David Attard, Product Manager for GFI WebMonitor

Long gone are the days when system security was about little more than choosing an effective antivirus product.

Threats to IT security now come from several different angles, and companies wishing to avoid the costs and reputational damage associated with security breaches must take a multi-faceted approach.

In this article, we speak to David Attard, a GFI product manager specializing in Web security, about the threats facing modern, connected businesses.

How has the IT security landscape changed in recent years?

The biggest change has been a move away from traditional viruses and Trojans. Of course these still exist, and there are multitudes of them, but some of the scariest threats nowadays are those posed by social engineering and phishing, which take advantage of user naivety rather than holes in an infrastructure. Moreover, malware is pushed aggressively to victims. Rather than a chance encounter with a virus on a dodgy website, even the most educated and wary of users are likely to encounter malware being pushed to them via what is perceived as “normal” web browsing such as search engines, news and social networking sites.

Also, there are various downloads which are likely to contain malware. Research by Microsoft suggests that 1 in 14 downloads is actually malicious.

How should IT departments respond to this?

It’s now essential that companies take a multi-layered view of IT security. At the top level, this means doing all you can to prevent users accessing compromised areas of the Web by using content filtering – but it shouldn’t stop there.

If users are able to inadvertently access a malware-infected site, companies need to know that their machines are sufficiently patched and protected to prevent hackers taking advantage of exploits.

Finally, businesses need to ensure that other routes into the network are protected; there’s no point in having perfect Web security if a user can introduce malware by plugging in an infected USB stick or connecting their personal laptop or other device to the network without any mitigating security practices in place.

Do businesses have good reason to be alarmed by how malware is evolving?

If they’re not protected at every level, then definitely. Phishing is a particular concern, as compromised sites can look so genuine that they fool a large proportion of people. Obviously the ideal scenario is to use software that protects users from being tricked in the first instance, but user education is clearly very important too.

You only have to look at how many high-profile Twitter accounts have been hacked to know how real this threat is. The Syrian Electronic Army compromised many accounts with targeted phishing emails that convinced people sufficiently to give up their credentials.

Do SMEs need to worry as much as larger companies?

Yes, because (arguably) they are easier targets, with smaller budgets for IT security and it is essentially a game of numbers. Create large scale scatter shot and many victims are bound to get caught in the crossfire. We are also seeing a trend towards Advanced Persistent Threats (APTs), where hackers persistently target a company with a range of different attacks, including social engineering, in an attempt to gain system access.

Once they’re in there’s plenty they can do. Hackers can even access “malware as a service” such as the Blackhole Exploit Kit, which effectively allows them to design and distribute malware to meet their own ends with very little effort and at a very cost-effective price.

What’s the best advice you could give to an IT department concerned about these issues?

Use a product such as GFI Cloud that can integrate patch management, antivirus and from early October, content filtering in one easy to use, web-based console. Only by thinking of every possible “way in” can IT professionals really sleep soundly at night!

KB2871630 was a non-security patch that was intended to address problems with performance and stability. But after it was installed, users discovered that the folder pane in Outlook 2013 was empty.  This made for some very unhappy customers, although uninstalling the patch does return the folder pane intact. The update was removed from Windows Update and WSUS. Microsoft published a blog post on TechNet about the issue.

Meanwhile, some users are reporting an “endless loop” problem whereby some of the other patches keep installing over and over. This has been reported in regard to KB2760411, KB2760588 and KB2760583. In addition, some are getting an error message when they try to install KB28100009.

Stay tuned and we’ll let you know of any new developments.

Only four of the September patches are rated critical, although eight carry the possibility of remote code execution and three others present the risk of elevation of privileges. Supported Windows operating systems, from XP to Windows 8/RT, are affected by one or more of these updates.

We’ll take a brief look at each of the updates individually, beginning with those rated critical. Unless otherwise indicated, the patches apply to both 32 and 64 bit operating systems. All of these patches may require a system restart after installation. For more details about each update, see the Microsoft Security Bulletin (linked).

CRITICAL

MS13-067 (KB2834052) Affects SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3, SharePoint Server 2010 SP1, SharePoint Server 2010 SP2, and SharePoint Server 2013 (including SharePoint Foundation 2013), along with Microsoft Office Web Apps 2010 SP 1 and 2, specifically the Excel and Word web apps. The Excel Services, Microsoft Business Productivity Servers component, and Word Automation Services On SharePoint Server 2007 and 2010 are impacted.  The critical rating applies to all the versions of SharePoint except SharePoint Server 2013, for which it is rated important.

