.

The proliferation of mobile devices greatly increases the risk of data leakage – the unauthorized transfer of internal data to persons or places outside the company. This could be company financial information, trade secrets, intellectual property, personal information about clients or employees, or any other type of data that should remain confidential. Mobile devices facilitate both intentional and unintentional leakage. Most studies show that a very large percentage of data leakage is unintentional, but that makes it no less damaging.

Data leakage can take place through many different vectors, including traditional email, web mail, instant messaging, malicious web pages, theft or loss of devices to which company information has been downloaded or on which it has been created and saved, and more.

In a world where so many of the endpoint devices on our networks are located physically outside of the perimeter, the importance of edge-based firewalls has faded into the background and securing the endpoint has become the logical focus of our new security paradigm. The endpoint has also become the favorite target of hackers and attackers, who see it as an easy way into the network.

Just as retailers and other businesses that maintain product inventory institute loss prevention programs to prevent theft of tangible goods, IT departments now recognize that data loss prevention measures play a vital role in protecting the company from the consequences of data leakage.

This means you need to be able to control what information travels to and from the mobile endpoints, and identify potential leakage sources. Mobile devices need to be monitored just as closely as stationary desktops are – or even more so, due to the heightened risk. You want to know when new devices connect to the network and you want to know what they’re doing after they connect. A good endpoint security solution will give you the ability to see into the activities of the mobile devices on your network and even track the specific files that are transferred to and from those devices.

However, protecting the endpoint – and protecting the network from the endpoint – needs to go further than that. With real-time alerts, you can take action when suspicious activity occurs. Even so, there may be times when data leakage occurs. Thus you want to ensure any data that gets into the wrong hands is rendered indecipherable. That can be accomplished by encrypting data on the devices and using encrypted, secure connections to transmit data between the endpoints and the company network.

In the past, endpoint security consisted primarily of antivirus software and maybe a host firewall. Today, with the perimeter walls figuratively falling down as the local network changes from a stable and geographically contained entity to a fluid one where devices move in, out and through, that’s no longer sufficient. The endpoints, particularly mobile endpoints, are the weakest link in the security chain. If your security strategy is aimed primarily at protecting your servers, it’s time to take a look at the endpoints.

Fast forward to today. Companies are utilizing cloud services in droves, but IT admins are still around, and they’re busier than ever. The era when admins sat in the server room all day are in the past. You’re just as likely to be on the go, maybe bouncing between multiple physical locations as your network expands beyond the boundaries of your company’s main premises. And with the budget limitations under which many companies are operating, you just might be on call 24/7. Instead of having nothing to do, many of you are feeling more overworked than ever.

One way to make your tough job easier is to give you the ability to monitor what’s going on with all of the computers on your network and fix any problems that arise without having to trek down to the office. That’s where cloud-based monitoring, management and remote control can make the difference.

Sure, we’ve been able to access, monitor and manage our servers remotely for a long time, and there are already a number of different ways to do it. Remember the excitement when KVM over IP was introduced? Raise your hand if you remember PCAnywhere. Yes, Virginia, there was a time when Microsoft servers didn’t have Remote Desktop Protocol (RDP) services built in. What, exactly, does cloud-based monitoring give you that those other methods didn’t?

For one thing, it saves you precious time by automating the process of monitoring and managing your servers and workstations. But wait – automated monitoring is already available to you through solutions such as System Center, SolarWinds, WhatsUp Gold and others. Why should you consider paying a subscription fee for “monitoring as a service” when you can buy monitoring software and run it on-premises?

The answer is that it can cut costs, both directly and by freeing you of the chore of maintaining the hardware and software that make up an on-premises monitoring solution. There’s no hefty capital investment required. You don’t have to worry about patching and upgrading the monitoring software.  Deployment takes less than a day instead of days or weeks. With some services, you can be up and running literally in minutes. You don’t have to worry about installing any special software on the machine from which you’re monitoring (although you might have to install agents on the monitored computers).

