Inside the Briefcase






Briefcase Highlights


SECURITY

EMV Myths Debunked for the Retail Industry

June 15, 2016 No Comments

On October 1, 2015, a liability shift occurred as it relates to responsibility for paying for chargebacks for counterfeit cards used at a retail store. Between the retail stores, the bank that issued the credit card, and the payment processor, whoever is prepared the least to accept EMV payment cards will now be responsible to pay for the chargebacks. With this still being a relatively new practice it can still be confusing for some users. The folks at Counterpoint POS have put together an infographic below, debunking common myths regarding EMV credit card processing.

If Your Perimeter’s Not Secure, Neither is Your Data

June 2, 2016 No Comments

The last several years have shown us that, despite our best efforts to secure our networks, the bad guys are still getting in. Perimeter defenses continue to fail, and data continues to be stolen. What’s more, the perimeter isn’t as clear a notion as it once was. Consequently, IT security teams are beginning to change their thinking and focusing on data security. A key aspect of data security is encryption, but it must be implemented in a comprehensive manner. If not, data may not be secured in all locations, leading to a false notion of security that can end in theft.

Why IT Security Is a Top Priority for Every Business No Matter Its Size

May 26, 2016 No Comments

The days of being able to keep all of your files under lock and key are long gone. Everything is created and kept digitally now and, as our communications and records creation get modernized so, too, must a business’s security efforts. It isn’t enough to simply have your own internal server anymore, now that everything is online all the time.

Best Practices for Efficiently Preventing and Managing Incidents

May 26, 2016 No Comments

There are few things worse for an IT Operations executive than a mission-critical application outage. The operations team must address it immediately, and as the clock ticks, the bottom line shrinks. The pressure is on to reduce the mean time to repair (MTTR), but when the application is up again, it’s time to consider how this fire drill could have been avoided.

Forrester Report: Best Practices For Public Cloud Security

May 25, 2016 No Comments

Security is, justifiably, a top concern about public cloud environments. Application developers are migrating to the cloud for the agility and speed that the cloud can provide.

KnowBe4 CyberAlert: Double-Barrel Ransomware and DDos Attack in-one

May 24, 2016 No Comments

KnowBe4, issued an alert today on a malicious new trend in ransomware. Instead of “just” encrypting data files on a workstation (plus any network drive it can find) and locking the machine, a new variant of the Cerber ransomware is now adding a DDoS bot that can quietly blast spoofed network traffic at various IPs. This is the first time DDoS malware has been bundled within a ransomware infection. It means that while the victim is unable to access their endpoint, that same endpoint is being used to deny service to another victim. Two attacks for the price of one (and two ways cybercriminals can make money off victims).

How IT is Fighting the Good Fight for Security Preparedness

May 18, 2016 No Comments

Security breaches made big news in 2015. It seemed that every week brought with it a new high-profile data breach from a trusted major company—from retail giants to health insurers, and even government agencies. For many organizations, this was a wakeup call to ensure their security procedures fully protect their networks, critical infrastructure and sensitive data. But are organizations really more prepared today?

How To Do Enterprise Security like Bond…James Bond

May 17, 2016 No Comments

In the era of crippling state-sponsored hacks, cybercrime rings and data breaches, businesses are looking at all forms of preventative measures to keep attackers at bay. Even a modern-day James Bond would find it challenging to keep his data, and identity, a secret in the Information Age. And unlike in the famous films, the real-life ‘villains’ capable of stealing trade secrets, personal information and other forms of sensitive data are oftentimes anonymous and numerous. Reports estimated more than 317 million new pieces of malware were created within 2015 alone. Imagine what they can do today!

Maintaining Compliance for the Cloud Generation

May 12, 2016 No Comments

Learn the critical steps to prevent data leakage.

Innovation for the Cloud Generation

May 12, 2016 No Comments

This guide helps you identify and address the unexpected risks of the “cloud generation.”

The Ins and Outs of TLS Encryption

May 11, 2016 No Comments

Transport Layer Security (TLS) is a protocol that offers a high level of security to help authenticate and encrypt information between a client and server for both inbound and outbound email (and website) traffic. Encryption protocols such as TLS help create secure connections for communications that must transfer across unsecured networks. Although there are others, SSL and TLS are two of the most popular security protocols of their kind.

Webcast: The Phantom Identity Menace

May 10, 2016 No Comments

Attackers are moving away from direct assault, and instead are hijacking and exploiting user credentials to thwart security tools, and gain easy access to business data. How can you strike back and stop breaches that attack your users far, far away?

Webcast: They have all our passwords. It’s time for MFA everywhere.

May 10, 2016 No Comments

Let’s face it. With so many credentials having been compromised and made available to attackers, password-based security is no longer effective. We know that eliminating passwords is the right thing to do, but that takes time, and the bad guys are already inside our networks.

Strengthening App Security with Multi-factor Authentication

May 10, 2016 No Comments

Passwords are the weakest link in your security. Learn how to strengthen security with adaptive multi-factor authentication across enterprise identities and resources — without frustrating users.

