Spring World 2017

Conference & Exhibit

Attend The #1 BC/DR Event!

Fall Journal

Volume 29, Issue 4

Full Contents Now Available!

Jon Seals

New Storage Solution Delivers Private Cloud File System Synchronization for Ensured Privacy and IT Control With the Secure Mobile Access Users Demand Anytime, Anywhere for Enhanced Business Productivity

CAMPBELL, Calif. – Nexsan™, a global leader in unified storage solutions, today announced the release of Nexsan UNITY™, a next-generation storage platform that combines the performance, scalability and value of DRAM and Flash along with private cloud file system synchronization and true data mobility support. These features, in addition to universal connectivity for Fibre Channel, Ethernet and SAS, and advanced services including NAS and SAN, are all integrated into a single product at a single price.  

According to IDC data is doubling in size every two years with the predicted total amount of data topping 44 Zettabytes by 2020. This data is commonly stored in distinct silos which limits the user access that supports today's mobile workforce. Business users demand high performance access to information (structured or unstructured) from anywhere in the world at anytime, from any device. Further, access to this information must be present 24x7 and its security is of paramount importance to the enterprise. *

Many siloed storage, data management, file sync and share and security solutions exist to provide for these individual requirements, but are typically cobbled together in costly, inefficient and unreliable ways. Nexsan UNITY addresses all of these requirements in a single unified solution which delivers high performance and multi-site collaboration at LAN speed to support business continuity and disaster recovery processes as well as mobile access to primary storage data.

Delivering high-performance multi-site collaboration, UNITY exclusively offers enterprise n-Way Sync. The n-Way Sync functionality makes UNITY the only enterprise filer to deliver high performance unified storage with site-to-site enterprise synchronization. Enterprise sync is supported across distributed primary storage at LAN access speeds, improving user productivity while leveraging an organization's secure infrastructure, leveraging Active Directory and access controls to prevent unauthorized user file access. This assures that data is in sync across multiple sites and locations while securing content with encryption at rest and in flight with self-encrypting drives and encryption keys. As a result, users have the mobile access they demand while IT can assure the security and control needed to remain compliant.

UNITY's patented technology is designed to support all devices -- from mobile devices to tablets, laptops and desktops running Android, iOS, Mac and Windows -- and provides a secure connection to data stored and managed within the enterprise totally eliminating the drudgery of using unpopular and aging VPN technologies. Mobile workforces will have the freedom and flexibility to access and share files securely across all of their devices -- no matter where they are -- for enhanced business productivity and data security.

"Today's NAS and SAN storage solutions have ignored the need for secure access to protected data maintained within the enterprise," said Bob Fernander, CEO, Nexsan. "With Nexsan UNITY we're providing a means to extend primary storage across and outside the enterprise in a secure manner. We've combined the power and performance of our Nexsan unified storage platform with the cloud flexibility of our Transporter private cloud file sync and share appliances. The result is a unified storage solution like no other -- providing simplified file sharing, secure data access and comprehensive data storage for the datacenter."

Most storage systems do not integrate mobile support, yet performance, security and cost concerns, make cloud-based solutions like Dropbox and Box an inadequate option. Likewise, private deployment of software based "hub and spoke" synchronization solutions work well only if there is a single site from which primary data is accessed. The new Nexsan storage solution provides authorized mobile devices with access to files stored on UNITY as an extension of its solution. It provides a patented method for connecting mobile users to their primary storage behind their enterprise firewall and combines this with the ability to connect users to other synchronized volumes available elsewhere within the enterprise. As a result, users achieve high performance with high data availability and data access from an alternate source if their primary source is unavailable.

UNITY delivers a full enterprise-class feature set for small, midsize, and large businesses. Nexsan's FASTier™ caching accelerates performance to meet demanding I/O requirements. This unified platform supports Fibre Channel and iSCSI connectivity in addition to NAS and SAN protocols. Unified HDD and SDD support can be tailored for the best mixed application deployment environment. For organizations facing extreme data growth or needing greater application performance, the Nexsan UNITY family scales from 13TB up to 5PB. Nexsan UNITY matches flexible, performance datacenter storage with the private cloud technology behind Nexsan's Transporter family of private cloud file sync and share appliances. Known in the industry as one of the simplest solutions for secure file sharing, Transporter is an on-premises solution that uses a unique peer-to-peer approach to enable secure remote access to primary storage from anywhere on any device.

Nexsan UNITY is available now with pricing starting at $45,000 MSRP. Mobile access will be next quarter with desktop apps, sync and share soon after. For more information, visit: http://www.nexsan.com/products/unified-storage-enterprise-sync

Tweet this: .@Nexsan delivers innovative #private cloud file sharing with #nWay sync -- from the #mobile user to the #datacenter

About Nexsan
Nexsan™ is a global leader in unified storage solutions that are focused on seamlessly and securely enabling a connected workforce. Its broad solution portfolio empowers enterprises to securely manage, protect and utilize valuable business data -- while allowing users to sync, share and access files from any device, anywhere, anytime. For further information, please visit: www.nexsan.com.

Nexsan, the Nexsan logo, Connected Data, the Connected Data logo, Transporter, E-Series, NST, AutoMAID, Assureon and UNITY are trademarks or registered trademarks of Imation Corp. All other trademarks are property of their respective owners.