Once it’s configured, there’s very little learning curve. Everything you need to see is all in one place and it’s easy for you to access it no matter where you are, as long as you have an Internet connection. You don’t have to worry about establishing a VPN connection. You don’t have to worry about RDP issues.  You can do everything from a web-based console.  You can log on with a mobile device, so you don’t even have to be at a computer to keep tabs on the state of the network. In all likelihood, you would not be able to provide the same degree of redundancy (and thus reliability) for an on-premises monitoring solution that a service provider can give you. You get to take advantage of the economies of scale without spending a fortune.

At this point, you may be wondering: What about security? That’s been one of the biggest concerns of organizations that are considering cloud-based services – but is the cloud inherently less secure?  If you think about it, you’ll realize that an on-premises network that’s connected to the cloud is exposed to the same threats as those that might impact a hosted service. The biggest difference lies in who has control – and the corresponding responsibility – for implementing security measures to counter those threats. And if you think it through even further, you’ll realize that it’s very likely a good cloud services provider will invest as much or more money, personnel and other resources in securing their services. Their reputation depends on it, and it’s an integral part of their business model, whereas your company quite naturally focuses its resources on its own primary business, which probably isn’t IT.

Let’s face it: There are probably some computing tasks that your company will never trust to an outside provider, but server/workstation/mobile monitoring and management is one area where going to the cloud, sooner rather than later, can really make good business sense.

See for yourself how easy it is to manage and secure all your servers, workstations and laptops while you’re on the move – You can start a free 30-day trial of GFI Cloud today!

In the IT world, network admins often find themselves in the DIY role for different reasons. Some are just control freaks – you almost have to be, to some degree, to do the job properly – and they subscribe to the notion that if you want something done right, you have to do it yourself. Others are placed in the DIY position out of necessity; budgetary restrictions or management decisions originating “upstairs” may force you to take on projects that are beyond your level of expertise or for which you don’t have time.

Email archiving is one of those tasks that would seem, at first glance, to be an easy fit for DIY.  To “old school” folks, archiving is a pretty simple and straightforward thing; it just means storing old records somewhere, separate from current working files. However, modern archiving is a bit more complicated than that.

First we need to look at why we archive records in general, and email in particular. There are a number of business reasons for keeping old messages. A high percentage of business communications today are conducted via email. Having access to past messages is a part of business continuity, whether in the more familiar sense of recovery from a disaster or in the broader sense of maintaining consistency and avoiding reinvention of the wheel, as well as verifying and understanding the reasoning behind past decisions and actions. Personnel turnover can result in chaos, but if a history of discussions about a particular project or issue has been preserved, new employees and managers can get up to speed in their roles much more easily and quickly. Email messages may also yield valuable information that is needed in case of an internal personnel investigation or an audit.

However, there’s an even more compelling reason to archive email messages. In many cases, it’s the law. Governmental and regulatory agencies often require businesses to retain email messages in order to be in compliance with their standards. Not only might you be required to keep the messages, but you also may be legally obligated to ensure that they are stored securely.

Even if your organization doesn’t belong to a regulated industry, email messages are frequently a prime target in the discovery process in case of a civil lawsuit (e-discovery). In the U.S., the Federal Rules of Civil Procedure say that all emails and other communications files that may be relevant to current or future litigation must be produced when requested in a lawsuit. Failure to comply with the FRCP can subject you to penalties that include fines, sanctions, or contempt of court charges and can result in your organization losing the lawsuit.

Email messages may also be subpoenaed in the case of a criminal investigation. When email messages become evidence in a legal proceeding, you may have to do more than simply produce the messages. You may also have to prove that they are authentic and haven’t been changed or tampered with.  A few years ago, I co-authored a white paper with Mike Wolf at Microsoft (Establishing the Foundation of Authenticity for Electronically Stored Information: Strategies Using Microsoft Technologies) that explored this issue in some detail.

When you take all these factors into consideration, email archiving starts to look like very serious business, and something that you might want to leave to the professionals, in the same way you probably wouldn’t attempt to perform surgery on yourself or act as your own attorney in court.