This update addresses ten vulnerabilities that include the possibility of remote code execution. It corrects the problem by enabling machine authentication check (MAC) and making corrections to the way SharePoint, Microsoft Office Services and Web apps handle request sanitization, undefined workflows and parsing of specially crafted files.

MS13-068 (KB2756473) Affects supported versions of Office 2007 and 2010, specifically Outlook. It does not affect Office 2003 SP1 or Office 2013/2013 RT, nor does it affect editions of Office that don’t include Outlook. It’s rated critical for all affected software.

This update addresses one vulnerability in Microsoft Outlook that was privately reported by Alexander Kink of n.runs AG. If a user opens a specially crafted email message in an affected version of Outlook, it could result in remote code execution. The update corrects the way Outlook parses specially crafted S/MIME messages.

MS13-069 (KB2870699) Affects all currently supported versions of Internet Explorer (6, 7, 8, 9 and 10) running on all currently supported and released operating systems. It does not affect Internet Explorer 11, which is available as a developer preview and as part of the (not yet released) Windows 8.1 and Windows Server 2012 R2 operating systems. It also does not affect Server Core installations, which do not include the web browser. The critical rating applies to IE running on client operating systems (XP, Vista, Windows 7, 8 and RT). It is rated critical for IE on server operating systems.

This is a cumulative security update for IE that also addresses 10 vulnerabilities that were privately reported through HP’s Zero Day Initiative and by Google Security Team members, which could result in remote code execution.

MS13-070 (KB2876217) Affects supported versions of Windows XP and Windows Server 2003 only. Other versions of Windows client and server operating systems are not affected. The critical rating applies to all affected operating systems.

This update addresses a vulnerability that was reported privately by a member of HP’s Zero Day Initiative, which could result in remote code execution. The exploit would involve a specially crafted OLE file that would need to be opened by the user for a successful attack.

IMPORTANT

MS13-071 (KB2864063) Affects supported versions of Windows XP and Vista, as well as supported versions of Server 2003 and 2008 (except Server Core installation). Does not affect later released operating systems (Windows 7, 8, RT and Windows Server 2008 R2 or Server 2012). Also does not affect operating systems currently in preview (Windows 8.1 and Server 2012 R2). It’s rated important, rather than critical, because user action is required for an attack to succeed.

This update addresses another privately reported vulnerability that could allow remote code execution. In this case, it’s accomplished by getting a user to apply a Windows theme that is specially crafted by the attacker.  The update corrects the way theme files and screensavers are handled.

MS13-072 (KB2845537) Affects supported versions of Microsoft Office 2003, 2007 and 2010, specifically Microsoft Word. The Microsoft Office Compatibility Pack SP3 (which is used to open the new XML-based Office format files with older versions of Office) and the Microsoft Word Viewer that’s used to open Word documents without having Word installed. Office 2013 (including 2013 RT) is not affected, nor is Office for Mac 2011. It’s rated Important for all affected software.

This update addresses thirteen vulnerabilities that were reported by members of the Google Security Team and Positive Technologies personnel. Opening a specially crafted file in an unpatched, affected version of Word or Word Viewer could allow remote code execution. The update corrects the way the XML parser in Word parses these files.

MS13-073 (KB2858300) Affects supported versions of Microsoft Office 2003, 2007, 2010 and 2013 (including 2013 RT), specifically Microsoft Excel. The Compatibility Pack SP3 and Excel Viewer are also affected, and in this case Office for Mac 2011 is also affected. It’s rated Important for all affected software.

This update addresses three vulnerabilities that were privately reported by members of CERT/CC and Positive Technologies. Opening a specially crafted file in an affected version of Excel or Excel Viewer could result in remote code execution. The update corrects the way the XML parser in Excel handles these files.

MS13-074 (KB2848637) Affects supported versions of Office 2007, 2010 and 2013, specifically Microsoft Access. Does not affect Office 2003 SP3. Also does not affect editions of Office that don’t include Access (such as Office 2013 RT and Office for Mac 2011, or the Home and Student editions, etc.). It’s rated Important for all affected software.

This update addresses three vulnerabilities that were privately reported by a member of Secunia SVCRP.  Opening a specially crated file in an affected version of Access could result in remote code execution. The update corrects the way the XML parser in Access handles these files.