*IDC Digital Universe

White Paper Highlights Privilege Management and Application Control as Effective Components in Defending Against Malware Threats

SUNNYVALE, Calif. – AppSense, the leading provider of user virtualization solutions for the secure endpoint, today announced that its approach to delivering trusted endpoint security solutions was recently validated in a white paper published by the SANS Institute. The paper, "Updates to the CSCs: More Effective Threat Protection with Privilege Management and Application Control," examines the Center for Internet Security's latest version of Critical Security Controls (CSCs)1. CSCs are a prioritized list of 20 security controls that, when implemented well, have proved effective in blocking most advanced target threats and supporting faster detection and resolution of those that do get through initial defenses.

Application control and privilege management, two hallmarks of AppSense's Application manager endpoint security solution, were identified as "quick wins" with immediate risk reduction against advanced target threats.

"The security benefits of application control and privilege management are well known -- they are often considered to be just Security 101. Nonetheless, the majority of breach reports have determined that attacks succeeded because of either missing or ineffective controls and processes in these areas," according to the SANS paper authored by John Pescatore, SANS Insitute director of emerging technologies. "Conversely, enterprises and government agencies that avoid breaches or minimize the damage of advanced targeted attacks almost invariably have implemented controls such as Application Control and Privilege Management and have mature processes that both respond to changes in threat and meet business needs for flexibility and adaptability."

"AppSense's innovative Trusted Ownership® approach to whitelisting prevents ransomware and malware incidents before they can start, while requiring minimal configuration by IT and without reducing user productivity. Powered by this philosophy, AppSense secures over 9 million endpoints today," said Jon Rolls, Vice President of Product Management for AppSense. "AppSense provides a range of endpoint security features that enable delivery of productive, least-privilege desktop together with tools that enable easy ongoing self-service and maintenance by the IT and Security Team. This SANS whitepaper underlines the critical role AppSense plays in reducing the most common security threats."

In addition to application control through Trusted Ownership, AppSense provides a wide range of endpoint security functions including:

  • Granular Windows privilege management for a practical approach to least privilege practice
  • Network access control to minimize damage through compartmentalization
  • Desktop software license compliance and enforcement
  • Granular visibility into security and privilege activities in a live environment

The SANS Institute was established in 1989 as a cooperative research and education organization. Its programs now reach more than 165,000 security professionals around the world. A range of individuals from auditors and network administrators, to chief information security officers are sharing the lessons they learn and are jointly finding solutions to the challenges they face. At the heart of SANS are the many security practitioners in varied global organizations from corporations to universities working together to help the entire information security community.

For a complete copy of the SANS Institute report, "Updates to the CSCs: More Effective Threat Protection with Privilege Management and Application Control," visit http://bit.ly/1TsYvFB.

SANS Institute's Pescatore will be a featured speaker tomorrow for the webinar, "Overcome Privilege Management Obstacles with CSC v.6." The live webinar on Tuesday, April 26 will cover the changes in controls that can help streamline privilege management and make it less visible -- and annoying -- to users. Register for the webinar here.

About AppSense
AppSense is the leading provider of user virtualization solutions for the secure endpoint. The technology allows IT to secure and simplify workspace control at scale across physical, virtual and cloud-delivered desktops. AppSense solutions have been deployed by 3,600 enterprises worldwide to 9 million endpoints. AppSense is now a part of the LANDESK family with offices around the world. For more information please visit www.appsense.com.

1 The CIS Controls for Effective Cyber Defense Version 6.0, www.cisecurity.org/critical-controls.cfm


Decrease Costs and Time to Value While Streamlining Business and Technology Operations

WAYNE, Pa. – Elemica, the leading Supply Chain Operating Network for the process industries, discusses the many ways their network can drive efficiencies for companies undergoing a divestiture or a merger and acquisition (DM&A). When new entities emerge, Elemica's expansive footprint across industrial process manufacturers makes it very likely that their trading partners are already a part of the community on the network. This makes it easy for them to quickly acclimate, connect and conduct commerce. When companies come together, Elemica's expertise in integrating key business-to-business processes, creates real-time visibility and orchestration across disparate systems so that they can operate as one.

"Elemica's dominant market share in the process industries ensures that a company undergoing a merger and acquisition -- or spinning off a division into a new company -- can continue conducting business on the network," said Chris Cameron, Vice President, Customer Solutions at Elemica. "Our patented 'come as you are' technology, and the ability to communicate limitlessly across the network, enables us to help architect and execute an effective strategy for companies undergoing DM&A activities."

Elemica's enterprise network powers the automation of business processes using Universal Business Documents (UBDs) to handle communications, exchange master data elements and manage configurations so companies on the network can work together effortlessly. UBDs uncover similarities in business processes, identify what the process is trying to convey, break down the process into unique elements for future correlation and better understand how the process relates to future applications.

UBDs help companies to quickly begin using the Elemica network for order management, vendor managed inventory, logistics processes, global supply management, and more. For example, one large global chemical manufacturer was in the process of spinning off one of their divisions. The newly formed organization turned to Elemica to coordinate the redirection of trading partners to their new Enterprise Resource Planning (ERP) package, helping them to swiftly come up to speed in their organization so they can begin generating revenues faster.

"By integrating your ERP with those of your trading partners, you can achieve on-demand, global supply chain visibility, and instantaneously respond to the ever-changing landscape of supply and demand. The return on investment is validated in immediate cost savings, and reinforced in the benefits of enhanced trading partner relationships resulting in top line revenue growth," adds Cameron.

