Web SecurityWeb attacks will continue to increase in 2016, experts tell us. But web security is getting cleverer - and here’s what you need to know about it.

The European Union’s latest ENISA Threat Landscape report tells us that web attacks will continue to increase in the future. So, no surprises there, then!

But web security hasn’t stood still. In fact, there are many web security features now available that give security partners and their customers much deeper insight into web threats, as well as more effective tools to combat and manage them.

Here are just a few web security developments you might want to look out for in 2017.

URL analysis to beat zero-day threats

The backbone of web security has often typically relied on comparing a URL to a database of known malicious URLs, and blocking access if a match is found.

Clearly, there are severe limitations to this approach. Zero-day threats, for instance, won’t be on any URL blacklist, because they are simply too new, as we’ve explored in a previous post.

But web security solutions can now ‘sandbox’ a URL (quarantine it so that interactions with it cannot pass threats onto the network) and automatically analyse the behaviours of the destination site.

This way, even zero-day and unknown threats can be spotted and blocked, before they can cause any damage.

Centrally managed content filtering and reporting

Web content filtering is also a critical security requirement for most organisations, to ensure that employees don’t access inappropriate or reputationally risky material.

Historically, however, it’s been easier said than done. Endpoint security solutions have rarely proven themselves up to the task; they typically cannot monitor or report on web access unless there is a policy in place on that endpoint for that specific website. (Hardly an all-encompassing strategy, eh?)

Web security solutions can totally transform this situation, because security policies and their actions can be applied from a central dashboard to users and roles, independently of the endpoints they’re working from.

A senior manager who has good cause to investigate questionable content on a website, for example, might simply be monitored; a more junior user attempting the same thing might have access to that website blocked.

Decoupling web filtering from endpoints also means that reports can be created and run in real-time, simply by clicking on widgets in the centralised dashboard - and these cover all web use, not just pre-selected sites.

Web application control: the new ‘must have’

As we touched on in a previous post, it is now possible for web security solutions to control access not only to cloud applications like, for example, Facebook, but to specific features within them – by individual, role, device and location.

These can include, for example, functions that enable users to upload or delete profile images, remove a public link, permanently delete files from a recycle bin, disable a security group, and many other types of actions that can be high-risk in certain contexts, both with and without malicious intent.

As businesses rely more and more on cloud and social applications to carry out everyday processes, this kind of web security is set to become mission-critical.

Gains in performance, deployability, and more

But it’s not just the security features themselves that are worthy of note.

A host of innovations around performance, deployment, usability and productivity mean that web security solutions are now a more attractive proposition from the point of view of end-users (who are looking for service excellence) as well as security partners (who are looking for differentiators and ease of management) than ever before.

From the performance point of view, the latency (lag) often associated with cloud-delivered solutions, for example, is a thing of the past, thanks to locally stored caches that wake up instantly.

From the deployment point of view, flexibility is high on the agenda, with agentless options, and multiple authentication methods, including SAML, direct, and agent-based – pretty much whatever the end-user prefers, in fact.

And when it comes to usability, guest users on VLAN and mobile workers are protected without the additional complication of connecting to a VPN (or the danger of failing to do so), supporting risk-aware productivity.

Something tells me threat actors, users and security partners alike will be watching web security very carefully in 2017.

Email SecuritySpam, phishing, malware – these are just some of the hazards email can carry. We’ll see more of them in 2017, so what kind of security solutions can counter them?

Following on from our recent post about business continuity solutions, another topic worth following in 2017 is email security.

So just how important is it?

Well, according to email research from the Radicati Group, the number of business emails sent and received per day in 2017 will number 120.4 billion. By 2019, it will be nearer 129 billion.

And this unrelenting growth is one of the factors driving a huge increase in email-borne cyber-threats. In fact, in the first quarter of 2016 alone, according to this piece in Infosecurity Magazine, there was an 800% increase in email-borne threats over the previous year!

