Trend Micro

Peak‘Apex One’ – it’s difficult to think of a more confident, self-assured name for a new brand!

And it’s a brand on a mission, too – to take the burdensome management out of security. As the Apex One developers put it in their blog, this is about “detecting and blocking as many endpoint threats as possible, without manual intervention.”

This, in turn, translates into less pressure on security teams, lighter workload for security service providers, and less costly time and effort involved overall.

But is this a solution the channel will want to sell? Is it easy and profitable to deploy and manage? And what makes it different from (and better than) what went before?

You can read the full solution brief on our website, but meanwhile here’s our take on it.

Single agent: a game-changer?

Trend’s existing XGen technology already automates threat detection across security layers and endpoints, including PC, Mac and VDI.

But where even the most automated threat detection capability stumbles is the need to use multiple agents to deliver across different kinds of customer deployment – like cloud, on-premise, and hybrid.

Here, Apex One plays a blinder. It has a single agent that is consistent across all customer deployment types, significantly diminishing deployment and ongoing management overheads, and reducing the risk of automation being devalued by interruption.

Given the high proportion of enterprise clients who have complex hybrid environments, this has to be a winner!

Detection and remediation: all done for you!

But security channel partners and in-house security teams alike also need to be sure that what is being automated is the most effective way for dealing with the broadest possible range of threats. Inadequate protection delivered automatically is not a value-add!

Apex One appears to be well ahead of the curve here, however, because it focuses its automation not on preventing threats (an impossible aim), but instead on detecting and removing them.

Unknown or fileless threat? Machine learning and behavioural analysis will spot its threatening characteristics and take action.

Operating system vulnerability? Apex One creates its own virtual patches to prevent zero-day exploits from making it onto any endpoint.

And if you’re hearing echoes of EDR (Endpoint Detection and Response) at this point, it’s true that Apex One offers upsell potential into both Trend’s full EDR and MDR (Managed Detection and Response) solutions - but it’s also important to understand that what Trend have built here is in fact something quite distinct.

Whereas EDR tends fundamentally be a noisy and manual process to manage (as we explained in this earlier post) automated detection and response - which is what Trend call it - neatly does much of it for you.

Manage, visualise, investigate – all in one place

The more you can understand about a threat, the more effective the measures you can take against it.

But the challenge is in corralling all the threat information – including user-based visibility, policy management, and log aggregation - into one place, in a way that makes sense of it.

Apex One has created a centralised console that enables exactly this, so although for some more detailed analysis a connection to an optional EDR dashboard is necessary, visualisation, investigation and reporting are already built into its standard configuration, adding an inbuilt layer of insight that other solutions don’t have.

Conclusions: is Apex One the peak of security for channel partners?

Everyone likes a great name and a strong story, and Apex One has got both in spades – not least because it is in fact essentially the new brand name for the existing Trend endpoint security solution within its Smart Protection Suites solutions family.

But this is not some kind of rebadging exercise to revive a flagging solution – because Trend’s endpoint solution isn’t flagging. Just the opposite, in fact: it has received high praise from industry analysts like Gartner year after year, including in 2018.

But coupling it with a single agent shows that there’s a strategic endgame in mind: to make Trend’s endpoint security solutions as effortless as possible to use across every client environment – and therefore very hard to displace.

For end-clients and channel partners alike – and particularly existing Trend Micro Office Scan users, who will receive Apex One as a regular update at no additional cost - that’s a rebrand that will deliver far more than just a new name and a shiny logo.

XGen badge (HES) is the latest Trend Micro solution to wear the xGen badge. We take a brief look at the machine learning benefits behind the brand.

For both MSPs and resellers, Trend Micro’s Hosted Email Security (HES) has always been a compelling sell, delivering powerful, serverless email protection for customers with limited IT resources.

But whereas the rest of Trend’s Worry-Free Business Security Services solutions have already been plugged into the Predictive Machine Learning technology that is one of the features of the newly minted xGen brand, HES (perhaps because it’s also available as a standalone solution, outside of Worry-Free) hadn’t been – until now.

Here are some of the benefits that ‘xGenned’ HES now delivers to end-users.

Zero-day and unknown threats detected

With the threat landscape evolving at bewildering speed, checking chunks of code against databases of the known ‘usual suspects’ is only fractionally effective.

