Bitdefender updated its  GravityZone cloud console with new features that you may not be taking full advantage of.  Here at Blue Solutions we are happy to guide you through these changes and how they will affect you and your customers.

Ransomware Vaccine

The big news is that Bitdefender has now incorporated Anti-Ransomware vaccine for all its cloud customers, that immunises end-users against both existing and emerging ransomware attacks – at no additional cost!  This module is activated through the policy section  Antimalware --> On Access settings

Bitdefender Policy
(Click to enlarge)

By activating this module, machines will be protected from all currently known forms of Ransomware. The Vaccine works independently, does not need any other modules to be installed, and is switched on simply by ticking the box in the customer’s policy.

Other New Features in GravityZone

  • Update Rings - this feature allows Administrators of the program to  choose when in the validation cycle an update is received.
  • Anti-Exploit Techniques - a new set of powerful techniques which further enhances existing technologies to fight targeted attacks.  These are integrated into the existing Advanced Threat Control module.
  • Web Access Control Rules - The categories list has been updated with multiple new categories added.
  • Exchange Protection - This can now be enabled/disabled when editing a customer with a monthly license subscription.

For more details on the above features and a look at the other features included please click here

Bitdefender Authorized Distributor

AppRiver Nautical PlatformAppRiver’s Nautical platform makes all aspects of security service provision manageable from a “single pane of glass”. We look at the benefits.

For security service providers, or resellers wanting to break into the MSP space, there is a double challenge at hand: selecting solutions whose performance will delight their customers, yet that are easy enough to “drive” on a day-to-day basis to prevent margins being eaten away by costly management overheads.

This is why the appearance of AppRiver’s Nautical platform has set our antennae a-twitching. It promises a unified management console that enables service providers to deliver and manage a raft of cloud-based security solutions from one place, without the profit-sapping expense.

Here are just a few ways in which that could benefit service providers and their business.

The business benefits of Nautical, (1): Devolved management

Managing everything from under a “single pane of glass” is a seductive sell, but (I hear you say) doesn’t that just make for a crammed and complex window onto your world, which in turn drives management and admin costs up?

But Nautical turns this on its head, by enabling role-based interaction, so that different users each have different views of what is under the pane and can exercise different levels of control over it – and this includes the end-users themselves.

In this way, management workflows are made more targeted and efficient, but also flexibly devolved to customers where possible - taking even more of the admin burden off the service provider’s desk.

AppRiver Nautical Management
A single pane of glass, multiple kinds of access and interaction - cost reduction through targeted workflows and customer self-service (Click to enlarge)

The business benefits of Nautical, (2): Easy upscaling

Theoretically, cloud-delivered services can easily scale up to meet the needs of increasing numbers of end-users, thus supporting service providers’ revenue growth.

But critical to this process is the ease with which those new users can actually be brought on board. All the cloud service capacity in the world is no money-spinner if it is difficult, time-consuming and costly to connect users to it.

One of the killer new features in Nautical is a configurable user account management function that enables new users to be brought on board, and the overall user count to be increased, very easily.

Previously, this would have entailed multiple workflows in multiple environments; using Nautical, however, it is now a far simpler (and therefore cheaper) process.

AppRiver easy upscaling
More users, more usage, more revenue – and bringing them on board’s a cinch (Click to enlarge)

The business benefits of Nautical, (3): App-style agility and healthchecks

To go back to a previous point, bringing on additional users also inevitably drives demand for more products and services. Any service provider that delivers on the first point but not the second is painting themselves into a corner.

Nautical, however, makes it possible for both service providers and their customers to add and integrate new products and services with the kind of pick-and-mix agility you’d expect from something like an app store.

But (I again hear you ask) doesn’t that, in itself, create another management challenge – namely, monitoring all those disparate products and services without excessive (and expensive) manual intervention?

Here, too, Nautical comes up with the goods, thanks to its cross-product diagnostics that deliver a single, regular, unified application healthcheck to service providers’ customers and all the solutions they’re using.

Apps on demand
Apps on demand – and a unified monitoring and management system to keep them profitable (Click to enlarge)

What else should you know about Nautical?

Nautical has been described as “an entire channel programme in one portal”, but what’s really striking is that this deep integration across all aspects of security service provision comes at no charge.

Nautical simply becomes automatically available when a service provider chooses to deliver AppRiver’s security solutions – including anti-spam / anti-virus, web protection, email encryption, Exchange and mailbox protection – and this of course covers existing AppRiver service providers, too.

All in all, Nautical takes the hard work out of delivering MSP services that can really boost service providers’ bottom line, by making all business activities manageable from one place.