What, then, should you be looking out for to protect your business (or your customers’ businesses, if you’re a security reseller or service provider) against this onslaught?

Choosing email security

We’ve identified some specific features that we believe are critical to effective email security in 2017’s threat-laden world.

1. Ease of use for SMEs

The latest Government Security Breaches Survey found that SMEs are now being pinpointed by digital attackers, according to this piece in The Guardian.

But SMEs also include many businesses that have little or no in-house IT or security expertise  - so complex on-premise email security just won’t work for them.

Instead, look out for cloud-delivered, as-a-service solutions that major on ease of use (that means, amongst other things, no-maintenance deployment, with 24 x 7 updates, patches and hot-fixes delivered automatically by the vendor).

This kind of solution has the added benefit that it can filter email inline and scan it prior to it reaching the recipient, so threats are intercepted before they touch the business’s network.

Nothing to remediate, no spam to archive, nothing to clean up – good news for resource-starved small businesses.

2. Email clients – cloud’s a must!

Smaller businesses in particular are also turning to hosted email clients like Office 365 and Google Apps, with research showing that nearly two-thirds of small business owners already have an average of three cloud solutions in place.

Combine this with the knowledge that Office 365 has known issues with its ability to detect insecure document content, though, and it’s not enough to just go with a cloud-based email security solution. You also need to choose one that is good at dealing with cloud-based email client vulnerabilities.

Get the last bit wrong and you’re still behind the SME security curve.

3. Threat coverage and awareness

Spam, malware, spyware, phishing and inappropriate content are all known risks that must of course be protected against.

But the underlying question is how the solution’s knowledge of the threat landscape evolves, since it is this process that ultimately protects users against emerging threats like zero-day exploits.

Big data and machine learning algorithms are the key features to look for in this respect, but many vendors are now jumping on this bandwagon, so look at the hard numbers to sort the aspirational from the credible.

Take Trend Micro’s Hosted Email Security (HES) as just one example: over 50 billion website URLs, email sources, and files scanned, correlated, and filtered, with over 7 terabytes of new threat data processed - daily.

That leaves little doubt (and the latest features in Trend Micro HES make convincing reading, too).

4. GDPR compliance

GDPR is never far away from our discussions thesedays, and any cloud-delivered service is now under the microscope with regard to how it protects the privacy of the data that it holds.

Look for a solution backed by data centres that have reached the most stringent privacy certifications - in Europe, these are generally considered to be ISO 9001, ISO 27001, OHSAS18001 (LHR1) and SAS 70 Type II.

5. Ease of partner management

For security partners, there is an added dimension to a choice of security solution: the ease with which they can manage it!

Solutions that are difficult to provision and manage burn through administration resource and gnaw at margins – making them potentially unprofitable.

Look instead for a single security dashboard across all customers, that also works with industry-standard platforms like Autotask, ConnectWise and Kaseya.

This will enable you, for example, to automate monthly usage and reporting management, proactively analyse emerging security threats, and provision new solutions and services more rapidly – without signing into and logging out of multiple systems and tools.

Email security in 2017 – as-a-service solutions to a growing challenge

As long as businesses keep sending and receiving emails, the bad guys will keep using them to try and attack the soft underbelly of businesses.

But to do that, the emails have to get there in the first place – and if they’re getting caught by security in the cloud first, they won’t.

Definitely one to watch for 2017.

Upgrade Trend Micro Worry-FreeIf you don’t manage your Trend Micro Worry-Free Business Security upgrades properly, your customers could be at risk from ransomware! We explain what to do.

If you sell Trend Micro’s Worry-Free Business Security Standard or Advanced editions, you’ll know that both come with a convenient management console that enables you to easily watch over and control the security services you deliver.

But if you don’t act on the information and alerts you receive, and keep your solution up to date, it could mean that your end-user customers are at greater risk from threats like ransomware!