Elemica's approach to trading partner onboarding eliminates the need for middleware tools by harnessing transaction data from disparate systems, translating messages with established business rules and running automated testing tools to accelerate time to value. This methodology makes it easier to move over trading partners because they have already been vetted by Elemica, or they are already on the network.

"In DM&A activity, adhering to timelines is the ultimate priority. Elemica understands this, and has successfully aided the execution of numerous mergers, acquisitions, and divestitures on behalf of our clients. The value of these transactions is simply too high to allow for execution failures, and Elemica has a proven track record of success," added Cameron.

About Elemica

Elemica is the leading Supply Chain Operating Network for the process industries. Elemica transforms supply chains by replacing manual and complex approaches with efficient and reliable ones. Launched in 2000, customers like BASF, BP, Continental, The Dow Chemical Company, DuPont, The Goodyear Tire & Rubber Company, LANXESS, Michelin, Shell, Solvay, Sumitomo Chemical, Wacker and more process nearly $400B in commerce value annually on the network. Elemica drives bottom line results by promoting reduced cost of operations, faster process execution, automation of key business processes, removal of transactional barriers, and seamless information flow between trading partners. For more information, visit www.elemica.com.

Managed Hosting and Public Cloud Provider Leverages Midokura to Meet Strict New Data Sovereignty and IT Security Government Requirements

AUSTIN, Texas – Midokura, the global innovator in software network virtualization, today announced that Berlin-based managed hosting and public cloud provider SysEleven has selected its award-winning Midokura Enterprise MidoNet (MEM) technology as the network virtualization overlay of choice and the default networking technology for the SysEleven Infrastructure Stack.

The company recently rebuilt its managed hosting platform based on OpenStack. The move to Midokura and OpenStack enables SysEleven to continue to innovate, while meeting the German government's strict data sovereignty and IT security requirements. SysEleven selected Midokura technology due to its ability to help the provider easily manage application workloads, along with its proven performance in the SysEleven Infrastructure Stack, which supports a bandwidth of up to 100 gigabytes per second.

"The SysEleven heritage came from delivering complex web applications supporting media and television advertising for the European market," said Marc Korthaus, CEO of SysEleven. "Because we maintain and operate the entire application stack for our customers, we have to ensure that all components in our SysEleven Stack are both robust and distributed. Midokura Enterprise MidoNet met all our requirements and offered the ideal network virtualization overlay solution as we continue to deliver on the promise of high-availability and consistency to our customers."

Midokura's MEM technology offers an intelligent, software-based network abstraction layer between the hosts and the physical network, by decoupling the IaaS cloud from the network hardware. In turn, operators can build isolated networks in software to overlay the existing hardware-based network infrastructure. Midokura's open source version of its core MidoNet technology is quickly gaining in popularity among organizations of all sizes in more than 120 countries.

"Similar to SysEleven, the founders of Midokura have deep backgrounds in building complex online applications for Amazon," said Adam Johnson, vice president of business at Midokura. "Adding SysEleven to our customer roster and being included into the SysEleven Stack is an affirmation that our Midokura Enterprise MidoNet has the robustness to support the most heavily trafficked networks in web applications being built today. Midokura technology continues to see adoption by the world's most cutting-edge enterprises."

To learn more about MEM and to register for a free trial, visit: www.midokura.com/midonet-enterprise. To learn more about open source MidoNet, go to: www.midonet.org.

Tweet This: Midokura's award-winning tech selected as network virtualization overlay of choice by Germany's @syseleven http://bit.ly/1YjcYFp


About Midokura
Founded in 2010, Midokura was an early global leader in network virtualization. The company's pedigree includes Amazon, Cisco, Google and VMware. With its Midokura Enterprise MidoNet (MEM) solution, Midokura offers the industry a complete overlay technology that integrates with cloud platforms, such as OpenStack. Now gaining awareness in 122 countries, the source code for MidoNet is freely available at www.midonet.org. MidoNet delivers the first truly open, vendor-agnostic network virtualization solution available to the OpenStack community. Midokura is a contributing member of the OpenStack Networking (Neutron) Project, Open Platform for NFV Project and the Kuryr Project.

Midokura has offices in San Francisco, Tokyo and Barcelona, and is on the web at www.midokura.com. Follow us on Twitter: @midokura.

About SysEleven
SysEleven was founded in 2007 in the heart of Berlin, before CEO Marc Korthaus founded the online magazine macnews.de. The platform had a strong demand for high performance and scalability, especially during keynotes by Apple's Steve Jobs. As no company provided the services and technology macnews.de required, SysEleven was founded and jumped right into the hosting business to meet these challenges.

SysEleven now has 75 employees, and supports customers from various industries in achieving their digital strategies (including e-Commerce, streaming, etc.). The company's new flagship product, SysEleven Stack, is available in beta, with general availability at the end of calendar second quarter 2016.

All trademarks and registered trademarks are the property of their respective owners.

Fortinet Expands Its High-End Presence With New 6000 Series Enterprise Firewalls Powered by Its Next-Generation FortiASIC Content Processor

SUNNYVALE, Calif. – Fortinet® (NASDAQ: FTNT), the global leader in high-performance cybersecurity solutions, today announced the expansion of its Security Fabric with introduction of the FortiGate 6040E enterprise firewall. First in Fortinet's new 6000 series of ultra-high throughput enterprise firewalls, the FortiGate 6040E delivers the unprecedented next-generation firewall performance, effortless scale, and superior security so large enterprises don't have to compromise between security features or network speed disruption.

