Virtualization and Cloud Security Hub

The advantages of “Baking in” antivirus in your model on Amazon Web Services (AWS)

Posted by Kathryn Schwab

Jul 30, 2014 9:10:00 AM

Follow us on Spiceworks Spice IT

As an AWS customer, chances are you made a great business decision to move to that model for some or all the following reasons:






     Ease of use


     Continuous Delivery

Whether you’re a startup or a DevOp in a large enterprise, some of the most compelling reasons to move a business model or develop a business process on AWS is that incredible and versatile infrastructure.

The power and productivity is second to none (well except in the case of the odd outage here and there – but that’s another story). When all is running smoothly, so is your business or your project. The ability to scale and spend according to your delivery model, timelines and needs, while delivering world-class applications and business processes is like no other time in history.

Read More

Topics: Public Cloud, Cloud Security, Compliance, AWS, Amazon Web Services, DevOps

Managed Security by MSPs: the Now and the Future

Posted by Madalin Dobre

Jul 29, 2014 7:18:00 AM

Follow us on Spiceworks Spice IT

It can be difficult to find relevant estimates for niche market segments, such as managed security services, in such a volatile context. The volatility is mainly generated by the amount of consolidation and business model transformation processes that are currently taking place among managed service providers (MSPs).

In this July, 2014 article from MSPmentor, the author cites forecasts the market values of managed security services, while Research and Markets makes claims for the overall MSP market. If we compare the share of managed security services within overall MSP market, in the two scenarios below, we can easily conclude that the revenue contribution of security services for MSP will grow.

Read More

Topics: Service Provider

“AV is dead”: declarations and language

Posted by Shaun Donaldson

Jul 25, 2014 9:54:30 AM

Follow us on Spiceworks Spice IT

There has been quite a bit of marketing effort put into declaring that AV is dead. It is difficult to make sense of it because the term ‘Anti-Virus’ means so many different things. Much of what it means depends on who you ask.

What is AV? It’s a short-cut. It’s not a short-cut from a technology perspective, but rather, in language. Just as a single-use facial tissue is a “Kleenex”, so does ‘AV’ mean ‘endpoint security’ to many folks, while ‘AV’ is scoffed-at by others.

To generalize, there are two audiences; those who work in IT, and those who do other things. To a person outside of IT, ‘AV’ equals security.

When a family member asks me about ‘AV for smartphone’, I don’t go into depth about it being less an AV than about application reputation, as determined by running applications in emulated environments to assess the quality (from a security perspective), and on and on. That’s because I’m being asked about security for a phone.

Read More

Topics: Enterprise Security

Advanced Persistent Threats – Silver Bullets That Fail

Posted by Horatiu Bandoiu

Jul 24, 2014 11:34:00 AM

Follow us on Spiceworks Spice IT

This is the second post from a series we thought necessary to dedicate to APTs (Advanced Persistent Threats) and the new wave of security technologies claiming that they replace or complement antimalware solutions to help organizations defeat this new threat.

First of all, it’s important to restate the conclusions of the previous post:

  • APTs are serious, sophisticated and present;
  • They are a real problem;
  • They use complex, fragmented malware and zero-day exploits to achieve their goals.

However, it is equally important to address several misconceptions about APTs:

! It’s not only about malware, as a matter of fact malware is just one of the means that are used in order to achieve the objective; curiously, in the majority of cases of APTs that have been studied, the human factor has proved to be the principal vector, spear phishing being a favorite weapon.

! It’s not a single successful or unsuccessful incident – these are sophisticated targeted attacks with a very clearly defined objective, so the attackers (not hackers, nor malware writers) won’t stop until succeeding.

Read More

Topics: Enterprise Security, Advanced Threats, Advanced Persistent Threats (APTs)

The ‘Near Future’ and Business Alignment of Security for Managed Services

Posted by Robert Krauss

Jul 17, 2014 11:08:00 AM

Follow us on Spiceworks Spice IT

In the most recent post, I described both the challenges and the opportunities that are facing Managed Services Providers (MSPs) looking to expand their portfolios to include information security offerings.

To quickly summarize: It’s a whole new world for MSPs, many of whom are seeing their entire business model being turned upside-down by the fast growth of cloud computing and the “as-a-service” trend.

While offering cloud-based information security technology and services presents a big opportunity for revenue growth and competitive advantage, MSPs face a host of challenges and potential revenue risks, not the least of which is managing the way licensing models are presented.

