Business News Holding

Tag: security

  • Guardian – Your Intelligent Tool against Fraudulent VoIP Traffic

    Guardian – Your Intelligent Tool against Fraudulent VoIP Traffic

    guardian_sh

    Nowadays, network security is one of the key factors in operating successfully in the telecom industry. Fraudulent schemes are becoming more sophisticated, leading to huge revenue leakages for VoIP providers. That’s why it’s critical to have an automatic system that detects fraud schemes and prevents losses.

    Speedflow’s Guardian Revenue Assurance Mechanism, integrated in the MediaCore Solution, analyzes VoIP traffic to reduce the threat of fraud and revenue loss. It achieves this by using proactive algorithms. It reviews traffic based on a range of factors, including ASR, ACD, PDD, number of attempts, etc. If Guardian detects any suspicious changes, it immediately notifies the technical support team.

    As time is crucial, with Guardian you can react instantly and block the destination or check it manually.

    To make the Revenue Assurance Mechanism easy to use, Speedflow included a helpful Guardian Wizard in the latest MediaCore release. It supports both automatic and semiautomatic modes. This convenient feature helps users set Guardian up in just a few minutes.

    Learn more.

  • Security Study Shows Canadian Businesses Not Prepared For Security Threats

    Security Study Shows Canadian Businesses Not Prepared For Security Threats

    security_threat

    According to new research from Cisco, Canadian businesses are not equipped to respond to security threats within their networks. The study, which combines the views of Canadian businesses and consumers about security at work, also found there are discrepancies between the preparedness of large and small businesses.

    Respondents were asked questions about security policies, practices and recent cyber-attacks at their business, including their security preparedness for new IT consumption models such as mobile and cloud-based applications.

    Cisco’s findings indicate many Canadian businesses operate without any security strategy for their network, leaving them woefully underprepared to take advantage of new opportunities created by the Internet of Everything (IoE) and making them highly susceptible to threats such as data loss or theft.

    With IoE driving the connection of people, processes, data, and things, the number and type of attack vectors will continue to increase exponentially, driving the mandate that security must become top of mind for businesses in today’s connected world.

    Key Findings

    Canadian businesses are unprepared for future security threats.

    • 6 out of 10 businesses either do not have a security strategy in place, and/or are unsure whether their security strategy accounts for an evolving data centre and IT consumption model, or do not have a strategy to prepare for these changes.
    • Nearly one in 10 (8%) of Canadian businesses overall are still unsure whether they experienced a security threat, attack or breach on their network in the last 12 months.
    • 15% of Canadian businesses still do not have a security strategy in place.
    • 1 in 5 (22%) Canadian businesses report they have experienced a threat, attack or breach in the last 12 months.
    • Canadian businesses with less than 100 employees are the most likely to not have a security strategy (26%), while mid-sized businesses are the least likely to have a strategy in place for changing IT consumption models (25%).
    • One in three (31%) of Canada’s largest companies are unsure whether their IT security strategy accounts for evolving data centre and IT consumption models.

    Canadian businesses are slow to protect company data on employee-owned devices.

    • Less than 60% of Canadian businesses have IT solutions in place to protect company data on employee-owned devices.
    • Nearly a quarter (24%) of employed Canadians use a personal device for work despite being employed by a company that does not allow this practice. Another 11% do so without knowing if it is allowed by their employer or not.
    • The Canadian businesses most prepared to protect company data on employee-owned devices are those with more than 1000 employees (64%). Those least prepared are businesses with less than 100 employees (44%).
    • Almost half (48%) of employed Canadians believe they are allowed to bring and use personal devices on the corporate network, while 57% of Canadian businesses believe they have IT solutions in place to protect data on employee-devices.

    Source: Cisco

  • 6 Essential Public WiFi Security Tips

    6 Essential Public WiFi Security Tips

    safe-on-public-wifi

    There are many risks associated with using a free WiFi network to browse sites that house private information. It’s quite easy to scan a public WiFI network to get a list of all the IPs currently connected. Once a snooper has that list, there’s a large amount of things they can do with that information. They can, for example, install software on your computer which can then be used to capture confidential information such as usernames and passwords, credit card numbers, even emails or search history.

    SaferVPN assembled their 6 fundamental tips for staying safe on public WiFi:

    1. Turn off sharing

    Uncheck all the boxes (music, photos, printers, etc.) from the Homegroup section of Network and Internet Settings on a PC and from Sharing under System Preferences on a Mac.

    2. Use anti-malware / antivirus

    This applies to much more than public WiFi alone – you should always protect your computers and mobile devices from malicious attacks. It’s not much different than getting your annual flu shot. There are some great free and paid solutions out there. PC Magazine has a nice unbiased list of their favorites here.