The solution might be to contract with a provider of hosted email archiving services – and let them manage your archiving for you. But you might be (understandably) wary of storing all those messages, some containing sensitive information, in a cloud-based service. That’s why it’s important to use a provider you can trust – a company with a long history of focusing on security as well as email archiving. Archiving can be integrated into a comprehensive email security solution that also protects against spam, email-based malware and can even block inappropriate outbound messages.

There are a number of good reasons to consider integrating email security and storage and taking it “to the cloud” and the security of your archive is an important one.

If you’re looking for a cloud-based email security, continuity and archiving solution, have a look at GFI MailEssentials® Online, or register for a free trial and give it a spin today! 

Things change. Today, most cities are open, with many roads leading in and out and hundreds or thousands of people freely entering and exiting every day. And with the advent of ubiquitous mobile connectivity, virtualization technologies that blur the lines separating physical machines, and everything-as-a-service computing, the concept of an impenetrable perimeter that encompasses an entire organization is dissolving into the thin air of our increasingly cloudy infrastructures.

We’ve heard a lot of talk over the last few years about the disappearance of the network perimeter, but the edge isn’t gone – it just moved. Security is becoming more focused on protecting the data, wherever it might be (on the endpoints, on network storage devices, or in the cloud). What do these changes mean for your business?

If you haven’t done so already, it may be time to reevaluate your entire security strategy. If you cut your IT teeth on the “old school” methodologies, you might be feeling a little lost in this brave new networking world. But the new paradigm isn’t really as different as it seems. It’s just about moving your security inward.

In those walled cities of old, individual homes were far less protected than they are today. They didn’t necessarily have locks on the doors, and windows were mere cutouts that anyone could climb into. Today we’ve moved our perimeters inward, using fences, guard dogs, deadbolts and alarm systems to protect our own properties. This is akin to the host-based firewalls and anti-malware software that protect servers and clients. It’s still perimeter security, but the interior footprint is much smaller.

That’s not the extent of our inward-movement, though. When we have especially valuable assets, such as jewelry or cash, we lock them up in a safe so that even if a burglar manages to break into the house, he’ll have a hard time getting to those things we value most. The most valuable thing we have on our network is data – the business’s trade secrets, employees’ and clients’ personal information, one-of-a-kind intellectual property that can’t be replicated. These most valuable assets should be the focus of your security strategy.

This is known as a data-centric approach to security, and it’s the new paradigm. We can put our data in a “safe” by setting restrictive access permissions on files and folders. Then we move in even closer by using strong encryption so that security is built into the data itself. Even if attackers capture it, it will be unusable to them. We can encrypt entire volumes, folders or individual files.

Sometimes, though, we need to take our valuables out. Maybe we need to take the cash to the store to buy something, or we want to wear the jewelry to a party. Maybe we want to have the stamp collection appraised or cash in the bonds. When we go out in public with our most valuable valuables, we’ll probably take special care to prevent them from being lost or stolen. Maybe we’ll hide the 5 carat diamond necklace in an inner pocket during the cab ride and only put it on when we’re safely surrounded by friends inside a private banquet hall. If we’re transporting a truly large amount of cash, maybe we’ll hire an armed guard to escort us or handcuff the briefcase to our wrist. At the very least, we’ll keep the valuables out of sight and be extra vigilant and avoid going through high crime areas.

There are many ways to protect data when you have to take or send it out of its safe repository, too. You can use IPsec or SSL to protect transmissions, send only over wireless networks that use strong encryption, use rights management to prevent those with whom you share files or messages from copying, printing or forwarding them and so forth. New encryption techniques such as identity-based encryption and format-preserving encryption offer even more flexibility.

At this point, you might be saying, “Wait a minute. That all sounds familiar.” Indeed, it should. If you’ve been doing things right, you already do some or all of this, as part of your defense-in-depth security strategy. While many of the protective technologies remain the same, the focus has shifted. In a world with no borders, it’s every bit of data for itself. And that data has become more difficult to secure, because it no longer resides nicely in one place, on a file server. Cloud storage, BYOD and the distributed processing model of big data make data discovery an all-important and necessary (but often overlooked) first step.