Read More

Topics: Public Cloud, Cloud Security, Service Provider, Reseller

When, where, and why do I need different endpoint security when going virtual?

Posted by Shaun Donaldson

Jul 16, 2014 11:22:00 AM

Follow us on Spiceworks Spice IT

In the endpoint security world, specifically antimalware (or antivirus, depending on your definition, but more on that in another post) vendors are offering different features and architectures to address performance in virtualized datacenters. A simple question that organizations have is, “When, where, and why do I need this stuff?” Of course, as a vendor, the tempting answer is, “Always, everywhere, and just because”. However, reality is always more nuanced than the average PowerPoint presentation.

Read More

Topics: Enterprise Security, Virtualization, VDI

APTs and the next generation security - technology facelift or real innovation?

Posted by Horatiu Bandoiu

Jul 10, 2014 8:00:00 AM

Follow us on Spiceworks Spice IT

This is the first post in a series dedicated to the trendiest, most disputed and most used acronym in the recent history of information security. My purpose for this series of three posts is to define the phenomenon (as we see it), to take a look at possible counter-measures – a review of the self-denominated “next generation security solutions” – and finally to try to come up with an effective response that shouldn’t cost you a fortune. 

I. The WHY

Why have I decided to dedicate a series of posts to APTs (Advanced Persistent Threats), in context?

The answer is simple; after having seen and read a lot of literature on this topic and after directly observing, first-hand, several APTs, the worry is that the more this is written about, the more it is adding to the confusion of notions or the intentional or unintentional misclassifications and the marketing veils that create further confusion.

Read More

Topics: Enterprise Security, Advanced Threats

Security Solutions Offer MSPs a Great Opportunity for Business Growth, But Service Providers Must Address the Licensing Issues

Posted by Robert Krauss

Jul 3, 2014 9:23:00 AM

Follow us on Spiceworks Spice IT

Managed services providers (MSPs) are experiencing a world of change these days, as cloud computing and the “as-a-service” trend continues to grow and have a huge impact on virtually every aspect of IT.

Consider the impact that the growth of public cloud services from Amazon Web Services and other providers has had on IT operations. And think about how much virtualization technologies from vendors such as VMware has changed the way data centers are designed and operated.

As research firm Forrester Research pointed out in a 2013 report, entitled “The Shape-Shifting Tech Industry Channel Ecosystem”, while cloud computing has been a boon for the technology industry in general, channel partners “have to deal with shrinking product margins, skills shortages, and new competitor types”.

Read More

Topics: Enterprise Security, Cloud Security, Service Provider, Reseller

As Global Security Concerns Spike, All SMBs Should Bolster Security

Posted by Catalin Cosoi

Jun 24, 2014 11:21:36 AM

Follow us on Spiceworks Spice IT

Small and medium businesses should shore up their defenses as allegations of rampant spying and massive security breaches cast a pall of doubt on the safety of the Internet. Here’s some advice to help SMBs cope with growing risks and keep expenses under control.

Studies show that data security can be a crucial issue of customer/client trust. In the wake of the Snowden NSA leaks, SMBs are at greater risk than huge corporations, as they have limited money for cyber-security.

From netbooks to smartphones and picture-playing devices, employees become more and more tech-savvy and bring a wide variety of Internet-connected devices to the office. To increase efficiency and mobility, they commonly access corporate data and networks on the go, while chatting with friends, posting social media messages, listening to music and sharing pictures online.

Read More

Topics: SMB Security, BYOD, Advanced Threats

DevOps and SecOps – the Impossible Conciliation?

Posted by Horatiu Bandoiu

Jun 23, 2014 12:20:22 PM

Follow us on Spiceworks Spice IT

When dealing with greatness and great companies one should try to find out what it is that they are doing so outstandingly well, and what lessons are to be learned from them? What do Google, Amazon, Facebook, LinkedIn, Netflix, Intuit, Bank of America, GAP or Macy’s - just to name a few - have in common?

Apart from being very big enterprises and highly successful, they also share an IT-related approach that has become a cultural trait: they all embraced DevOps as a way of delivering their products/ services to the clients. As security practitioners, we have the duty to ask ourselves – where does security fit into this DevOps philosophy?

Read More

Topics: Enterprise Security, AWS, Amazon Web Services, DevOps

Subscribe to Email Updates

Connect with us