    3. Use HTTPS

    General rule of thumb: don’t enter sensitive information (credit card numbers, social security number, even a password) on pages that don’t have https at the very beginning of the URL (the full address you see towards the top of your screen). If you are just browsing around, playing a game or catching up on the news, having https won’t matter as much.

    4. Protect your passwords

    If you use the same password for every site, or if you password is featured in the dictionary, you’ve got a problem. In fact, a password’s lifespan really shouldn’t exceed more than 6 to 12 months. But how do you manage all of these unique passwords? Apps like 1password or LastPass will do it for you.

    5. Enable a firewall

    This is a quick an easy task that can be accomplished on both Windows and Mac that prevents undesired web traffic from entering (or exiting) your computer. This adds an extra layer of security and can be used to prevent computers from accessing certain sites and content. You can learn how to configure your firewall here.

    6. Confirm the network name

    Before you try to connect to the WiFi at your local Starbucks, make sure the network is actually called Starbucks and not something suspicious like Stars and Bucks. On top of that, it’s very easy to assign any name to a network so think before you click as there may be more than one “Hotel_WiFi-Guest”. Always gotta be on the look-out for the little things.

    Source: SaferVPN

  • ERCOM Launches Secure SMS

    ERCOM, a secure communication solutions provider, announced that it has upgraded Cryptosmart Mobile Suite with secure SMS feature.

    Launched in 2008, Cryptosmart Mobile Suite is a patent based and certified solution for mobile communications that protects both voice and data transmission, encrypts data stored on the device, and blocks MMS, SMS and internet attacks.

    It is dedicated to governments and corporations to help them communicate in a confident manner.

    New Secure SMS brings three major security attributes:
    • Confidentiality : SMS are encrypted
    • Integrity : users are sure that the SMS has not been modified
    • Authenticity : the sender identification cannot be falsified

    “Secure SMS is complementary to secure data. Indeed, professional users continue to use SMS for some of their communications. There is no need to have any email address. Moreover, there are some cases where users do not have access to data networks (poor mobile coverage, lack of data roaming agreement, etc.),” according to the company.

    The Cryptosmart is compliant with all existing networks such as mobile networks (2G, EDGE, UMTS, HSDPA, HSUPA, LTE), satellite networks (Inmarsat, Thuraya, Eutelssat), and wireless IP networks (Wifi, Wimax). It is based on EAL2+ and common criteria technology.

  • Sipera SLiC Makes Smartphone VoIP and UC Secure and “Business Ready”

    After demonstrating how easy it was to eavesdrop and record VoIP calls made over an unsecured WiFi network on the iPhone using open source software called UCSniff, Sipera Systems, which offers real-time Unified Communications (UC) security, released the Sipera Secure Live Communications (SLiC) mobility solution.

    As the smartphone market has exploded, hundreds of communication applications have been introduced that take advantage of WiFi and data services such as 3G, GPRS and other technologies.

    But these applications do not natively integrate into the enterprise security infrastructure, making it difficult for communications security managers to ensure communications privacy, data integrity, and other critical security requirements.

    As a result, employees are using unauthorized VoIP or other UC applications on their smartphones and violating privacy mandates and confidentiality rules, exposing themselves to eavesdropping, and increasing information security risks.

    Sipera claims SLiC solves the smartphone security challenge by “integrating the smartphone into the enterprise communications security infrastructure”.

    “The solution automatically authenticates the smartphone back into the enterprise PBX or call manager, ensures encryption of IP-based communications, enforces security policies in real-time and blocks threats or blacklisted callers,” the company says.

    According to Sipera, “delivering breakthrough enterprise-class communications privacy and security for Voice-over-IP and UC on smartphones, Sipera SLiC makes smartphone VoIP and UC >business ready<.”

    The company states SLiC is the industry’s first security solution enabling enterprises to “tame” the smartphone, permitting employees to use VoIP, UC, cloud telephony, and other low-cost and feature-rich communications applications on mobile devices with complete security and privacy.

    Sipera SLiC enables smartphone VoIP to include smart-card card authentication for accessing enterprise resources, providing unparalleled access control and communications privacy. It uses two-factor authentication with smartphone VoIP for enhanced access control.

    “Secure unified communications on the smartphone will revolutionize enterprise communications, dramatically improving company agility and employee responsiveness,” said John Lochow, President and CEO of Sipera Systems.

  • Smartphone Faces Security Threat

    The pervasive nature of the mobile world has made it difficult to successfully curb security threats on smartphones and other mobile devices offering internet access, says Alain Rollier, founder of AXSionics.

    In an interview with Biz-News.com this week, Rollier gave a detailed account of how security threat on mobile devices was shifting from the traditional devices that offer Internet Access.