MS13-075 (KB2878687) Affects Microsoft Office 2010 SP1 only, with Pinyin IME (Simplified Chinese).  Microsoft Office 2010 SP2 is not affected, nor are supported versions of Office 2007 and 2013/2013 RT. Other versions of the Simplified Chinese IME are not affected. It’s rated important for affected software.

This update addresses a vulnerability in the Office Pinyin Input Method Editor component for the Simplified Chinese language that was privately reported by Wei Wang of VulnHunt. It can be exploited by launching IE from the toolbar on a computer running the Simplified Chinese Pinyin IME, which could allow the attacker to run code in kernel mode. The update corrects the way the IME exposes configuration options.

MS13-076 (KB2876315)  Affects all currently supported released versions of Windows client and server operations systems (XP, Vista, Windows 7, 8 and RT as well as Server 2003, 2008/2008 R2, and 2012), including Server Core installations. Preview versions of Windows 8.1/8.1 RT and Server 2012 R2 are not affected. It’s rated important for all affected software.

This update addresses seven vulnerabilities that were privately reported by Google and Qihoo 360 Security Center personnel. If an attacker is able to log onto the system and run a specially crafted application, this could result in elevation of privileges. The update fixes the problem by correcting the way the kernel-mode driver handles objects in memory.

MS13-077 (KB2872339) Affects Windows 7 SP1 and Server 2008 R2 SP1, including Server Core installations. Other versions of Windows client and server (XP, Vista, Windows 8 and RT, Server 2003, 2008, and 2012) are not affected.  Preview versions of Windows 8.1/8.1 RT and Server 2012 R2 are also not affected. It’s rated important for affected software.

This update addresses one vulnerability that was privately reported. An attacker would have to persuade an authenticated user to execute an application or be able to log on locally in order to successfully exploit it, in which case it could result in elevation of privileges. The update fixes the problem by correcting the way the Service Control Manager handles objects in memory.

MS13-078 (KB2825621) Affects FrontPage 2003 SP3. It does not affect any version of Microsoft SharePoint Designer. It’s unclear from the bulletin whether Expression Web is affected. It’s rated important.

This update addresses one vulnerability that was privately reported by a member of Positive Technologies. If a user opened a specially crafted FrontPage file with the affected software, it could result in disclosure of information. The update fixes the problem by correcting the way FrontPage handles Document Type Definitions (DTD).

MS13-079 (KB2853587)  Affects supported versions of Windows Vista, 7 and 8, as well as Server 2008 and 2008 R2 for x86 and x64 and 2012. This includes Server Core installations. It does not affect supported released versions of XP or RT, nor Server 2003, 2008 and 2008 R2 for Itanium. It also does not affect preview versions of Windows 8.1/8.1 RT or Server 2012 R2 (including Server Core). It’s rated important.

This update addresses one vulnerability in Active Directory that was privately reported. If an attacker sends a specially crafted query to the LDAP service in AD, it could result in a denial of service (DoS) attack. The update fixes the problem by correcting the way LDAP handles such queries.

SUMMARY

This will be a moderately heavy patching load for organizations running the affected versions of Windows and Microsoft Office. We will be keeping an eye out for any problems that might emerge with any of these patches and will report them here on this blog. We’ll also be posting a summary of some of the most important third party patch releases for the month, and other patch-related news, so please stay tuned.

New update since this month’s Patch Tuesday: see here  

Why? Because effective patch management is an essential component for the maintenance of a safer network. Unpatched software and operating systems can have vulnerabilities which in turn can be exploited during a malicious attack on your system.

2012 saw a total 4,347 new security vulnerabilities reported, that’s around 12 every day that system admins need to be aware of and repair across an entire network.  And with more and more employees bringing their own devices to plug in to business networks, the risk is even greater.

So, if patch management is essential, how can you handle it more efficiently?

The Evils of Automated Software Patching

Yes, it is true that almost every application now comes with automated patch management. However, relying on this method to keep your software updated could leave you exposed. Automated services require a user to be connected to the Internet and to accept the installation of the update, rather than skipping it.

Can the onus be put onto users to take care of their own machines?

A Skype survey of US, UK and German consumers showed that 40% of respondents don’t update their machines when prompted. Almost 25% required a second prompt. Around 45% were actually worried that installing the update would weaken their computer’s security.

To counter this system admins must check each machine individually to ensure they are all patched and running the latest software versions. That is a hugely resource-intensive for small IT departments and virtually impossible for a single person to accomplish.