The elimination of borders means more freedom, but with freedom come new challenges – especially on the security front. Welcome to the future.

Discover how you can secure, monitor and manage your network while enhancing productivity, with our network and security solutions today!

“TMI” is a popular acronym that means “too much information”. It’s usually used in reference to people who are less than discreet about their personal lives, but it’s a concept that’s also applicable to the business world. Too much information is a bad thing because it obscures what’s important: the knowledge on which effective decision-making must be based.

What does that have to do with IT? Many datacenters today have the problem of TMI/NEK in the form of huge amounts of data collected in log files. Automatic logging is a highly useful feature that’s incorporated into operating systems and applications and can be performed and/or enhanced by third party utilities. Logs can be invaluable in troubleshooting problems, tracking down anomalies and monitoring security events. However, sometimes the amount of logged data can be overwhelming. When that happens, it can be a hindrance rather than helpful.

Particularly when it comes to security issues, it does little good to have the information that tells you what’s happening sitting around in a format that won’t be seen until after the fact, or have the relevant facts and events buried in a sea of TMI. You need knowledge – and you need it in real time. All that information must be monitored, sorted and managed in a way that’s thoroughly integrated into your IT infrastructure and operations.

Understanding the implications of log data requires careful analysis. This is all part of the relatively new concept of SIEM – Security Information and Event Management. Instead of having to keep up with a myriad of disparate security alerts generated by dozens of different software and hardware components on your network, a SIEM solution can aggregate data from multiple sources and sort the events into correlating groups, in real time. You get both immediate notification of significant events and long-term storage of data for historical comparisons and to meet compliance requirements.

Another big drawback of TMI is the load that an excess of information puts on your system resources, which can result in serious performance degradation. One of your criteria in selecting the best SIEM solution for your organization’s need should be a balance between comprehensive data collection/analysis and conservation of system resources.

We all know that automating tedious processes can reduce costs and save the company money. Log data management is an area that’s especially appropriate for automation because the huge volume and the sometimes obscure nature of the data makes wading through it manually a heinous process that’s prone to the overlooking of important information. The most effective use of log data is in a proactive approach that allows you to identify potential problems before they can negatively impact your business. That requires a solution that goes beyond the basic SIEM functionality and hooks into your infrastructure seamlessly.

Such a solution will be able to monitor all the devices, workstations and servers on your network and will not be limited to interacting with just one or two types of log files. So another thing to look for is compatibility with as many log file types as possible.

While we think of security being confined to certain types of events that signal an imminent or occurring intrusion or attack, the security of your network is also intimately tied to availability and performance, because users who can’t get their work done due to downtime of critical systems, applications and services will often resort to the use of “workarounds” – connecting through personal devices, accessing data via removable drives and so forth – that present entirely new security issues of their own. Thus a truly comprehensive solution will also include monitoring for hardware failures and other events that may not seem directly related to security.

We talk a lot about business intelligence (BI) these days, and yet when it comes to monitoring our networks we often neglect to use the same types of data mining and prescriptive and predictive analytics that we apply to making other, more broadly scoped business decisions. By treating our log files as the rich data sources that they are, we can turn too much information into the knowledge we need to keep our networks secure at a lower cost and with less work.

Like our posts? Subscribe to our RSS feed or email feed (on the right hand side) now, and be the first to get them!

Yes, we were easily impressed in the olden days. Now many of us don’t even have traditional telephone lines, much less fax machines hooked up to them. The world has moved on, and the Internet is the method of choice for all types of communications. The post office is dying, landlines are disappearing and the once ever-present fax machine is found in fewer and fewer homes and offices.

Its spirit, though, lives on. Even before VoIP and cellular phones began to replace landlines, faxing moved from a dedicated machine to the fax modem, a peripheral that was once standard in almost every desktop computer.  The big advantage of this first metamorphosis of faxing (what I call Fax 2.0) was that paper no longer had to be involved in sending a fax. If your document or picture was already a digital file, you could send it without the hassle (and expense) of scanning it.

