ISSUE 03 I SEPTEMBER 2018
AT THE FOREFRONT OF INNOVATION
SECURING DIGITAL TRANSFORMATION AND ENABLING CYBER RESILIENCE Published by
CONTENTS
Published by
05
MD’s message
Bulwark Technologies MD Jose Menacherry outlines the current security landscape and the firm’s go-to-market strategies for 2018.
07
Sophos
Harish Chib, Vice President, Middle East & Africa, Sophos, shares insights into how the firm integrates advanced technologies to offer transformative solutions.
09
Acunetix
In-depth analysis of JavaScript-rich sites and Single Page Applications
11
iStorage
Hardware Encryption is key to GDPR compliance
13
18 BLOG
Roland Latzel, Director of Marketing at MailStore, explains what the term ‘email archiving’ means and what advantages it offers.
Varkeychan Davis, Technical Manager, Bulwark Technologies, explains the importance of threat hunting solutions and why organizations must adopt proactive approaches to enhance security postures.
14
21
Lastline Co-founder and CTO Giovanni Vigna explains the role of artificial intelligence and machine learning in security.
Ashok Kumar, Chief of Business Development [EMEA & SAARC], TalariaX, elaborates on the company’s business objectives and plans for the region.
MailStore
Lastline
15
Director’s note
Jessy Jose, Director, Bulwark Technologies, elaborates on the firm’s goal to create a profitable and consistent business with its partner ecosystem.
17
GDPR Feature
Bulwark Team discuss the impact of GDPR on Middle East firms and the role partners can play to help them become compliant.
For more information, please write to: info@bulwark.biz
sendQuick
23
Jacarta
Jacarta CEO Colin Mocock discusses the importance of deploying data centre sensors to help protect your critical data.
26
42Gears Mobility Systems
The solution provider demonstrates how it has successfully implemented COD (Company-owned Devices) and BYOD solutions to counter challenges faced by customers embracing mobility.
27
Mimecast
By Jeff Ogden, General Manager, Mimecast Middle East
28
Netwrix
25
By Matt Middleton-Leal, General Manager, EMEA, Netwrix Corporation
Anil Bhandari, Chief Mentor, ARCON, elaborates on how the firm has engineered the entire concept of Privileged Access Management (PAM) to offer a new avenue to the safe access management.
29
Arcon
Helpsystems
Alliant Credit Union enhances PCI DSS Compliance with GoAnywhere MFT Agents.
• September 2018 • TheShield
3
42Gears Unified Endpoint Management
It’s not just Unified, it’s Ultimate Endpoint Management.
42Gears is a leading Unified Endpoint Management solution provider, offering SaaS and On-premise solutions to secure, monitor and manage all business endpoints such as tablets, phones, desktops, wearables and IoT devices. Over 7000+ companies in 100+ countries use 42Gears products for secure and efficient deployment of mobile applications on a wide variety of company-owned as well as employee-owned devices on Android, iOS, macOS, Wear OS, Windows and Linux platforms.
42Gears is a Visionary in Gartner Magic Quadrant for UEM Tools 2018
www.42gears.com
Welcome MD’s MESSAGE
Surging into a collaborated future Jose Thomas Menacherry, Managing Director, Bulwark Technologies, relays company updates and plans for the upcoming months.
T
he regional channel business has evolved significantly over several years and Bulwark Technologies has witnessed these transformations for close to two decades. We have been at the forefront of these industry shifts, ensuring that we offer a comprehensive portfolio to our partners & customers in the region. Bulwark commenced the year with the objective of strengthening our in-country presence within the GCC region. We have extended our workforce in the region as well. Over the next few months, we will focus on enabling partners to ensure they have the adequate technology know-how and expertise on our solutions around cloud, artificial intelligence and machine learning. Security breaches and cyber-attacks are becoming more frequent, as adversaries employ increasingly sophisticated technologies and methods to infiltrate an organization’s network. We help customers not only with effective solutions but also provide trained professionals who can handle and guide them through security incidents. We educate our partners on understanding the unique requirements of each customer and then suggesting a customized solution. With the advent of GDPR, the protection of consumer data has become very significant for
For more information, please write to: info@bulwark.biz
organizations. Bulwark showcases a wide array of security solutions, which enable organizations to get GDPR compliant and thus strengthen their data protection framework. At Bulwark, we offer solutions to protect data whether it is in transit as well as in storage. Our constant endeavor is to evaluate the latest technology based security products available globally and introduce it into the region with adequate expertise and resources. As a part of this, we have signed up with several new innovative vendors during this year and will be displaying them during GITEX Technology week. Visit us at GITEX Technology Week 2018 and gain complete insight on our products & offering! We have been receiving great support from customers and partners over our operations during the last two decades in this region. We thank you for the confidence entrusted in us and our vendors over the years. We are highly confident and take immense pride of our partner ecosystem and appreciate their efforts in delivering products and solutions with uncompromised quality and enthusiasm as that of our vendors. We will continue to reinforce our good customer relationships and ensure partners maintain
“SECURITY BREACHES AND CYBER-ATTACKS ARE BECOMING MORE FREQUENT, AS ADVERSARIES EMPLOY INCREASINGLY SOPHISTICATED TECHNOLOGIES AND METHODS TO INFILTRATE AN ORGANIZATION’S NETWORK.”
a profitable business boosted by services. We look forward to taking our business to the next level, collaborating with the support of our partners and customers. • September 2018 • TheShield
5
Synchronized Security An innovation in threat protection
Firewall
Web
Wireless
Endpoint
Encryption
Mobile
Server
Sophos Central
Provide your customers with a best-of-breed security system where integrated products dynamically share threat, health, and security information to deliver faster, better protection against advanced threats.
For more information please contact salesmea@sophos.com Sophos @ GITEX 2018 | Visit Sophos booth in Rashid Hall.
www.sophos.com/heartbeat
Innovative vision Harish Chib, Vice President, Middle East & Africa, Sophos, shares insights into how the firm integrates advanced technologies to offer transformative solutions.
C
an you elaborate on two key milestones from the past 12 months? Within this year, we have made strong progress in both our end-user and network security offerings. We have added significant customer value and expanded our market opportunity across our product line. Last October, we launched a major upgrade to the Sophos XG Firewall with enhanced performance and new synchronized security features. We were also able to integrate “deep learning”, the advanced machine learning technology into Sophos Standstorm sandboxing in XG. In January 2018, we launched an advanced upgrade to our successful Intercept X nextgeneration endpoint offering, which now delivers unrivalled detection of unknown malware based on our advanced approach to the use of artificial intelligence in cybersecurity. Can you share the latest updates on the firm’s endpoint security solutions? The latest update to our endpoint security is Intercept X with malware detection powered by advanced deep learning neural networks. Combined with new active-hacker mitigation, advanced application lockdown, and enhanced ransomware protection, this latest release of the next-generation endpoint protection delivers previously unseen levels of detection and prevention. New features in Intercept X include Deep Learning Malware Detection, Active
For more information, please write to: info@bulwark.biz
Adversary Mitigations, New and Enhanced Exploit Prevention Techniques, and Enhanced Application Lockdown. What can channel partners expect from Sophos during the rest of 2018? We offer our partners the opportunity to build successful and profitable businesses with Sophos over the long term and we shall continue to invest in the tools, education, training, and support they require in order for them to become more productive over time. We will also continue to support and invest in our channel partners. What will Sophos be highlighting during GITEX Technology Week this year? At GITEX Technology week this year, we will display our latest next-generation cybersecurity innovation and focus on our vision. We will demonstrate the latest version of our nextgeneration security solutions with deep learning technology. Deep learning is the latest evolution of machine learning. It delivers a massively scalable detection model that is able to learn the entire observable threat landscape. With the ability to process hundreds of millions of samples, deep learning can make more accurate predictions at a faster rate with far fewer false-positives when compared to traditional machine learning. Predictive protection is the future of IT security and Sophos has taken a huge step forward by bringing deep learning neural networks into its security solutions.
