David Attard, Product Manager for GFI WebMonitor

Long gone are the days when system security was about little more than choosing an effective antivirus product.

Threats to IT security now come from several different angles, and companies wishing to avoid the costs and reputational damage associated with security breaches must take a multi-faceted approach.

In this article, we speak to David Attard, a GFI product manager specializing in Web security, about the threats facing modern, connected businesses.

How has the IT security landscape changed in recent years?

The biggest change has been a move away from traditional viruses and Trojans. Of course these still exist, and there are multitudes of them, but some of the scariest threats nowadays are those posed by social engineering and phishing, which take advantage of user naivety rather than holes in an infrastructure. Moreover, malware is pushed aggressively to victims. Rather than a chance encounter with a virus on a dodgy website, even the most educated and wary of users are likely to encounter malware being pushed to them via what is perceived as “normal” web browsing such as search engines, news and social networking sites.

Also, there are various downloads which are likely to contain malware. Research by Microsoft suggests that 1 in 14 downloads is actually malicious.

How should IT departments respond to this?

It’s now essential that companies take a multi-layered view of IT security. At the top level, this means doing all you can to prevent users accessing compromised areas of the Web by using content filtering – but it shouldn’t stop there.

If users are able to inadvertently access a malware-infected site, companies need to know that their machines are sufficiently patched and protected to prevent hackers taking advantage of exploits.

Finally, businesses need to ensure that other routes into the network are protected; there’s no point in having perfect Web security if a user can introduce malware by plugging in an infected USB stick or connecting their personal laptop or other device to the network without any mitigating security practices in place.

Do businesses have good reason to be alarmed by how malware is evolving?

If they’re not protected at every level, then definitely. Phishing is a particular concern, as compromised sites can look so genuine that they fool a large proportion of people. Obviously the ideal scenario is to use software that protects users from being tricked in the first instance, but user education is clearly very important too.

You only have to look at how many high-profile Twitter accounts have been hacked to know how real this threat is. The Syrian Electronic Army compromised many accounts with targeted phishing emails that convinced people sufficiently to give up their credentials.

Do SMEs need to worry as much as larger companies?

Yes, because (arguably) they are easier targets, with smaller budgets for IT security and it is essentially a game of numbers. Create large scale scatter shot and many victims are bound to get caught in the crossfire. We are also seeing a trend towards Advanced Persistent Threats (APTs), where hackers persistently target a company with a range of different attacks, including social engineering, in an attempt to gain system access.

Once they’re in there’s plenty they can do. Hackers can even access “malware as a service” such as the Blackhole Exploit Kit, which effectively allows them to design and distribute malware to meet their own ends with very little effort and at a very cost-effective price.

What’s the best advice you could give to an IT department concerned about these issues?

Use a product such as GFI Cloud that can integrate patch management, antivirus and from early October, content filtering in one easy to use, web-based console. Only by thinking of every possible “way in” can IT professionals really sleep soundly at night!

Why? Because effective patch management is an essential component for the maintenance of a safer network. Unpatched software and operating systems can have vulnerabilities which in turn can be exploited during a malicious attack on your system.

2012 saw a total 4,347 new security vulnerabilities reported, that’s around 12 every day that system admins need to be aware of and repair across an entire network.  And with more and more employees bringing their own devices to plug in to business networks, the risk is even greater.

So, if patch management is essential, how can you handle it more efficiently?

The Evils of Automated Software Patching

Yes, it is true that almost every application now comes with automated patch management. However, relying on this method to keep your software updated could leave you exposed. Automated services require a user to be connected to the Internet and to accept the installation of the update, rather than skipping it.

Can the onus be put onto users to take care of their own machines?

A Skype survey of US, UK and German consumers showed that 40% of respondents don’t update their machines when prompted. Almost 25% required a second prompt. Around 45% were actually worried that installing the update would weaken their computer’s security.

To counter this system admins must check each machine individually to ensure they are all patched and running the latest software versions. That is a hugely resource-intensive for small IT departments and virtually impossible for a single person to accomplish.