Now that really is something you should know.

Business Continuity2017 will see greater demand for security products than ever before. Backup and recovery are predicted to be big business for security channel partners!

Security predictions for 2017 are coming thick and fast – and there’s little for businesses to be cheery about.

“A major bank will fall as a result of cyber-attack,” the BBC relates in this article, whilst, at the other end of the scale, a solicitor has found itself embroiled in an email fraud scam that has, to date, left a homeowner £67,000 out of pocket.

But it’s perhaps ransomware, explored in a previous post, that will see the most noticeable growth in 2017, and it’s a major factor driving businesses’ and security partners’ interest in business continuity solutions like backup and recovery.

After all, if a business can reinstate critical backed-up data at will, ransomware loses much of its bite, and therefore its attractiveness to those who perpetrate it!

So what does an effective business continuity solution look like?

Business continuity solutions – what to look for

True business continuity is about more than just security applications – there’s a whole host of cultural and organisational requirements too, as this basic guide from CSO Online explains.

But from the solutions point of view, business continuity is basically about two things: reliable and bomb-proof (perhaps literally!) data backup, and rapid data recovery.

Two metrics are critical, here: Recovery Point Objective (RPO) and Recovery Time Objective (RTO).

The former dictates how much data a business could afford to lose before it caused any real and lasting damage – and therefore reflects considerations like how often backups need to be performed, what volumes and formats of data need to be involved, and how robust the backup environment is.

The latter dictates how rapidly that backed-up data can not only be accessed (hint: off-site tapes just don’t cut it any more!) but actually redeployed in a form that the business’s hungry systems can once again get to work on – not just files and folders, but settings, too - to get the business back on its feet post-incident.

Between them, these two metrics hinge on a host of solution capabilities that can be problematic.

For example, one oft-cited issue is that when backup and recovery data is being streamed back into a stricken business, the data can’t be accessed or used until the recovery process is complete – and that can take many precious hours, days, or even longer. Unhelpful.

Reliance on recovery via hardware is also a sticking point, since it may be impaired by the very hack that caused the data incident in the first place (ransomware is a very good example of this!)

What’s the appetite for business continuity solutions in 2017?

Nonetheless, business continuity has been a problem crying out for a solution for a long time before 2017; ransomware has simply put an especially shrill edge on it!

Scary statistics abound; did you know, for example, that according to a study by Onyx Group, 71% of UK SMEs only ever manage to back up part of their data?

Or that 75% of SMBs have no disaster recovery plans in place at all?

But even more terrifying, when considered in the light of the ransomware issue, is that, according to one estimate, 58% of small businesses could not withstand any amount of data loss whatsoever!

Think about that for a moment. It means the hackers’ job is made much, much easier. Even holding the slightest amount of a business’s data to ransom could easily provoke a payout. Minimum effort, maximum return – which means more hackers getting involved in this kind of activity in the future, of course!

Not for nothing is the Business Continuity Institute’s agenda focused “overwhelmingly” on cyber-resilience in 2017.

(And in case you’re wondering, the disaster recovery-as-a-service market, in which backup will play a key role, is estimated to be worth $11.11 billion - £8.83 billion - by 2021. Ripe for the picking!)

Where can I check out the latest business continuity solutions?

Clearly, what we’ve said above also means that the competitive landscape for security partners in this space is going to become challenging.

But for an insight into how one backup and recovery solution is evolving to deliver both strengthened protection to end-users and a more compelling proposition to the security partners who sell to them, take a look at this data backup and recovery features update.

And keep watching this series of blogs – we’ll be looking at a whole range of security solutions for 2017, covering email, web, cloud, data centre, and Office 365.

RansomwareThe word “ransomware” terrifies individuals and organisations alike. We look at how this threat works - and how to fight it!

The ransomware mood music isn’t good this year. As security publications and commentators tell us, ransomware is expected to dominate the malware arena in 2017.

More than ever, then, security partners need to offer sound, confident advice to end-users on both the nature of ransomware, and how to defend against it.

So look no further!

Ransomware: how it works

Ultimately, the aim of ransomware is to paralyse companies’ operations, usually by encrypting data, then demanding money to decrypt it and render it usable again.

For security partners and their customers, one of the challenges with ransomware is that it can enter the network through many different routes – malicious links or infected file attachments in emails, drive-by attacks triggered by a visit to an infected website or ad, botnets, USB drives, Yahoo Messenger images… the penetration potential is extremely high.

But to rub salt into it, ransomware also dodges many of the traditional anti-virus defences.