Instead, security solutions now need to detect hitherto unknown and unidentified threats, too, as we described in a previous post recently - and this is exactly what the Predictive Machine Learning in HES now enables it to do.

Predictive Machine Learning uses advanced file feature analysis to ascertain both the probability that a threat exists in a file, and the probable file type – and, of course, because it is learning from each example, it gets better as it goes.

Dangerous files and processes neutralised

Once the machine learning process has identified an unknown or zero-day threat, it can then take action to keep end-users protected.

If the threat is file-based, for example, the solution will quarantine the files in question, to stop the threat from spreading across users’ networks.

HES shares its newfound machine learning capabilities not only with Trend’s Worry-Free Business Security Services solutions but also with OfficeScan, so this more detailed explanation of the latter’s Predictive Machine Learning features, and how they work, is worth a read.

No more multiple login hell

Bringing HES into the xGen fold appears to have prompted some other helpful alignments with existing Trend solutions, too (although, in truth, these don’t have much to do with machine learning!)

There’s a lot less cumbersome clickery involved, for a start. For example, you can now jump directly from HES into the management console of the Cloud App Security solution, whereas before you’d have had to go from the Customer Licensing Portal (CLP) to HES, then back to CLP in order to reach Cloud App Security.

This is important for two reasons: firstly, to stop you losing the will to live. And secondly, because it’s a significant improvement to the overall email security workflow (Cloud App Security is needed to provide Exchange Online mail store scans as well as inspection of internal email traffic - so an easy hook-up to it is a must).

In short, HES is going through the same operator-friendly evolution as many other Trend solutions - getting rid of fiddly separate passwords for each service.

Ultimately, this helps partners work more efficiently and thus cut down on admin overheads, but also it makes for smoother service delivery.

HES: an xGen latecomer poised to deliver

It’s worth noting that HES has also recently benefited from an overhauled interface, improved data insights, enhanced Time-of-Click web protection, and other additional refinements, as explored in this post - so it certainly hasn’t been standing still.

But it has moved at a different speed to the rest of the xGen stable, and it’s good news for security resellers and MSPs alike that they can now tell their customers the gap is being closed!

MSP programJoining an MSP program can work wonders with channel partners’ balance sheets, as our friends at Trend Micro explain in this blog!

We’re always keen to share compelling insight from our vendor partners, and Trend Micro have nailed it with their blog Five reasons you need to join an MSP program….today!

 So with thanks to the guys at Trend, we’ve condensed it below. (And if you like what you see, come and talk to us about the MSP solutions we offer!)

Five reasons you need to join an MSP program… today!

1. Better margins

It is not uncommon for our partners to earn in excess of 100% profit margin on the security solutions they are providing to their customers as part of their managed service agreements, which is probably a much higher percentage than what you are earning now if you are just buying annual licenses when your customers’ licenses expire.

Let me explain how in two words: aggregate pricing. Put simply, MSP programs typically offer pricing on an aggregate seat count basis, which means that you are paying for licenses based on the total number of clients you currently manage. This can be a significant difference as business grows and you move in to cheaper and cheaper seat bands. To figure out just how much margin you are missing out on ask your vendor how much it costs per seat in the lowest price band (typically five to 25 seats) vs. the cost per seat in the price band that represents your entire customer base. That number is the extra margin you are missing out on.

2. Predictable revenue stream

Compared to the feast-or-famine nature of revenue in a break-fix business model, predictability is one of the primary benefits of being a managed service provider. Joining an MSP program helps you further streamline and predict both the revenue from your customers, as well as your service delivery costs.

This one is a bit of a twofer since you can more easily calculate revenue projections and do forecasting into the future. You can also calculate cost projections and get a much better understanding of the health and future growth potential of your business. The icing on the cake is that the value of your business increases as well as your revenue streams–a critical component of your exit strategy.

3. Multiple recurring revenue streams

The great thing about being an MSP is that you are forced to heavily focus on automation and repeatability since controlling costs directly impacts your bottom line. Once you’ve joined an MSP program, you will generally have the ability to create multiple recurring revenue streams if they have a broad product portfolio. Once you have created processes and trained your staff around the tools provided as part of the MSP program it’s very easy to “turn on” any additional products your vendor may offer across your entire customer base. This can be done in a very efficient and cost-effective manner, with each of these products representing an additional recurring revenue stream and more profit.