How does Sophos integrate evolving advanced technologies to strengthen its offerings? We continue to invest in Sophos Central, a highly differentiated platform that enables both more effective security while simplifying management for our partners as well as our end user customers. Sophos Central allows individual Sophos security components including endpoint, mobile, server, encryption, firewall, web, email, and Wi-Fi to automatically communicate relevant information with each other to form the foundation of what we call synchronized security. Sophos has applied advanced deep learning neural network technology to the cybersecurity challenge. Deep learning has been included in the Group’s Intercept X endpoint protection product introducing ‘predictive security’ to organisations of all sizes. Sophos Sandstorm has been enhanced with deep learning-based technology and SophosLabs has recently accelerated its automated threat analysis systems by the adoption of this technology. Sophos plans to add the advantage of artificial intelligence to other appropriate areas of its portfolio in due course Can you discuss your plans for 2019? Innovation will remain a key growth driver, with internal investment supplemented by sensible, disciplined technology acquisitions. Despite a broad international reach, we see opportunities for further regional expansion. We will continue to focus on building our partner network and increasing the productivity of our existing partners. • September 2018 • TheShield
7
Out Now Acunetix v12! More Comprehensive, More Accurate and now 2X Faster In-depth analysis of JavaScript-rich sites and Single Page Applications
A
cunetix, the pioneer in automated web application security software, has recently released Acunetix version 12. This new version provides support for JavaScript ES7 to better analyse websites which rely heavily on JavaScript such as Single Page Applications (SPAs). This coupled with a new AcuSensor for Java web applications, sets Acunetix ahead of the curve in its ability to comprehensively and accurately scan all types of websites. With v12 also comes a brand new scanning engine, re-engineered and re-written from the ground up, making Acunetix the fastest scanning engine in the industry. “Acunetix was always in the forefront when it came to accuracy and speed, however now with the re-engineered scanning engine and sensors that support the latest JavaScript and Java technologies, we are seeing websites scanned up to 2x faster without any compromise on accuracy.” announced Nicholas Sciberras, CTO. Support for latest JavaScript Acunetix DeepScan and the Acunetix Login Sequence Recorder have been updated to support ECMAScript version 6 (ES6) and ECMAScript version 7 (ES7). This allows Acunetix to better analyse JavaScript-rich sites which make use of the latest JavaScript features. The modularity of the new Acunetix architecture also makes it much easier now for the technology to stay ahead of the industry curve. AcuSensor for Java Acunetix version 12 includes a new AcuSensor for Java web applications. This improves the coverage of the web site and the detection of web vulnerabilities, decreases false positives and provides more information on the vulnerabilities identified. While already supporting PHP and ASP .NET, the introduction of Java support in AcuSensor means that Acunetix coverage for interactive gray box scanning of web applications is now possibly the widest in the industry.
For more information, please write to: info@bulwark.biz
Speed and efficiency with Multi-Engine Combining the fastest scanning engine with the ability to scan multiple sites at a time, in a multi-engine environment, allows users to scan thousands of sites in the least time possible. The Acunetix Multiengine setup is suitable for Enterprise customers who need to scan more than 10 websites or web applications at the same time. This can be achieved by installing one Main Installation and multiple Scanning Engines, all managed from a central console. A trial version can be downloaded from www.acunetix.com/download/ About Acunetix Acunetix is the market leader in automated web application security testing, with customers in the Government, Military, Educational, Telecommunications, Banking, Finance, and E-Commerce sectors, including many Fortune 500 companies, the world over. In the Middle East, Acunetix has grown from strength to strength over the last 5 years, with licenses sold all over the region, with great success in UAE, Israel, Egypt, Iran,
Jordan, Lebanon, Qatar and Saudi Arabia. The Acunetix Partner Program is proving popular giving partners the chance to sell Acunetix software at competitive margins. Some customers include: Qatar Airways, MOI Qatar, OmanTel, Jumeirah Group, TECOM, Dubai Holdings, Central Agency of Information Technology Kuwait, Etisalat UAE, Dubai Bank, Al Ahli Bank Kuwait, ANB Saudi Arabia, University of Jordan, and more.
Testimonial
“ACUNETIX V12 IS CRAZY FAST AND THE CONCURRENT SCANS WENT WAY UP! I COULD ONLY DO 10 CONCURRENT SCANS BEFORE, BUT NOW I AM RUNNING OVER DOUBLE THE AMOUNT CONCURRENTLY. THIS IS A HUGE INCREASE IN PERFORMANCE AND CAPACITY. I WAS GOING TO ADD 2 MORE WORKER SCANNERS, BUT WITH V12 THIS IS NO LONGER NECESSARY, SAVING GREATLY ON OUR MONTHLY COSTS. ALSO BECAUSE OF THE WAY TARGETS OUR NOW COUNTED, MY TARGET ESTIMATE HAS REDUCED CONSIDERABLY. GREAT JOB!” Bill F., Web Application Vulnerability Scanning Service Lead, VITA
• September 2018 • TheShield
9
Hardware Encryption is key to GDPR compliance
W
ith the new era of the EU General Data Protection Regulation (GDPR) finally upon us, businesses in the GCC (Gulf Cooperation Council), the European Union’s largest trading partner at a combined trade in 2017 exceeding €143 billion, have been and are still scrambling to put in place policies and measures to comply with the new regulation. We have had a little over two years to digest and come to terms with this new regulation that introduces major changes in the way we handle and guarantee the privacy and integrity of personal data. So, it is imperative that we review and implement rigorous information security strategies to provide a significantly more robust framework to protect personal data wherever it may reside. One of the first steps organisations should undertake, or by now should have taken to gear up for GDPR compliance, is to conduct a full data audit. In other words what data is held, and how and where this data is stored, and what technologies are in place or required, such as encryption to ensure compliance. This includes the security of data on company and cloud-based servers in addition to data stored on USB flash drives, hard drives and so on. Even though an organisation may have confidential data securely stored on company and cloud-based servers, it is when employees have
For more information, please write to: info@bulwark.biz
to take private company data out of the office for off-site meetings or working from home that represents the biggest risk. Data breach incidents such as the Greater Manchester Police in the UK receiving a fine of £150,000 (pre-GDPR), when an unencrypted USB flash drive containing sensitive data was stolen from a police officer’s home in a domestic burglary. In addition to the numerous other reported incidents, this further reinforces the need for employers to enforce an ‘encryption by default USB portable drives policy’. One of the requirements as stipulated under article 32 of GDPR is “the pseudonymisation and encryption of personal data.” Therefore, it is fundamental that all mobile and USB drives used on a daily basis containing personal data be encrypted, as otherwise the ramifications can be devasting. So, if a non-encrypted USB drive containing confidential data were to go missing or was stolen, this could lead to the maximum penalty under GDPR of €20 million or 4% of the annual global turnover, in addition to adverse media scrutiny, reputational damage and loss of business which could potentially be catastrophic. With threats to cybersecurity from sophisticated hackers’ intent on getting their hands on your data increasing, it is prudent therefore to use the right product/s that have been rigorously tested and certified to withstand such threats. With a wide range of technologies available, narrow your scope down to only products that have certifications such
as the ‘Commercial Product Assurance’ (CPA) issued by the ‘National Cyber Security Centre’ which is a part of GCHQ and the ‘Federal Information Processing Standards’ (FIPS) issued by the ‘National Institute of Standards and Technology’ (NIST) which is a part of the U.S. Department of Commerce. iStorage is the trusted global leader of award winning PIN authenticated, hardware encrypted USB data storage devices. Delivering the most innovative, certified products to securely store and protect data to military specified AES-XTS 256-bit encryption levels; safeguarding valuable business information whilst ensuring compliance to regulations and directives. Designed to the highest standards, iStorage has developed ultra-secure portable USB data storage drives to meet all the main government accreditation standards. In fact, iStorage is currently the only vendor to attain NCSC CPA (UK) & NLNCSA BSPA (Netherlands) certifications for the new generation diskAshur2 range of hardware encrypted hard drives and solid-state drives. iStorage also manufactures a range of ultra-secure PIN authenticated, hardware encrypted flash drives and amongst these is the award-winning datAshur PRO, a USB 3.0 PIN authenticated, AES-XTS 256-bit hardware encrypted flash drive. This OS independent and platform agnostic drive is certified to FIPS 140-2 Level 3 (US), NLNCSA (Netherlands) and to NATO Restricted Level. To find out more about iStorage, please visit www.istorage-uk.com • September 2018 • TheShield
11
The Experts in Email Archiving Easy. Reliable. Secure.