It disguises filenames and attributes and hides behind legitimate file extensions. And it often uses secure communications protocols like https and Tor, and encrypts its communications as it goes, obscuring the tell-tale server calls that would ordinarily betray its presence.

What this means is that most anti-virus protection is none the wiser to the threat – and so the latter finds its target, which is usually the most critical data the business holds. (Indeed, the notorious Cryptolocker ransomware, as this blog, from Bitdefender, explains, hunted out 70 different specific file extensions, precisely for this reason).

Ransomware: how to stop it

A threat that can infect via so many different channels, and hide its tracks whilst it’s doing it, clearly can’t be stopped by a single “silver bullet.”

It can only be stopped by layered protection that detects and blocks at all the levels at which ransomware can penetrate and spread.

Research carried out by Trend Micro has found that 99% of over 99 million ransomware attacks were found in malicious email or web links, so robust defence at the email and web gateway level, as well as at the endpoint and network levels, are a must.

Protecting email and web traffic from ransomware

Analysis is the key here; in the absence of the normal malware “cues” that signal a threat, security solutions have to look harder, deeper and wider for signs of the miscreants.

This means not just analysing links in the body of an email, for example, but also the links in the attachments that that email contains – as well as the attachments themselves.

It means scanning for zero-day and browser exploits, and other favoured ransomware entry points that are buried in applications (such as within Office 365 – 2 million threats discovered to date, according to Trend Micro!), rather than just in links or attachments.

And it means both being able to instantly compare links with a global database of known malicious URLs, and automatically rewrite links (as we discussed in this post) to divert them into a sandbox and analysis environment.

There, they can be triggered and inspected at no risk - even if they are not “known suspects.”

Protecting endpoints from ransomware

But what if the threat enters the network from an endpoint, like a PC – triggered, perhaps, by an infected document on a USB stick?

Actually, it’s at this level that some of the most useful indicators of ransomware behaviours – rapid encryption of multiple files, for example, or exploit kits that look for unpatched software vulnerabilities, as a prelude to sending ransomware through them – can be detected.

A security solution that can isolate the endpoint can stop the ransomware from spreading further via the network. And on that point…

Protecting networks from ransomware

The network itself must of course be protected.

But network traffic flows across myriad nodes, ports and protocols, so security must be capable of identifying ransomware and attacker behaviour in and across each of these sub-layers.

Here, too the sandbox analysis that we mentioned above is a powerful resource, mirroring the actual network environment so that the presence of typical ransomware behaviours can be accurately tracked and their effect (and therefore likely objective) revealed.

And blocked!

Ransomware immunisation: using the threat against itself

But one of the slickest anti-ransomware developments we’ve seen recently is a “vaccine”, which literally uses the ransomware’s own programming against it.

Ransomware typically prevents a machine it has already infected from playing host to any other infection that could interfere with the ransomware’s own endgame.

But this same feature, deployed on uninfected machines, effectively blocks the ransomware itself, as we have previously described in this post. So, does this mean ransomware is finally hoist by its own petard?

I wouldn’t bet on it. But by sharing knowledge about how ransomware works, how we can defeat it, and where businesses and security partners can go for more advice, we make every hostage that bit more difficult to take.

And that’s a ransomware result.

Bitdefender’s GravityZone solutions are chock-full of benefits that make them easy, slick, and profitable for security partners to use. Read more.

GravityZone killer benefits, (1): Overarching ease of use

The first thing to note is that GravityZone’s whole management workflow, across all customers and products, is driven from a single console with a single login.

Everything – policies, licensing, reporting - is controlled from one space, not two or three different dashboards, as is the case with some vendors.

An exceptionally fluent interface all but dispenses with annoyances like multiple popups that can confuse users and provoke error, whilst a neat hierarchical tree structure enables users to see all their customers in one view (grouped by site or office where necessary), and to simply click to drill down into the detail of their licensing, usage, reporting, etc.

No more firing up multiple tabs and screens, and managing multiple logins!

Overarching ease of use
One view onto everything, and everything under control! (Click to enlarge)

Extensive and instant reporting

But Bitdefender has dragged the process of actually generating and delivering the reports into the 21st century, too.

Not only can security partners (MSPs and resellers alike) pull down accurate usage and other reports on demand, independently of the wholly automatic invoicing process, but the sheer array of possible reports and delivery mechanisms is impressive.

From Amazon AWS usage, to device control, to licence status, to Top 10 malware statistics, and much more, the reports can be fired up ad hoc or scheduled automatically, run on the dashboard, sent as alerts or emails, and basically tailored to whatever form the partner finds easiest and most useful to deal with.