Out of this grew the concept of the fax server (I’ll call it Fax 2.5). With this advancement, you didn’t have to have a fax modem and a phone line for every individual computer. The fax server is located on the network and can send faxes for anyone whose computer can access it over the local network or even over the Internet. This saves money for businesses in a number of ways: fewer phone lines, less hardware, reduced paper usage, and you can monitor both incoming and outgoing faxes for accounting purposes to allocate expenses to the proper departments.

But there are problems. Integrating a fax server with the PABX system can prove to be a challenge, and fax modems and boards are quickly becoming obsolete technologies. Modern businesses – especially SMBs on limited budgets – don’t want to have to maintain expensive landlines just to be able to send and receive faxes.

Fax 3.0 takes it to a whole new level and solves those problems. Today we live in a cloudified world, and it makes sense to take your faxing to the cloud, too. Fax as a Service (FaaS?) simplifies the process of sending faxes across the telephony network without requiring you to have fax hardware and phone lines.

But what about security? One of the reasons fax machines have lingered on is that users feel more secure sending sensitive documents over the phone lines than over the Internet. But there’s a solution: if the faxing software connects to the cloud-based fax service over a secure connection, you don’t have to worry about your docs being “out there” for anyone to intercept and read. We already entrust personal information such as bank account and credit card numbers to HTTPS connections, so it’s the logical way to protect the confidentiality of faxed documents, too.

So what should you be looking for when you consider moving your faxing to the cloud? A good FaaS solution provides you with software that makes sending a fax as simple as sending an email message or printing a document. It can integrate with your Exchange (or other SMTP) server and use your Outlook contacts, or even a cloud mail service such as Office 365 or Gmail. Even better if you can create a document in your word processing application and send the fax directly from there, selecting the fax server as you would select any printer.

Those are the “must haves”, but what else might you put on your wish list? Given today’s trends toward mobile computing, your users are going to want to be able to send and receive faxes from their phones and tablets, too. Faxes are transmitted as images, but it would be nice to have an OCR option so you could turn incoming faxes into editable and searchable documents.

Faxing may seem “old school”, but many businesses still depend on it. Bringing the technology behind it up to date can save money for the organization and make the faxing process a lot less frustrating for users.

Learn more on how your business can benefit from simple, fast, online faxing or fax server software today!

However, as with any powerful tool, there’s a down side to putting this capability into the hands of employees who are, after all, subject to the all-too-human tendency to sometimes put pleasure ahead of work. An Internet-connected web browser opens the door to all sorts of temptations and distractions that can wreak havoc on productivity in the workplace.

A “quick check” of a personal email account can result in half an hour lost, reading and replying to messages. A foray over to Twitter to post “just one tweet” can end up with you scrolling through dozens more posted by those you follow, and clicking on links contained in them; before you know it, another thirty minutes is gone. Facebook friends beckon with memes, cats and food photos. Google+ calls to members to come over and hang out.

Social networks aren’t the only time-wasters. Amazon flaunts all those great deals with only one left in stock. News sites shout sensational headlines that are hard to resist. It’s easy to get lost in a maze of funny videos on YouTube. Political junkies can easily become embroiled in time-consuming heated arguments on forums dedicated to their issues of choice. Market watchers are compelled to keep an eye on their favorite stocks. Web-based chats are easier to get away with than personal phone calls. Online games can consume huge chunks of time that should be spent tending to business.

It’s not that workers necessarily set out to spend their days goofing off, but when they’re surrounded by all these enticements, it can be difficult for them to stay on the straight and narrow all the time. And let’s face it: some folks will take it further, and visit sites that can get them – and maybe even the company – in trouble. Gambling sites, “adult” (porn) sites, hacker sites, software piracy sites, hate group sites or those that promote criminal violence or terrorism: employees accessing any of these could create legal ramifications and/or bad publicity and damage to the reputation of the organization. It can also create problems for other employees. Finally, these types of sites often contain viruses and other malware that can infect systems and spread throughout your network.

To protect both the company and its employees, it’s important for orgs to create usage policies to govern web surfing on company time, on company premises, and/or when using company equipment. That’s a first step, but sometimes (okay, often) it’s not enough. Some people self-police but some can’t or won’t. Some people may not understand or remember all of the policies. Sure, you can take disciplinary action but by the time you find out about the violation, the damage may already be done.