On occasion, some patches may cause instability in a machine. The Microsoft MS10-015 patch for Windows XP that was released in February 2010 is one great example. It caused systems to crash and the patch was suspended. Just last month,  the MS-13-061/KB2876216 update caused corruption of the Exchange index database,  and the  KB 2843638, 2843639 and 2868846 caused the Active Federation Services (ADFS) to stop working. Workarounds and additional install instructions were issued for the problematic patches – but how many users know how to roll back patches? And how many will even realize they installed a patch in the first place?

That adds up to even more work for already busy IT managers.

Cloud-Based Patch Management

GFI Cloud™ is a simple web-based interface for integrated antivirus, asset tracking, network monitoring and remote control.

Using a cloud-based patch management system offers you a wide range of advantages. Firstly, it provides you with a single, central point of control. There is no more hunting around machines to see which one is patched and which one is not. You get a single interface that collects and collates that information for you.

You can patch machines from the console, which removes the need for users to make decisions. That enables you to patch machines faster and ensure that vulnerabilities are kept to a minimum.

Even better, cloud solutions are scalable so they can grow with your needs. Perhaps most importantly, they are also cost effective and won’t require you to upgrade your machines to run. You can deploy the solution within minutes and quickly get clear insight in to the status of your network.

Try GFI Cloud patch management free for 30 days.

This means that apps can no longer be designed in the traditional way with a title bar, menu bar and desktop approach. Apps have to be tailored for touch and be able to run from tablets. Windows 8 has brought about a new way of looking at apps. The new modern interface’s tiles and buttons are literally asking the user to touch and press them.

The new interface has not been to everyone’s liking and many have complained and expressed their frustration, but it’s a whole new set of ideas and users need to adjust to them to fully understand their potential. But once you get used to tablets you understand why it’s more natural to press a button with your finger than to move the mouse and click on it.

At GFI we always strive to keep up to date with new technologies and today we are releasing our first Windows 8 Modern UI app. This app for GFI MailArchiver makes it possible to connect to your email archive from your Windows 8 tablet/PC or your Windows RT tablet.  This adds to the different apps and methods that you can use to connect to GFI MailArchiver to browse and search the archive.

The app makes it very easy to search and browse the archive. We have also made it simple to search for the people you communicate with the most, or to save your own custom searches. Why not check it out?

Q: How is GFI LanGuard adapting to the changes that happen so fast in the IT infrastructure landscape nowadays?

Cristian Florian, Product Manager for GFI LanGuard

IT environments now include so many different devices, operating systems and applications that network administrators may not even be aware of all of them. The rise in BYOD (Bring Your Own Device) in business environments has added to the burden system administrators have to carry every day, in turn forcing them to stay on top of their network environment, strengthen security, while also monitoring an ever-changing network infrastructure.

So we built GFI LanGuard 2014 with this in mind. We had to extend its capability in this new environment because the whole IT infrastructure needs to be managed, no matter if we are talking about Windows®, Mac OS® or Linux® systems, physical or virtual machines, servers, desktops, laptops, mobile devices such as smartphones and tablets, or network devices such as routers, switches and printers.

Q: What is new in GFI LanGuard 2014?

One of the major things we added in GFI LanGuard 2014 is vulnerability assessment for smartphones and tablets. According to a survey conducted by Cisco, 90 percent of American employees use their personal smartphone for work purposes. While this is an opportunity for businesses, it also adds risk, as these devices may have access to sensitive company information and there is little, if any, visibility into how security is managed for them.

GFI LanGuard now allows network administrators to see when and what devices connect to the Microsoft Exchange servers and it checks these devices for security vulnerabilities. Android®, iOS® and Windows Phone® are supported. Additionally GFI LanGuard will report when new mobile operating systems updates are available and makes it very easy for network administrators to send email notifications to device owners alerting them that these updates are available.

Q: How does vulnerability assessment for mobile devices work? Do network administrators need to install anything on the smartphones?