Extensive and instant reporting
I’ll have that anti-malware activity report right now, please! (Click to enlarge)

AWS integration

Looking cloudward, GravityZone’s integration with AWS also delivers enviable simplicity; the MSP can spin up an AWS virtual server and that server will immediately be protected by GravityZone.

It’s a strong reminder of the fact that GravityZone is built from the ground up for virtual environments, in contrast to many other vendors’ solutions, which feature virtual refinements built around an essentially physical-heritage core (as we explore in this recent white paper).

GravityZone killer benefits, (2): Customer-friendly flexibility

For customers that don’t want to be out of the security loop entirely, end-users can have their own logins, giving them role-based access to services and features within the GravityZone security products their business uses.

This is particularly useful for customers who have invested in some degree of security expertise in-house and want to realise the value locked up in that investment.

But of course it can also reduce the management workload for the partner, putting a keener edge on their margins!

Customer-friendly flexibility
Differentiated access for different user roles and needs (Click to enlarge)

GravityZone killer benefits, (3): Integrations - and automations - that matter

Every security partner wants to sell market-leading solutions, but not if managing them on a day-to-day basis will send their operational expenditure through the roof.

GravityZone has addressed this concern head-on, by developing an integration to ConnectWise Manage (the PSA solution used by some 70% of the top technology solutions and service providers).

The integration with ConnectWise Manage supports the delivery of automated, end-to-end helpdesk, contract management, time tracking, account management, sales and marketing enablement and potentially much more, reducing the MSP’s workload, whilst delivering improved customer satisfaction levels.

Automatic policy assignation also slices a significant chunk out of the MSP workflow, as it enables them to effortlessly trigger and roll out security policies based on existing variables like IP address, network type, server address type, and so on.

Integrations
Integration with ConnectWise Manage, plus automatic policy assignation, make GravityZone a natural choice for workflow-savvy security partners (Click to enlarge)

GravityZone killer benefits, (4): Anti-malware with common sense

An office full of software developers needs more freedom to build, run, and test code and applications than a team of salespeople.

So, GravityZone enables the techies’ anti-malware parameters to be set less sensitively, whilst the business development crew can benefit from somewhat more stringent protection!

Naturally, though, this kind of adjustment just won’t work if it is complex or risky to use, and on both fronts GravityZone scores highly.

Sensitivity is controlled by simple tick-boxes, but users are also protected by GravityZone’s N-Tier structure, which means certain security settings and policies are automatically “inherited” based on past and present operation. Plus, security is also enforced by the distributor (us!).

Basically, it’s possible to fine-tune security, but it’s never possible to leave users unprotected.

GravityZone’s granular take on anti-malware
GravityZone’s granular take on anti-malware is simple to set up but its settings can never leave users unprotected (Click to enlarge)

GravityZone killer benefits, (5): Playing ransomware at its own game!

Ransomware’s ability to terrorise businesses has an Achilles’ heel.

It prevents a machine it has already infected playing host to any other infection that could interfere with its planned endgame – and this same defence, used on uninfected machines, effectively blocks the ransomware itself!

Enter the GravityZone Anti-Ransomware Vaccine, which uses exactly this technique to enable partners to “immunise” users against ransomware attacks, simply by enabling it as a policy within existing anti-malware protection.

GravityZone Anti-Ransomware Vaccine
Simply enable Anti-Ransomware as part of GravityZone’s anti-malware protection, and users are “immunised”!

GravityZone: where to learn more

As ever, there isn’t the space here to explore the benefits of GravityZone’s innovative features in ultimate detail.

But there’s some more detail on recent feature updates in this post, and more on the various GravityZone products, and their benefits for both MSPs and resellers, on the Web here.

Hope we’ve helped to put you “in the know”!

DataFortress Instant Data“Instant Data”, full system backup with one click, local storage options – read how DataFortress’s new features give you a competitive edge!

We pride ourselves on backing the newer, more agile players in the industry, and when we launched our DataFortress MSP solution (you might have seen the data sheet and the infographic) we knew we’d come upon a cloud solution that would give service providers some enviable differentiators in the backup and security space.

But DataFortress is now an even more tempting proposition for service providers, thanks to a raft of new features that really mark it out from the competition.

Here’s a quick overview of its latest and greatest differentiators.

Killer new DataFortress features (1): Instant Data

Recovery Time Objective (RTO) is a critical measure of backup resilience, but whilst customers are waiting for the backup and recovery data to build, they can’t access it. Inevitably, then, RTO starts from an already delayed position.