Advantages of Email Archiving
Why MailStore?
Legal safeguard for email compliance
Integrated storage technology
Help to meet the EU’s GDPR
Flexible archiving
Protection against data loss
Fast search access
Simplied backup and restore
Low cost
Reduced workload of email servers
Low-maintenance
Elimination of mailbox quotas
Heavily eld-tested
Over 50,000 organizations in over 100 countries already trust in MailStore. Trust in the Experts in Email Archiving for SMBs. Bulwark Distribution Phone: +971-4-326 2722 · Email: info@bulwarkme.com http://www.bulwarkme.com/mailstore
V11
What is Email Archiving? Roland Latzel, Director of Marketing at MailStore, explains what the term ‘email archiving’ means and what advantages it offers.
E
mail is one of the most important means of global communication. But information sent by email is generally not stored anywhere else, but simply remains in the mailboxes of the users. In addition, companies around the world are facing a growing number of regulations on email compliance, eDiscovery and other legislation. Many managing directors of small and medium-sized companies ask themselves how they can meet these challenges with the help of email archiving and what exactly needs to be archived. So, what is email archiving? Email archiving primarily serves the purposes of documentation and preventing data loss. In doing so, emails are stored securely, and their contents remain unchanged. Archived emails can also be restored if necessary, so that important content cannot be lost. The primary purpose of archiving is for emails to be retrieved and made available over a longer period of time. Email archiving should be a significant component of any IT security strategy. SIX ADVANTAGES OF EMAIL ARCHIVING Legal safeguard for email compliance 1 Emails can be stored in their entirety in an authentic, tamper-proof, accessible manner for many years with the help of email archiving. Furthermore, email archiving is an important tool that helps companies protect themselves against general legal risk or customer complaints and makes it easier to use emails as evidence in court proceedings. 2
Protection against data loss Data that is critical to the company is lost
For more information, please write to: info@bulwark.biz
when users delete important emails at will or when they resign from the company. With email archiving, every email, together with its attachments, remains available and searchable within the archive. Elimination of mailbox quotas We’ve all been there: Outlook announces that its mailbox is full, and no new email can be received. A business partners alerts you to the fact that the emails he sent are rejected by the mail server because of mailbox quotas. This isn’t just unpleasant: having to delete emails and attachments one at a time is also time-consuming. Mailbox quotas are a thing of the past with email archiving. 3
Independence When a mail server is out of service or data is lost, every user at the company can still access all emails via the email archive. Companies remain independent from the mail server in this way and can carry out their business activities without interruption. 4
Increased efficiency The volume of data on the mail server is 5 always kept low with email archiving. This means that backup and recovery times are also quicker. The result is improved performance and leaner backups. Every user can independently restore emails at just a single click. This way, IT no longer has to go through the time-consuming process of manually restoring lost emails. Long-term solution for PST files Corrupt PST-files are just as dreaded in dayto-day work as full mailboxes. In this situation, an IT employee can only help restore the files if the PSTfiles have been backed up. As a result, these file formats put a strain on the IT department because of their susceptibility to error. With the help of email archiving, PST-files can be archived centrally within the company without going to the trouble of changing access permissions. 6
The Standard in Email Archiving: MailStore Server Small and medium-sized businesses can benefit from every advantage of modern and secure email archiving with MailStore Server. MailStore Server offers a particularly rapid full-text search of emails, and any types of file attachments, which allows the user to retrieve their emails from the archive via the Outlook add-in or the Web Access. Test out MailStore Server for 30 days for free. • September 2018 • TheShield
13
How AI and ML enhances security
Lastline Co-founder and CTO Giovanni Vigna explains the role of artificial intelligence and machine learning in security.
“WHEN WORKING ON SECURITY DATA, ONE HAS TO TAKE INTO ACCOUNT THAT CYBERCRIMINALS WILL REACT TO ATTEMPTS TO LEARN ABOUT THEIR THREATS. THIS IS CALLED ‘ADVERSARIAL MACHINE LEARNING’...”
C
an you describe yourself and give a brief about Lastline? I am a Professor of Computer Science at the University of California Santa Barbara, and I have been working on computer security for more than 25 years. A few years ago, I founded Lastline with a couple of colleagues (Chris Kruegel and Engin Kirda) to bring to market solutions to protect organizations from advanced, sophisticated threats. What is the role of AI and Machine Learning in security? Security experts are very expensive. The competition among companies is fierce, and the churn rate is very high. Therefore, companies always try to automate some of the security tasks, and machine learning and AI seem very promising. To elaborate, machine learning takes a lot of data and tries to either classify things (for example, this is a good document vs. this is a bad document), or group them together (for example, these documents are all very similar to each other). This allows for the automated classification of threats (saving the time of an analyst who does not
14
TheShield • September 2018 •
have to manually classify each threat) and supports the handling of multiple events with a single decision (once again, saving the time of a security expert who does not have to handle each event separately). That sounds very useful. Are we getting ahead of the bad guys? Unfortunately, many of the techniques used in machine learning have been developed for image analysis, natural language processing, and voice analysis, which are environment in which the data is not resisting the learning process. When working on security data, one has to take into account that cybercriminals will react to attempts to learn about their threats. This is called “adversarial machine learning” because learning from an adversary that doesn’t want to be analyzed is very hard. What are the challenges in this case? Well, first of all an adversary could “poison” the dataset from which the machine learning process is building its models. As a result, the system learns the wrong thing, and some threats might be classified as benign. Second, the adversary might learn the parameters of the models that have been learned, and slightly modify their threats (e.g., the content of an email) to change the result of the classification.
Is it different from traditional machine learning? Yes, it’s really a different gig, and I am worried that organizations and companies apply machine learning techniques without much thought about adversarial machine learning, creating a false sense of security. Maybe not tomorrow, but in a couple of years this might ‘bite’ us back. What does the future hold for us in cybersecurity? I think that it’s important to combine reliable detection based on models of what’s bad (signatures, behaviors, known patterns) and then improve the understanding of the detected network threats using anomaly detection. This is actually what we do at Lastline, where we use a composition of network analysis, models of attacks, and anomaly detection to provide a high-confidence, high-precision blueprint of a breach. What are your final thoughts on AI and security? AI and machine learning are here to stay, no doubt! However, we have to be careful and make sure that we understand how to use these techniques in an adversarial setting. We need to learn the right thing from the right data, otherwise we are building the wrong system.
For more information, please write to: info@bulwark.biz
Welcome DIRECTOR’S NOTE
Accelerating business success Jessy Jose, Director, Bulwark Technologies, elaborates on the firm’s goal to create a profitable and consistent business with its partner ecosystem.
M
anaging a distribution firm is easier said than done. To run any business, one must carefully assess the organization’s business objectives and ensure it plays to its strengths. It is also important to make sure that all the key stakeholders are actively involved and are in sync with the goals of the organization. At Bulwark, our goal is to create a profitable and consistent business with our partner ecosystem. To achieve that, we work with vendors who provides highest quality solutions and meticulously oversee the sales and distribution of products. As a twenty-year-old distribution firm operating in this region, we understand that sustaining and growing profits are the most important elements for us as well as our partners. Our aim is to always onboard solutions that guarantee adequate margins to our partner community to run their business profitably, maintaining sufficient resources to provide effective support to the end customers. While metrics can be a time-consuming process, it is necessary and even crucial to achieving daily productivity. We have regular in-house workshops to educate our staff on how to
For more information, please write to: info@bulwark.biz
increase their efficiency and get the desired results. We help to enhance our employees’ skillset through intensive training and development sessions. As technologies are evolving and advancing at a rapid pace, it is our responsibility to make sure our staff and partners are a step ahead of the changing dynamics of the industry. We also urge our partners to invest in educating their workforce to the latest technologies and learning effective sales approaches. This way, we join forces with our partners to deliver and implement qualitative solutions that abet in customers’ long-term objectives. Working closely with the finance and administration teams, we have also successfully managed a seamless and smooth implementation of all the required VAT procedures within Bulwark with the regulation being introduced in the UAE from the beginning of this year. We aim to grow even more aggressively over the upcoming few quarters, without compromising on the rich heritage and market reputation we have been able to build over the last several years. Our partners play a prominent role in our growth and will remain a cornerstone to all our future planning and strategic business objectives.
