Archive - Security RSS Feed

The Patch Management Crisis and How to Solve It

patch-software

Most end users, and even some IT pros, feel pretty safe if they have up-to-date anti-virus/antimalware, firewalls turned on, and complex passwords in place. This overlooks one of the biggest threats to your PC and network – poor or non-existent patching.

The vast majority of successful exploits are against unpatched machines, some 85% according to US-CERT, part of the US Department of Homeland Security.

Why is This So Bad?

While viruses can be a nuisance (and often worse) to unprotected machines, the kind of attacks aimed at unpatched machines can be far worse. These are targeted at doing real damage – stealing data, escalation of privilege, releasing bots, gaining deep entry into the network, and worse.
Continue Reading…

GUEST BLOG: Solid Security with Kaseya plus Proven Next-Generation Endpoint Protection from Webroot

Each year, Webroot publishes a Threat Brief, a detailed report which details the churn, change and growth within the cybercrime ecosystem. 2015 was another record year in which more malware, malicious IPs, websites and mobile apps were discovered than in any previous year. The current rate of cybercrime comes as no surprise, given continuous innovations and little in the way of risk for those who choose to participate. The continued onslaught of hacks, breaches and social engineering scams targeting individuals, businesses and government agencies has caused many in the security field to ask if it’s truly possible to defend against a persistent attacker.

At Webroot, we believe it is possible to effectively protect enterprises and end users alike, but only by understanding your adversary and the techniques they employ for their attacks. Webroot’s sophisticated approach and secure solutions reflect an in-depth understanding of the threat landscape and how attackers think, allowing us to provide cutting-edge, proven next-generation protection and real-time detection of threats as they emerge. With Kaseya VSA’s integration of Webroot SecureAnywhere® Business Endpoint Protection, it has never been easier for you to manage and protect your users.
Continue Reading…

Security Services are Ripe for Explosive Growth in 2016

Online Data Security Concept Illustration with Padlock Icons, Cyber Background and Circuit Board Elements. Internet Security Technologies.

If you’re not thinking about expanding your Security services, you should be.  At least that’s the news from Kaseya’s 5th Annual Global MSP Pricing Survey*.

‘Heightened security risks’ is the top IT problem or service MSP respondents expect their clients to face in 2016.  And it won by a mile, selected by over a quarter of all respondents and receiving  40% more votes than the second-highest selection. This result isn’t a surprise given the unremitting flow of news on breaches and hacks.
Continue Reading…

Life, The Universe, and Security Engineering at Kaseya

When I think back at the security situation at Microsoft back around 2002 when Bill Gates released his famous Trustworthy Computing (TwC) memo, our software industry was frail at best. What followed has been over a decade of improvements in software security and security engineering as a discipline. From process to tools. From attitudes to insights. I have been privileged to be part of that and really learn from some great leaders like Michael Howard and Gary McGraw on the subject.

I am talking about security as in “threats,” not “features.” Kaseya has had a strong history in delivering security features to help increase endpoint security through antivirus, anti-malware, patch management and policy-based IT that hardens the endpoints that we manage. In this post though, I want to introduce you to the work we have been doing inside of Kaseya to focus on the threat landscape by delivering stronger security engineering inside of our company. It is hugely different, and comes down to some core beliefs that has become part of our corporate DNA.

Continue Reading…

Step Up to the Plate with Security Services in 2015

Home Plate Img

It’s no surprise that security was the No. 1 SMB concern among respondents surveyed for the recent CompTIA study, Enabling SMBs with Technology. As the report states, “Security is quickly becoming a top priority for all businesses as breaches occur more frequently and carry more serious repercussions.”

Comprehensive security management is no longer a nice-to-have. It’s a basic requirement to make sure a company’s systems and data are protected not only from malicious agents, but also from human error, oversight and procrastination. The risks are just too high. Over half of small businesses go out of business within six months of a security breachsince they don’t have the resources of a Global 2000 company to weather the repercussions.

Continue Reading…

Why Mobility Management Matters to MSPs’ Customers

As an MSP, does the following scenario sound familiar to you?

A customer (say a small financial institution) calls you to report that one their employees lost a tablet that was used to access sensitive customer information. They are unsure if that information is protected and are now worried about the repercussions if that information is compromised. HELP!

This is a fairly common scenario owing to the proliferation of mobile devices at workplaces. These are powerful computing devices that need management. In this post, let’s discuss the mobility trend and why mobility management is important for Small and Medium-sized Businesses (SMBs)–the typical customers of an MSP.

Continue Reading…

Extreme Emergency: Helping America Win the Cybersecurity Fight

Kaspersky Graphic

My talk at Kaseya Connect last week was about the need to wake customers up about cybersecurity. There are far too many people who are still taking a head-in-the-sand approach about cybercrime: ignoring it and hoping it will go away. But in fact it is steadily getting worse, and end users need our help securing their networks. The top takeaways from my keynote are facts which are intended to get customers’ attention:

Continue Reading…

This Is Not Your Grandmother’s Antimalware

Bitdefender Kaseya Connect Sponsor Graphic

Rats and worms are on the way… should you be afraid? Unfortunately, for many the answer is yes! The new breeds of malware are increasingly sophisticated and can have devastating effects on companies large and small. The second bit of gloom is that malware volumes are going up exponentially. The AV-TEST Institute is registering over 280,000 new malicious programs every day, so Remote Access Trojans (RATS) with worming functions are just one type of attack that can start to make your knees tremble. Just because we’ve seen APTs and other attacks devastate numerous large corporations this past year, including Sony, Target and Dairy Queen, don’t be fooled into thinking that the SMBs that most MSPs work with are immune. Seventy two percent of the breaches investigated, involve companies with less than 100 employees.

Continue Reading…

How to Add Security to Your Managed Services Offering

TrendMicro-blog-graphic

I’ve been working at a security vendor for the past 12 years and focusing on the service provider market for the last five, with a specific focus on small and medium business-focused MSPs. Over the years I’ve met with, worked with, collaborated with and, most importantly, learned from MSPs just like you. I’ve often day-dreamed about starting up my own MSP business, but have never pulled the trigger. What I have done, though, is imagine how I would do things from a security perspective, if I ever did decide to start my own MSP business. For my own future reference, and in the spirit of sharing my security-specific knowledge with you, I present to you my managed security blueprint.

Today’s threat landscape is exponentially more complex and sophisticated than it was even two years ago, as evidenced by the almost daily news of data breaches. So, relying on a single solution isn’t really practical–or the best option for your customers. Given that, I would make sure I built a comprehensive, multilayered solution offering to provide maximum protection (and to reduce any potential costs on my end for cleanups) for my customers.

Continue Reading…

Helping Your Customers Go Beyond Signature-Based Security

webroot-blog-graphic

Your clients face a barrage of security threats every day.

Unfortunately, many of them are probably using legacy, signature-based endpoint security systems. Those products struggle to keep up with the rapid evolution of malware and the increasingly ingenuity of attacks. They have become ineffective in today’s cybersecurity environment. Consider the following:

  • Market research firm IDC reported in 2012 that “signature-based tools … are only effective against 30-50 percent of the current security threats.”
  • Gartner weighed in on the topic, describing signature-based malware detection as “limping along on life support.”
  • In a white paper, Symantec referred to signature-based approaches as “useless in encounters with new malware.”
  • In a May 2013 CIO magazine article, Simon Hunt, CTO of endpoint solutions at McAfee, stated “We are seeing about 150,000 new pieces of malware every day… we’re purely on the defensive.”

Continue Reading…

Page 3 of 5«12345»
-->