  • Fortinet's new FortiGate 6040E enterprise next-generation firewall is designed to secure the vast amounts of mobile and cloud traffic for the largest of enterprises.
  • Fortinet bolsters its Security Fabric with its new FortiASIC CP9 next-generation Content Processors. CP9 accelerates the inspection of computationally intensive intrusion prevention (IPS) and secure socket layer (SSL) VPN traffic to deliver the level of performance required to deploy security wherever it is needed within the infrastructure.
  • New FortiGate 2000E and 2500E enterprise firewalls deliver CP9 ASIC advantages to enterprise edge and internal segments.

Michael Xie, founder, president and chief technology officer of Fortinet

"Enterprises are being disproportionally impacted as the adoption of cloud services and growth in remote access to corporate networks have eroded the network perimeter and steadily increased the demands on enterprise infrastructures. Facing the limitations of traditional security solutions, only the performance advantages of Fortinet's next-generation processors powering our new FortiGate 6000 series enterprise firewalls will give large enterprises the freedom to deploy the advanced security solutions necessary to protect their organizations today and into the future."

Security Solutions Have Become the Gateway to the Cloud

Adoption of cloud services and the ease of remote access to network assets have created a perfect storm for large enterprises, drastically increasing external demands on IT networks and exponentially expanding the attack surface. As a result, the enterprise next-generation firewall has become the de facto gateway to the cloud.

Compounding on these challenges, security leaders must overcome the limitations of the technologies used in most next-generation firewall solutions available today -- forcing them to choose between enabling security features or preserving the performance of their networks.

FortiASIC Hardware Acceleration Eliminates Security Compromise

Overcoming the limitations of traditional next-generation firewall solutions, the FortiGate 6040E is built on an innovative new processing architecture, utilizing FortiASIC content and network processors to offload and accelerate the security performance of its dual CPUs. Integrating advanced security processing, intelligent controls, and high speed networking enable the FortiGate 6040E to deliver unprecedented security and network performance in a deceptively compact form-factor.

FortiGate 6040E Technical Highlights:

  • 320Gbps enterprise firewall throughput.
  • 80Gbps throughput with all next-generation firewall features enabled.
  • FortiASIC CP9 brings enhanced SSL decryption performance to close gaps in the attack surface.
  • Intelligent networking, security, processing, and management capabilities are all efficiently integrated within a small form-factor chassis.
  • Six different interface configuration options tailored to match individual customer needs:
FG-6040E FW / NGFW Throughput 10GbE Interface 40GbE Interface 100GbE Interface
Option 1 320 Gbps / 80 Gbps 64 x 10GbE - -
Option 2 320 Gbps / 80 Gbps - 16 x 40GbE -
Option 3 320 Gbps / 80 Gbps - - 8 x 100GbE
Option 4 320 Gbps / 80 Gbps 32 x 10GbE 8 x 40GbE -
Option 5 320 Gbps / 80 Gbps 32 x 10GbE - 4 x 100GbE
Option 6 320 Gbps / 80 Gbps - 8 x 40GbE 4 x 100GbE

Fortinet's new FortiASIC CP9 content processor deliver the performance needed to secure the massive traffic demands of the largest enterprises and enables support for various firewall deployment modes including next-generation and advanced internal segmentation. This frees businesses to deploy security wherever it is needed without impacting network functionality. This enables the superior defenses of Fortinet's innovative Security Fabric.

Fortinet also announced the launch of two new FortiGate 2000E series enterprise firewalls, bringing the enhanced capabilities of FortiASIC CP9 to enterprises requiring higher next-generation firewalling and increased SSL inspection capabilities. The new FortiGate 2000E and 2500E also leverage CP9 deliver increased VPN capabilities, deep content inspection and advanced application controls. 

Supporting Quotes

Mobility, the cloud and IoT has raised the complexity of security to new heights. The number of advanced and targeted threats has rendered traditional approaches to security ineffective as most point products can no longer keep up. The 2015 ZK Research Security Survey revealed that 43% of respondents admit to turning features off in security appliances to improve performance. A unified security fabric that can provide the necessary layers of security without additional complexity or slowing down the network has become vital. It's critical that security professionals look at how security appliances are being built. A study by ZK Research conducted earlier this year found that ASIC based products consistently have an 18 to 24 month lead on price/performance over ones built on off the shelf silicon.

  • Zeus Kerravala, principle analyst, ZK Research


The FortiGate 6040E, 2000E, and 2500E will all be available in Q2 2016. Please contact your authorized Fortinet channel partner for pricing and details.

Additional Information

Website: FortiGate Enterprise Firewalls, FortiASIC Processors

Blogs: Securing the New Enterprise Edge, Introducing the Fortinet Security Fabric, Securing the Cloud

About Fortinet

Fortinet (NASDAQ: FTNT) protects the most valuable assets of some of the largest enterprise, service provider and government organizations across the globe. The company's fast, secure and global cyber security solutions provide broad, high-performance protection against dynamic security threats while simplifying the IT infrastructure. They are strengthened by the industry's highest level of threat research, intelligence and analytics. Unlike pure-play network security providers, Fortinet can solve organizations' most important security challenges, whether in networked, application or mobile environments -- be it virtualized/cloud or physical. More than 200,000 customers worldwide, including some of the largest and most complex organizations, trust Fortinet to protect their brands. Learn more at http://www.fortinet.com, the Fortinet Blog or FortiGuard Labs.

