The ISP and hosting sectors were the most targeted industries of cyber-crime in 2014, and the trend is likely to continue in 2015. That’s according to Radware. The findings from its fourth annual ‘Global application and security report’, which surveyed 330 companies globally on cyber attacks on networks and applications, act as a strong warning to companies that depend on a hosting provider or ISP to ensure they do not become a ‘cyber-domino’ as a result of the security failings of their suppliers.
As part of the report, Radware has published a ‘Ring of Fire’, which tracks cyber attacks and predicts the likelihood of attack on major industries. In the last 12 months, ISPs have moved up the risk rankings to become some of the most at-risk companies, joining the gambling sector and government at the centre of the ‘Ring of Fire’. Hosting companies have jumped from ‘low risk’ on the outside of the ring to just outside the ‘high risk’ centre.
Adrian Crawley, UK & Ireland regional director for Radware, says: “The news presents a stark reality for thousands of British businesses that rely heavily on ISP and hosting provision to host their website and network operations. If companies fail to ensure their network security planning includes that of their ISP and hosting partners then there’s no doubt that 2015 will see a great number of ‘cyber-dominoes’ fall.”
Despite all the news headlines around data breaches, hackers and identity theft, it is a little known fact that since 2013 over 1 billion consumer records have been stolen by hackers. The estimated cost of this data theft is a staggering $5 billion dollars a year, which inevitably gets passed down to consumers and merchants in the form of higher prices and fees. No doubt, there is a global data security crisis, indeed a war being waged, that is getting harder and harder for the good guys to win.
The hackers only have to succeed a small percentage of the time to make a very big dent on our society. As a result, we are in an era where securing personal information requires more and more complex security and surveillance, by merchants, banks and the government agencies. The system of credit card processing introduced in the 1940s and 1950s and perfected in the 1970s and 1980s was just never designed for the 21st century, a century in which the Internet, the open source community and the dark web accelerate technology innovation at pace far more rapid than slow-moving merchant and banking infrastructure can keep up with. There is a need to address this global data security crisis, and this requires us to fundamentally rethink what it means for a consumer to spend money.
Retail companies have Big Data capabilities, but they’re not sure what to do with them. It’s just too… big, according to a special report released today by Brick Meets Clicks (available for free download with registration).
“Discussions about Big Data and retail often bog down in the vastness of its potential, leaving retailers with only the vaguest guidance as they try to figure out where and how to invest in this powerful tool,” states the report.
That seems to be a common theme with Big Data right now. As I shared in my previous post on analytics, Dr. Shawna Thayer talked about executive paralysis with Big Data during the recent Data Strategy Symposium.
It’s been said that the cloud represents a fundamental shift in the relationship between users, the enterprise, and the data with which they work.
A key facet of this change is the ability to spin up virtual and even physical data center environments on a whim, which leads to the interesting notion of how these resources are developed and deployed. It is reasonable to assume that with the cloud as the new data center, traditional resources will no longer be purchased and provisioned on a piecemeal basis. Rather, entire data centers will be implemented all at once. This is the same dynamic behind today’s hardware deployment, where whole servers or PCs are implemented, rather than individual boards, fans and chip sets.
The vendor community, in fact, has been prepping itself for this reality for some time. Nearly all of the major players have offered turnkey solutions for decades, but these usually represent pre-integrated components from their various product lines. Lately, however, vendors have been teaming up with newly minted software-defined networking (SDN) and other platforms in order to provide end-to-end data center products that do away with systems integration, testing and other complex processes.
DRD, LLC acquired by Access
LIVERMORE, Calif. – Rob Alston, CEO of Access, has announced the company’s recent acquisition of Diversified Research and Development, LLC, of Portage, Indiana. This transaction is the company’s 75th since its founding and represents an expansion of its Chicago market area presence into northwestern Indiana. Closing took place on November 7, 2014.
Ron Bush, DRD, LLC’s former owner, shared his reasoning for selecting Access as the buyer. “The best possible outcome for our clients was our priority throughout this process. My wife, Dorian, and I quickly came to recognize the Access commitment to providing its clients the very best service. Our interactions with the Access acquisition and operations teams gave us the level of confidence and comfort we needed to make this important decision. Today, we know we made the right one.”
Access President John Chendo explained, “Ron Bush recognized the many benefits a sale of his company to Access would afford his clients with our increased capabilities and the nationwide footprint Access offers. I look forward to discussing these unique Access benefits with other industry business owners, who like Ron, may be considering the opportunity to partner with us.”
As the largest privately held records and information management services provider in the United States, Access now serves 38 markets across the nation and in Latin America.