4. Moving from CapEx to OpEx

There may be some tax and accounting benefits to joining an MSP program and moving from purchasing annual licenses upfront for your customers to paying for licenses monthly or quarterly — or moving from CapEx to OpEx. The main benefit is the ability to recognize deductions completely in the current period vs. recognizing them over the useful life of an asset (that is, if you buy a three-year license and deduct it over those three years).

Disclaimer: We are a cybersecurity company, not tax experts. Therefore, we highly recommend discussing this with your accountant or tax professional to weigh the pros and cons and how it may affect your business specifically.

5. Elimination of renewals

Lastly, a good MSP program will give you complete control over license management and provisioning from a self-service portal. This allows you not only to provision licenses when you need them (think evening or weekend deployment when you forgot to place an order three days in advance), but also to eliminate all the hassles, complexity and costs associated with renewals. In essence, since you have complete control over the licenses, an expiration date is no longer necessary–you can simply cancel the license when you need to.

If you’ve never figured out what it costs you to track disparate expiration dates across your entire customer base for every product, to request quotes from your vendors, to create invoices for your customers, to follow-up on payments from your customers, and to submit payments to your vendors just to renew a product, then you probably should! Most partners we  meet who go through this exercise are shocked to find out they often lose money on smaller customers because they did not factor the costs of renewing into their pricing or business model.

Although there are so many more reasons to join an MSP program as soon as possible, these are our top five reasons you should be seriously considering becoming part of one…

Blue Solutions is a specialist security software distributor with many years’ experience in helping partners take their MSP security proposition to market. To talk to us about our range of MSP security solutions, get in touch.

Upgrade Trend Micro Worry-FreeIf you don’t manage your Trend Micro Worry-Free Business Security upgrades properly, your customers could be at risk from ransomware! We explain what to do.

If you sell Trend Micro’s Worry-Free Business Security Standard or Advanced editions, you’ll know that both come with a convenient management console that enables you to easily watch over and control the security services you deliver.

But if you don’t act on the information and alerts you receive, and keep your solution up to date, it could mean that your end-user customers are at greater risk from threats like ransomware!

There are just three things you need to do to keep your customers protected:

1. Upgrade manually after renewals

Renewals of Trend Micro’s Worry-Free for Business Standard or Advanced editions do not automatically upgrade to the latest version, so you need to manually manage this process yourself.

Happily, it’s an easy thing to do. There’s a link to Trend Micro’s Download Center at the top of every console homepage. Click to upgrade your renewed Worry-Free Business Security edition to the latest version (see images below).

Alternatively, you can go to the Help tab, click on Support, and then click on the Download Center icon at the bottom of the page (see image below).

No uninstall or reinstall is required, the upgrade will automatically be picked up from the server by all the connected security agents, and your customers will stay protected.

What’s not to like?

Worry-Free Console
(Click to enlarge)
Worry-Free Console
(Click to enlarge)
Worry-Free Console
Upgrading Worry-Free Business Security after renewal is easy! (Click to enlarge)

2. Get notified by RSS as well

If you’re not on v.7 or upwards, you won’t get console notifications, so you need another way of receiving them.

And even if you are on v.7 or upwards, there’s certainly no harm in having a backup notification channel to be doubly sure the message hits home.

This is why the Download Center website supports RSS. You can set up upgrade notifications and reminders from that site straight into your RSS feed (see image below), and then go into the console to act on them.

Trend Micro software download RSS Feed
You can subscribe to the Download Center website’s RSS feeds to get upgrade and service pack notifications – whether the notification feature is also available in your version of the console or not. (Click to enlarge)

3. Act on those notifications!

As we’ve shown above, the console – even in pre-v.7 guise - contains the necessary links for you to download upgrades or service packs, and you can also find these links in the Download Center, whose icon is at the bottom of the console page (see image above).

So it’s a cinch to stay ahead of the game – but you do have to make sure you download the upgrades and packs promptly from the links.

That way, your customers will continue to be fully protected.

Keep Worry-Free worry-free!

Pay heed to your console, reminders and notifications and your Worry-Free Business Security solutions will totally live up to their name (more so, in fact, if you upgrade to the cloud-based Services edition that significantly simplifies life for both you and your end-users!)