Copyright © 2016 Fortinet, Inc. All rights reserved. The symbols ® and ™ denote respectively federally registered trademarks and unregistered trademarks of Fortinet, Inc., its subsidiaries and affiliates. Fortinet's trademarks include, but are not limited to, the following: Fortinet, FortiGate, FortiGuard, FortiManager, FortiMail, FortiClient, FortiCare, FortiCloud, FortiAnalyzer, FortiReporter, FortiOS, FortiASIC, FortiWiFi, FortiSwitch, FortiVoIP, FortiBIOS, FortiLog, FortiResponse, FortiCarrier, FortiScan, FortiAP, FortiDB, FortiVoice and FortiWeb. Other trademarks belong to their respective owners. Fortinet has not independently verified statements or certifications herein attributed to third parties and Fortinet does not independently endorse such statements. Notwithstanding anything to the contrary herein, nothing herein constitutes a warranty, guarantee, binding specification or other binding commitment by Fortinet, and performance and other specification information herein may be unique to certain environments. This news release contains forward-looking statements that involve uncertainties and assumptions. Changes of circumstances, product release delays, or other risks as stated in our filings with the Securities and Exchange Commission, located at www.sec.gov, may cause results to differ materially from those expressed or implied in this press release. If the uncertainties materialize or the assumptions prove incorrect, results may differ materially from those expressed or implied by such forward-looking statements and assumptions. All statements other than statements of historical fact are statements that could be deemed forward-looking statements. Fortinet assumes no obligation to update any forward-looking statements, and expressly disclaims any obligation to update these forward-looking statements.

Image Available: http://www.marketwire.com/library/MwGo/2016/4/24/11G094828/Images/FG-6040E-Mockup-lr-new.jpg-a9880780e634a2f8a363ae75edfeda9f.jpeg

IDaaS Integration Enriches Behavioral and Threat Analytics in Palerra LORIC

SANTA CLARA, Calif. – Palerra, the leader in cloud security automation, today announced expanded support for identity management with the release of integration for both Ping Identity and Microsoft, as well as any SAML-compliant Identity Management provider. This follows a previously announced integration with Okta. Palerra now provides the most comprehensive support for identity management providers among Cloud Access Security Brokers (CASB), with detective, predictive, preventative, and remedial coverage. The Palerra LORIC platform also leverages IDaaS data to enhance behavior and threat analytics, providing customers with granular insight into anomalies and faster remedial response times.

"Identity as a Service (IDaaS) and CASB are similar to an integrated home security system, where the lock to the house on the outside is the IDaaS, and the surveillance inside the house is a CASB. This holistic approach provides security inside out -- from the innermost infrastructure layer to the top external layer where applications reside," said Adina Simu, VP of products for Palerra. "IDaaS is an integral component of a cloud security architecture, making it possible to dramatically simplify cloud security, and enabling customers to have a complete view of security and monitoring for cloud applications. We are setting the standard for identity management among CASBs with the broadest support for authentication and identity management standards including LDAP, SAML, OAuth, and more."

Palerra LORIC leverages user repositories as well as audit and activity logs from the IDaaS providers to generate granular analytics and precise user information, which provides better derivative outputs when coupled with Palerra User Behavior Analytics (UBA) capabilities. This results in surgical threat analytics, faster and more accurate responses to behavioral anomalies, and precise early warning indicators of cloud risk.

Integration with IDaaS also enables Palerra LORIC to programmatically use APIs to conduct remedial and preventative actions, like blocking suspicious users or forcing session termination, creating a closed-loop security lifecycle and full protection in the cloud. In addition, Single Sign-On (SSO) functionality eliminates the need to create separate Palerra LORIC specific accounts in applications, reducing cost and simplifying maintenance.

Whether CASBs provide built-in integration to leading cloud IDaaS providers, or provide integrated IDaaS capabilities, they provide value according to Neil MacDonald, VP, distinguished analyst and Gartner fellow emeritus and Craig Lawson, Research VP. Neil and Craig wrote that, "In both cases, the value added by a CASB is to apply additional context at the time of access and during the use of cloud services to make adaptive access decisions that can reduce the likelihood of unauthorized access to one of your accounts. This capability is especially critical for privileged accounts, such as administrative accounts of the cloud service. Examples include blocking access to a cloud service from an unmanaged or unhealthy device, blocking access from specific regions of the world or providing risk-based authentication capabilities."1

Palerra integrations with Okta, Ping Identity and Microsoft Azure Active Directory are available immediately. For more information, visit: http://palerra.com/partners/#tech

To learn more about Palerra LORIC:

1 Gartner "How to Evaluate and Operate a Cloud Access Security Broker" by Neil MacDonald, Craig Lawson, December 8, 2015.

About Palerra
Palerra helps organizations protect their business-critical cloud infrastructure and data with Palerra LORIC™, the industry-leading solution for cloud security automation. Palerra is the only Cloud Access Security Broker (CASB) that provides visibility and security across the entire security lifecycle from infrastructure to applications, enabling organizations to realize the full promise of the cloud. Leading enterprises including BMC Software, Jefferies, and VMware leverage LORIC for continuous monitoring and security of their cloud applications. Palerra is a privately held company funded by Norwest Venture Partners, Wing Venture Capital, and August Capital, and is headquartered in Santa Clara, Calif. For more information, visit www.palerra.com.