On occasion, some patches may cause instability in a machine. The Microsoft MS10-015 patch for Windows XP that was released in February 2010 is one great example. It caused systems to crash and the patch was suspended. Just last month,  the MS-13-061/KB2876216 update caused corruption of the Exchange index database,  and the  KB 2843638, 2843639 and 2868846 caused the Active Federation Services (ADFS) to stop working. Workarounds and additional install instructions were issued for the problematic patches – but how many users know how to roll back patches? And how many will even realize they installed a patch in the first place?

That adds up to even more work for already busy IT managers.

Cloud-Based Patch Management

GFI Cloud™ is a simple web-based interface for integrated antivirus, asset tracking, network monitoring and remote control.

Using a cloud-based patch management system offers you a wide range of advantages. Firstly, it provides you with a single, central point of control. There is no more hunting around machines to see which one is patched and which one is not. You get a single interface that collects and collates that information for you.

You can patch machines from the console, which removes the need for users to make decisions. That enables you to patch machines faster and ensure that vulnerabilities are kept to a minimum.

Even better, cloud solutions are scalable so they can grow with your needs. Perhaps most importantly, they are also cost effective and won’t require you to upgrade your machines to run. You can deploy the solution within minutes and quickly get clear insight in to the status of your network.

Try GFI Cloud patch management free for 30 days.

This means that apps can no longer be designed in the traditional way with a title bar, menu bar and desktop approach. Apps have to be tailored for touch and be able to run from tablets. Windows 8 has brought about a new way of looking at apps. The new modern interface’s tiles and buttons are literally asking the user to touch and press them.

The new interface has not been to everyone’s liking and many have complained and expressed their frustration, but it’s a whole new set of ideas and users need to adjust to them to fully understand their potential. But once you get used to tablets you understand why it’s more natural to press a button with your finger than to move the mouse and click on it.

At GFI we always strive to keep up to date with new technologies and today we are releasing our first Windows 8 Modern UI app. This app for GFI MailArchiver makes it possible to connect to your email archive from your Windows 8 tablet/PC or your Windows RT tablet.  This adds to the different apps and methods that you can use to connect to GFI MailArchiver to browse and search the archive.

The app makes it very easy to search and browse the archive. We have also made it simple to search for the people you communicate with the most, or to save your own custom searches. Why not check it out?

There are a number of reasons that some companies have made the decision to hang onto XP until the very end. Change is never easy; in the IT world, it often means hidden costs, a steep learning curve (for both admins and users) and unexpected bumps in the road in the form of hardware and software incompatibilities. No wonder the philosophy of “if it’s not broke, don’t fix it” is popular. The problem is that a Windows XP that’s frozen in time in terms of security is going to be irretrievably broken.

Some XP users have been in denial, even speculating that there would be a last-minute “bailout” to extend support if only enough individuals and companies are still using XP when the deadline arrives. Even some experts believed, less than a year ago, that Microsoft would “have no choice but to continue supporting XP.”  However, Microsoft has made it clear that they are serious about XP’s end of life date. Critical updates will be provided only to companies with Premier Support contracts who also purchase a Custom Support option. Few companies can afford that, with fees reportedly starting at more than half a million dollars per year.

What does this mean to everyone else? To hackers, it means a golden opportunity. To Windows XP users, from home to enterprise, it means no more patches. It means any new vulnerabilities that are discovered will be wide open for attackers to exploit, unless third parties take it upon themselves to create fixes. That may not be possible even if there are third parties who want to take on the expense (and possible liability) of doing it. Because Windows source code is closed, those outside the company can’t legally modify it without Microsoft’s permission.

Although security companies such as Symantec have announced that they will continue to release antivirus definitions for XP “for the current product cycle,” they also caution that the lack of OS and application patches will still negatively impact the security level of Windows XP systems. McAfee says they will continue to support XP SP3 after April “for a limited time, as long as it is technically and commercially reasonable.” In the security ecosystem, AV, antimalware, vendor-provided updates and other security mechanisms must work together in a multi-layered security approach.

All of this means the potential for huge hits to the bottom line due to downtime and lost productivity when (not “if”) unprotected XP systems are compromised. And it’s not only about direct monetary loss. If unpatched systems result in exposure of client data, companies may find themselves not only losing business, but in violation of the law. In regulated industries, companies have a legal obligation to reasonably protect such data and not doing so could subject you to fines or even criminal charges.  In any industry, failure to secure systems could be viewed as negligence, resulting in civil lawsuits.

