Posts

The “Aha” Moment. Say Yes to Security and Collaboration.

In survey after survey, IT executives continue to say that security is one of the top challenges they face. No one has to tell us about the risks. The stories of data theft and breaches are in the media every day. We are intimidated by the rapidly changing threat environment. New malware is being written every day and some of it is being written using a variety of methods that defeat existing security technologies. And too often the way that we protect our organizations is to add a myriad of approaches, tools and solutions, creating a tremendous amount of complexity that becomes hard to understand let alone manage.

But if you dig down one level, what you find is that security concerns create a barrier to doing what IT really needs to do, which is implement cool new initiatives that move the business forward.

Everybody wants to be seen as a hero, the clever one who can take on challenges, solve problems and make an impact on the business. Unfortunately, the security concerns become the reason they can’t do it. At SonicWall Security, we are working to help out with the security equation.

What are the initiatives that organizations are trying to deploy? One of the biggest areas of opportunity comes from all of the innovation that is going on in the cloud. Moving your work to the cloud streamlines the ability of your workers to collaborate and share information in real time. Tools like Microsoft Office 365 and DropBox allow employees to collaborate in a way that is changing the workplace.

This really hit home for me a couple of weeks ago when my 11-year-old daughter was assigned a big project in her fifth grade class. She and her teammate needed to create a report and a presentation. The night before the project was due, I came into her bedroom and she had her iPod setup to FaceTime her partner. They were both working together on the report using Google Docs and on the presentation using Google Sheets. They were oblivious to me, so I watched for a few minutes as they talked through ideas, added and edited text and pictures, and generally created and fine tuned the deliverables.

For this project, there was no need for them to meet, or even call each other. Collaboration tools enabled the entire project. This was an “aha” moment for me, because I realized then and there that these kids were demonstrating the future of work. What they take for granted is sadly often not possible in the work environment for a variety of reasons, but I couldn’t stop thinking that security is a big stumbling block to achieving the productivity new collaboration tools offer.

So, what is on your IT wish list? Do you want to move your CRM to the cloud? Or streamline your customer service delivery, or give your team access to data analytics no matter where they are? Or are you looking to eliminate paper and go all digital? Whatever it is, don’t let security be a barrier. If you want to learn how to turn IT security into the Department of Yes, contact SonicWall Security.

SonicWall Security – Helping CSOs Turn No into Yes

A chief security officer’s (CSO) life is not easy. Typically, requests of them sound like this: “Please deploy more, do it faster, more efficiently, with less money, more securely, and – oh, by the way, be compliant and pass the audit.”

Often, what’s not considered in these requests is the risk a new application, device or cloud-based tool may bring with it. This leads to the CSO and their team being viewed as the Department of No.

A CSO is often forced to push back or shut down requests because they must constantly balance network and data vulnerability against deployment of new apps and new equipment. And with the rise of mobility, remote access and cloud-based resources, they’ve got their hands full securing everything and everyone who’s connected from inside and outside their corporate environment.

As illustrated in a recent SonicWall Security case study, something as simple as a police body camera can bring with it potentially life-threatening results if that device compromises security. While the consequences of most breaches and vulnerabilities are not this dire, they can bring an organization to a standstill and impact the flow of revenue.

In this brief video, I discuss how SonicWall @SonicWall solutions, such as SonicWall One Identity and  SonicWall next-generation firewalls, can help transform a CSO’s life and turn his team into the Department of Yes.

I’ll highlight ways to govern every identity and inspect every packet; how to eliminate siloed infrastructure; show that when IAM and network security solutions communicate that they reinforce each other; and how you can enjoy simplified compliance reporting and easily pass audits.

Next Steps to Defend Against Cyber Attacks

Whenever I start to write about cybersecurity, something else comes up. I wanted to write about last week’s cybersecurity-focused Executive Orders ““ we’ll get to them shortly ““ and then I read that in an IRS hack last month, stolen social security numbers enabled attackers to get more than 100,000 E-file PINs. The IRS says, “No personal taxpayer data was compromised or disclosed by IRS systems,” and is notifying affected taxpayers. This follows a hack reported of employees at Justice and DHS, in which the attacker used social engineering, reportedly impersonating a government worker, to gain access to agency information.

These incidents just don’t stop, do they?

Which brings us to the two new Executive Orders. One establishes a Commission on Enhancing National Cybersecurity, the other a Federal Privacy Council. And they’ve been signed into existence during the same week that the White House submitted its budget proposal for federal FY 2017, including requests for $19 billion for cybersecurity as a whole, with $3.1 billion dedicated to getting rid of older, less secure systems. While agreement on and approval of budgets is, let’s face it, problematic in the current political climate, getting funding for cybersecurity is less problematic than for many other areas. Across the board and across the Executive branch and the Congress, leadership understands and generally supports cybersecurity initiatives, understanding the very real costs of inaction as shown by the two news items I mentioned.