No. Auditing of smartphones and tablets using GFI LanGuard is very easy. Mobile devices that connect to the company’s Microsoft Exchange servers are detected using agent-less scans. There is nothing to install on smartphones, tablets or the Microsoft Exchange server.

The only thing that needs to be set is the Microsoft Exchange server name and credentials that have access to it.

Q: Are there any enhancements on the patch management side?

Yes. We are continuously improving our patch management capabilities. GFI LanGuard 2014 comes with patch management support for major Linux distributions such as Red Hat Enterprise Linux, Ubuntu, Suse, OpenSuse, CentOS and Debian.

According to a recent survey from Freeform Dynamics Ltd on 977 IT and business professionals representing a range of organization sizes and industries, 62.6% of them have at least one Linux system in their organization.

Now customers can use GFI LanGuard as a central console to patch Windows, Mac OS and Linux operating systems and applications. And, speaking of applications, it is now easier than ever for IT administrators to keep their systems fully patched, as we added a host of third-party applications to our “supported list”.

Q: What new third party applications are supported?

We added support for more than 20 new applications, bringing the total to over 50 third-party applications (besides Microsoft applications). We are practically covering all the most important ones in terms of popularity and security relevance.

Among the new applications we support are Pidgin (instant messaging), CDBurnerXP, ImgBurn and CCleaner (utilities), VLC and Audacity (media), LibreOffice (documents), Paint.NET and  IrfanView (imaging), Adobe Illustrator, Adobe PhotoShop and Adobe InDesign (Adobe Creative Suite), WinSCP and Core FTP (FTP clients), Python and Notepad++ (developer tools). The complete list is available here.

We will continue to add support for new applications at a high rate. Customers can request support for additional applications by sending an email to this address.

Q: Anything else worth mentioning?

Yes, we have some other good news for our customers. We have a special offer for anyone who purchases or upgrades their GFI LanGuard version to 2014. They will automatically receive 25% extra nodes for free to use exclusively on mobile devices auditing.

So check out the new GFI LanGuard version. We are proud of what we have accomplished and we believe that our users will enjoy it too.

Why does this happen?

It’s difficult to pass judgement on this issue. My view is that when someone is in their office, bored or tired after a long day, and having ‘exhausted’ their energy on Facebook, they might think that a quick peek at a ‘naughty’ website will not harm anyone? It’s also fair to say that most users probably already know that a web filtering solution is in place, and that their internet activity is monitored, so most of these are more likely than not deliberate attempts to access blocked online material. A user might come across an adult website while researching other topics, but the sheer number of attempts detailed in the statistics simply does not add up to this conclusion. When a specific website is visited, then it indicates intent to do so; however that’s up to the reader to judge.

What should you be thinking about?

Even though employees in the Houses of Parliament probably had a good idea that their online activity was monitored, it didn’t prevent them from attempting to access adult material. Moving away from the topic of porn and MPs in the UK, and looking at matters closer to home, how can you prevent something similar from happening?

What can you do to make sure that your staff spend their time more efficiently and productively? Here are a few tips:

1)      First things first, if you don’t have a web filtering and monitoring system in place, then you really should implement one – unless you want to start wondering what each employee in doing online

2)      You need a web filtering solution which will allow you to drill-down exactly into what a specific user is doing, as given by example in this short video:  Monitoring Internet activity at the office.

3)      Your web filtering should proactively advise and alert you when a user attempts to visit ‘naughty’ websites, or other illicit webpages, so that your HR department can decide whether or not to remind them of the company’s best practices on Internet usage.

4)      You should invest some time and resources discovering how much time users are spending on websites which are unrelated to their official duties.

GFI WebMonitor® is an affordable solution that allows you to address all of the above. Besides the ability to block categories of undesirable websites, it is very easy to use the Activity dashboards and reports to identify employees whose time could be better spent working for you, than searching the web for themselves. Real-time configurable alerts allow you to send emails to the appropriate people when their online behaviour merits it. Search engine query monitoring, for example, will clearly show what a user’s intentions were and the appropriate department can take the necessary actions, including education, to ensure there are no repeat offenders. GFI WebMonitor offers companies many other benefits such as added web browsing security and mitigation of bandwidth issues.