“OUR AIM IS TO ALWAYS ONBOARD SOLUTIONS THAT GUARANTEE ADEQUATE MARGINS TO OUR PARTNER COMMUNITY TO RUN THEIR BUSINESS PROFITABLY, MAINTAINING SUFFICIENT RESOURCES TO PROVIDE EFFECTIVE SUPPORT TO THE END CUSTOMERS”
• September 2018 • TheShield
15
News
BULWARK TECHNOLOGIES RAISES AWARENESS ON CYBER RESILIENCE: Bulwark has recently hosted a customer event for IT decision makers in the UAE.The event, which was held in partnership with email and data security company, Mimecast and reseller, Virus Rescuers, provided insights into how Mimecast services can help better protect Microsoft Office 365 users from vulnerabilities and how a strategy around Cyber Resilience for email can strengthen the enterprise around email-borne attacks. The event also served as a platform to educate customers on cyber-attacks like ransomware & spear-phishing and how they are evolving to become more sophisticated, dangerous & targeted. Over 30 customers from a diverse range of industries, including financial institutions,
healthcare & various verticals across the region attended the event. Jose Thomas Menacherry, MD, Bulwark Technologies, said, “The event addressed concerns around the region’s current cyber threat landscape, by providing insight into the importance of creating a robust Cyber Resilience for Email strategy.’’ Jeff Ogden, GM, Mimecast Middle East, said, “The event allowed us to help our resellers in the region to educate customers about the need to implement comprehensive security controls before, continuity during and automated recovery after an attack. We also used the opportunity to share updates on our existing product portfolio and new security offerings.’’
BULWARK ACCOLADES BULWARK MD HONORED AS ‘OUTSTANDING IT EXECUTIVE-CHANNEL’ Bulwark MD honored as ‘Outstanding IT Executive-Channel’ Bulwark Group Managing Director, Jose Thomas Menacherry was honored the ‘Outstanding IT Executive-Channel’ award in the prestigious Reseller Partner Excellence Awards 2018 by leading media player, CPI Media Group. The award recognizes him for outstanding contributions & excellence to the IT Channel community.
BULWARK WINS ‘RESELLER HOT 50 BEST PARTNER EMPOWERMENT INITIATIVES AWARD 2017’ Bulwark was awarded the ‘Best Partner Empowerment Initiatives Award’ at the prestigious Reseller Hot 50 Awards 2017 organized by CPI Media Group. The award recognizes and honors Bulwark for being an eminent player and making significant contributions to the channel community. 16
TheShield • September 2018 •
BULWARK PARTNERS WITH 42GEARS MOBILITY SYSTEMS Bulwark, the specialized Value-Added Distributor, has announced that they have partnered with 42Gears Mobility Systems, a recognized leader in Unified Endpoint Management, and has been named as one of the best mobile management software recently. Bulwark, the pioneering VAD in the region, will distribute 42Gear’s full portfolio of endpoint management solutions to customers in the Middle East region. ‘’We are happy to introduce 42Gears to complement our existing product portfolio specializing in the Information Security domain. With this solution, the companies will have full control of business applications and data being accessed through mobile devices, as per their security policies and third-party compliance requirements,” said Mr. Jose Thomas Menacherry, CEO, Bulwark Distribution. Mr. Abhay Koranne, SVP, 42Gears Mobility Systems, said, “We are happy to partner with Bulwark and utilize their expertise in IT Sales and support. Our aim is to grow our reach in different verticals and market segments in this region, and we look to achieve this through a focused go-to-market strategy with Bulwark.”
BULWARK TEAM WELCOMES: Name: Enayat Galsulkar, CISSP Designation: Business Development Manager Kuwait Profile: Cyber Security Architect with 15 plus years extensive experience in large scale enterprises and projects in Design, Deployment and administration of IT Security. Extensive experience of Pre-Sales IT Security in Enterprise Risk Management, Various Network and Security products and technologies and Compliance Monitoring among many others.
Name: Aneez Manappurath Shafeek Designation: Business Development Manager – Oman Profile: Cyber Security Professional with over three years of extensive experience in the IT Security domain.
For more information, please write to: info@bulwark.biz
Feature
Opportunity in compliance Murali Vellat, Division Manager and Varkeychan Davis, Technical Manager, Bulwark Technologies, discuss the impact of GDPR on Middle East firms and the role of partners to help them become compliant.
E
arlier this year, the General Data Protection Regulation (GDPR) has been implemented by the European Union (EU) to protect the personal data and privacy of its citizens. It clearly states what organizations that collect, store or process EU residents’ data must do, to safeguard these rights. The law now calls for more transparency in terms of the kind of data they have and with whom they disclose it. Middle Eastern firms are currently attempting to find their foothold with the new regulation and identifying how it impacts them. “Majority of the organisations and enterprises in the Middle East region are in the awareness phase. GDPR and its implication are still being understood. A few large organizations have initiated the process of becoming GDPR compliant,” says Murali Vellat, Division Manager, Bulwark Technologies. “However, many firms in the region are yet to understand the implication of the regulation and have not initiated any efforts to comply. They seem to be in the ‘wait, watch and adopt mode. Therefore, the adoption rate has been significantly slower.”
For more information, please write to: info@bulwark.biz
Vellat believes the adoption rate will pick up as awareness and readiness levels rise. Within the region, there are similar standards that are being implemented, mostly in UAE, Saudi Arabia and Qatar (Data Privacy and Protection Law). In UAE, this is being driven by National Electronic Security Authority (NESA), Dubai Electronic Security Center (DESC), Dubai Smart Gov (DSG), Abu Dhabi Systems & Information Centre (ADSIC). The framework that has been released are Information Assurance Standards (IAS), Information Security Regulation (ISR) and Abu Dhabi Information Security Standard (ADISS). Varkeychan Davis, Technical Manager, Bulwark Technologies, says, “Under GDPR terms, not only organizations would ensure that personal data is gathered legally and under strict conditions but also manage and protect data from misuse, exploitation and respect the rights of data owners else face penalties for not doing so.” He explains that companies would implement appropriate technical and organizational measures under GDPR. “Security heads should take measure to reduce risk and manage access controls.They should automate and impose least privilege with
entitlement reviews and proactively enforce ethical walls and security policies. These could include data protection provisions such as staff training, internal audits of processing activities, and reviews of HR policies, as well as keeping documentation on processing activities.” According to Davis, to ensure an organization effectively protects personal data and sensitive content relevant for compliance needs, one needs to implement solutions and processes that help the firm to discover, classify, protect, and monitor important data. He says, “This is an opportunity for partners to provide services and solutions to comply with GDPR. They can help businesses to find their customers’ personally identifiable information and data access rights, what they’re doing and who they’re sharing with, to become GDPR compliant.” Partners can assist companies become GDPR compliant by identifying and classifying GDPR data, establish access controls and data protection policies, and build a unified data security strategy for customer data protection. “After all,compliance is not a onetime activity, it needs continuous monitoring, evaluation and fine tuning from professionals,’’adds Davis. • September 2018 • TheShield
17
Blog CYBERSECURITY
Happy hunting Varkeychan Davis, Technical Manager, Bulwark Technologies, explains the importance of threat hunting solutions and why organizations must adopt proactive approaches to enhance security postures.