    “Mobile phones become or in many cases are already as powerful as any other Internet Access device, therefore the known security issues on the PC and Laptops will appear on mobile.

    “So all the problems of laptop/pc world are heading the way of the smartphone, plus a few more as a direct result of the pervasive nature of the mobile world,” he said.

    The security expert dispelled myths that certain operating systems were more secure than others. He said the crux of the matter was the operating environment more than anything else.

    Alain Rollier

    Rollier said his company has developed solutions that work on all operating systems as well as networks.

    “I don’t think it’s really a question of only the operating system. I think the more important question is the operating environment. We have developed a solution that does not rely on the security of the operating system or the network or the access devices and still delivers complete security for transactions and identity management, Rollier explained

    Biggest threat to security on a smart phone

    Security issues around the smartphone are crucial because the device already accounts for 25 percent of the cellphone market. Given their current growth rate and the number of new devices, smartphones will account for an increasing share of the overall market with some sectors predicting as much as 40 percent over the next five years. This would be at a minimum 400 million devices per year.

    Rollier is of the opinion that security threats to smartphones are similar to those found on PCs or Laptops, but acknowledges that the use of many interfaces will be problematic on security.

    “Smart phones have all the issues around security that a pc or laptop has, plus a couple more which come from the additional interfaces like SMS and SIM cards. By nature, having a lot of interfaces is not helping to secure devices; one challenge is to have two independent channels on the same device – internet browser and communication. I think a shift in thinking is required,” he said

    Rollier said all devices including the smartphone would be impossible to fully guarantee security but noted that emphasis must be on ensuring secure identities and transactions.

    “The smartphone, laptop or pc will always be impossible to fully secure. The question we have to answer is ‘how do we make sure that identities and transactions are always secure when this is the case?’

    “This is what has driven our thinking at AXSionics, and we have developed a solution that provides this security regardless of how unsecured all the elements in the chain are,” he said.

    Enterprise security policies on mobile devices

    Biz-News.com enquired from Rollier if it was possible for companies to implement security polices on smartphones as much as they did on desktop computers.

    The security expert was quick to point out that some firms had already implemented policies to that effect but acknowledged that due to the nature of the mobile world it would always be a challenge for these to be a success.

    “Some companies also implement PKI type solutions which can, in very controlled environments, help. However, in the pervasive word of mobile communications, these solutions are not sufficiently scalable and hence cannot be successful.

    “Allowing companies to implement their current enterprise security policies on mobile devices will not solve the problem,” he said.

    On data theft, he explained that companies and individuals must be wary of data that was not on the smartphone but could be accessed by the device.

    Rollier pointed out that enterprise data, e-Banking, commerce transactions, identity data and username/password combinations that are available and that can be accessed and used by cyber criminals should be of concern to everyone.

    “I think a mobile security product is one part of the answer but we must stop thinking of these devices as anything more than a pc or laptop, only much more pervasive and much more vulnerable,” he said.

    Affordable and accessible security solutions

    On the question of availability and how companies and individuals can afford security solutions, the founder of AXSionics said their solution worked effectively on both secure and insecure operating systems on smartphones.

    “We provide solutions that work regardless how secure or insecure the operating system of the smart phone is. We use the smart phone and the internet connection only to transport encrypted information from the service provider to the AXSionics Internet Passport. It’s very secure, doesn’t drive usage costs and is very convenient for the user,” he said.

    AXSionics has in recent past won several awards for its innovation, concept and design. These included the Red Dot Design Award, the Red Herring Hot 100 Europe Award and the European Innovation Award in Identity Management.

    Rollier said despite the product being new, it was currently in use in a number of high security areas including defence and in volume use in retail banking. It has many innovations built in to ensure it is scalable, easy to use and convenient.

  • Verizon to Offer New Encryption Services For Small and Medium-Sized Businesses

    Verizon is expanding its encryption service to cover documents and e-mail and launches new services for small and medium-sized businesses.

    Encrypted Docs enables the user to encrypt files and folders and determine who can access, read and write to the file or folder, enforcing privacy policies. As a result, important data – such as intellectual property, customer records, contracts, human resource files and highly sensitive negotiations – can be safeguarded via encryption.

    According to the company, e-mail encryption and newly added data encryption services will help prevent privacy leaks, unauthorized access and help keep documents private in case of theft or loss.

    Verizon Encrypted Mail service, which has been available since December 2005, verifies and authenticates that the message has not been altered, allows it to be opened only by the intended recipient, and allows users to lock e-mail that they receive so it cannot be viewed by others.

    Both services, available through the privacy packages (such as Data Protection Paks) offered by Verizon, are based on PKI, X.509 and S/MIME encryption standards.