But DataFortress’s new Instant Data enables the customer to spin up a virtual SQL backup server that can both stream the backup and recovery data, and enable the customer to access and use it, as it builds – without having to wait for it to download.

Result: recovery starts more quickly, delivering much-improved RTO.

InstantData
Instant Data – customers get to their critical backup data without having to wait for it all to download.

Killer new DataFortress features (2): Full System Backup

Imagine that customers could simply click a button and all their data (files, folders, and images) could be backed up from all target machines (endpoints, servers, and everything in between). That’s DataFortress’s new Full System Backup feature.

The data is saved to a file that can then be run on a virtual machine, so that the business can always rapidly recover the very latest version of its backup data – with no reliance on hardware that might itself have fallen victim to whatever caused the need for recovery in the first place!

sliding button
This sliding button (top left) backs up everything, immediately. End of.

Killer new DataFortress features (3): Local Backup

The cloud might invite misty-eyed wonder, but the reality is it’s not bullet-proof. ISPs can experience interruption and bandwidth can be flakey. A hybrid approach would seem to be the path of least risk for many backup users -  and this is exactly what DataFortress’s Local Backup now offers.

As the name implies, it enables backup onto local storage media, so that there is always an accessible in-house fallback for customers when internet access has temporarily disappeared into the ether.

For companies who have an established physical backup routine, of course, (for example, storing tapes in secure offsite locations), Local Backup can also slot neatly into existing arrangements.

Local backup
Local backup adds “belt and braces” contingency to cloud services

Killer new DataFortress features (4): Legacy account conversion

Industry analyst Forrester has reported that 60% of businesses have said improving disaster recovery capabilities is a high or critical priority.

For many established companies, particularly those with strict compliance requirements, this means there is likely to be a whole mass of legacy backup accounts that need to be brought into the fold when a new solution is deployed.

Here, too, DataFortress has seized the initiative, making it possible for legacy data to be converted into modern formats and standards, and (to support this process) enabling old SE (Server Edition) accounts to be upgraded to new and improved ESE (Enterprise Server Edition) accounts and agents.

No longer is the past something that prevents backup and recovery service providers from making a sale in the present!

Legacy account conversion
Yesterday’s backup accounts brought bang up to date..

DataFortress: more killer features to come?

It seems certain that developments like GDPR are set to drive a new focus on data, how it’s managed, and how its value is protected, and DataFortress’s solutions certainly serve these objectives.

And, as we’ve mentioned in a previous post, this GDPR-fuelled market is potentially worth several billion to vendors and the various partners (resellers, MSPs, distributors) who work with them.

In the light of this – and given DataFortress’s past history of innovation – we can’t see it falling behind on features any time soon.

Watch this space...

Trend Micro HESTrend Micro HES has long been an attractive cloud solution for users who want email security without on-site hassle. Read how it just got better!

We see a lot of email security solutions, but it’s fair to say that Trend Micro’s Hosted Email Security (HES) has recently upped its game to deliver a user experience that’s slicker, protection that’s broader and more agile, and service management that’s easier (and therefore ultimately more profitable!)

Here’s how Trend has taken HES to the next level.

New in Trend Micro HES, (1): Smoother interface, better data insights

Trend has now extended the successful interface designs found elsewhere in its stable of solutions to HES too, meaning that if you can “drive” other Trend solutions (like Worry-Free or OfficeScan), you can now just as easily drive HES.

For both end-users and service providers, this potentially means smoother workflows, easier internal adoption, lower training and implementation costs, and, overall, sharper ROI.

Trend Micro HES Dashboard
Trend has brought HES into line with its standard interface design and given its threat analysis tools a shot in the arm.

An improved dashboard in the solution now also makes it easier for end-users and service providers to glean more information about the threats they face, thanks to advanced analysis details and top advanced threat charts.

New in Trend Micro HES, (2): Sandboxing now comes for free!

Sandboxing – the ability, in the context of the SMTP protocol, to take mail offline and rigorously test it for threats before it reaches the recipient – is a potent tool in the security partner’s armoury.

But, typically, it’s also very costly – and it’s here that Trend has broken the mould. HES now includes free-of-charge access to new sandboxing solutions including Advanced Threat Scan Engine and Social Engineering Attack Protection.

Tick a box, get sandboxing for free – Trend’s Christmas present to service providers seeking to add value to their customers’ accounts!

Advanced Threat Scan Engine uses combined pattern-based and heuristic scanning to not only combat known email threats, but identify characteristics and behaviours that can suggest new ones (making it particularly effective against stealth threats like ransomware and zero-day exploits).