‘SAN Extender’ provides an inexpensive, easy and risk-free way to get more life from current storage systems

TORONTO, Canada – ioFABRIC Inc. today announced that InReach Continuing Education Solutions has chosen ioFABRIC’s Vicinity for its storage infrastructure. InReach has been helping leading professional associations, educational content providers, non-profits, and businesses bring continuing professional education and training online for more than a decade. As a Software-as-a-Service provider, InReach hosts content for streaming webinars, events, conferences, and even exams for clients primarily in the legal, healthcare, and financial sectors. As such, performance and reliability of its underlying storage system is critical to the success of InReach and its customers. The company was trying to optimize IOPS and performance to support virtual environments critical for testing and development of its software and had employed a two-unit Synology network attached storage solution. In an effort to improve the performance of its NAS rather than replace it, they looked for a way to extend the life of its storage infrastructure easily and cost-effectively. “I spent a great deal of time trying to get the most performance out of the NAS units,” said Donald Lopez, IT Manager at InReach. “I started looking at other options for our storage needs. ioFABRIC Vicinity was extremely simple, very easy to deploy and use. That was a really nice plus for me.” As a ‘SAN Extender,’ Vicinity helps companies like InReach add more performance, more capacity, and new features to their current storage solution, building on what they have, without a costly and time-consuming rip-and-replace project. They can add new resources to their existing storage devices, such as flash, inexpensive hard drives, or overflow to cloud storage. All systems and applications remain fully available and centrally manageable. Vicinity automatically maintains application Quality of Service levels, utilizing the appropriate storage, monitoring performance, optimizing capacity, and managing data protection. Additionally, Vicinity maintains service levels, adapting in real-time as demands and workloads change. Vicinity was deployed in InReach’s test environment, which consisted of a couple of infrastructure servers for Active Directory and file sharing. The test environment had heavy SQL performance needs with databases requiring significant IOPS. Setting ioFABRIC Vicinity up on a dedicated server, Lopez said that it was ‘pretty nice’ to be able to have different options for various LUNs or lines he had attached to the NAS units he had while being able to modify the performance of each individual storage device. “If I didn’t have ioFABRIC Vicinity, I’m not sure how well I would have made it through all of that while keeping the company running,” said Lopez. “Once I set the configuration for the performance-based environment, I didn’t have to do anything else.” ioFABRIC Vicinity is now being utilized to provide the optimal performance needed for testing a mixed environment of domain controllers, Active Directory, and file servers before deploying them into production. In addition to the performance and easy deployment of Vicinity, Lopez said he was impressed with the solution’s documentation, reporting and management dashboard, and the support he received from ioFABRIC. About ioFABRIC ioFABRIC Inc. is a software-defined storage company that increases business agility while reducing storage costs. Its vision is to transform storage into something a business can simply depend on, eliminating admin demands, and freeing IT time to focus on true business innovation. Its flagship product, ioFABRIC Vicinity, drastically reduces storage OPEX and CAPEX with intelligent automation and growth through commodity hardware and the cloud. Vicinity Solutions are available to extend existing storage systems, solve migration problems, and deploy as distributed storage, hyperconverged, or Docker. Vicinity is sold through ioFABRIC’s reseller and distribution channel, supported by its industry leading LEaD program. Partners sell Vicinity as licensed software with support or by white-labeling it with additional hardware and/or software. Founded in 2013 by an executive team that has worked together for more than 20 years, the company is funded by private investors and Real Ventures. ioFABRIC is an industry leader in customer service and product development: agile and responsive. For more information visit www.ioFABRIC.com/Learn.
Private Microsoft® Windows® users patching their operating systems more diligently – but the same cannot be said of Apple® QuickTime® and Oracle® Java® users


Maidenhead, UK – Flexera Software, the leading provider of next-generation software licensing, compliance, security and installation solutions for application producers and enterprises today has published Country Reports covering Q1 2016 for 14 countries. The reports, compiled by the Flexera Software’s Secunia Research team, provide status on vulnerable software products on private PCs in those countries, listing the vulnerable applications and ranking them by the extent to which they expose those PCs to hackers.


Key findings in the UK Country Report include:

  • Unpatched Microsoft Windows Operating Systems on the Decline: The percentage of private PCs with unpatched operating systems (Windows 7, Windows 8, Windows 10, Windows Vista) in the UK is on the decline. As of the end of Q1 2016, 6.1 percent of users had unpatched Windows operating systems, compared to 11.5 percent at the same time last year.
  • Apple QuickTime Users Slower to Patch: 61 percent of UK private users have not patched their Apple QuickTime 7.x software. This number is up from 55 percent in Q4 2015.
  • Slight Increase in Instances of Unpatched Oracle Java: 41 percent of UK private users were running unpatched versions of Oracle Java JRE 1.8x/8.x. This is a slight increase from 36 percent in Q4 2015.

Users Applying Operating System Patches More Diligently

The decrease in unpatched Microsoft Windows operating systems is encouraging given the large number of Windows operating system vulnerabilities recorded in 2015, as reported in Flexera Software’s recently published Vulnerability Review 2016[1].


