Cloud

BD Banner for blogOriginally published by Bitdefender

I came across an interesting article reported by The Register. In a survey, half of companies will still have Windows Server 2003 somewhere in their environment after the support cut-off date of July 14th passes. While purchasing a custom support agreement with Microsoft is an option, it’s one that will quickly get quite expensive ($600 per server per year, doubling each year).

An often complicated, and critical, application, is the endpoint security management suite. Traditional management relied on applications installed on Windows servers, most often leveraging a SQL database running on other servers. This very quickly creates a series of dependencies. Does the security management support a newer Windows version? If so, which databases does it support, and which Windows versions do those supported databases run on? If the management application uses a web server, which versions, and on which operating systems are those supported? How does the migration work, is there downtime, is the data migrated, can it be done in stages, or is it a forklift upgrade.

Much of this complexity can be avoided. Of course, custom-built, in-house applications are still tricky, but off-the-shelf solutions should be very simple, including endpoint security management.

For example, GravityZone can be delivered in two ways that avoid this complexity. The most straightforward is a GravityZone management console hosted by Bitdefender or a partner. In that case, the organization leveraging GravityZone never has to deal with any complexity underlying the management application.

The second option is hosting GravityZone on-premise. In this case, complexity is minimized because GravityZone operates as a self-contained private cloud. The deployment consists of a Linux-based virtual appliance. Multiple instances can be deployed, each playing one or more roles. The roles encompass all required functionality, including the database (often the source of most upgrade woes).

In this way, complexity of GravityZone is not exposed. Bitdefender builds and tests the virtual appliance, while the customer simply updates it. Everything from the web server to database is contained in the virtual appliance.

While adopting an endpoint security management solution that lowers operating system upgrade complexity won’t solve all of your problems, it certainly takes quite a bit of complexity – and therefore risk – off the table for a critical part of your environment. If you’re struggling to move your current solution off of Windows 2003, consider the advantages of a self-contained, flexible, and scalable solution like GravityZone, because it’s only a matter of time before you’ll begin the next round of operating system upgrades!

Want to know more about Bitdefender solutions? Contact our sales team today at 0118 9898 222 and they'll help with your queries or arrange a free trial.

 

Censornet cloud banner

Cloud web security across all devices – be protected anywhere and anytime

We recently signed a new vendor, CensorNet the next generation cloud security company, to offer UK SMB customers enterprise-class web security solutions.

As more organisations move to the cloud, Resellers and MSPs need to offer advanced security solutions that help clients to monitor and control employee activities online. CensorNet deliver on premise and cloud solutions that help companies have visibility and control over internet and application access across all devices, regardless of whether employees are in the office or mobile.

Want to learn more about CensorNet? Join our upcoming webinars on Wednesday 1st July and hear about:

Visit our website to learn more about CensorNet web security solutions.   The webinars will be hosted by Deane Mallinson (Blue Solutions Sales Engineer) and David Tregurtha (CensorNet Sales Engineer).

We look forward to you joining our webinars. Reserve your place today:

register

 


 

Hybrid cloud solution maximises security and performance with minimised cost

We recently signed a new partnership agreement with CensorNet, the next generation cloud security company, to offer UK SMB customers enterprise-class web security solutions. With over 500 customers in the demanding enterprise and education sectors, CensorNet deliver on premise and cloud solutions that offer flexibility, mobility, scale and security to customers.

What are the other benefits for your business?

  • It will help you to expand existing security offerings to cover a mobile workforce and BYOD.
  • The secure web gateway provides real-time visibility and control of web access and cloud application use across all devices.

With this offering, you can win customers with cloud application control, maximising its effectiveness whilst minimising risk.

Want to learn more about CensorNet? If you’re going to Cloud World Forum, some of our team will be at the Cumberland Arms pub (just around the corner from the London Olympia), on 24th June from 12pm -5pm. Join Ben Vadgama and Vip Hammill for a drink and some nibbles, while they answer your questions and tell you how Blue Solutions can make it simple to integrate CensorNet into your existing security portfolio.

Space is limited, so please register today.

Can’t make it to the Cumberland Pub?  Call Ben on 07756 612592  or Vip on  07773 6026247 and they’ll arrange a time with you that’s convenient to discuss CensorNet solutions.