Social Engineering Attack Protection (now built into the AntiSpam Engine) is part of Trend’s recently much-vaunted machine learning stable, which includes the XGEN solutions.

It detects suspicious behaviour in multiple parts of each email transmission, including the email header, subject line, email body, attachments, and the SMTP protocol information.

Suspect messages are returned to Hosted Email Security for further action or policy enforcement, ensuring the attack does not reach its target.

These services are easy to activate too, by simply ticking a policy check box – convenient for end-users and service providers alike.

New in Trend Micro HES, (3): Protection against spoofing

Spoofed email identities are the gateway to unwitting activation of all manner of threats, from phishing, to whaling, to dangerous attachment payloads, and more.

HES now supports DKIM (Domain Keys Identified Mail) signatures in both incoming and outgoing messages. These authenticate the domain name associated with a message to detect any mismatches, which in turn protects users against receiving messages that have been tampered with – for instance, to spoof the sender name.

Protection against spoofing
Spoof email? That’s so passé!

New in Trend Micro HES, (4): Marketing-friendly segregated email

Trend has consistently led the field in anti-spam protection, but the reality is that what is often defined as marketing spam can in fact be a source of new opportunities or competitor intelligence for some departments in your customers’ businesses.

For this reason, HES now offers email segregation, which enables certain types of user or policy group within the end-user’s organisation to choose to receive marketing and promotional email (whilst still subjecting it, of course, to all the other new and existing HES security features).

Marketing-friendly segregated email
Yes, please market to me! Or just don’t, OK?

New in Trend Micro HES, (5): Time-of-Click Web Protection

Boosting Trend’s already significant arsenal of web reputation and security solutions, Time-of-Click protection automatically rewrites URLs contained in received emails.

This means that the default action when a user clicks on these links is not to take them straight to the site concerned, but to submit that underlying site to Trend for real-time prior security and reputation analysis.

Lucky Trend automatically rewrote this URL and checked it before the recipient got taken to the site…

The delay for the user in accessing a legitimate site is fractional, but the protection against accessing non-legitimate sites is comprehensive, since no access is granted until HES has confirmed that the site is not a source of threats or reputational damage.

More on what’s new in Trend Micro HES

There’s not the space here to cover off all the detail, but suffice it to say that Trend’s latest version of HES delivers additional benefits that could enable service providers to really differentiate their offering in both existing and new accounts.

Here’s a full list – and you know where to come if you want to discuss it!

General data protection regulationGDPR is coming! Here’s what the security channel needs to focus on to create opportunity out of regulatory upheaval.

On 25th May 2018, the EU General Data Protection Regulations (GDPR) become law.

But despite the burden of compliance that this places on the channel, isn’t it also a major opportunity for channel partners to sell more of the solutions that help end-users to address GDPR-related issues?

Here’s what we found when we dug into GDPR, and the opportunities it potentially presents, a little further…

GDPR opportunities – 1: Greater technology freedom?

A noteworthy feature of GDPR is that it does not prescribe specific data protection technologies – like a certain encryption algorithm, for example – and, therefore, does not automatically exclude others.

Instead, it prescribes processes, meaning that partners potentially have greater freedom than before to choose from a palette of vendor solutions that can satisfy those process requirements.

It’s a growth outlook reinforced by the IT industry’s most high-profile membership and training organisation, CompTIA. They have publicly stated to IT channel partners that GDPR means “Clients will be relying on their providers to help them meet regulations, which is a great opportunity to build on your relationships, all while creating new business with current and potential end users.”

So, given that GDPR is seemingly less proscriptive on the technology front than we might have previously assumed, what are the GDPR hot topics to which security partners’ offerings need to provide a compelling (and compliant) response, if they are to make the most of the opportunities at hand?

 GDPR opportunities – 2: Data protection controls

GDPR has serious teeth, but given our background in security software distribution, and from the point of view of security partners’ offerings, we believe it bites hardest around three key internal and three key external threat scenarios, which we’ve paraphrased from this recent research:

(including employee mistakes and malicious insiders)

  • Making lost data valueless if found – in other words, encryption methods that keep data safe if a device with personally or professionally identifiable information on it is lost or stolen.
  • Remote kill and wipe, to easily remove data from lost or stolen devices, or render them unusable, no matter where they are in relation to the user.
  • Data loss prevention (DLP), to control the types and sensitivities of data that users move around or out of the organisation.

(third-parties exploiting the organisation)

  • Locking-down, to control what kind of applications can and can’t run on an endpoint
  • Virtual patching, to stop remote exploitation of unpatched vulnerabilities
  • Breach detection, to flag where a network has been compromised, and thus enable users to block attempted data theft.