About Access (www.InformationProtected.com)
Access is the largest privately held records and information management (RIM) services provider in the United States. A trusted partner to clients spanning multiple industries and markets throughout the country, Access’ complete suite of services includes records storage and document management, data protection (electronic computer media), secure destruction, digital formatting and breach reporting services. The valuable business services Access provides allow clients to focus on their core businesses while reducing the costs and risks associated with document retention, management and final disposition. Access is backed by growth equity investor Berkshire Partners.
Mobile DC Power Services units are part of new capabilities for enhanced service delivery
COLUMBUS, Ohio – Emerson Network Power, a business of Emerson (NYSE: EMR) and a global leader in maximizing availability, capacity and efficiency of critical infrastructure, announces expanded battery services delivered by its Electrical Reliability Services business—the nation’s leading independent electrical testing, maintenance and engineering service company.
Emerson has long provided battery services to customers, but has now expanded its capabilities to offer a more comprehensive battery management solution designed to protect utility and industrial customers’ emergency power systems. These expanded services include capacity and load testing, battery charger maintenance, battery replacement, and regular preventive maintenance programs.
To deliver these expanded services to customers locally, Emerson Network Power has invested in new Mobile DC Power Services units located strategically across the United States. These custom-engineered units enable DC system maintenance to be performed on site with all the necessary power and safety equipment conveniently located in a mobile unit, ensuring a reliable temporary power source when conducting required DC system maintenance.
“Our new mobile units add a unique offering to our already robust line of battery services,” said Tom Nation, vice president and general manager, for Emerson Network Power’s Electrical Reliability Services. “They are packed with state-of-the-art technology that allows for the most accurate, repeatable, and safe DC system maintenance, and they ensure there is no downtime or interruption to our customers’ businesses.”
In addition to continuous operation, customers who take advantage of these expanded capabilities will also see increased battery life and backup time; maximum system reliability; improved compliance with the North American Electric Reliability Corporation (NERC) and the Institute of Electrical and Electronics Engineers (IEEE); as well as reduced overall maintenance costs.
“In industries such as oil and gas, petrochemical, and power generation, a maintenance plan targeted specifically to the batteries that support the emergency power system is required. We’ve seen firsthand how neglecting battery maintenance can cause unplanned downtime leading to dangerous chemical process instability, damage to process equipment, or in some cases, the complete and costly shutdown of a facility,” Nation said.
Emerson’s Electrical Reliability Services has been providing comprehensive service solutions to data center, utility and industrial customers for decades. Having more than 30 service centers, expanded battery service capabilities, and the mobile units mean its team is available 24/7 to provide customers with industry-leading, on-site battery services.
To learn more about the Mobile DC Power Services units, visit the Emerson Network Power YouTube page. For more information on electrical testing, maintenance and engineering solutions, as well as information on other technologies and solutions from Emerson Network Power, visit www.EmersonNetworkPower.com.
About Emerson Network Power
Emerson Network Power, a business of Emerson, delivers software, hardware and services that maximize availability, capacity and efficiency for data centers, healthcare and industrial facilities. A trusted industry leader in smart infrastructure technologies, Emerson Network Power provides innovative data center infrastructure management solutions that bridge the gap between IT and facility management and deliver efficiency and uncompromised availability regardless of capacity demands. Our solutions are supported globally by local Emerson Network Power service technicians. Learn more about Emerson Network Power products and services at www.EmersonNetworkPower.com.
Emerson (NYSE: EMR), based in St. Louis, Missouri (USA), is a global leader in bringing technology and engineering together to provide innovative solutions for customers in industrial, commercial, and consumer markets around the world. The company is comprised of five business segments: Process Management, Industrial Automation, Network Power, Climate Technologies, and Commercial & Residential Solutions. Sales in fiscal 2014 were $24.5 billion. For more information, visit Emerson.com.
As the complexity and diversity of devices, platforms and modes of interaction advance, so do the associated risks from malicious individuals, criminal organisations and states that wish to exploit technology for their own purposes. Below, Michael Fimin, CEO at Netwrix provides his major observations of IT security trends and the most crucial areas to keep watch over in 2015:
Many individuals and enterprises are already using cloud technologies to store sensitive information and perform business-critical tasks. In response to security concerns, cloud technologies will continue to develop in 2015, focusing on improved data encryption; the ability to view audit trails for configuration management and secure access of data; and the development of security brokers for cloud access, allowing for user access control as a security enforcement point between a user and cloud service provider.
As the adoption and standardisation of a few select mobile OS platforms grows, the opportunity for attack also increases. We can expect to see further growth in smartphone malware, increases in mobile phishing attacks and fake apps making their way into app stores. Targeted attacks on mobile payment technologies can also be expected. In response, 2015 will see various solutions introduced to improve mobile protection, including the development of patch management across multiple devices and platforms, the blocking of apps from unknown sources and anti-malware protection.