But miss an upgrade or a service pack, and fast-moving, destructive threats like ransomware are, in all probability, already one step ahead of you and your customers alike.

And that will prove very worrisome indeed.

DeployManaging licensing processes can bite deep into security MSPs’ margins. But one vendor seems to make it a lot easier. We investigate…

If you’re a managed security service provider, you’ve got an awful lot on your plate when it comes to licensing.

Try to manage it all using different tools and you’ll rapidly flay the flesh from your profitability – and probably send your customer satisfaction levels plummeting, too.

Logically, the solution is to somehow combine all the licensing functions in one place, making them both accessible and easy to use. But is any security vendor actually offering this? And if so, does it really deliver on the promise?

For our money, the answers to these questions are “yes, Trend Micro” and “yes, here’s how”, respectively.

Licensing Management Portal (LMP) – cross-product pain relief

The first thing that is striking about Trend Micro’s Licensing Management Portal (LMP) is that, in contrast to some other so-called “single pane of glass” management tools, it isn’t just available for a core technology that so far only underpins one or two finished products.

Instead, it has already evolved to the point where it is common to pretty much the entire Trend Micro product portfolio

So it makes it possible for MSPs to centrally manage, from a single sign-on system, multiple instances of both “point” solutions like Cloud Application Security (a topic we discuss further in this post), and more comprehensive solutions like the Worry-Free Business Security range.

Let’s not gloss over the pain that this alleviates. It eliminates wait time associated with ordering licences, because LMP is available 24 x 7 x 365. It automates the tracking of renewals and expirations. And it eliminates the complexity and cash-flow risk associated with manual billing.

Remote Manager
LMP, Remote Manager, CLP – a powerful triumvirate of solutions that drastically reduce the costly burden of creating, provisioning, managing and billing MSP licences. More on CLP below. (Click to enlarge)

LMP + Remote Manager = automation

This capability stems in part from the fact that LMP also contains within it Trend Micro’s Remote Manager.

This radically streamlines many of the licensing management processes by plugging them into industry-standard RMM and PSA solutions like Autotask, ConnectWise, Kaseya and LabTech.

So, you no longer have to manually drive your billing process, for example. Instead, LMP can use ConnectWise to auto-issue invoices and create end-to-end billing the moment a new endpoint or device is deployed.

Likewise, there’s a lot less juggling of multiple processes in order to set customers up. LMP syncs with LabTech, so you can map customers from LMP to customers in your LabTech solution, and then, within the latter, just “point and shoot” to deploy, issue licences etc. No jumping around between applications!

LMP and LabTech sync
No jumping around between applications – LMP and LabTech sync, so that deploying and issuing licences to your customers is as simple as a mouse click. (Click to enlarge)

Service plans the way you and your customers want them

Whilst we’re on the point of service plans, it’s worth mentioning that LMP has rewritten the rulebook somewhat in this respect too, offering real flexibility.

You can activate licences into live services in any number of formats – monthly, yearly, quarterly, on receipt of PO – and you can schedule in additional features so that they don’t have to be managed manually.

For example, a new customer that has committed to your services for two years initially, but whose contract needs to revert to a monthly rolling arrangement after this initial period, can have a service plan created in LMP that will deliver this arrangement – automatically.

From where we’re sitting, it’s probably the only example of a service plan mechanism that combines customer-friendly flexibility and features with management tools that don’t place an unsustainable drain on your resources!

Powerful but flexible reporting

Of course, if you can’t easily see what’s billable, automated provisioning and service plans won’t stay viable for very long!

Here, too, LMP shines. Not only is the reporting itself automated, it provides up-to-date detail of everything that has been in any way consumed by the end-user, ensuring that consumption and billing are always in step with each other.

At the same time, the automation allows a window of manual adjustment to cope with cancellations, error correction, atypical deployment scenarios, and other exceptions.

In essence, LMP has enough automation to make the majority of billing scenarios far easier – and far more economical – to manage.

CLP: Convenience for the end-user

But what’s really innovative in LMP, in our view, is that it enables the end-user to manage some of their own licensing, giving them the convenience of direct control, whilst also (let’s be candid) fattening your margins by reducing your workload!

This is because LMP contains a Customer Licensing Portal (CLP), which enables customers to manage licence keys for selected parts of their security estate, based on role. That partial autonomy and flexibility works for them, which makes you look good.