BD Banner for blog

We had a great day at the Blue Solutions office with the Bitdefender team, launching the Endpoint Security solutions. Holding the launch was a good opportunity for our team to discuss  future promotions and meet the team.

Bitdefender  provide anti-malware solutions for virtualization, Amazon Web Services (AWS) and mobile devices. Since 2001, they have provided malware protection to over 500 million endpoints globally. This level of experience means they have provided the best performance and protection, shown in independent trials.

The latest version, Bitdefender GravityZone offers a simplified portfolio for SMBs through to Enterprise.

We'll be bringing you more updates about Bitdefender and in the meantime, here's a picture of the Blue Solutions and Bitdefender IT and sales teams below:

Want a trial of Bitdefender? Call our sales team today on 0118 9898 222.

BD launch picture

 

trend-micro

How to Win the Cloud Security Game by Balancing Risk with Agility

The cloud is changing the way organisations around the world do I.T. Attracted by lower costs, improved efficiency and faster development and deployment times for apps, users everywhere are migrating to this new computing model in droves, with or without the blessing of I.T. Yet security is a top concern due to the loss of control of a physical infrastructure.

The challenge of balancing that greater business agility with security risk while keeping costs down is not an easy job. But it’s one that cloud managers will have to confront to be successful. And just like in a game of football, a winning strategy must be built on solid defence.

Shared responsibility

To articulate the challenges of cloud security, Trend Micro recently commissioned Forrester Consulting to survey I.T. professionals tasked with public cloud security projects. 70 percent said the public cloud was an integral part of the product or service they offered to customers.

It’s no surprise that security was a concern to three-quarters (76 percent) of them. In the public cloud, security is a shared responsibility. The cloud service provider will secure up to the hypervisor (including data centre and infrastructure), while the customer must take care of securing the OS, apps, users and data.

Kicking off

When determining how to best augment the secure infrastructure of their cloud provider, cloud managers should start by considering three aspects:

  1. Time to value – This is all-important to developers. It’s why two of the top three barriers to adopting best practice cloud security were given as “too time intensive” (43 percent) and “would slow down cloud usage” (36 percent). Forrester believes cloud resources must be made available in under 15 minutes, automated and out of sight, or developers may look to circumvent IT controls.
  2. Security risks – Cutting down on security in order to speed time to value will expose organisations to the risk of a data breach, including the financial penalties, damage to brand, legal costs, and consumer trust issues this could bring. Adding protection like data encryption, monitoring and logging, intrusion detection/prevention and patch management and other controls to cloud workloads provides multi-layered protection that reduces security risks.
  3. Cost – Applying maximum levels of security to every workload will drive up cost unnecessarily, impacting one of the main reasons of migrating to the cloud. It could also force developers to bypass security. But if you don’t add enough security, you become an easy target for hackers, leading to expensive data breaches. It’s a delicate balance.

Deep Security for the win!

Forrester believes the answer lies with security solutions offering pre-made templates with different levels of security to match the needs of individual workloads:

Optimal cloud security controls would be:

  • Automated: so when a developer launches a workload, it is automatically protected.
  • Personalized: with policies that fit the workload type, sensitivity and regulatory context.
  • Pre-built in a template: so the developer doesn’t have to know what the right security is for their workloads.

With Trend Micro Deep Security, we believe we have the best solution: enabling automated, comprehensive security that won’t get in your way. What’s more, Deep Security can protect your entire organisation – across physical, virtual and cloud environments and includes comprehensive protection in a single product and agent. Making management easier and lowering costs.

Contact our sales team today on 0118 9898 222 to find out more about Trend Micro Security Solutions.

selective swip 1

 

 

 

 

Originally published by AppRiver

New Mobile Device Management (MDM) features are coming home to AppRiver Office 365 Plus, including the ability to selectively wipe mobile devices. Selective wipe of mobile units allows an administrator to revoke access to and delete corporate email that has been synced to a device, as well as specific data associated with Office 365 apps on the device, while retaining any unassociated personal data.

admin 1

Selective wipe will work across a diverse range of phones and tablets, including iOS, Android and Windows Phone devices and is included at no additional cost for all AppRiver Office 365 Plus plans. The addition of the selective wipe capability and MDM features listed below to the already robust Office 365 Plus arsenal ensures that your Office 365 experience remains easy, effective and affordable

mobile device management 1

Mobile Device Management options include:

Selective wipe

Ability to perform either a full remote wipe of a corporate smartphone or tablet or a selective wipe of Office 365 company data from an employee’s device while leaving any personal data in place.