Software defined data centre
’Software defined’ usually refers to the decoupling and abstracting of infrastructure elements followed by a centralised control. Software defined networking (SDN) and software defined storage (SDS) are clearly trending and we can expect this to expand in 2015. But while these modular software defined infrastructures improve operational efficiency, they also create new security risks. In particular, centralised controllers can become a single point of attack. While the adoption of this approach is not widespread enough to become a common target for attacks, as more companies run SDN and SDS pilots in 2015, we expect their security concerns will be raised. This will result in more of a focus on security from manufacturers, as well as new solutions from third party vendors.
Internet of Things
The Internet of Things (IoT) universe is expanding with a growing diversity of devices connecting to the network and/or holding sensitive data - from smart TVs and Wi-Fi-connected light bulbs to complex industrial operational technology systems.
With the IoT likely to play a more significant role in 2015 and beyond, devices and systems require proper management, as well as security policies and provisions. While the IoT security ecosystem has not yet developed, we do not expect attacks on the IoT to become widespread in 2015.
Most attacks are likely to be ’whitehat’ hacks to report vulnerabilities and proof of concept exploits. That being said, sophisticated targeted attacks may go beyond traditional networks and PCs.
Next generation security platforms
In 2015 and beyond, we can expect to see more vendors in the information security industry talking about integration, security analytics and the leveraging of big data. Security analytics platforms have to take into account more internal data sources as well as the external feeds, such as online reputation services and third party threat intelligence feeds. The role of context and risk assessment will also become more important. The focus of defence systems becomes more about minimising attack surfaces, isolating and segmenting the infrastructure to reduce potential damage and identifying the most business-critical components to protect.
Looking back at previous years, new security challenges will continue to arise, so IT professionals should be armed with mission-critical information and be prepared to defend against them.
For more information about security predictions for 2015, please visit: www.netwrix.com/go/predictions2015
About Netwrix Corporation
Netwrix Corporation, the #1 provider of change and configuration auditing solutions, delivers complete visibility into who did what, when, and where across the entire IT infrastructure. This streamlines compliance, strengthens security, and simplifies root cause analysis. Founded in 2006, Netwrix is ranked in the Inc. 5000 and Deloitte Technology Fast 500. Netwrix software is used by 160,000 users worldwide. For more information, visit www.netwrix.com.
Mobile alert system empowers members to protect themselves and help prevent America's fastest-growing crime
PORTLAND, Ore. – Moda Health individual insurance plan members now can have built-in protection against medical ID fraud, America's fastest-growing crime, through the MIDAS alert and resolution system powered by ID Experts.
Healthcare data breaches have now affected about 40 million individuals, according to HIPAA statistics collected by the Department of Health and Human Services. Use of stolen medical identities to commit medical identity fraud can corrupt the information in a patient's file, leading to future misdiagnoses, prescription confusion or inappropriate treatment decisions.
"Medical ID fraud is both an invasion of privacy and a threat to an individual's health and wellbeing," said Jonathan Nicholas, vice president of marketing at Moda. "MIDAS empowers Moda's individual plan members to spot false claims early."
Moda members who sign up for MIDAS will receive text or email alerts any time a new claim is made against their identity. Members can approve the claim or flag it if they don't recognize it. If fraud has occurred, ID Experts will resolve the issue and work to return the member to pre-theft status. Moda employees participated in a pilot test of the MIDAS system at an earlier phase of its development.
"Medical identity theft presents consumer safety challenges unlike any other form of data breach," said Bob Gregg, CEO of ID Experts. "Moda has pushed strongly into the individual insurance market with the idea that members should expect more from their insurers. MIDAS is helping Moda protect its members and deliver on that promise."
As the individual insurance market expands, more consumers than ever are paying out of pocket for their coverage. Keeping down costs by reducing fraud and improving the quality of care has become an important pocketbook issue and an area of shared responsibility. At present, 56 percent of patients do not check their health records and explanations of benefits statements for accuracy, according to a Ponemon Institute study.
Gartner, Inc. selected ID Experts and its MIDAS offering as a Cool Vendor for Healthcare Payers in 2014. Jeff Cribbs, Gartner principle research analyst and author of the report, praised MIDAS by saying it "represents a low-cost, high-consumer-engagement tool that can not only help foster good relationships with members, but also save money by stopping payments for claims and services that are not valid."
Moda members can sign up for MIDAS through the myModa portal at modahealth.com.