The problem was spawned by our modern technology, so a technological enforcement solution makes sense. Instead of expecting users to adhere to the rules on their own, you can make it easier for them (and for you) by deploying a web monitoring and filtering solution. Then, rather than reacting to policy violations, you can proactively prevent them from occurring in the first place.

There are plenty of products out there, but some are better than others. They all start with the same goal: to block attempted access to undesirable web sites. There are different ways to do that, though. A simple blacklist checks each site against a list of known “bad” sites and blocks any that are on the list. A whitelist works in reverse, using a list of known “good” sites and allowing access only to the sites that are on the list. Sites can generally be filtered based on content categories – for example, you could block sites that pertain to alcohol, drugs, dating services and/or games.

These methods are simple and straightforward, but there are problems inherent in them. With a white list, employees’ access to many useful sites is blocked because they haven’t been put on the list. The problem with blacklisting is that you have to wait until someone discovers that a site is undesirable and puts it on the list; otherwise employees will be able to go to it.

Reputation-based filtering goes further, by analyzing many different characteristics of each site and then assigning it a score that reflects the probability of it posing a risk. This gives you more flexibility, so that for example, you can allow access to sites in the “entertainment” category but sites in that category with a low reputation score would be blocked. You might also want to allow access to social network sites such as Facebook, but block the apps and games on the site that are big time sinks and can be used to disseminate malware.

Filtering can also be based on the type of network traffic generated. You might want to allow access to news sites but not the streaming videos that are often available on news sites. Streaming media uses a lot of bandwidth, and may also be more prone to abuse/time-wasting than straight text news stories. It’s even better if you can block specific media applications (for example, iTunes) and control employees’ downloads from the web.

A good web monitoring solution will give you plenty of options, letting you enforce not only content policies but also how much time workers spend on the web and how much bandwidth they use. Of course, it will also provide good reporting, with activity logs that record documentation of usage data. The web may seem a little like the wild, wild west when you consider all the dangers out there, but web monitoring software can act like a new sheriff in town, taking control and bringing order to the digital business environment.

Like our posts? Subscribe to our RSS feed or email feed (on the right hand side) now, and be the first to get them!

Our focus is often on how to prevent hackers from getting at our data by accessing it remotely across the network. But it’s equally important to be aware of the risk that insiders will use old-fashioned “sneakernet” to misappropriate data, and take steps to ameliorate it. The good news is that there are ways to prevent copies of your data from walking out the door on a removable device.

Removable storage has been around pretty much since the advent of the personal computer; in fact, the first IBM portable computer, the 5100 (released in 1975) had only removable storage – a magnetic tape cartridge – and no fixed hard drive. Subsequent IBM PCs used removable eight inch floppy disks for storage. It wasn’t until 1983, with the IBM PC XT, that a hard disk became standard.

Today, of course, we have a plethora of options when it comes to removable storage, including optical media (CDs, DVDs and Blu-ray discs), USB “sticks” or thumb drives that fit on a keychain, and flash memory cards, including microSD cards that are only about half an inch in length and can be concealed almost anywhere. Some USB drives are disguised to look like other objects, such as keys, credit cards or lipsticks. Another big problem is that MP3 players, phones and tablets can be connected to a computer via a USB cable and can function as removable drives themselves.

It’s hardly feasible to prohibit employees, contractors and visitors from bringing their phones onto the company premises, and it would be impossible to search everyone for hidden memory cards and disguised thumb drives. Since controlling the removable devices isn’t practice, what you need is a technological solution, some sort of “roadblock” that will prevent your data from being transferred to these devices. The good news is that you can do exactly that with the right kind of endpoint security mechanism.

The problem is that some solutions are “all or nothing” blockades. You could always physically disable USB connectivity by filling the ports with some substance or removing the cables connecting the USB ports to the motherboard. You could block USB in the computers’ BIOS, or you could use Group Policy on Windows machines. Some of these solutions give you more flexibility than others, but chances are none of them completely meet your needs.