But the fact that the CLP can also carry your own branding will do your business profile no harm at all, either!

“Nobody does it better”, goes the old song. And at the moment, our Trend Micro team seems to be singing it around the office quite a lot. Funny, that.

Trend Micro HESTrend Micro HES has long been an attractive cloud solution for users who want email security without on-site hassle. Read how it just got better!

We see a lot of email security solutions, but it’s fair to say that Trend Micro’s Hosted Email Security (HES) has recently upped its game to deliver a user experience that’s slicker, protection that’s broader and more agile, and service management that’s easier (and therefore ultimately more profitable!)

Here’s how Trend has taken HES to the next level.

New in Trend Micro HES, (1): Smoother interface, better data insights

Trend has now extended the successful interface designs found elsewhere in its stable of solutions to HES too, meaning that if you can “drive” other Trend solutions (like Worry-Free or OfficeScan), you can now just as easily drive HES.

For both end-users and service providers, this potentially means smoother workflows, easier internal adoption, lower training and implementation costs, and, overall, sharper ROI.

Trend Micro HES Dashboard
Trend has brought HES into line with its standard interface design and given its threat analysis tools a shot in the arm.

An improved dashboard in the solution now also makes it easier for end-users and service providers to glean more information about the threats they face, thanks to advanced analysis details and top advanced threat charts.

New in Trend Micro HES, (2): Sandboxing now comes for free!

Sandboxing – the ability, in the context of the SMTP protocol, to take mail offline and rigorously test it for threats before it reaches the recipient – is a potent tool in the security partner’s armoury.

But, typically, it’s also very costly – and it’s here that Trend has broken the mould. HES now includes free-of-charge access to new sandboxing solutions including Advanced Threat Scan Engine and Social Engineering Attack Protection.

Tick a box, get sandboxing for free – Trend’s Christmas present to service providers seeking to add value to their customers’ accounts!

Advanced Threat Scan Engine uses combined pattern-based and heuristic scanning to not only combat known email threats, but identify characteristics and behaviours that can suggest new ones (making it particularly effective against stealth threats like ransomware and zero-day exploits).

Social Engineering Attack Protection (now built into the AntiSpam Engine) is part of Trend’s recently much-vaunted machine learning stable, which includes the XGEN solutions.

It detects suspicious behaviour in multiple parts of each email transmission, including the email header, subject line, email body, attachments, and the SMTP protocol information.

Suspect messages are returned to Hosted Email Security for further action or policy enforcement, ensuring the attack does not reach its target.

These services are easy to activate too, by simply ticking a policy check box – convenient for end-users and service providers alike.

New in Trend Micro HES, (3): Protection against spoofing

Spoofed email identities are the gateway to unwitting activation of all manner of threats, from phishing, to whaling, to dangerous attachment payloads, and more.

HES now supports DKIM (Domain Keys Identified Mail) signatures in both incoming and outgoing messages. These authenticate the domain name associated with a message to detect any mismatches, which in turn protects users against receiving messages that have been tampered with – for instance, to spoof the sender name.

Protection against spoofing
Spoof email? That’s so passé!

New in Trend Micro HES, (4): Marketing-friendly segregated email

Trend has consistently led the field in anti-spam protection, but the reality is that what is often defined as marketing spam can in fact be a source of new opportunities or competitor intelligence for some departments in your customers’ businesses.

For this reason, HES now offers email segregation, which enables certain types of user or policy group within the end-user’s organisation to choose to receive marketing and promotional email (whilst still subjecting it, of course, to all the other new and existing HES security features).

Marketing-friendly segregated email
Yes, please market to me! Or just don’t, OK?

New in Trend Micro HES, (5): Time-of-Click Web Protection

Boosting Trend’s already significant arsenal of web reputation and security solutions, Time-of-Click protection automatically rewrites URLs contained in received emails.

This means that the default action when a user clicks on these links is not to take them straight to the site concerned, but to submit that underlying site to Trend for real-time prior security and reputation analysis.

Lucky Trend automatically rewrote this URL and checked it before the recipient got taken to the site…

The delay for the user in accessing a legitimate site is fractional, but the protection against accessing non-legitimate sites is comprehensive, since no access is granted until HES has confirmed that the site is not a source of threats or reputational damage.