Conditional access

Set up security policies to ensure that Office 365 corporate email and documents can be accessed only on phones and tablets that are managed by your company and that are compliant with your IT policies.

Device management

Set and manage security policies, such as device-level pin lock and jailbreak or root detection, to help prevent unauthorized users from accessing corporate email and data on a lost or stolen device. 

Mobile Device Management Options introduced to AppRiver Office 365 Plus

Cloud-based management for devices that run on iOS (iPhone, iPad), Android and Windows Phone will be supported and the roll out for these capabilities will be completed in 4-6 weeks. All features will be included with all AppRiver Office 365 Plus and bundle licenses.

Contact our Sales Team today on  0118 9898 222 to find out more about Office 365

comptia-logo

The managed service best practice offerings template is intended to provide a list of the most common offerings that are currently being deployed by newly formed managed service practices.

The list has been developed based on the experience of IPED consultants, research conduct with numerous channel partners and direct discussions with partners that have successfully built an MSP practice. Although the customer offerings vary from MSP to MSP, most of the solution providers that have built a successful MSP practice have started their practice with one or more of a variety of managed services.  You can read the CompTIA Managed Service Best Practice Offerings study here.

Need more help with finding the right solutions for your MSP business? Call our sales team today on 0118 9898 222.

 

 

Cryptolocker Banner

This important notification is being released by Trend Micro for AWARENESS of the Ransomware Cryptolocker family. The main purpose of this Threat Awareness is to provide complete information about the threat and communicate the recommended solutions and best practices so that customers can apply them and avoid being affected or contain the threat from spreading further. If similar infections are being experienced in your respective regions, please contact your support engineer.

Threat brief

We are experiencing a resurgence of the malware family named Cryptolocker (and others variant). This is a crypto-ransomware variant which has the capability to encrypt files. It uses many technics (HTTPS, P2P, TOR…) to mask its command-and-control (C&C) communications. Usually, this attack is delivered thought spear-phishing method as an email attachment. Upon execution, it connects to several URLs to download the crypto-ransomware. It displays a ransom message. Users must pay the ransom before the set deadline is done. Otherwise, all the files will permanently remain encrypted. But beware, ransom payment is no guarantee that the original files will be restored!

Notable Variant
•  A particular variant, TROJ_CRYPCTB.XX , offers users the option of decrypting 5 files for free—as proof that decryption is possible.
•  Users are also given 96 hours, instead of 72 hours, to pay the ransom fee.
•  The displayed ransom message has options for four languages, namely, English, Italian, German and Dutch.
•  In some case, infection could occur through embedded URL over email or compromised web site with drive-by download technics.
Ransomware Image

How to protect from CRYPTOLOCKER attack ?
•  Use Reputation for real-time protection using cloud automatic sharing system (Smart Protection Network)

◦  Email Reputation to block malicious and suspicious email.
◦ Web Reputation to block compromised websites, newly C&C remote hosts and other disease vectors.
◦  File Reputation through SmartScan technology for real-time security updates on your solutions.

• Leverage sandbox, emulation and heuristic integration in current Trend Micro product with Custom Defense approach

◦ Automatic execution of suspicious content on innovative dynamic engines
◦ Native & easy deployment to existing Trend Micro solutions (OffiScan, IMSva, IWSva, ScanMail…)
◦ Empower Deep Discovery approach to detect over network any cryptolocker attack, ransomware, 0-day, targeted attack and any others unkown malware/variant

• Apply Best Practices on your Trend Micro solutions
Block potentially dangerous file over email (exe, scr, cab filetype…)
◾IMSva : http://esupport.trendmicro.com/solution/en-us/1099617.aspx
◾WFBS & ScanMail : http://esupport.trendmicro.com/solution/en-us/1099619.aspx

◦Tune Endpoint security solutions with Trend Micro recommendations
Malware : http://esupport.trendmicro.com/solution/en-us/1054115.aspx
◾Ransomware : http://esupport.trendmicro.com/solution/en-us/1099423.aspx
http://esupport.trendmicro.com/solution/en-us/1101715.aspx

•Education to end-user is key to pro-active defense:
◦ Always check who the email sender is.
◦ Double-check the content of the message.
◦ Refrain from clicking links in email.
◦ Backup important data.