    The company claims the services are best suited for businesses that have to comply with government regulations, and businesses that have employees who work at remote locations, where data should be kept private at all times to prevent loss or theft.

    "Typically, small businesses do not have the IT staff of large enterprises to manage the complexity involved with encryption services," said Mark Grosso, senior manager of business security products for Verizon.

    "Verizon is like a SMB’s CIO, offering small and medium-sized businesses an affordable, cost-effective suite of important Internet security services such as anti-virus protection, a remote backup and storage solution, and encryption services that will help ensure safeguarding the privacy of business’ data at every level. Plus, we offer our SMB customers 24 x 7 technical support," he added.

    How it works?

    For the encryption service, a user registers and downloads one plug-in for Encrypted Mail and Encrypted Docs. Before sending an e-mail message, users just click on the "Secure" button on their toolbar, and their message – along with any attachments – is immediately encrypted, digitally signed and sent to the recipient. If the recipient is another registered Encrypted Mail user, the user can open the message after entering his or her password.

    See a demonstration of Encrypted Mail here, and Encrypted Docs here.

    According to Verizon, the most robust privacy package is Data Protection Premium. Starting at $9.99 per month, it includes Encrypted Mail and Encrypted Docs together with the Verizon Internet Security Suite for Internet protection of up to 3 PCs, plus Online Backup and Sharing. This offer combines data encryption services with anti-virus, firewall, anti-spyware, fraud protection and content management, plus online storage and much more, whether in the office or on-the-go.

    "An organization needs to address its IT security at every layer, Grosso said. "While cost cutting is what all companies – particularly, the smaller ones – strive for these days, it’s important to not cut privacy solutions. That’s a surefire way to kill a business."

  • InterAct First to Validate Next Generation 9-1-1 Architecture

    InterAct, a provider of software for enterprises and government agencies, announced the successful integration with proposed Next Generation 9-1-1 architecture.

    The company is one of the first two nationwide U.S. vendors to achieve this integration. It is also the only provider to completely process end-to-end NG9-1-1 calls from the caller to the Computer-Aided Dispatch (CAD) and Geographic Information mapping systems (GIS) using nothing but IP connections.

    At NENA’s 2009 conference, InterAct showcased its ability to route wireless 9-1-1 calls into the DOT public safety test system and instantly deliver all data associated with the call to a full dispatch position without the use of legacy tone-based caller identification or serial subscriber lookup.

    A wireless 9-1-1 call placed from the NENA 2009 Conference in Ft. Worth, Texas was immediately routed through InterAct’s Next Generation IP-enabled 9-1-1 controller in Ottawa, Canada back to a call-taker position in Ft. Worth. Simultaneously, the automatic location information (ALI) was sent from the controller to an InterActCADtng server in Winston-Salem, NC and transmitted over a low bandwidth wireless network using an air card to a dispatch position in Ft. Worth where the caller location was plotted on the InterActGIS map display, and a call created in the InterActCADtng workstation. With this accomplishment, InterAct demonstrated that it is possible to dispatch incident response personnel from anywhere in the world.

    “9-1-1 centers have a dire need for Next Generation capabilities,” said Brian Fontes, CEO of NENA. “Regardless of whether a caller dials 9-1-1 from a wired, voice-over-IP or wireless phone, the location information should be instantly transmitted to the correct public safety answering point. Next Generation 9-1-1 makes this possible and enables the PSAP to receive and react to multimedia messages that cannot be handled by the current system”.

    Using NG 9-1-1 technology not only will agencies be able to communicate with citizens via text and video messages, but they can also choose to centralize all public safety equipment to drive down costs and collaborate with other agencies, while keeping dispatchers in the local communities they know best.

  • Freecom Adds RFID to HDD


    Freecom has launched an external HDD that requires the use of a keycard to get access to its data.

    Admission to the Hard Drive Secure is controlled by an RFID card which has to be swiped over the HDD to lock it – and again to unlock it.

    Freecom said that entry is possible "within seconds". The company provides two RFID cards with the drive.

    Freecom’s Hard Drive Secure is available now in four capacities, ranging from 500GB to 2TB.

    Prices start at USD $120.

  • PayPal App Introduced To Android


    Making payments just got a little easier for owners of an Android phone with the news that PayPal has introduced its app in the Android Market.

    The e-commerce business says that the app gives users easy access to many of its popular features.

    The eBay subsidiary also stresses that for those worried about security, it uses the same technology and safeguards that they have for the web client.

    Some of the features include:

    • Direct integration with the contact list – Users select a name from contacts to make a payment
    • Recent history – A smartphone can be used to look at transactions over the last couple of months
    • Balance checks – balances in any of the currencies held can be shown