T
hreat hunting refers to the process of proactively scanning through networks to identify and detect advanced threats that have evaded existing security measures and then proceeding to isolate it. It combines the use of threat intelligence, analytics, and security tools. It plays a critical role in the early detection of an adversary, as well as faster removal and repair of vulnerabilities uncovered during the process. Today, many organizations are utilizing existing tools to evaluate their environment. Slightly more mature organizations are writing scripts to enhance their capabilities while much bigger organizations are utilizing third-party tools such as SIEM, APT, EDR to aid in finding, tracking and catching the adversary. In order to fully understand the impact of a breach, the detection of malware threats needs to be complemented by the proactive exploration of anomalous network behavior and inter-artifact relationships. This activity is supported by machine learning techniques, which can be leveraged to aggregate and classify events at an unprecedented scale. There are also several tools that can be deployed to automate the threat hunting process to a certain level. In addition to SIEM, APT and EDR are also effective tools in threat hunting. Security solutions such as Lastline’s APT monitor your network activity, including low-level events and seemingly benign actions, to uncover all malicious incidents. It facilitates hunting of latent threats residing in your network, resulting from file downloads, website content and email attachments. Network Analytics enables you to identify and prioritize mitigation actions by mapping all network traffic associated with a breach. You can quickly understand the scope of the threat, including 18
TheShield • September 2018 •
compromised systems, communication between local and external systems, and data sets accessed and uploaded. FALSE POSITIVES Often customers come across the challenge of false positive vulnerabilities. It is an error that occurs in the evaluation process where the software incorrectly detects a vulnerability, when in fact, there is none. Within most SOCs, false positives are a major problem. This is not only because they take time and resources to rectify, but also because they distract security analysts from dealing with legitimate security threats. And when security analysts become desensitized to alerts because they’re wasting time reacting to too many false positives, they start to miss true indicators of cyber-attacks. The most common source of false positives is poorly configured security tools. It is better to be proactive in your threat-management approach. If all you do is wait for alerts and alarms to go off, you will spend more time chasing false positives than you will on identifying real threats.
Prioritization is one of the best tools a SOC can use to minimize time spent on false positives. Alerts that have the highest reliability and are associated with detecting high-risk events; should obviously be assigned a higher priority. Choose collaborative intelligence sources that will bring different fidelity, relevance, and value to your security operations. Review all alerts and develop better alerting rules based on lessons learned. By reviewing every alert that goes into your queue, you’ll learn how to tune and improve your rules. Continuously working to tune this logic is critical for minimizing false positives. EFFECTIVE CYBER INCIDENCE RESPONSE Threat hunting is not only about the use of right kind of technology but also about the right people. Threat hunting requires intimate knowledge of both the organization and the perpetrators. Companies should assign security experts to investigate cyber-attacks and make unique actionable information about malware and threats publicly available to improve
“NETWORK ANALYTICS ENABLES YOU TO IDENTIFY AND PRIORITIZE MITIGATION ACTIONS BY MAPPING ALL NETWORK TRAFFIC ASSOCIATED WITH A BREACH.”
For more information, please write to: info@bulwark.biz
security teams’ ability to detect and block attacks with the help of advance solutions such as APT, EDR, SIEM and NGFW. Most organizations have developed some level of cyber incidence response capabilities. Avoiding a cyber crisis often comes down to properly managing a cyber incident before, during and after it unfolds. This starts with a broad view of cyber crisis management. Effective preparation addresses the entire crisis management lifecycle of readiness, response, and recovery. A well-prepared, multifunctional team must be poised to deal with all aspects of an incident or crisis. Steps to return to normal operations and limit damage to the organization and its stakeholders continue after the incident or crisis. Remediation begins after critical business operations resume. The organization must verify that attack vectors are eradicated and take steps to prevent similar attacks in the future. Enhance monitoring and other measures to mitigate future risk of similar incidents and enhance policies that may increase security.
For more information, please write to: info@bulwark.biz
“ A WELL-PREPARED, MULTIFUNCTIONAL TEAM MUST BE POISED TO DEAL WITH ALL ASPECTS OF AN INCIDENT OR CRISIS. STEPS TO RETURN TO NORMAL OPERATIONS AND LIMIT DAMAGE TO THE ORGANIZATION AND ITS STAKEHOLDERS CONTINUE AFTER THE INCIDENT OR CRISIS.”
FUTURE Threat hunting is gaining momentum. Organizations are making the investment in resources and budget to shift from reacting to attacks to the creation of proactive threat hunting programs and dedicated teams. Organizations are becoming more confident in their security teams’ ability to quickly uncover
advanced attacks, compared to last year. Based on recent trends, we expect that the number of advanced and emerging threats will continue to outpace the capabilities and staffing of organizations to handle those threats. Therefore, it is the need of the hour for customers to enhance their security postures with a proactive approach. Happy hunting! • September 2018 • TheShield
19
20
TheShield • September 2018 •
For more information, please write to: info@bulwark.biz
Transformative connections
Ashok Kumar, Chief of Business Development [EMEA & SAARC], TalariaX, elaborates on the company’s business objectives and plans for the region.
Let’s start with the history of TalariaX. In a nutshell, can you give us a bit of background on the company and its business today? TalariaX is a 15 year old Singaporean company with multi-award-winning products and clients in 50 countries. We help organizations establish two-way communications with mobile phone users to facilitate “enterprise mobility”. We do that with products and services that form the central information delivery infrastructure by leveraging SMS, email and Social messengers such as whatsapp, facebook messenger, line, WeChat, Viber, Slack, Telegram and Microsoft Teams. We work with an open API and a host of industry standard protocols. Deployment scenarios include Ad-hoc User Messaging, Infrastructure Alerts, Notifications from and to Third Party Applications and Enhanced Remote Access Security. We have also established strategic alliances with leading vendors and service providers to facilitate interoperability and ease of use. Globally, TalariaX operates through a multi-tier eco-system comprising of regional distributors, Systems Integrators, and Resellers. What are your Products and Services? Our Products: • sendQuick Alert, sendQuick Alerter, sendQuick Alert Plus, sendQuick Entera and sendQuick Avera for Infrastructure Alerts • sendQuick Enterprise and sendQuick Entera for Third Party Application Integration / User Messaging. • sendQuick Alert Plus (delivers SMS for user authentication from third-party 2FA tools), sendQuick Alert Plus with HTTP Plug-in (for deployment with RSA), sendQuick Conexa (facilitates SMS/OTP and Soft Token Authentication). Additionally, sendQuick Conexa can also facilitate free to download soft tokens (Google Authenticator - iOS / Free OTP Authenticator - Android). These products
For more information, please write to: info@bulwark.biz
•
facilitate Enhanced Remote Access Security. sqoope (Secure, 2-way mobile messaging server), an on-premise mobile messenger.
