Friday, December 3, 2010

WikiLeaks incidents stoke IT security angst

Lack of security controls and processes can make corporate IT vulnerable to the leaking of sensitive data to sites like WikiLeaks

http://www.infoworld.com/d/security-central/wikileaks-incidents-stoke-it-security-angst-546

Wednesday, November 10, 2010

Security Solutions - Cloud Computing

Conventus has just returned from Symantec's Partner Engage 2010 conference in Las Vegas, NV, where Sarah Merrion, one of Conventus'Managing Partners, was quoted on her customers views regarding security solutions in cloud.

http://www.thevarguy.com/2010/11/04/symantec-partner-engage-2010-cloud-reality-check/

Tuesday, October 19, 2010

THREAT BULLETIN: Stuxnet

* The Stuxnet threat is significant because it’s the first time the world has seen a threat cross over from the cyber world to try and control the physical world.

* Stuxnet is able to infect Industrial Control Systems and change how they operate.

* The target could be anything from oil pipelines to water treatment plants to uranium enrichment facilities. It seems the authors are capable of monitoring inputs and changing outputs, which could mean this malware could lead to system shut-downs, explosions or the inability to control important Industrial Control Systems attributes like pressure and temperature.

* AV vendors are still seeing infected machines contacting the command and control server and have seen thousands of infections to date. About 60 percent of infected systems are in Iran.

* Stuxnet is highly sophisticated, leveraging four zero-day vulnerabilities.

Best practices:

o Identify critical infrastructure within your enterprise that may be at risk.

o Assess the state of infection/compromise on these systems and remediate.

o Audit current controls on possible means of infection of these system – meaning, look at all the various routes malware can take to infect a system and put proper controls in place to prevent infection.

Thursday, August 5, 2010

AntiVirus is NOT enough!

http://www.symantec.com/podcasts/detail.jsp?podid=sb_08282009_antivirus

Thursday, July 22, 2010

Hosted Endpoint Free Trial

Is your current approach to endpoint protection enough to protect you from today's threats?

Security threats to your company’s endpoint systems (desktops, laptops, and servers) are growing in number and sophistication and can now evade many traditional security measures. Register for a free trial of Symantec Hosted Services’ latest service offering, Symantec Hosted Endpoint Protection and start experiencing the following benefits:

* Automatic security updates for all employee systems whether in the office or on the road
* Advanced technologies for antivirus, antispyware, firewall, and host intrusion prevention
* Web-based management console
* Identification of unsafe web sites in search results for laptops and desktops
* Security Audit & Customizable Reporting

At the end of the trial, we are confident you will wish to continue to safeguard your business with this easy to use solution for hosted endpoint protection. To begin your trial, please complete the below form.

http://www.messagelabs.com/root/hep_free_trial_conventus?pid=P444427