“Criminals use vulnerabilities as attack vectors to illegally gain entry into systems,” said Kasper Lindgaard, Director of Secunia Research at Flexera Software. “Companies and individuals can substantially reduce the likelihood of a successful attack by diligently applying vulnerability patches as soon as they become available. Based on the data reflected in today’s Country Report, it would appear that private users are, indeed, becoming more diligent at patching their Windows operating systems.”


Unpatched Java Programs on the Rise

The statistics regarding Java, on the other hand, are less encouraging. At 41 percent unpatched and 40 percent market share, Oracle Java JRE 1.8x/8x was the product with the second highest risk exposure in Q1 2016, up from 36 percent unpatched in Q4, 2015. Oracle did issue a critical Java patch release on March 23, 2016. In addition, Secunia Research at Flexera Software issued a Security Advisory on the Java vulnerability on March 10, with a Criticality Rating of Highly Critical – so the percentage of unpatched Java programs may decline in the future.


“A Criticality Rating of ‘Highly Critical’ is typically reserved for remotely exploitable vulnerabilities that can lead to system compromise. Successful exploitation does not normally require any interaction but there are no known exploits available at the time of disclosure.” added Lindgaard. “Despite our warnings and the availability of a patch, a significant percentage of private Java users remain vulnerable.”


To help users stay secure Flexera Software offers the Personal Software Inspector (formerly Secunia PSI 3.0), a free computer security scanner which identifies software applications that are insecure and in need of security updates. It has been downloaded by over 8 million PC users globally to detect vulnerable and outdated programs and plug-ins.


The 14 Country Reports are based on data from scans by the Personal Software Inspector between January 1, 2016 and March 31, 2016.


[1]The report catalogued vulnerabilities across Windows 10, which was released in 2015), Windows 8, Windows 7 and Windows Vista. Windows XP went End of Life in April 2014 and therefore new vulnerabilities in the OS are not recorded.



Learn more about:

Follow us on…

About Flexera Software

Flexera Software helps application producers and enterprises increase application usage and security, enhancing the value they derive from their software. Our software licensing, compliance, cybersecurity and installation solutions are essential to ensure continuous licensing compliance, optimized software investments, and to future-proof businesses against the risks and costs of constantly changing technology. A marketplace leader for more than 25 years, 80,000+ customers turn to Flexera Software as a trusted and neutral source of knowledge and expertise, and for the automation and intelligence designed into our products. For more information, please go to: www.flexerasoftware.com.

New report published today: An Introduction to LPWA Public Service Categories: Matching Services to IoT Applications


A new report published today by Beecham Research helps enterprise companies to match their Internet of Things (IoT) applications to the most appropriate public connectivity services to enable them. The report, ‘An Introduction to LPWA Public Service Categories: Matching Services to IoT Applications’, also proposes a new name for this new class of providers. Those offering LPWA-based connectivity services directly to users are referred to as Public LPWA Services Providers or LSPs. Where LSP services are enabled through a Cloud-based service – for example, to provide co-ordinated international coverage – the Cloud-based provider is referred to as an LSE (LPWA Services Enabler).


“The IoT covers an increasingly wide range of applications and there is no ‘one-type-fits-all’ when it comes to connectivity required to enable them,” says Robin Duke Woolley, CEO at Beecham Research and one of the report authors. “If this emerging industry is to meet its potential and get anywhere close to the ambitious predictions made by some commentators, it’s time for greater clarity with more focus on the service attributes that IoT applications need. This includes key parameters such as battery life and coverage, rather than focusing on the underlying technologies and what frequency they operate at, for example. Most users are not interested in the technical details – they just want something that works in the most cost-effective way for their applications.”


Many IoT applications are well covered by traditional cellular connectivity, WiFi or Bluetooth, but the growing opportunity for IoT applications that use very small amounts of data cost-effectively is driving the rapid introduction of LPWA technologies. These are being used in a variety of ways – providing direct hardware connections, or for private and public network services. The Beecham Research report focuses on public services being offered now or planned in the near future, which cater to this burgeoning range of very low data rate applications. These services include those from vendors such as SIGFOX, Ingenu and Senet, along with LPWA-based services like KPN, Proximus and Orange and MNOs planning to offer cellular variants LTE-M and NB-IoT.


To be of value to users, the essential service attributes have been kept to the minimum required to ensure users get what they want for their applications. The Beecham Research report lists nine of these: battery life, transmit mode, message delivery, latency, scalability, data rate, geo-coverage, security and device cost. Additional application-specific attributes include: in-building coverage, roaming/ubiquitous connectivity and geo-location. The report then goes on to outline Service Attribute Wraps, which cover service features that could be offered by the Service Provider as part of an SLA.


“We believe that the continuing debate around IoT connectivity technologies rather than services is not helpful for the rapid market development being sought by the IoT industry,” says Duke Woolley. “Our report is aimed at helping users to make an informed decision, by being able to understand what is being offered in a way that relates to the applications they want to use.”


