Categories
Cloud Cloud News Newss

Baffle to provide its data protection solution for AWS Lambda

Leading data protection solutions provider Baffle is expanding its capabilities to serverless computing. The company said it will now offer first-to-market data-centric protection for Amazon’s AWS Lambda.

Baffle’s Advanced Data Protection service starts data encryption right from the time of production and do so throughout the entire process. This helps in protecting data at all times. Last year, CRN recognized Baffle as an emerging vendor in the security category.

AWS Lambda is a serverless computing service that allows users to run code for virtually any kind of application and backend service. It doesn’t need users to provision or manage any servers. They get billed only for the compute time and aren’t charged when the code is not running. AWS Lambda is an ideal service for applications that don’t need any compute infrastructure provisioning.

As per a report by Cloud Foundry Foundation, nearly 46% of companies are using and evaluating serverless computing in 2018, which is a 10% increase from its last survey. This shows that serverless computing is growing, and it is the future of computing.

Baffle is aiming to secure serverless computing for enterprises by providing its data protection services for AWS Lambda. The company said that its solution is flexible that allows customers to lift and shift to cloud while protecting their sensitive information.

Also read: Serverless is the next evolution of a microservice architecture: New Stack Serverless Survey

“Serverless and ephemeral computing is taking the enterprise by storm,” said Ameesh Divatia, CEO and co-founder, Baffle.

“Developers simply want to write code and not have to worry about back-end server provisioning and security requirements. Baffle’s data-centric security gives customers the confidence to run code anywhere without dedicated hardware and utilize the latest Amazon AWS innovations to scale their businesses. Legacy encryption and hardware-based approaches cannot provide this peace of mind to enterprises, and today’s announcement is Baffle’s latest milestone in advancing the security of this new infrastructure.”

Categories
Articles Cloud News New Products

“IT managers can’t tell you how 45% of their bandwidth is consumed”: Dirty Secrets of Network Firewalls report

One-in-four IT managers could not identify around 70% of network traffic, revealed a new report “The Dirty Secrets of Network Firewalls”. On average, 45% of the network traffic was going unidentified.

The report is result of a survey of 2700 IT decision makers across ten countries, by leading network and endpoint security provider- Sophos.

The most crucial finding of the survey was that most firewalls were failing to do their job adequately. The organizations had lack of visibility into the network traffic. Since, it was not visible, it could not be controlled.

Dirty Secrets of Network Firewalls

  • 84% of IT pros concerned about security due to lack of visibility into network traffic

84% of the respondents agreed that lack of application visibility was a serious security concern for their business and could impact effective network management. It could result in ransomware, malware, data breaches and other advanced threats.

The increased use of encryption, browser emulation, advanced evasion techniques were the factors that impacted the ability of network firewalls to provide adequate visibility into application traffic.

  • Organizations spent an average of seven working days per month in remediating infected machines

According to the report, the small-sized enterprises spent an average of five working days to remediate 13 machines per month. On the other hand, the large enterprises spent an average of ten working days to remediate 20 machines per month.

Overall, on average, the organizations spent around seven working days to remediate 16 infected machines per month.

The organizations were looking for an integrated network and endpoint security solution that could halt the threats. 99% of IT managers wanted a firewall technology that can automatically isolate infected computers.

79% of the IT managers wanted better protection from their current firewall, while 97% expected firewall protection from the same vendor which allowed direct sharing of security status information.

  • Other risks to businesses due to lack of visibility into network traffic

Other than the security risks, the lack of visibility concerned organizations on other aspects as well.

52% of IT managers said that lack of network visibility negatively impacted the business productivity. They could not prioritize the bandwidth for critical applications.

“For industries that rely on custom software to meet specific business needs, an inability to prioritize these mission critical applications over less important traffic could be costly,” revealed Sophos report.

50% of the respondents who invested in custom applications were unable to identify the traffic. It significantly impacted the return on investment.

  • Key findings of “The Dirty Secrets of Network Firewalls” survey:
  1. An average of 45% of network traffic was going unidentified, and hence couldn’t be controlled.
  2. 84% organizations concerned about security.
  3. 53% organizations concerned about productivity.
  4. 79% IT pros wanted better protection from current firewall.
  5. Organizations dealt with 10-20 infections per month.

Also read: Human error and misconfigured cloud servers responsible for most data breaches in 2017: IBM Security Report

The survey was conducted in October and November 2017, where IT decision makers in ten countries including the US, Canada, Mexico, France, Germany, UK, Australia, Japan, India, and South Africa, were interviewed.

Categories
Articles News Technology Web Security Web Security

Technical Features and Advantages of Secure Site Pro with EV SSL

As evident by the name, Secure Site Pro with EV SSL is one of the most advanced level of SSL security certificates. Because of the extensively rigorous levels of authentication process one has to go though to obtain it, a Secure Sire Pro with SSL certificate allows you to loudly and clearly state the legitimacy of your organization even to those who don’t understand web security.

Nothing can be clearer that your browser approves of a site than the color green. This certification also allows you to present a dynamic trust seal on your site, presents your official business name in the address bar, and allows you to advertise to your customers that you are using the highest level encryption and business validation. This comforts web users, consciously and subconsciously, that not only they are secure with their confidential information while transmitting online, but they also can relax knowing they are dealing with an established and accredited online business platform.assures the visitors that the site they are visiting has been thoroughly tested and is genuine.