Should security partners be quaking at the sound of these snapping jaws? Not a bit of it.

Security solutions are already available that enable partners to deliver many of these GDPR-focused benefits to end-users, from vendors including Trend Micro (in both SMB and Enterprise formats) and others.

Plus, a recent survey of European businesses cited in this Information Age article found that 69% of those polled are not only likely to invest in security technology as a result of GDPR, but to do so in areas including file-sharing. (This hints at a growth in the cloud app-centric security requirement space, into which, as we discussed in an earlier post, at least one vendor already plays strongly.)

GDPR opportunities – 3: The size of the market

But it’s filthy lucre, predictably, that hints most effectively at the pot of GDPR gold at the end of the partner rainbow. And make no mistake, we are talking big money here.

, for example, has predicted that GDPR will create a $3.5 billion market opportunity for security and storage vendors – in which their partners, of course, will share – as the severity of fines drives enterprises to “radically shake up their data protection practices, seeking…new technologies to assist with compliance.”

An additional push factor in the groundswell of GDPR opportunities for security partners also came with the recent comment by the European Commission's Justice Directorate, according to the International Association of Privacy Professionals (IAPP), that companies judged to have invested responsibly in security can, under certain conditions, see any fines for non-compliance reduced.

Security partners, it seems, are likely to become many businesses’ new best friends!

GDPR: What next for security partners?

This piece in ChannelPro perhaps best expresses what partners need to do, as GDPR relentlessly approaches, to turn a disruptive regulation into a profitable business opportunity:

“1. Read up on the changes and ensure they become the trusted expert on the new regulations

  1. Educate their customers about the impact of the EU GDPR
  1. Ensure they’ve got the solutions available to help customers with compliance”

From where we’re standing, point 3 looks to be the least of partners’ worries…

mcafee-end-of-life-3Who can security partners and end-users turn to once McAfee products are end-of-lifed? We look at some compelling options.

In one of our recent posts, we highlighted some of the likely disruption caused by Intel’s ongoing end-of-life (EOL) programme for many of its McAfee-branded products.

But EOL must not spell end-of-business, and although we certainly haven’t discovered the secret of eternal life, our research found there are more than enough security vendors and solutions “out there” to fill McAfee’s shoes!

Here’s our shortlist.

Goodbye (and hello) Endpoint Encryption

“People are still the biggest security risks”, proclaims this article in CIO.com.

Yet in June 2017, McAfee is EOL-ing its Endpoint Encryption solution - arguably one of the most effective methods of ensuring that endpoints lost by employees, or stolen from them, cannot surrender their valuable data..

(And its migration path seems murky, involving a product name change and an upgrade.)

Enter its Trend Micro namesake, which enables security partners and end-users to remotely encrypt, lock and wipe any endpoint – including desktop, laptop, mobile, and removable media – so that businesses can still enjoy productivity-boosting mobility, without the associated data breach risk.

Trend Micro Endpoint Encryption also features automated methods of deploying and policing encryption and security policies, plus comprehensive audit and compliance records to satisfy the regulators (a big deal in the light of the approaching GDPR law!)

Fighting evil in the email

The demise of McAfee’s Email Gateway is not due to happen until 2021 – but, at the same time, the evolution of email-borne threats is likely to hasten the search for a replacement, rather than give it breathing space.

Indeed, with the Verizon Data Breach Report recently stating that 77% of malware infections are now due to users receiving a malicious email with a web link or attachment, according to this white paper, security partners and end-users alike need to move fast to secure alternatives.

Vendors’ offerings in this area are diverse, but compelling. Malwarebytes, for example, rolls email protection into an overall layered security approach that does not displace or conflict with existing security solutions – a boon for partners (it offers them an easy additional revenue stream) and end-users (it doesn’t disturb their current security arrangements) alike.

Trend Micro, for its part, offers multiple email security solutions for both SMB and Enterprise clients. Hosted Email Security solution has achieved 99% blocking effectiveness in independent tests, and takes the security maintenance headache off customers’ desks, as updates, patches and hot fixes are delivered 24x 7 by Trend’s own teams.

Smart Protection Complete, for its part, protects not only mail servers and gateways but also the cloud-based collaboration applications like Office 365 on which end-user businesses are increasingly reliant.

Finally, another convincing contender is Bitdefender, whose products have been rated the best tested for corporate security and performance by independent test lab AV-TEST. Its email security solutions within the GravityZone product set also boast the top antispam detection rates and can be installed in minutes!