The Commission on Enhancing National Cybersecurity’s mission is to “make detailed recommendations to strengthen cybersecurity in both the public and private sectors while protecting privacy, ensuring public safety and economic and national security, fostering discovery and development of new technical solutions, and bolstering partnerships between Federal, State, and local government and the private sector in the development, promotion, and use of cybersecurity technologies, policies, and best practices.” There’s a lot in that mission statement that’s worth pointing out. The Commission’s scope covers both public and commercial sectors, specifically mentioning state and local government along with the feds. It’s about partnership and collaboration, and about protecting privacy as we improve cybersecurity. It’s specifically tasked with strengthening identity management, cloud computing, and laying a cybersecurity foundation for the Internet of Things. The Commission will reside in the Department of Commerce and be supported by NIST, and will have until December 1 of this year to complete its activities and report out to the President. That’s a lot to ask for in ten months of work; here’s hoping that the Commission employs some variant of Agile methodology ““ as the Federal CIO did quite successfully last July with the 30-day Cybersecurity Sprint ““ in order to accomplish its mission.

While the Commission is time-delimited, the newly-established Federal Privacy Council is not, and I think that’s a good thing. The point of the council is to serve as an interdepartmental support, coordination, and collaboration mechanism for privacy standards among Cabinet department and the larger federal agencies. It will be chaired by OMB’s Deputy Director for Management and largely comprised of Senior Agency Officials for Privacy. The Council, as described in the EO, seems to be about breaking down barriers when it comes to sharing best practices and lessons learned, and reducing duplication of privacy-related efforts across agencies.

More cybersecurity funding (hopefully), more collaboration across government and industry, more coordinated and focused efforts on privacy. All three of these items are needed and appropriate steps toward improving our cybersecurity.

SonicWall Security is here to help government and industry decrease their cybersecurity risk, update older infrastructure, and improve privacy protections. Follow the links to learn more about our SonicWall One Identity solutions for identity and access management and SonicWall network security solutions for greater performance and deeper network protection.

SonicWall Security Named Grand Trophy Winner

On April 20, 2015, Info Security Products Guide, the industry’s leading information security research and advisory guide, announced the winners for its 11th Annual Info Security 2015 Global Excellence Awards. These prestigious global awards recognize security and IT solutions that have a profound impact on the Security industry. More than 50 industry leaders including CISOs, executives, and industry analysts and experts from around the world participated in the selection of the winners for 72 security and IT product and service categories.

Today, we are thrilled to announce that Info Security Product Guide has honored SonicWall as the Grand Trophy Winner as well as the winner of 12 additional awards outlined in the table below. These recognitions validate the feedback we get from our customers.

 Info Security Products Guide 2015 Global Excellence Grand

For nearly two decades, SonicWall Security has created innovative products that have set and reset the standard for security. Our technologies have continued to lead the way with an advanced patented security architecture in addition to a best-in-class security research team enabling our customers to be future-ready. SonicWall’s industry experience, innovative technologies and technical excellence to solve security and compliance challenges have made us the vendor of choice for many leading Fortune 500 organizations across all sectors. Receiving these honors affirms our deep commitment to investing in ongoing research and development as well as our unique dedication to helping our customers experience a more secured future.

Category Award
Grand Trophy Winners SonicWall (2,500+ employees)
Firewalls GOLD Winner: SonicWall SuperMassive 9800
New Products & Services Silver Winner (2,500+ employees): SonicWall SuperMassive 9800
Integrated Security &
Unified Threat Management (UTM)
Bronze Winner: SonicWall TZ Series
IP Sec/SSL/VPN Bronze Winner: SonicWall Secure Mobile Access (SMA)
Network Security & Management Silver Winner: SonicWall Global Management System (GMS)
Email Security & Management Bronze Winner: SonicWall Hosted Email Security
Auditing Silver Winner: SonicWall ChangeAuditor
Best Security Software (New or Updated) Bronze Winner: SonicWall One Identity-as-a-Service
Cloud Security Bronze Winner: SonicWall Cloud Access Manager
Compliance Bronze Winner: SonicWall ChangeAuditor
Identity Management Bronze Winner: SonicWall One Identity Manager
Endpoint Security Bronze Winner: SonicWall KACE K1000

If you are an IT leader responsible for your organization’s information and network security, defining the company’s security defense program and vetting security technologies can be a trying experience, especially when available choices are often equivocal. In these circumstances, how often do you find yourself looking for credible third-party endorsements such as the Info Security Product Guide Global Excellence Awards for guidance and validation prior to making critical purchase decisions? Before buying additional security technologies, here are some key recommendations to consider.

  1. Develop an information and user risk profile and determine the security controls that will be needed to protect the business from internal and external threats.
  2. Perform a comprehensive threat and vulnerability analysis and identify all possible ways users and systems can be exploited by cyber criminals.
  3. Explicitly call out security requirements that can best remediate identified threats, risks and liabilities that require immediate attention.
  4. Accurately map the award-winning SonicWall products listed above to the appropriate use cases identified in step 1 through 3.
  5. Last but not least, begin layering multiple security technologies together so that you have more than one way of preventing and responding to various attack methods that a hacker may use to harm the organization.