Try GFI WebMonitor for free for 30 days!

The reviewer, Brien M. Posey, was impressed by the speed of install across a variety of windows systems and servers and the really nice reporting feature. “All in all, I liked GFI Cloud. I found it easy to use” (See full review here).

WindowsNetworking.com reviewed and assessed of each of GFI Cloud’s features:

• Asset Tracking
• Monitoring
• Patch Management
• Antivirus

The result: GFI Cloud earned the WindowsNetworking.com Gold Award.

Sign up for your free 30 day trial and experience how the GFI Cloud platform.

Don’t be an easy target! Multi-layer your IT security

Date: September 19, 2013 – Time: 4 p.m. BST / 5 p.m. CEST – US: 8 a.m. PDT / 11 a.m. EDT

With the growth of targeted phishing attacks, Advanced Persistent Threats and even Malware as a Service how can small and mid-sized companies keep up? With tight budgets and IT professionals stretched, to cover more with less, what level of confidence do you have in your IT security? Infiltrating a bigger company takes much more effort, but a smaller business, with vulnerable defenses can make an easier target.

In this webcast we will review and examine the threats facing networks today; including internal threats, malware, Internet-based and cyber-attacks. The basic methodology of each threat and how to mount effective counter measures, with a multi-layered approach to security.

Register now

Securing your IT infrastructure: Managing security solutions in a complex world

Date: September 24, 2013 – Time: 5 p.m. BST / 6 p.m. CEST – US: 9 a.m. PDT / 12 p.m. EDT

As the types and methods of security solutions become more diverse, the challenge to manage the network security infrastructure has grown exponentially. This webcast will look at the key challenges and offer solutions to some of the most pressing issues confronting network security professionals.

During this webcast we will cover vulnerability assessment, threat detection and network auditing. Additionally our presenter will examine patch management, compliance, inventory assessment and effective control of BYOD (Bring Your Own Device) threats to your security and how to use these techniques to assure your data is as safe as possible.

Register now

While this upgrade is surely a welcome uptick in value – as more email can be stored on the platform – let’s take a stab at understanding what the perils are in this approach for you. So effectively Microsoft is doubling the storage availability for you, while your users keep on using email more and more every day. It is just a matter of time before you hit the new ceiling as well. What will happen then?

As an IT or Email Administrator, you should be planning about implementing retention policies, spam filtering, cleanup operations and backup plans BEFORE you reach your hosting storage limit (be it 25GB or 50GB). If you hit the storage limit, you risk losing Emails, thus limiting your search and historic tracking ability. You are also effectively throwing away beautiful gems of business intelligence stored in Emails on your Office 365 account.

And these gems of information are so precious to your organization that you must do your utmost to protect them!

Just because your email is hosted outside your organization, the responsibility of what your users are sending to their contacts is still yours, together with all the legal liabilities that come with it. What tools does Office 365 give you to understand what is stored inside these 50GB per user of data?

With greater storage comes even greater management responsibility. IT and Email Administrators are the first port of call when such analysis is required by HR, company owners etc.

This is where tools such as MailInsights® reports within GFI MailArchiver are a perfect companion to your email system, be it on Exchange, Office 365, Google Apps or other.

Check it out today.

Not only does GFI MailArchiver provide you with a backup of your email content (for those occasions where outage in service happens), but it also empowers you to make in-depth complex searches that give you insight on how your organization’s email is being used, or misused. Powered by MailInsights, as an email administrator you will be able to answer those pesky questions related to user behavior on email including:

• email with inappropriate material
• email that can lead to legal disputes
• Email responsiveness of teams
• Email sentiments (used to detect disgruntled users in the organizations enabling preventative actions)
• After hours email usage
• Job Searching
• …and more

Learn more about MailArchiver and MailInsights here.

Jackie Wake, Product Marketing Manager for GFI Cloud

Q: Tell us about the latest release of GFI Cloud?