More details of this report and free summary are available at www.beechamresearch.com


About Beecham Research

Beecham Research is a leading market analyst and consulting firm that has specialised in the development of the rapidly-growing M2M/IoT market worldwide for 15 years. Based in London, Cambridge (UK) and Boston, Beecham Research is recognised internationally as a thought leader with deep knowledge of market dynamics and technology at every level in the value chain including M2M/IoT services, platforms and solution security. Its clients span components and hardware, network operations, system integration, application development, distribution and enterprise adopters. The company is also the leading analyst firm in satellite M2M, where it has worked with all the network operators and the European Space Agency (ESA), and is also working actively in the wearable technology market, which is bringing the individual closer to the IoT. For more information, visit www.beechamresearch.com

Survey of HR professionals and line managers reveals trends in flexible working, talent development and HR’s role across 16 European countries


LONDON – As organisations face an era of digital transformation, new research highlights the need for HR professionals to redefine their role and contribution to the organisation. A unique study conducted by IDC and sponsored by talent management software provider Cornerstone OnDemand (NASDAQ: CSOD) examines the new world of work and the perceptions and expectations of HR leaders and business managers across 16 European countries regarding employee management and development. The findings not only reveal differing attitudes regarding flexible working practices and a shift in performance management and collaboration strategies, but they also indicate conflicting views of HR priorities and processes among the two groups surveyed.


For the study, which is unique in its size, geographical coverage and target group, IDC interviewed 1,352 HR professionals and business managers across 16 European countries working in organisations with more than 500 employees. The survey was conducted between January and February 2016 with respondents from the UK, Germany, France, Spain, Italy, Sweden, Denmark, Finland, Iceland, Norway, the Netherlands, Poland, Austria, Switzerland, Luxemburg and Belgium.


The UK, Germany, Switzerland and Poland lag behind in flexibility stakes

The report demonstrates the value of flexible working by showing a positive correlation between employee happiness and the adoption of flexible working practices. Yet, the research also reveals that flexible working practices have been taken up at different speeds across Europe, where the lowest flexible working maturity appears to be clustered in Central and Eastern Europe, as well as the UK. Among the respondents from Poland, less than 50 percent of those surveyed were allowed to work from home, while the figure for the Nordic countries was 87 percent.


Business managers and HR respondents stated a low level of flexible working adoption in Poland, the UK, Switzerland and Germany – surprising, given the competitive labour market in these regions. The Nordics, Spain, Benelux and Austria were perceived to be the most mature when it came to flexible working options.

Additionally, HR respondents indicated a higher level of flexible working than line managers. HR’s responses were between 5-6 percentage points higher than line managers, highlighting a lack of alignment between the two groups.


The situation with evaluation and collaboration

According to the study, annual and semi-annual employee performance reviews are still carried out by two-thirds of European organisations. Nevertheless, regular or continuous review practices are appearing to become more popular for employee development (45 percent) and performance (28 percent).

European companies also seem to be embracing collaboration, with a majority of respondents agreeing that employees are good at collaborating (78 percent) and taking on new responsibilities (75 percent). However, work needs to be done to facilitate collaboration, as line managers appear to be less supportive (65 percent) of team members applying for positions outside of their own departments than what HR believes (83 percent). Furthermore, less than half (47 percent) of respondents agree to having a collaborative learning system.

However, the research shows that companies with higher growth rates have a higher percentage of collaborative practices.


The disconnect between HR and line managers

The research also indicates that HR overrates its level of support of line managers and also underrates frustration with HR processes. Specifically, HR underestimates the level of frustration with HR processes among line managers, where more than 41 percent of the line managers surveyed agreed that they see it as a major frustration. From the HR professional perspective, that proportion was only 32 percent.


Additionally, there is a lack of consensus regarding how the success of HR initiatives are measured, with HR placing more value on new hire retention, whilst line managers favoured employee time-to-competency.


Comments on the News

“The breadth of the survey, as well as the group surveyed, gives us unique insight into people progression in the changing world of work,” said Vincent Belliveau, executive vice president and general manager of Europe, Middle East and Africa (EMEA), Cornerstone OnDemand. “Better alignment between HR and line managers is required in order for HR to fully redefine its role as a strategic partner within the organisation. HR must adapt to navigate this fast-changing environment – with flexible working on the rise – whilst managing pressure from employees who have different expectations of their employer. Those who succeed will be those who empower their people to support the business through change and growth.”


"This massive survey revealed many interesting discoveries for us. For example, we found how important flexible working practices and the IT tools to support it are for loyalty and pride of talented employees and managers. IT for mobile and remote working, ability to use personal devices at work, and IT training were critical influencers in this respect. However, 'freedom factors,' such as permission to work remotely and ability to apply for new positions outside one's own department, also had critical impact on employee happiness. We conclude that European organizations have work to do both in terms of technology investments as well as more flexible work cultures,” added Bo Lykkegaard at IDC.


Cornerstone will host a series of local events across Europe this summer to reveal the full results of this study with IDC. To register interest, please visit: The UK, France, Italy, Netherlands, Spain, and Sweden.


About Cornerstone OnDemand

Cornerstone OnDemand (NASDAQ: CSOD) is a global leader in cloud-based learning and talent management software. The company’s solutions help organisations realise the potential of a modern workforce. From recruitment, onboarding, training and collaboration, to performance management, compensation, succession planning and analytics, Cornerstone is designed to enable a lifetime of learning and development that is fundamental to the growth of employees and organisations.

Based in Santa Monica, California, the company’s solutions are used by nearly 2,600 clients worldwide, spanning 23.8 million users across 191 countries and 42 languages. To learn more about Cornerstone, visit us on Twitter, Facebook and our blog. www.cornerstoneondemand.co.uk