Our Services : • sqoope on cloud (Secure, 2-way cloud based messaging server ) • Iriz (Cloud-based A2P service with API integration and smart phone messaging) • Clouvera (Monitor IP addressable infrastructure from the cloud to alert concerned personnel on failure via SMS/Email) • sendQuick ASP, Cloud based SMS service. What are the supported Platforms as of today? TalariaX offerings include On-premise appliances (sendQuick/sqoope), Cloud-based offerings (Clouvera/sqoope), Virtual Machine (sendQuick Entera VM) and A2P services (Iriz/ASP) Who are your clients? TalariaX clients include a majority of F500 clients
“WE HAVE ALSO ESTABLISHED STRATEGIC ALLIANCES WITH LEADING VENDORS AND SERVICE PROVIDERS TO FACILITATE INTEROPERABILITY AND EASE OF USE. ”
worldwide in addition to major companies in the Middle East. International companies include IBM, NEC, Hitachi, Fujitsu, SAP, Honeywell, Schneider, Airbus France, Liberty Insurance, Merseyrail, DHL, Schenker, CIMB, DBS Bank, McDonald’s etc., Regional companies include The Central Bank of Bahrain, Bahrain Bourse, Gulf Air, Tatweer Petroleum, Saudi Defence Force, Interserve Engineering, Saudi Ericsson, Ajman Bank, UAE Army, Qatar Foundation, Kuwait Oil Company, Oman Refinery, Bank Muscat, Maldives Airport etc., Can you give us an idea of Market size, Target segment, Opportunities for your offerings? As of date, our products are deployed across 50 different sectors. Our target market is any organization that wants to establish two-way communication from devices, applications and users (within the enterprise) to people holding a mobile device. Market opportunities abound in view of our diversified offerings to cater to different needs. Ideally, who are your channel partners? Systems Integrators or Resellers that have prior experience selling Hardware for e.g., network equipment, switches, firewall, UTM etc., Software such as ERP, CRM, SCM, BMS, DCIM, NMS, EMS, IDS, IPS or Services such as SMS, PT/VA to clients. How do you engage the market? We participate in leading trade shows around the world to ensure visibility and exposure. For example, we have had a consistent presence at GISEC, GITEX in the region. We also conduct webinars and WebEx sessions regularly to engage prospective channel and clients. How does a prospective partner engage with you? Prospects can email me at ashok@talariax.com or contact us via our website www.talariax.com • September 2018 • TheShield
21
ZOOK SENSORS for the Data Centre & Beyond
PowerZook PowerZook is a unique power sensor that can be installed to monitor 16A and 32A
single phase power cables in server room racks with ZERO DOWNTIME. “PowerZook is the Smart Alternative to Smart PDUs!”
•
Quickly obtain power data for analysis
•
Identify isolated power failure conditions
•
Identify potential current overload conditions
•
Identify higher than normal current levels due to faulty equipment
PoE · SNMP · IoT To receive further product information and discover exactly how Jacarta products can help you to monitor, manage and protect your IT infrastructure, please contact Bulwark on +971 4 326 2722 or info@bulwark.biz
The Importance of Sensors to Data Security Jacarta CEO Colin Mocock discusses the importance of deploying data centre sensors to help protect your critical data.
O
ften overlooked, often neglected, but data centre sensors are now having their ‘day in the sun’! It’s now impossible to ignore the threats posed to the integrity of system data by problems such as air-conditioning failure, power issues, water leaks, fire and security breaches. Deploying an effective data security strategy means using sensors and alerting mechanisms to monitor data centre status 24/7 and notify personnel immediately there’s a potential problem. The Internet of Things has heightened awareness as to the depth and breadth of the type of sensors that can now be deployed to help improve efficiency and provide alerts to danger. TEMPERATURE Air-conditioning failure is the most common cause of environmental data centre woes after power problems. It’s incredible the number of times we are contacted by potential customers who tell us ‘we’ve had an aircon failure over the weekend’ and things have gone horribly wrong, And yet we still visit sites and talk to people who have absolutely no temperature monitoring in place. The incredible number of issues IT managers have to deal with every day can make this an afterthought, but monitoring temperature and receiving alerts when air-conditioning fails is easy to implement – and, in this day and age, no-one should be without it. HUMIDITY Problems arising from humidity issues can be ‘slow-burners’. But static electricity and condensation are both significant problems arising from humidity issues leading to instability in data centre environments. Humidity issues can usually be identified easily and in good time with the deployment of humidity sensors, so remedial action can be taken before major issues arise.
pipes or as a result of faulty air-conditioning units. Needless to say, water ingress in IT environments can be absolutely catastrophic. Water leak sensors, once again, are quick and easy to deploy and can prove to be a ‘game-changer’ if you can identify a leak before it becomes a flood.
is a significant and ongoing problem. But the deployment of data rack door sensors can be carried out inexpensively and painlessly. I’m not entirely sure why this is not yet a minimum requirement for every rack in every unmanned data centre, but the reality is that it’s not!
POWER FAILURE Problems with power can come in many different guises. Power failure resulting in UPS back-up power and, perhaps, generator back-up also, are at one end of the extreme. At the other extreme, but potentially more disastrous, can be faulty equipment or wiring that goes undetected for days and perhaps weeks, ultimately resulting in a significant failure. Sensors are now available that can be used to identify if equipment is drawing higher-than-normal current which may indicate that attached equipment is malfunctioning for some reason and about to go ‘pop’!
ALERTS There are many other sensors that can be deployed to monitor data centre status conditions but, just as important as the sensors is an effective alerting mechanism. Alarm beacons, SNMP traps, SMS, email and automated telephone voice alerts can all be used to raise the alarm quickly and effectively. A white paper on this subject is available from Bulwark. For further details, please Contact Bulwark @ +971 4 326 2722 / info@bulwark.biz Colin Mocock is the founder and CEO of Jacarta Ltd., a UK-based manufacturer and supplier of easy-to-install, easy-to-use data centre sensors and monitoring systems. Please visit www.jacarta.com for further information
FIRE Fire alarm systems are common place, but what if an electrical fire starts in a data centre rack? Will anyone know? The value of equipment housed in a single rack to an organisation can be immense, and the data potentially priceless, so the importance of protecting and caring for that rack should not be neglected. Implementation of a smoke detector in each rack can be a lowcost way of preventing an extremely expensive disaster. SECURITY Physical security breaches within data centres
WATER LEAKS Water can enter data centres via leaking service
For more information, please write to: info@bulwark.biz
• September 2018 • TheShield 23
Are your digital assets vulnerable to malicious threats? Anil Bhandari, Chief Mentor, ARCON, elaborates on how the firm has engineered the entire concept of Privileged Access Management (PAM) to offer a new avenue to the safe access management.
O
ne of the major International cab service providers with more than 50 million global users suffered a massive data breach at the end of 2017 only to lose another $1,00,000 to keep the incident a secret. More than 57 million records of users and drivers were taken hostage by the threat actors demanding a ransom. Adding to this mayhem, who can forget the infamous Bangladesh bank heist at the beginning of 2016 where more than $80 million were lost due to some negligent insiders. Along with few other incidents, these highly discussed scenarios acted as the real eyeopeners for the CISOs, CSOs and CTOs of BFSI, Telecom, Pharmaceuticals, Hospitality and even Government sector. A recent Gartner report has revealed that Privileged Access Management (PAM) is the most discussed security project of major organizations worldwide in 2018. Gartner goes on to predict that almost 50% of global enterprises would be relying on robust access management system to guard against current and emerging cyber threats. The privileged accounts that are misused in any data breach incident are mostly accessed through social engineering. Not surprisingly, 80% of breaches happen in the world involve privileged accounts. These breaches happen either by external malefactors or by malicious insiders. As a result, almost 58% of IT managers are of the opinion that its prime time for organizations to shift their security concern towards the privileged accounts prevailing in the enterprise network. The validation and verification of confidential data access is assured by privileged access management and privileged identity management solutions.
For more information, please write to: info@bulwark.biz
ARCON | PAM Solution ARCON, being the bellwether of Risk-Control Solution providers globally, has engineered the entire concept of Privileged Access Management (PAM) to offer a new avenue to the safe access management. As far as ARCON’s Privilege Access Management (PAM) solution is concerned, the major pillars of defense include A. Stringent Password Management tool, which protects privileged credentials. To date, 30% of global organizations don’t put any restrictions on accounts and passwords to be shared randomly. In addition, 20% among them don’t even change the passwords ever. This definitely gives ample opportunity for the malicious actors to take hostage of sensitive records stealthily. B. Continuous Session Monitoring, which identifies any anomalous activity. C. Privileged User Authentication, which is a continuous verification processes of users on the basis of their online behavior. With this, the vigilance team can figure out if any privileged account has been misused or any malicious activity has taken place. Today, 70% organizations do not seek any official approval for creating new privileged accounts, which again is a big user negligence of access management security. D. Real time Dashboard which gives clear and detailed view of the server access activities. It even alerts the security officer for any suspicious user behavior. E. A robust Granular Access Control system is a unique technology which provides in depth and need based access control for privileged users. ARCON | PAM solution has already been chosen by reputed international organizations from BFSI,
“MOST OF THE HACKERS TARGET THE PRIVILEGED ACCOUNTS BECAUSE THOSE ARE THE CRITICAL DOORS TO GET HOLD OF CONFIDENTIAL INFORMATION.”