Who Moved My Secure Perimeter

May 10, 2016 No Comments

In today’s mixed on-premises and cloud IT environment, securing one network perimeter is not enough. Read this white paper to learn more.

IT Briefcase Exclusive Interview: Steps for Successful VDI Implementation

May 6, 2016 No Comments

with Jeremy Moskowitz, Founder and CEO, PolicyPak SoftwareIn this interview, Jeremy Moskowitz, founder and CEO of PolicyPak, speaks with IT Briefcase on the challenges and opportunities of using a virtual desktop infrastructure (VDI.)Read More >>>

The Digital Workforce – INFOGRAPHIC

May 5, 2016 No Comments

Security starts with people…and every person is unique and complex. And people are constantly moving! How do you keep track of the new agile workforce?

Cloud Security Report

May 3, 2016 No Comments

In this report, you will gain a greater understanding of how industry and online presence drive your threat profile, how the Cyber Kill Chain construct drives understanding, and get recommendations on how to improve your security posture.

7 Best Practices of Cloud Security

May 3, 2016 No Comments

In this quick reference, seven best practices are offered for your consideration.

2016 Cyberthreat Defense Report

May 2, 2016 No Comments

The Cyberthreat Defense Report examines the current and planned deployment of counter measures against the backdrop of numerous perceptions.

Scale-Out NAS: Best Practices to Implement Tomorrow’s Storage Today

April 29, 2016 No Comments

by Stefan Bernbo, CompuverdeAs the data deluge continues on unabated, vertically scaling legacy approaches to storage are falling short. Organizations need to find a way to store high volumes of data without busting the budget, all while maintaining high levels of performance… Read More >>>

Gartner MQ on Disaster Recovery as a Service

April 29, 2016 No Comments

Among providers of disaster recovery as a service there is wide variance in experience and service quality, together with other key differentiating factors. Data center managers should use this Magic Quadrant to help them evaluate providers of DRaaS services.

IT Briefcase Exclusive Interview: The rise of cloud application control technology

April 26, 2016 No Comments

with Ed Macnair, CEO, CensorNetIn this interview, Ed Macnair, CEO of CensorNet, speaks with IT Briefcase on how security technologies needs to evolve to meet the challenge and opportunities of cloud computing.Read More >>>

Next-Gen Security Operations Center in Action: Eyewitness Account of a Bank’s Incident Response

April 25, 2016 No Comments

This blog contains an eyewitness account we received from one of our U.S. bank customers following a security incident. Names and details have been withheld for confidentiality purposes.

Data Classification: Security From the Inside Out

April 25, 2016 No Comments

Protecting data has become a priority for many organizations, but it’s becoming increasingly difficult for IT and data security departments to keep sensitive information from moving outside the network perimeter. This is due primarily to the proliferation of data-sharing tools, such as email, social media, mobile device access and cloud storage media. The reality is that the data security perimeter is forever changed as data is accessed and stored in multiple locations. With workers uploading data to a wide array of unsecured data sharing services, the people you have working inside your organization pose one of the biggest data security threats.

How to Thwart Software Piracy

April 22, 2016 No Comments

Software piracy continues to be a growing threat to software producers’ revenue and reputation as many have unknowingly left their products exposed, including market leaders like Microsoft®. How can you thwart digital theft? One of the most effective approaches is by leveraging the power of cloud licensing servers.

Executive Insight: 3 Ways to Strengthen Payment Security in a Dog-Eat-Dog World

April 18, 2016 No Comments

In a recent and highly publicized quarrel, Apple fought against the U.S. government’s request to create a workaround that would allow the FBI to break into an iPhone, essentially hacking into their own device. Without taking a deep dive into the implications of the situation, the FBI’s ability to work with a third party to crack that iPhone’s encryption gave many of us in the tech industry pause. At the same time, it proved a point that all of us who live, eat, and breathe security already know: no single security solution is infallible.

Security Hardening of Windows by Reducing Privileged Access

April 15, 2016 No Comments

As I tour the world helping Active Directory administrators, auditors and security professionals secure their Windows environment, I often get questions about privileged access. The questions usually are about how privileges are granted and how an organization can know if its privileges are correct. These are great questions considering the onset of so many attacks on Windows in the past five to seven years. It is important to see that privileged access is usually at the core of these attacks.

IT Briefcase Exclusive Interview: 10 IT Security Questions Every CISO Should Be Ready to Answer

April 4, 2016 No Comments

Company boards now recognize the growing cyberthreat and the havoc data breaches can wreak. CISOs need to be ready to answer some fundamental questions as their role earns a bigger seat at the boardroom table.

Payment Security Best Practices

March 31, 2016 No Comments

Accepting a variety of payment forms — including credit and debit cards, and mobile and Web-based payments — is beneficial to all business owners. Not only does payment flexibility give customers the right to choose how to pay, based on the size and nature of their purchase, it can level the playing field between small business owners and well-established competitors.

ADVERTISEMENT

Women in Technology Summit San Jose

TDWI Orlando 2015

Gartner Identity & Access Management Summit

Gartner Data Center Las Vegas

ITBriefcase Comparison Report

Cyber Security Exchange