More on what’s new in Trend Micro HES

There’s not the space here to cover off all the detail, but suffice it to say that Trend’s latest version of HES delivers additional benefits that could enable service providers to really differentiate their offering in both existing and new accounts.

Here’s a full list – and you know where to come if you want to discuss it!

security-banner

Our top security updates in the news and on the web this week

1.10 tips to avoid Cyber Monday scams

Shoppers familiar with the Cyber Monday circus know they’re stepping into the lion’s den. The Internet has always been a lawless place. First posted on Malwarebytes.

For the original post and further information click here

2. More POS malware, just in time for Christmas

Threat researchers are warning of two pieces of point of sales malware that have gone largely undetected during years of retail wrecking and now appear likely to earn VXers a haul over the coming festive break. First posted on The Register.

For the original post and further information click here

3. Some simple security advice for computer and smartphone users

Demonstrated how easy it can be to compromise users computers and 'steal' very personal video and photos, here's some really simple advice to help prevent this happening. First posted on Pen Test partners.

For the original post and further information click here

4. CryptoWall Updates, New Families of Ransomware Found

The ransomware threat isn't just growing—it's expanding as well. There has been a recent surge of reports on updates for existing crypto-ransomware variants. First posted on Trend Micro.

For the original post and further information click here

ransomware-update

5. Blast from the Past: Blackhole Exploit Kit Resurfaces in Live Attacks

The year is 2015 and a threat actor is using the defunct Blackhole exploit kit in active drive-by download campaigns via compromised websites. First posted on Malwarebytes.

For the original post and further information click here

6. Another Day, Another HMRC Tax Phish…

We could all do with a bit of a tax refund right before the festive season, and wouldn’t you know it. First posted on Malwarebytes.

For the original post and further information click here

7. Diving into Linux. Encoder’s predecessor: a tale of blind reverse engineering 

Linux.Encoder.1 has earned a reputation as the worlds first Ransomware family tailored for Linux platforms. First posted on Bitdefender Labs.

For the original post and further information click here

If you have any security news that you would like to see on our blog please send it to us at bluesolutions, please include the link from the original article in the email.

trend-micro

 

Originally published on the Trend Micro Blog

A recent Trend Micro report carried out by the Ponemon Institute uncovered an interesting new dynamic in the workplace. Increasing numbers of U.S. consumers are bringing wearable technology into the office.

This raises a difficult problem for enterprise IT managers keen on keeping IoT devices from swamping the workplace as the influx of BYOD devices did a few years ago. So what’s the best way to move forward?

Growth and risks

Let’s be clear, the use of IoT devices and wearables in the workplace is by no means soaring. According to our study – Privacy and Security in a Connected Life – just 25 percent of U.S. consumers said they even plan to use a fitness tracker. For Google Glass, this figure was an even lower 16 percent. Yet adoption is increasing, and as it does, these devices will inevitably find their way into the corporate world, just as the smartphone and tablet did before them. From smart watches to activity trackers and smart glasses, there’s a growing feeling that these devices can help our productivity and well-being. Given we spend the majority of our lives at work, it’s a no-brainer that employees will want to wear them in the office.

While they may support productivity, connected devices present risks for the IT department, especially those that could auto-sync corporate data, making them a potential target for hackers and thieves. Even data tracking the movements of mobile sales staff could tip off competitors about new leads. Many IT leaders will want to manage this risk by ensuring any workplace IoT devices are controlled with MDM, security tools and policies. However, according to our research, 50 percent of U.S. consumers do not believe their employer has the right to access personal data on their smart device, despite connecting to the corporate Wi-Fi.

Staff versus employer

This dilemma brings the usual arguments raised by BYOD, namely that sensitive corporate or customer data could be at risk if accessed or stored on an employee-owned device. Now if IT managers try to shackle devices with MDM or security tools, they could risk the wrath of users.