Today’s release gives new focus to Asset Tracking, a FREE service in GFI Cloud. Where IT admins could already track an unlimited number of devices, simply and easily in the web-based console, this release looks to enhance the user experience further and make deployment even easier.

Q: So what’s new?

Now you can see at a glance inventory information across an entire network, such as operating system, processor and RAM. This means you can quickly identify underperforming PCs and computers that need to be replaced sooner than others, by filtering and sorting your network in one central view.

When the GFI Cloud agent is installed, the console now shows hardware and software details in minutes and new users can get up to speed quickly with in-product guidance on what asset tracking information is available and where it can be found.

Most importantly Asset Tracking can be deployed, without having to trial other GFI Cloud services, such as Antivirus, Monitoring or Patch Management.  At the same time, these services are just one click away in the same centralized console.  So they can be quickly and easily deployed when they are needed, without having to physically re-visit any of the tracked computers.

Q: Why do I need it?

As an IT admin or manager, knowing what hardware and software you have is the first step to being in control of your network.  It saves time on support calls and makes life easier when you’re planning hardware refreshes and software upgrades.

With Asset Tracking in GFI Cloud you can see what you have at a glance, anytime from anywhere and it won’t cost you a penny… EVER!

The catch?  No catch, just easy to use free asset tracking forever… Simple.

Q: Where can I check it out?

You can get Asset Tracking FREE today and roll it out to all your devices to see for yourself how easy it is to keep track of your company’s IT asset inventory, with GFI Cloud.

Do you want to learn more about this product? Visit our website to find how GFI Cloud simplifies IT management with one central view of antivirus, workstation and server monitoring, patch management and FREE asset tracking across all your servers, PCs and laptops on the move!

Remote support tools have been used to enable IT departments and support providers to take control of infrastructures from a distance, but these tools have often had shortcomings and failed to address the management of PCs and servers completely.

Now, however, new service-based products such as GFI Cloud take a true “ground up” view of IT management, which integrates remote support with a host of other essential IT department tasks, including managing patches, protecting machines from viruses and other threats, and monitoring the overall infrastructure.

A move towards “Preventative IT”

Proof of just how much a system like GFI Cloud can change the working life of an IT department comes in the form of a recent case study, discussing how GFI Cloud has helped IT admin firm BVOXY adapt a far more proactive approach to computer support.

BVOXY’s technical director, Georgina Lloyd Parry, comments in the case study that just £208 per month for a GFI Cloud subscription can give centralized control of 80 geographically dispersed machines. This subscription covers antivirus, monitoring, and patch management as well as free asset tracking. Parry states that she has previously seen support costs of £1000 per month in engineer time running updates on a similar number of machines.

Obviously reducing the time IT professionals spend on routine tasks is a key benefit, but the implementation of GFI Cloud has also helped with a more profound move towards what Parry refers to as “preventative IT.” GFI Cloud’s central dashboard view provides her with an early warning of problems, helping her move away from reactive fire-fighting and frees up her time to spend on higher-level concerns, particularly “enabling” the business with the technology it needs to grow and succeed.

Centralized management

GFI Cloud is an effective way to make things easier for the IT team, according to a recent internal GFI survey: 61% specifically highlighted that centralized management was easier post-implementation.

Effective centralized management really comes into its own “out of hours” when a product like GFI Cloud can deal with routine tasks like deploying patches to applications and running virus scans – all those tasks that used to result in IT workers having to work during evenings and weekends.

Parry agrees, saying: “With GFI Cloud I achieve 10 times more work.” She particularly complements GFI Cloud’s fast agent installation and unnoticeable impact on system performance. She also praises the system’s email notifications, which alert her to urgent problems whilst minimizing disturbances because not all issues need her immediate attention.

As the case study states, “IT should be a partner in the business”. Proactive IT professionals should already know this, and know that a product that facilitates it can be worth its weight in gold.

Visit our website to read the full case study or start a free 30-day trial and find out how GFI Cloud could simplify your IT management.