• Coming soon into OfficeScan 11 Service Pack 1 !!! Anti-Cryptolocker feature to protect your personal file against encryption or malware action. Beta will start in few weeks. Contact your support engineer for more information.

How te remediate if Cryptolocker infection is running ?
• Détection and removal tool for Cryptolocker :

Threat Cleaner for GOZ and CryptoLocker (32-bit and 64-bit)
• Most of the time, encrypted personal file are lost even if user pays the ransom. Backup restore is the best solution to retrieve original and unmodified personal files.
• For Windows users, in case of system backup & restore features were active, lost files could be restored based on last automatic backup :

http://windows.microsoft.com/en-us/windows7/previous-versions-of-files-frequently-asked-questions

If you have any queries about Trend Micro Solutions and the Ransomware Cryptolocker family, call our support team on 0118 9898 245.

AppRiver logo largerversion

Article published on the AppRiver Blog

Google continues to phase out Postini services in favor of the Google Apps platform.  Consequently, we continue to receive requests to migrate Postini filtering accounts to SecureTide by AppRiver.  In this post, we will discuss the process through which your Postini mailboxes and settings can be easily migrated to SecureTide.

To export all mailbox senders lists (approved and blocked), as well as the associated settings, you will need to follow some simple steps both to retrieve the data and to prepare it for our  Support team will assist you during the migration to SecureTide.  After the data is in place, we’ll help you change your MX records to redirect your mail through our data centers.  Once the process is complete, your domains, mailboxes, approved senders and blacklists will be available through the Customer Portal and your spam and malware will be captured in our quarantine areas.

To export Postini mailboxes and settings, follow these simple steps:

1.  Export Mailboxes and Aliases

Exporting the complete set of data is a two-step process that produces two separate source files.  The first file to be exported contains mailboxes along with their aliases:

  • In the Postini interface, go to Orgs and Users > Orgs.
  • Click on the domain you wish to export. (For this example, we will use domain.com as shown in Figure 1.

Figure 1.  Select Domain

  • In Organization Management, note the Organization ID number located in the Settings section (see Figure 2).

 

Figure 2.  Note the Organization ID Number

 

  • Select the Batch link at the top of the page, enter the following command into the Manual Input field (see Figure 3), using the Organization ID number noted previously as the value for targetOrg and complete the on-screen instructions:

listusers ALL, targetOrg=1000012345, childorgs=1, fields=PRIMARY_ADD|ADDRESS, aliases=1, sort=primary_add:nd

Figure 3.  Export Aliases from Postini using the Batch Command

  • Select the batch results, copy and paste the data and save as a text file called domain.com_alias.txt.

2.  Export Approved/Blocked Senders Lists

Continue as follows to export all associated Approved/Blocked Senders Lists:

  • Go to Orgs and Users > Users.
  • Choose the top Account-level org from the Choose Org list.
  • Click the Download Users/Settings link as shown in Figure 4.

Figure 4.  Export Approved/Blocked Senders List

  • Select the Batch results, copy and paste the data from the popup window and save the data as a text file called domain.com_Users_Settings.txt.
  • The exported data will contain such information as the # address, user_id, junkmail_filter to set email filtering active, category filtering levels, virus scanning settings, approved_senders, approved_recipients, blocked_senders, as well as other available inbox settings (see Figure 5).

Postini Exported Settings Shown

3.  Provide data to AppRiver for Migration

Now that you have all data exported into two separate files, send both files to support@bluesolutions.co.uk.  Our support team will import your data to our platform and provide a walkthrough on AppRiver’s SecureTide service.

Call our sales team on 0118 9898 222 for more information about AppRiver secure email messaging solutions.

StorageCraft banner27Jun14StorageCraftStorageCraft® ShadowProtect® Small Business Server has been rebranded to StorageCraft® ShadowProtect® for Small Business.

This name change is being made to better reflect the diversity of Microsoft products supported, including:

  • Windows Server 2012 R2 Essentials and Foundation
  • Windows Server 2012 Essentials and Foundation
  • Windows Small Business Server (SBS)
  • Additional Windows operating systems listed on the ShadowProtect page of the StorageCraft web site.

The only change is the name. All features and functionality remain the same.

If you have any questions about this name change, please contact our sales team on 0118 9898 222.