Mobile security: a moving target

Keeping mobile devices  - official or otherwise - secure in populous, often geographically diverse enterprise environments is always a challenge, but when your chosen security solution ups sticks and disappears into the sunset (as McAfee’s Enterprise Mobility Management will do in January 2017) it’s time to seriously start nailing down alternative options.

Again, Trend Micro plays pretty strongly in this space, with a comprehensive mobile security and management offering (within Smart Protection Complete) that combines protection (DLP, VPN, app control, web filtering, gateway anti-virus etc.) with centralised visibility and control.

The latter means that the entire enterprise’s mobility is easily secured and managed from a single “pane of glass”, taking the pressure off partners and end-user security admins at the same time (a feature also be found, in similar form, in Bitdefender’s GravityZone Security for Mobile Devices).

EOL for McAfee? New beginnings for your security.

This is just a snapshot of the many new opportunities that McAfee’s EOL programme unearths for the security partners who resell solutions or deliver them as MSPs, and the end-users whose business integrity depends on them.

It may be EOL for many McAfee solutions, but that’s AOK when you’ve got a plan to move to something better.

(Psssst! Have you got a plan to move to something better?)

End of Road for McAfee Email Security SolutionsAs many McAfee security products slide into end-of-life, we take a look at how it could affect end-users, MSPs and resellers.

Forgive us for being forward, here, but if you didn’t read our last post on the McAfee security products that have entered, or are entering, end-of-life (EOL), you probably need to.

Just to recap, many McAfee EOL products simply don’t have a like-for-like migration path, according to McAfee’s own EOL support pages. In fact, many of them apparently don’t have a migration path at all, and those that do have a distinctly oblique one, involving renamed products and (presumably more expensive) updates.

So if you’re a McAfee end-user, are you worried? If you’re a McAfee MSP or reseller, should you be worried, too?

Worry is never helpful – so here are the plain facts about the McAfee EOL products and how their withdrawal will ultimately affect end-users, MSPs and resellers alike.

Which McAfee products does this EOL problem affect?

Since Intel’s acquisition of McAfee in 2011, there has been a concerted focus on EOL-ing those products that are not core to Intel’s strategy, and so the complete list is a long one.

But three that we think will grab most end-users’ and partners’ attention are:

  • Email Gateway
  • Enterprise Mobility Management
  • Endpoint Encryption

What will this mean for end-users and partners?

Bluntly, whether you’re an end-user or a security partner, EOL means what it says on the tin, or at least in the McAfee end-of-life policy; support for the software product simply stops (“Support contracts cannot extend beyond the end-of-life date”).

Support, of course, includes patches – a critical weapon in the struggle to keep security software updated against new or emerging threats – and so a security product kept in service beyond its EOL date is likely to rapidly become no kind of security product at all.

Map the McAfee products that are going / have gone EOL to the current risk profile of the cyber threat universe and the picture looks even more alarming.

  • McAfee is EOL-ing Email Gateway, yet… malware analysis in this publication shows email-borne malware hit 705 million quarantined messages from just one security vendor in just one month of 2015 alone!
  • McAfee is EOL-ing Enterprise Mobility Management, a solution that enables IT teams and security providers to keep large-scale official and unofficial mobile use in large businesses secure - yet McAfee also admits that the unique mobile malware samples collected in its own laboratories increased 72% from Q3 to Q4 in 2015!
  • McAfee is EOL-ing Endpoint Encryption, yet… the loss or breach of customer data from a mislaid or stolen device that this kind of technology can prevent is about to become a source of huge financial risk to businesses because of the draconian provisions of the forthcoming GDPR legislation!

In short, McAfee are pulling the plug exactly where the bad guys are starting to focus most attention – and that can only end badly for end-users and partners alike.

 But MSPs and resellers can get custom support, right?

Don’t you bet on it. Although custom support, beyond the EOL date, is theoretically available, it’s on McAfee’s say-so – reseller, MSP, end-user or whoever else you are. As they state in their policy, it is “an exception”, not the rule.

Clearly, it also costs. Not only that, it requires an existing current and continuous support contract to be in place, provides only limited content updates, for a limited time period, and with specific terms and conditions.

(Oh, and it never covers hardware of any kind, even if you bought the original solution on a hardware platform).

Does all this infuse the need to migrate to other solutions with a certain sense of urgency?

What happens next?

But knowing you have to migrate is little use if you don’t have any help as to where you might migrate to.

In the last blog in this series, we’ll be exploring some of the other security vendors’ offerings, and discussing whether they’re a good fit for partners and end-users looking to leave McAfee’s EOL products behind.

Keep watching!