About Moda Health
Moda Health is a multifaceted organization that provides medical, dental, pharmacy, vision, and professional liability insurance products, along with a variety of business services including benefits administration. Moda Health is headquartered in Portland, and its service area encompasses Oregon, Washington, and Alaska. Visit: http://www.modahealth.com.
About ID Experts
ID Experts provides software and services for managing the disclosure and breaches of regulated data. The Medical Identity Alert System – MIDAS – is the first and only member-focused healthcare fraud solution that engages health plan members to monitor their healthcare transactions and take control of their medical identities. Exclusively endorsed by the American Hospital Association, ID Experts is an advocate for privacy and a leading contributor to legislation and industry organizations that focus on the protection of PHI and PII. On the web: http://www.idexpertscorp.com/midas-software.
SIOS DataKeeper Cluster Edition Software Delivers High Availability for Business Critical SQL Server
SAN MATEO, Calif. – SIOS Technology Corp. (www.us.sios.com), maker of SAN and #SANLess clustering software products, today announced that Mavis Discount Tire is using SIOS DataKeeper Cluster Edition software to ensure high availability for its mission-critical SQL Server applications.
Mavis Discount Tire is a New York-based tire retailer with 150 stores throughout the northeastern US. The company relies on business critical applications running on SQL Server 2008 R2 Enterprise Edition and SQL Server 2012 Enterprise Edition to manage their orders, inventory, and other business-critical processes. For these retail stores, application performance is a critical priority.
“Our retail stores need fast, reliable access to these applications to operate,” said Edward Schwartz, CIO, Mavis Discount Tire. “To keep customer satisfaction high, we cannot afford slow response times or downtime.”
The company needed a way to provide high availability protection for its SQL Server applications and databases that would not impede performance. The company considered using traditional clustering using Windows Server Failover Clustering (WSFC). However, to implement a traditional cluster solution and maintain the high level of performance they needed, Mavis Discount Tire would have required multiple SANs and both dedicated and redundant external switches.
“While a traditional WSFC environment would have protected our applications from downtime, it requires SAN storage which adds cost, complexity, and performance overhead," said Schwartz. Since the company does not store large volumes of data, they saw little value in the storage benefits of deploying external SANs. They were also concerned about the performance impact that SAN storage could have had on the highly transactional SQL Server databases.
The Mavis Discount Tire IT department chose SIOS SANLess software to provide HA and DR protection without the need for a SAN. “We used WSFC to create two node clusters for our SQL environments in the same way a traditional cluster is created," said Schwartz. "We simply added SIOS DataKeeper Cluster Edition software to enable the cluster to use local storage in a SANLess configuration.”
The SIOS software uses performance optimized host-based replication to synchronize local storage on the primary and standby nodes in the cluster so that it appears to the WSFC as a SAN. SIOS SANLess cluster software provides high availability without slowing performance. They also eliminated the single point of failure risk of a shared storage cluster.
"The SIOS DataKeeper Cluster Edition software is a good technology for a company that is growing rapidly. It is easy to use and eliminates the need to buy unnecessary SAN hardware or redundant switches,” said Schwartz.
“SIOS is providing opportunities for the creation of SAN and SANLess clusters for physical, virtual and cloud environments,” said Jerry Melnick, COO of SIOS Technology. “SIOS DataKeeper is a virtual SAN that runs under the application layer of SQL Server, allowing Mavis Tire to create SANLess clusters and benefit from all advantages of a second SAN without the performance challenges and added costs.”
About SIOS Technology Corp.
SIOS Technology Corp. makes SAN and #SANLess software solutions that make clusters easy to use and easy to own.An essential part of any cluster solution, SIOS SAN and #SANLess software provides the flexibility to build Clusters Your Way™ to protect your choice of Windows or Linux environment in any configuration (or combination) of physical, virtual and cloud (public, private, and hybrid) without sacrificing performance or availability. The unique SIOS #SANLess clustering solution allows you to configure clusters with local storage, eliminating both the cost and the single-point-of-failure risk of traditional shared (SAN) storage.
Founded in 1999, SIOS Technology Corp. (www.us.sios.com) is headquartered in San Mateo, California, and has offices throughout the United States, United Kingdom and Japan.
By Adam Wren
When it comes to the workplace, what do millennials want? If you want your company to thrive, that’s a question that you should be asking on a regular basis to attract the future of your firm.
The good news: You don’t have to be the next Apple AAPL +0.96%, Google GOOGL +0.51%, Facebook or even cool startup to get millennial talent flocking to your business. Money isn’t the only attraction, either.
To succeed as a an employer, you’ll need to hire millennial workers. Surveys show they are bright, innovative, talented and want to make a difference. But there’s also the sheer demographic reality that it will soon be hard not to hire millenials.