Why is Secure Site Pro with EV SSL considered the most advanced level of SSLs?
Because a Secure Site Pro with EV SSL Certificate uses Server Gated Cryptography (SGC) to ensure a very strong level of encryption to all site visitors, including those with nonstandard or older Operating Systems and browsers. In fact, some of the nonstandard and older browsers and operating systems will not even connect at the strongest encryption level without Server Gated Cryptography SSL encryption in place. In addition to this, a Secure Site Pro with EV SSL comes with a Vulnerability Assessment Tool.

What is a Vulnerability Assessment Tool?
For this, let’s understand what ‘Website Vulnerability’ means first. Website Vulnerabilities are potentially exploitable weaknesses in a website that can compromise it’s security. Vulnerabilities hence are probable entry points through which a Web site’s functionality or data can be damaged, compromised or manipulated. A typical Web site /blog may have anywhere from hundreds to thousands of potential vulnerabilities.

A Vulnerability Assessment Tool thus helps you quickly identify and take action against the most exploitable weaknesses on your customers’ Web site. Some of it’s features are:

  • An automatic weekly scan for vulnerabilities on public-facing Web pages, Web-based applications, server software, and network ports.
  • An actionable report that identifies both critical vulnerabilities that should be investigated immediately and informational items that pose a lower risk.
  • An option to re-scan your customers’ Web site to help confirm that vulnerabilities have been fixed.

What are major advantages of Secure Site Pro with EV SSL?
1]
As already mentioned, online shoppers recognize the green address bar as a reliable way to verify a site’s identity and security. And only SSL certificates with Extended Validation trigger web browsers to display your organization’s name in a green address bar. So if you own a e-Commerce based website, online shoppers are more likely to enter their credit card and/or other confidential financial information into your website if you’ve a SSL EV green bar.Secure Site Pro with EV SSL Green bar

2] Secure Site Pro with EV SSL comes with a Norton Secured Seal, which is the most trusted mark on the Internet, and is viewed more than half a billion times per day on websites in 170 countries. Symantec’s Seal-in-Search helps you maximize click-through and conversions by displaying the Norton Secured Seal next to your link on browsers enabled with a free plug-in as well as on partner shopping sites and product review pages so that customers know that your website is verified.

Norton Secured Seal
Norton Secured Seal Displayed in Search Results

3] Vulnerability assessment and daily website malware scanning helps protect your site from hackers.

4] Secure Site Pro provides complete business authentication. It verifies the existence of your business, the ownership of your domain name, and your authority to apply for the certificate. This, again, provides high assurance to your website visitors.

5] Multiple level of encryption, which includes maximum strength 256 bit and minimum strength 128 bit.

6] Full compatibility with all mobile devices and latest and oldest web browsers including

  • Firefox 1+, 2+, 3+
  • IE 5+, 6+, 7+, 8+
  • Netscape 4+
  • Opera 7+
  • AOL 5+
  • Safari

7] Comes with $1,500,000 warranty. in case your visitor incur losses resulting directly from an online credit card transaction as a result of a mis-issued Secure Site Pro with EV Certificate.

Advantages of Secure Site Pro with EV SSL

Final Verdict: Secure Site Pro with EV is one of the most advanced, trusted and secure SSL certificate with features second to none. It protects website users and their confidential information over the internet. Using it, you can be assured of an increase in sales level and improvement of brand reputation along with enhanced security of your online business platform globally.

Categories
News

Hackers Taking Advantage of Lack of Encrypting Knowledge

DAILYHOSTNEWS, October 23, 2011 – Despite encrypting databases, small businesses are leaving customer data open to hackers. Research has shown that even long passwords can be cracked in a few seconds.

Testing by hosting specialist UKFast has revealed that  using  industry-standard hashing algorithm MD5 to protect data still allows for a seven character password (of lower alphabet and numbers) to be cracked in 7 seconds. If a more secure encryption method such as SHA 256, it would take up to seven times longer to brute force crack the same password.

The tests call into question the security of customer data stored by SMEs, who often do not have the luxury of in-house IT teams or the technical knowledge to properly secure their customer databases.

In his remarks, Neil Lathwood, technical director at UKFast, explained: “Many small companies are trying to protect their customer data on their own or outsourcing their IT and relying on the skills of another company to secure their customer data. What these companies may not be aware of is that some methods of encryption are significantly less secure than others.”

“With the emergence of brute force password cracking using Graphics Processing Units (GPUs) for extra fire power, the need for strong encryption algorithms has become more important than ever.  The MD5 algorithm is so weak that no one should be using it as their only encryption method – a normal PC without the extra GPU fire power could even crack the MD5 code.”

Also read: Colocation Data Center Singapore

Lathwood further explained that “Using an encryption method like SHA256 rather than MD5 would still allow the hacker to decrypt the information but it takes significantly longer. For example, a seven character password (of any digit, letter or symbol) would take 1 hour, 40 minutes to crack when encrypted with MD5 but would take 12 hours, 53 minutes when encrypted with the S/HA256 method.”

About UKFast
Founded in 1999 by Lawrence Jones and his wife and business partner Gail, UKFast is now a major player in the UK hosting solutions arena.
Website: http://www.ukfast.co.uk