Manufacturing, Aviation, Real Estate, Media, Insurance and Investment sector. Even different Government sectors from UAE and Saudi Arabia have already deployed the ARCON | PAM solution to meet the needs of robust vigilance of online activity happening in their official network. Current and emerging threats coming from both external and internal actors are contained successfully. Without adequate and relevant security controls in place, any organization today would definitely be exposed to cyber exploitation. Today, most of the hackers target the privileged accounts because those are the critical doors to get hold of confidential information. Thus, securing the privileged accounts should be a top priority in any corporate entity. ARCON is always ready to extend its helping hand to offer you the PAM protection you deserve and thereby accelerate your business growth. • September 2018 • TheShield 25
42GEARS Mobility Systems R
42Gears Creates a Secure Digital Learning Environment for Al Dhafra School
The solution provider demonstrates how it has successfully implemented COD (Company-owned Devices) and BYOD solutions to counter challenges faced by customers embracing mobility.
T
he business challenge With a vision to improve traditional classroom learning experience, Al Dhafra Private School, the largest educational institute in UAE, introduced Android tablets into its curriculum. Mobile devices allow students and teachers to access Al Dhafra’s online portal and other approved apps. Each user is given a specific user id and password to access learning resources such as worksheets, courses, lesson plans, presentations and news feeds. Additionally, some students also bring their own devices to access learning material through the school’s application. While there are many benefits of adopting mobile devices in education, several challenges were faced in deploying this new technology. Since these devices were unmonitored, students were able to download unauthorized apps such as games, social media and other non-educational apps, which distracted the students as well as exposed the school’s network to security threats like virus attacks. To fully support this technology-based learning initiative, Al Dhafra required a solution to monitor and manage these devices easily. They wanted to lockdown down the tablets in the school premises during the school hours. They also wanted to push and update their approved application remotely to the devices. Al Dhafra needed a solution that would allow them to easily manage and push approved content and apps to school-issued as well as student-owned devices. How 42Gears solved the problem SureMDM and SureLock from 42Gears UEM solution were deployed on all student-owned (Bring Your Own Device) and school-issued devices. The IT team of Al Dhafra received personalized training from 42Gears Professional Services team. 42Gears UEM helped 26
TheShield • September 2018 •
THE IMPLEMENTATION OF 42GEARS UEM FOR EDUCATION HAS ALLOWED AL DHAFRA TO OVERCOME MANY OF THE COMMON CHALLENGES ASSOCIATED WITH THE DEPLOYMENT OF MOBILE TECHNOLOGY IN CLASSROOMS.
the school admin to selectively lockdown the devices into kiosk mode during school operational timings. The setup allowed them to secure and manage the devices remotely. Geofencing and time fencing features from 42Gears UEM solution allows the admin to create a geographical boundary as well as time-based setup, which automatically launches Al Dhafra’s application and other pre-defined on the devices whenever students enter the school premises during specific hours. They are able to easily push app updates and distribute content to these devices using 42Gears UEM. The students are unable to access any other applications except the school portal and approved academic applications. The process of distributing study material to these school issued as well as BYO devices has also become easier.
Benefits The implementation of 42Gears UEM for education has allowed Al Dhafra to overcome many of the common challenges associated with the deployment of mobile technology in classrooms. The overall time required for distributing the apps to each tablet has significantly reduced from hours to just a few minutes. 42Gears solution has not only eased the management of the tablets, but also ensured that mobile devices are used responsibly by students in the classroom. As a result, the classroom learning experience has become more engaging and enhanced. “42Gears has eliminated the manual prep time for devices which was a major hurdle earlier if students wanted to use mobile devices in the classroom. With just a few clicks on the console, 42Gears UEM solution allows us to launch apps, update apps and lock them down into kiosk mode,” said Pavan Deepak, CTO, Knowledge Hub.
For more information, please write to: info@bulwark.biz
The importance of cyber resilience as Middle East organisations embrace cloud By Jeff Ogden, General Manager, Mimecast Middle East
C
yberattacks in the Middle East are on the rise. There’s barely a day that goes by where you don’t hear about a breach or an organisation that has unsuspectingly fallen victim to ransomware, spearphishing or impersonation fraud. Organisations are moving in large numbers to the cloud and with Microsoft’s recent announcement that they will be launching data centres in the UAE, this is set to increase dramatically. The benefits of cloud email providers like Office 365 are obvious as businesses of all sizes can now benefit from its collaboration capabilities, which means they can improve productivity and reduce costs and complexity. However, while cloud is a “game-changer”, organisations must understand that they need to apply a few basic principles when migrating. We all know that email is the number one business critical application for most companies. So, when planning to migrate there should be three main considerations: 1. How do I ensure business continuity for email? Business continuity for cloud email is no different to on-premise. It means having a duplicate copy of data, a fall-back application if the primary application becomes unavailable and a different access method for users. 2. How do I ensure cloud email is secure? In an on-premise mail solution, the application will be protected by multiple third-party security technologies - a gateway security component, an endpoint security component and potentially a “data at rest” component. In the cloud, the security protection should be even better as you are no
For more information, please write to: info@bulwark.biz
longer in complete control of the physical network, server and software components of the application. 3. Can I recover in the event of a cyber incident? Organisations with on-premise solutions generally have a well-documented backup and recovery processes. In the cloud, organisations seem to forget that this is still required. Having the ability to recover to a specific point in time after suffering a cyber incident, is critical when moving to cloud. Providing comprehensive security controls before, continuity during, and automated recovery after an attack, are the key elements of any cyber resilience strategy for email. And given the current state of cybercrime, having such a strategy has become a non-negotiable. The cyber threat landscape has evolved dramatically, hackers are smarter and more sophisticated, they have formed communities and share ideas and pursuits. Many organisations think that defending against spam, viruses and malware is enough, but attacks have changed. So, having Cyber resilience built into your cloud applications is critical. Unfortunately, organisations are relying on cloud providers to provide cyber resilience. But it’s not advisable to rely on a single party cloud service to deliver your business continuity and security needs. It’s important to consider a thirdparty solution to achieve cyber resilience. For many organisations it’s only a matter of time until they become the next victim. Relying on the basic security is a huge risk that could dramatically impact productivity, business operations or even bottom line. Organisations also need to be prepared for the possibility of a successful attack and have
“PROVIDING COMPREHENSIVE SECURITY CONTROLS BEFORE, CONTINUITY DURING, AND AUTOMATED RECOVERY AFTER AN ATTACK, ARE THE KEY ELEMENTS OF ANY CYBER RESILIENCE STRATEGY FOR EMAIL.” risk mitigation techniques in place. So, if a breach occurs, you can keep email flowing with a continuity service and recover from ransomware quickly, with an archive service that allows you to recover data to the last known ‘good’ state. Microsoft’s plans for data centres in the UAE is a clear indication of the growing interest in cloud services, but concerns around security remain. All organisations therefore need to ensure they have an adequate cyber resilience strategy in place to protect themselves from growing cyber threats. • September 2018 • TheShield
27
Risk Assessment: Seven Myths Busted By Matt Middleton-Leal, General Manager, EMEA, Netwrix Corporation
“A FALSE SENSE OF SECURITY IS ONE OF THE WORST THINGS THAT CAN HAPPEN TO AN ORGANIZATION. NO MATTER HOW STRONG YOUR CONTROL PROCESSES ARE...”