Statutory requirements in some countries, such as the U.K., explicitly impose a duty to have “modern and up-to-date software” as part of privacy laws. In other countries, such as the U.S., the standard is based on what would be considered reasonable and prudent and thus is open to interpretation by the courts. Even if a company escapes legal repercussions in the wake of an XP-related breach, media attention can drive customers away. Trust is a big factor in the business/customer relationship and a major security breach can damage a company’s reputation in ways from which it may never recover.

According to the August statistics from NetMarketShare, slightly more than a third of PCs worldwide (33.66 percent) were still running Windows XP and the Washington Post reported that Microsoft’s own statistics show about 30 percent of SMB customers haven’t yet upgraded. It’s time for the companies in that position to develop a plan – sooner rather than later.

GFI Cloud™ is offering free asset tracking which will help you start your plan by finding out which workstations are still using Windows XP.

Q: How is GFI LanGuard adapting to the changes that happen so fast in the IT infrastructure landscape nowadays?

Cristian Florian, Product Manager for GFI LanGuard

IT environments now include so many different devices, operating systems and applications that network administrators may not even be aware of all of them. The rise in BYOD (Bring Your Own Device) in business environments has added to the burden system administrators have to carry every day, in turn forcing them to stay on top of their network environment, strengthen security, while also monitoring an ever-changing network infrastructure.

So we built GFI LanGuard 2014 with this in mind. We had to extend its capability in this new environment because the whole IT infrastructure needs to be managed, no matter if we are talking about Windows®, Mac OS® or Linux® systems, physical or virtual machines, servers, desktops, laptops, mobile devices such as smartphones and tablets, or network devices such as routers, switches and printers.

Q: What is new in GFI LanGuard 2014?

One of the major things we added in GFI LanGuard 2014 is vulnerability assessment for smartphones and tablets. According to a survey conducted by Cisco, 90 percent of American employees use their personal smartphone for work purposes. While this is an opportunity for businesses, it also adds risk, as these devices may have access to sensitive company information and there is little, if any, visibility into how security is managed for them.

GFI LanGuard now allows network administrators to see when and what devices connect to the Microsoft Exchange servers and it checks these devices for security vulnerabilities. Android®, iOS® and Windows Phone® are supported. Additionally GFI LanGuard will report when new mobile operating systems updates are available and makes it very easy for network administrators to send email notifications to device owners alerting them that these updates are available.

Q: How does vulnerability assessment for mobile devices work? Do network administrators need to install anything on the smartphones?

No. Auditing of smartphones and tablets using GFI LanGuard is very easy. Mobile devices that connect to the company’s Microsoft Exchange servers are detected using agent-less scans. There is nothing to install on smartphones, tablets or the Microsoft Exchange server.

The only thing that needs to be set is the Microsoft Exchange server name and credentials that have access to it.

Q: Are there any enhancements on the patch management side?

Yes. We are continuously improving our patch management capabilities. GFI LanGuard 2014 comes with patch management support for major Linux distributions such as Red Hat Enterprise Linux, Ubuntu, Suse, OpenSuse, CentOS and Debian.

According to a recent survey from Freeform Dynamics Ltd on 977 IT and business professionals representing a range of organization sizes and industries, 62.6% of them have at least one Linux system in their organization.

Now customers can use GFI LanGuard as a central console to patch Windows, Mac OS and Linux operating systems and applications. And, speaking of applications, it is now easier than ever for IT administrators to keep their systems fully patched, as we added a host of third-party applications to our “supported list”.

Q: What new third party applications are supported?

We added support for more than 20 new applications, bringing the total to over 50 third-party applications (besides Microsoft applications). We are practically covering all the most important ones in terms of popularity and security relevance.

Among the new applications we support are Pidgin (instant messaging), CDBurnerXP, ImgBurn and CCleaner (utilities), VLC and Audacity (media), LibreOffice (documents), Paint.NET and  IrfanView (imaging), Adobe Illustrator, Adobe PhotoShop and Adobe InDesign (Adobe Creative Suite), WinSCP and Core FTP (FTP clients), Python and Notepad++ (developer tools). The complete list is available here.

We will continue to add support for new applications at a high rate. Customers can request support for additional applications by sending an email to this address.

Q: Anything else worth mentioning?