For instance, you might want to allow certain users to use USB storage, but only during a specified timeframe. You might want to block only certain classes of devices, or you might want to block file copy based on the file extension. You might even want to block a particular physical USB port or a particular device ID. And what about new computers that connect to the network? Are they protected automatically, before you get around to configuring them? Finally, once you have the fine-grained control over these devices that you want, it would be great if you could monitor the connected devices on a continuous basis, from a centralized location.

These are a few of the “must have” factors that you need to keep in mind when considering the best way to protect the data on your network from the risk posed by removable storage devices.  Some “bonus” features would include the ability to force encryption on the removable devices that you do allow on your network and the capability to allow authorized employees to access the encrypted files even if they’re away from the office. Of course, when strong encryption comes into play, you also need to ensure that there is a recovery process in case the employee who encrypts important company data forgets the password or leaves the company.

With a good system for managing and blocking removable devices, you should be able to sleep a little more soundly at night, knowing that the convenience of removable storage won’t be used to conveniently steal your mission-critical information.

Looking for a good solution to manage the use of portable devices on the company network? Check out GFI EndPointSecurity or get your free 30-day trial and give it a spin!

According to a study conducted by the Radicati Group, the market for information (including email) archiving is a fast-growing one, expected to reach more than $6.3 billion by 2016. That’s not surprising, considering the ever-increasing number of government and industry regulations, many of which require the retention of business-related email messages and other electronic information for specified periods.

The discovery process is designed to ensure that both sides in a court case (civil or criminal) have access to all relevant evidence in order to prepare their cases. It occurs prior to the actual trial, when the attorneys file discovery requests asking for the production of documents by the opposing party. The process is governed by law (in the U.S., the state or federal Rules of Civil Procedure or Rules of Criminal Procedure, depending on the jurisdiction and nature of the case).

E-discovery pertains specifically to electronically stored information (often called ESI). Email is frequently requested in e-discovery – and although there are some communications that are privileged and not discoverable, the opposing party can ask for anything that might be relevant to the case.

Even small organizations often send and receive hundreds or thousands of messages per week. You don’t want to spend days or weeks searching through those messages, either. If you’re going to be able to provide what was asked for (and only what was asked for) in a timely manner, intelligent archiving is a must.

There are plenty of solutions out there, but choosing the right one can be an overwhelming task. It’s not enough to simply save all email messages; a good system needs to ensure that the messages are easily searchable so you can find what you need, when you need it. There should also be a mechanism for purging messages from the system (if desired) when the retention period has passed. Be aware that even if the retention period for a particular message has passed, if you continue to retain it, it’s still subject to discovery.

Obviously, a core requirement for a good email archiving solution is a reporting tool that can apply business intelligence principles to your email, extracting the information you need from what can be an enormous volume of data. You don’t want to wait until you’re in the midst of a lawsuit to know what’s in your email archive. The best tools can actually help you to prevent lawsuits in the first place, by assisting you to identify potential security breaches and legal issues before the fact.

The reports should tell you if there are emails leaving your organization that contain confidential client information (personal identifying information, social security numbers, credit card information and so forth). This is a potential source of legal risk in light of privacy laws such as the state laws modeled on California’s “Shine the Light” law that govern a business’s exposure of sensitive personal information. The best tools will allow you to analyze the content of the email messages based on keywords or key phrases, and also identify messages that use inappropriate language (which could result in damage to the company’s reputation or, at worst, lawsuits alleging harassment). You should also be able to analyze email traffic patterns, discover to whom outside the company messages are being sent, and track after-hours email activity, which may be more likely to contain illicit content.

In today’s tightly regulated and highly litigious society, it may not be possible to escape being hit with an email audit or subjected to electronic discovery at some point, but if you’ve prepared for that eventuality by enacting well-thought-out policies and following through on them with a good email archiving solution that includes an excellent reporting tool, your response will be less stressful, less time-consuming and less expensive.

Like our posts? Subscribe to our RSS feed or email feed (on the right hand side) now, and be the first to get them!