I
anything or hiring any consultants. If you opt for a IT risk assessment software solution, be sure to look for automation and integration capabilities that will streamline implementation and use. t’s a common belief that risk assessment is so expensive and complicated that only enterprises can afford it. It is a huge mistake, because risk-based approach is essential for developing a cyber-security strategy for organization of any size. Do not believe in any of these myths to prevent yourself from carrying out risk assessment properly:
Myth #1. IT risk assessment is a very expensive and complicated activity. WRONG. The complexity and cost of risk assessment depend on the scope and the processes involved. There are actually many easy ways to perform risk assessment, such as using a risk assessment matrix to evaluate and prioritize risks based on their impact to the IT infrastructure. Even simple measures, like maintaining a spreadsheet with risks labeled low, medium and high, can help you evaluate your security posture without buying
28
TheShield • September 2018 •
Myth #2. If my enterprise doesn’t process large volumes of data, I have nothing to worry about. WRONG. The truth is, enterprises generally have the means to implement more sophisticated security measures than SMBs, and attackers know it. Since both types of organizations store valuable data, they choose to go after the data that’s less protected, even though there may be less of it to steal. Moreover, sometimes, a small amount of extremely confidential information is much more valuable than a huge amount of data. For example, a small government contractor that has access to secret government projects is a far more tempting target than a large organization that stores a ton of everyday emails and company picnic photos. Myth #3. Risk assessment is a one-time activity. If you have done it once, you are ok. WRONG. Both your IT infrastructure and the threat
landscape are constantly evolving, so you need to repeat the risk assessment and mitigation process on a regular basis to spot new weak spots and fix them before a breach occurs. Myth #4. Analyst and research firms are creating an artificial demand for risk assessment. WRONG. Risk management is more than just a buzzword. It is an essential part of many compliance standards (including NIST SP 800171, HIPAA, GDPR and ISO 27001) because it helps organizations reduce risk by evaluating and improving their security posture. Myth #5. There is no real value in risk assessment; organizations do it just for show. WRONG. In fact, risk assessment is a very powerful tool for making real changes that improve security. The 2017 Netwrix IT Risks Report found that lack of involvement of senior management was a problem for 32% of IT pros looking for additional budget for new IT security measures or personnel. Risk assessment can help you highlight risky areas to C-level executives and educate them about the likelihood of data breaches and their financial implications, which will help you justify the budget you request for improving data protection. Myth #6. Everything is fine with my organization; we don’t need risk assessment. WRONG. A false sense of security is one of the worst things that can happen to an organization. No matter how strong your control processes are, you do have vulnerabilities, and thorough risk assessment will help you ferret them out, prioritize them and take appropriate remediation steps. As your IT environment changes and threats evolve, new vulnerabilities will emerge, and you’ll need to repeat the process. Myth #7. We have insurance, so it’s not a big deal if we don’t have risk assessment. WRONG. Many organizations believe that insurance will cover data breach costs and protect them from individual and class action lawsuits. But that’s not true. For example, if an investigation reveals that a data breach was completely your organization’s fault, there is no way you will avoid fines and other sanctions. Key to risk assessment is reducing the risk in a way that is proportionate and addresses cyber threats from a business-lead perspective. Risk assessment helps business to identify potential vulnerabilities and prioritize its security efforts, thereby, spending IT security budget as efficient as possible.
For more information, please write to: info@bulwark.biz
Alliant Credit Union Enhances PCI DSS Compliance with GoAnywhere MFT Agents As a member-owned credit union headquartered in Illinois, Alliant Credit Union processes and tracks over 500 file transfers a week. These file transfers must consistently meet the needs of their members and remain 100% PCI DSS compliant.
As they continued to explore the product beyond its basic capabilities, they found exciting features they’ve since integrated into their day-to-day tasks. One such surprise was GoDrive, an Enterprise File Sync & Sharing module for GoAnywhere. Alliant Credit Union was also able to integrate GoAnywhere with their enterprise scheduler, a cross-platform, cross-application IT solution, to perform all their business procedures seamlessly.
G
rowing Business Needs Sparked Search for a New Solution Before GoAnywhere entered the picture, Alliant Credit Union used a mix of WS_FTP and MOVEit from Ipswitch and homemade manual scripts to process their file transfer needs. Based on the suggestion of a previous employee, Alliant Credit Union implemented GoAnywhere MFT for its robust capabilities and advanced set of features. Not only has GoAnywhere saved Alliant Credit Union hours of manual work since implementation, it’s solved many in-house problems and improved the security of their data overall. Computer Operations Supervisor Jay Wehner knew it was time to move to a new product when Alliant Credit Union started development on a new data warehouse. “With our current setup, we saw we needed a more robust system,” Wehner explained. “We wanted better automation of the files and a process to import them.” Faced with increasing demands for PCI compliance, file transfer automation, and encryption,
For more information, please write to: info@bulwark.biz
the team at Alliant Credit Union looked at GoAnywhere MFT as a possible replacement for their current setup. It had the features they wanted—database integration, clustered active-active failover, and secure email transfer—and the release of GoAnywhere MFT Agents only further expanded what they could accomplish.
Enhanced PCI DSS Compliance with GoAnywhere Agents One main draw Alliant Credit Union had to GoAnywhere was the ability to enhance their PCI DSS compliance using GoAnywhere MFT Agents. “We needed a way to securely store and transmit PCI data. By utilizing GoAnywhere Agents, we were able to use a secure channel to transmit this data. We now no longer use standard protocols like SMB ... for file transfers, which protects our data from unwanted network scanning.” Other initiatives run by Wehner, like a workflow that archives and purges files across multiple projects after a set amount of days, help keep Alliant Credit Union organized and compliant with PCI DSS retention policies.
GoAnywhere’s Advanced Features Exceeded Expectations Moving from their combination of file transfer solutions and manual scripts to GoAnywhere was painless. “No other product was evaluated. GoAnywhere is a true ‘one product does it all.’ It’s not just file movement and SFTP.” After Wehner’s team implemented GoAnywhere across the organization, they used it to create secure encrypted connections between their servers. This enabled them to promote the safety of their data and lock down common ports and protocols—which, for a company dealing with personal banking information, was absolutely critical. They also took advantage of GoAnywhere Secure Mail, an ad-hoc email module that can integrate with Microsoft Outlook.
Saving Time and Money with GoAnywhere’s File Transfer Capabilities As an institution that deals with loan requests, automatic payments, and more, Alliant Credit Union processes a large amount of transfers a week. GoAnywhere cuts the transfer process down to around 15 minutes. GoAnywhere also contributes to the company’s bottom line. “I can’t even begin to say how much time and money GoAnywhere has saved us each month. Automating your transfers, databases, and CSV files is an enormous cost saver.” When asked if he’d suggest GoAnywhere to others, Wehner didn’t hesitate. “Buy it! The abilities are endless for file manipulation, transfer[s], database[s], encryption, and more!” • September 2018 • TheShield 29
Events
Bulwark@GITEX 2017,8th to 12th October 2017
Sync With Sophos Series
Sophos XG Technical Training :24th January 2018
InfoSecurity Middle East, 6th-8th March 2018
Sophos XG Technical Training – Kuwait, 21st February 2018
Bulwark @ GISEC 2018, 1st to 3rd May 2018
Mimecast & Virus Rescuers End Customer Event :10th May 2018
30
TheShield • September 2018 •
Sincy Santosh receiving The Legend of the Year recognition in Mimecast Partner Connect Event -Dubai - June 2018
For more information, please write to: info@bulwark.biz
äČ?É“Čľâ€ŤÚ˜â€ŹĂ?ĆŒÇšÉ“ĆˇĆ°â€ŤÚ˜â€ŹÂĽĆŒČľÉ‹Č„ĆˇČľ Uw‍ Ú˜â€ŹĂ¤ -Â¨â€ŤÚ˜â€ŹÂ°- ŨUžä
ĂžOä‍ Ú˜â€ŹĂ…kĂž ¨hŮ‘ Bulwark is a cyber security specialized Value-Added-Distributor & a recognized thought leader in the Middle East & Indian sub-continent region offering innovative solutions to cater to the dynamic security requirements of our customers.
Partnered with 400+ channel network, we deliver high end professional services,skill enablement and round-the-clock support to customers across various verticals to address the cyber security challenges.
info@bulwark.biz
+971 4 326 2722
°ž¨UĂ?UwGâ€ŤÚ˜â€ŹFÂ‚Â¨â€ŤÚ˜â€Ź-ĂŁ -kk-w www.bulwark.biz | www.bulwarkme.com
Schedule a Demo TODAY & Earn a Reward! *T&Cs Apply!