Yes, we have some other good news for our customers. We have a special offer for anyone who purchases or upgrades their GFI LanGuard version to 2014. They will automatically receive 25% extra nodes for free to use exclusively on mobile devices auditing.

So check out the new GFI LanGuard version. We are proud of what we have accomplished and we believe that our users will enjoy it too.

Why does this happen?

It’s difficult to pass judgement on this issue. My view is that when someone is in their office, bored or tired after a long day, and having ‘exhausted’ their energy on Facebook, they might think that a quick peek at a ‘naughty’ website will not harm anyone? It’s also fair to say that most users probably already know that a web filtering solution is in place, and that their internet activity is monitored, so most of these are more likely than not deliberate attempts to access blocked online material. A user might come across an adult website while researching other topics, but the sheer number of attempts detailed in the statistics simply does not add up to this conclusion. When a specific website is visited, then it indicates intent to do so; however that’s up to the reader to judge.

What should you be thinking about?

Even though employees in the Houses of Parliament probably had a good idea that their online activity was monitored, it didn’t prevent them from attempting to access adult material. Moving away from the topic of porn and MPs in the UK, and looking at matters closer to home, how can you prevent something similar from happening?

What can you do to make sure that your staff spend their time more efficiently and productively? Here are a few tips:

1)      First things first, if you don’t have a web filtering and monitoring system in place, then you really should implement one – unless you want to start wondering what each employee in doing online

2)      You need a web filtering solution which will allow you to drill-down exactly into what a specific user is doing, as given by example in this short video:  Monitoring Internet activity at the office.

3)      Your web filtering should proactively advise and alert you when a user attempts to visit ‘naughty’ websites, or other illicit webpages, so that your HR department can decide whether or not to remind them of the company’s best practices on Internet usage.

4)      You should invest some time and resources discovering how much time users are spending on websites which are unrelated to their official duties.

GFI WebMonitor® is an affordable solution that allows you to address all of the above. Besides the ability to block categories of undesirable websites, it is very easy to use the Activity dashboards and reports to identify employees whose time could be better spent working for you, than searching the web for themselves. Real-time configurable alerts allow you to send emails to the appropriate people when their online behaviour merits it. Search engine query monitoring, for example, will clearly show what a user’s intentions were and the appropriate department can take the necessary actions, including education, to ensure there are no repeat offenders. GFI WebMonitor offers companies many other benefits such as added web browsing security and mitigation of bandwidth issues.

Try GFI WebMonitor for free for 30 days!

The reviewer, Brien M. Posey, was impressed by the speed of install across a variety of windows systems and servers and the really nice reporting feature. “All in all, I liked GFI Cloud. I found it easy to use” (See full review here).

WindowsNetworking.com reviewed and assessed of each of GFI Cloud’s features:

• Asset Tracking
• Monitoring
• Patch Management
• Antivirus

The result: GFI Cloud earned the WindowsNetworking.com Gold Award.

Sign up for your free 30 day trial and experience how the GFI Cloud platform.

Don’t be an easy target! Multi-layer your IT security

Date: September 19, 2013 – Time: 4 p.m. BST / 5 p.m. CEST – US: 8 a.m. PDT / 11 a.m. EDT

With the growth of targeted phishing attacks, Advanced Persistent Threats and even Malware as a Service how can small and mid-sized companies keep up? With tight budgets and IT professionals stretched, to cover more with less, what level of confidence do you have in your IT security? Infiltrating a bigger company takes much more effort, but a smaller business, with vulnerable defenses can make an easier target.

In this webcast we will review and examine the threats facing networks today; including internal threats, malware, Internet-based and cyber-attacks. The basic methodology of each threat and how to mount effective counter measures, with a multi-layered approach to security.

Register now

Securing your IT infrastructure: Managing security solutions in a complex world

Date: September 24, 2013 – Time: 5 p.m. BST / 6 p.m. CEST – US: 9 a.m. PDT / 12 p.m. EDT

As the types and methods of security solutions become more diverse, the challenge to manage the network security infrastructure has grown exponentially. This webcast will look at the key challenges and offer solutions to some of the most pressing issues confronting network security professionals.

During this webcast we will cover vulnerability assessment, threat detection and network auditing. Additionally our presenter will examine patch management, compliance, inventory assessment and effective control of BYOD (Bring Your Own Device) threats to your security and how to use these techniques to assure your data is as safe as possible.

Register now