A recent court case highlights that such problems are no longer theoretical. A U.S. District Court in Texas heard the case of a staff member who sued his employer for loss under the Computer Fraud and Abuse Act. The former employee was forced to use his own iPhone for accessing customer emails at work since one was not provided. When he resigned, the company’s network administrator remotely wiped his phone, deleting not just work information, but also his personal data. In the end, the employer won, but it won’t be the last case of this kind as staff and their employers increasingly clash over BYOD.#
Best practice BYOD

So what can the under fire IT manager do to walk this fine line, protecting both enterprise data and staff expectations of personal privacy, while enabling staff productivity? Here are a few tips for starters:

  • If you haven’t already, classify enterprise data and perform a risk assessment to better understand what is at stake if it ends up in a competitor’s hands.
  • Find out how many personal smart devices are already being used at work.
  • Familiarize yourself with the operating systems, devices and security shortcomings of these devices.
  • Consider enforcing remote lock/wipe and password protection for all devices allowed to connect to the corporate network.
  • Utilize a ‘containerized’ security approach which keeps corporate and personal data separate on devices.
  • Apply policies so that the most sensitive corporate data is encrypted.
  • Assess any new IoT devices before they are allowed to connect to the network.

 

 

 

 

trend-micro

How to Win the Cloud Security Game by Balancing Risk with Agility

The cloud is changing the way organisations around the world do I.T. Attracted by lower costs, improved efficiency and faster development and deployment times for apps, users everywhere are migrating to this new computing model in droves, with or without the blessing of I.T. Yet security is a top concern due to the loss of control of a physical infrastructure.

The challenge of balancing that greater business agility with security risk while keeping costs down is not an easy job. But it’s one that cloud managers will have to confront to be successful. And just like in a game of football, a winning strategy must be built on solid defence.

Shared responsibility

To articulate the challenges of cloud security, Trend Micro recently commissioned Forrester Consulting to survey I.T. professionals tasked with public cloud security projects. 70 percent said the public cloud was an integral part of the product or service they offered to customers.

It’s no surprise that security was a concern to three-quarters (76 percent) of them. In the public cloud, security is a shared responsibility. The cloud service provider will secure up to the hypervisor (including data centre and infrastructure), while the customer must take care of securing the OS, apps, users and data.

Kicking off

When determining how to best augment the secure infrastructure of their cloud provider, cloud managers should start by considering three aspects:

  1. Time to value – This is all-important to developers. It’s why two of the top three barriers to adopting best practice cloud security were given as “too time intensive” (43 percent) and “would slow down cloud usage” (36 percent). Forrester believes cloud resources must be made available in under 15 minutes, automated and out of sight, or developers may look to circumvent IT controls.
  2. Security risks – Cutting down on security in order to speed time to value will expose organisations to the risk of a data breach, including the financial penalties, damage to brand, legal costs, and consumer trust issues this could bring. Adding protection like data encryption, monitoring and logging, intrusion detection/prevention and patch management and other controls to cloud workloads provides multi-layered protection that reduces security risks.
  3. Cost – Applying maximum levels of security to every workload will drive up cost unnecessarily, impacting one of the main reasons of migrating to the cloud. It could also force developers to bypass security. But if you don’t add enough security, you become an easy target for hackers, leading to expensive data breaches. It’s a delicate balance.

Deep Security for the win!

Forrester believes the answer lies with security solutions offering pre-made templates with different levels of security to match the needs of individual workloads:

Optimal cloud security controls would be:

  • Automated: so when a developer launches a workload, it is automatically protected.
  • Personalized: with policies that fit the workload type, sensitivity and regulatory context.
  • Pre-built in a template: so the developer doesn’t have to know what the right security is for their workloads.

With Trend Micro Deep Security, we believe we have the best solution: enabling automated, comprehensive security that won’t get in your way. What’s more, Deep Security can protect your entire organisation – across physical, virtual and cloud environments and includes comprehensive protection in a single product and agent. Making management easier and lowering costs.

Contact our sales team today on 0118 9898 222 to find out more about Trend Micro Security Solutions.

bluesolutions_logo-colour

 

Trend Micro Silverstone

Some of our team joined Trend Micro for a day at Silverstone.

The day was a great opportunity for our team and Trend Micro to enjoy the races and also get to sit behind the wheel of a few of the cars.

Here's some of the images from the day:

 

 

Our Sales Manager, Emma Wale enjoyed the day, although it was a bit noisy!

Emma Trend Silverstone

 

 


 

Sandra from Trend Micro enjoys her time behind the wheel of the car...Sandra Trend Silverstone

 

 

 

 

Aaron from Trend Micro is looking concerned that his favourite car might not win the race...

Aaron Trend Silverstone

 

 

 

 

 

Other pictures from the day:

Trend DayTrend car2 Silverstone  Trend Car 21Apr