There are just three things you need to do to keep your customers protected:

1. Upgrade manually after renewals

Renewals of Trend Micro’s Worry-Free for Business Standard or Advanced editions do not automatically upgrade to the latest version, so you need to manually manage this process yourself.

Happily, it’s an easy thing to do. There’s a link to Trend Micro’s Download Center at the top of every console homepage. Click to upgrade your renewed Worry-Free Business Security edition to the latest version (see images below).

Alternatively, you can go to the Help tab, click on Support, and then click on the Download Center icon at the bottom of the page (see image below).

No uninstall or reinstall is required, the upgrade will automatically be picked up from the server by all the connected security agents, and your customers will stay protected.

What’s not to like?

Worry-Free Console
(Click to enlarge)
Worry-Free Console
(Click to enlarge)
Worry-Free Console
Upgrading Worry-Free Business Security after renewal is easy! (Click to enlarge)

2. Get notified by RSS as well

If you’re not on v.7 or upwards, you won’t get console notifications, so you need another way of receiving them.

And even if you are on v.7 or upwards, there’s certainly no harm in having a backup notification channel to be doubly sure the message hits home.

This is why the Download Center website supports RSS. You can set up upgrade notifications and reminders from that site straight into your RSS feed (see image below), and then go into the console to act on them.

Trend Micro software download RSS Feed
You can subscribe to the Download Center website’s RSS feeds to get upgrade and service pack notifications – whether the notification feature is also available in your version of the console or not. (Click to enlarge)

3. Act on those notifications!

As we’ve shown above, the console – even in pre-v.7 guise - contains the necessary links for you to download upgrades or service packs, and you can also find these links in the Download Center, whose icon is at the bottom of the console page (see image above).

So it’s a cinch to stay ahead of the game – but you do have to make sure you download the upgrades and packs promptly from the links.

That way, your customers will continue to be fully protected.

Keep Worry-Free worry-free!

Pay heed to your console, reminders and notifications and your Worry-Free Business Security solutions will totally live up to their name (more so, in fact, if you upgrade to the cloud-based Services edition that significantly simplifies life for both you and your end-users!)

But miss an upgrade or a service pack, and fast-moving, destructive threats like ransomware are, in all probability, already one step ahead of you and your customers alike.

And that will prove very worrisome indeed.

DeployManaging licensing processes can bite deep into security MSPs’ margins. But one vendor seems to make it a lot easier. We investigate…

If you’re a managed security service provider, you’ve got an awful lot on your plate when it comes to licensing.

Try to manage it all using different tools and you’ll rapidly flay the flesh from your profitability – and probably send your customer satisfaction levels plummeting, too.

Logically, the solution is to somehow combine all the licensing functions in one place, making them both accessible and easy to use. But is any security vendor actually offering this? And if so, does it really deliver on the promise?

For our money, the answers to these questions are “yes, Trend Micro” and “yes, here’s how”, respectively.

Licensing Management Portal (LMP) – cross-product pain relief

The first thing that is striking about Trend Micro’s Licensing Management Portal (LMP) is that, in contrast to some other so-called “single pane of glass” management tools, it isn’t just available for a core technology that so far only underpins one or two finished products.

Instead, it has already evolved to the point where it is common to pretty much the entire Trend Micro product portfolio

So it makes it possible for MSPs to centrally manage, from a single sign-on system, multiple instances of both “point” solutions like Cloud Application Security (a topic we discuss further in this post), and more comprehensive solutions like the Worry-Free Business Security range.

Let’s not gloss over the pain that this alleviates. It eliminates wait time associated with ordering licences, because LMP is available 24 x 7 x 365. It automates the tracking of renewals and expirations. And it eliminates the complexity and cash-flow risk associated with manual billing.

Remote Manager
LMP, Remote Manager, CLP – a powerful triumvirate of solutions that drastically reduce the costly burden of creating, provisioning, managing and billing MSP licences. More on CLP below. (Click to enlarge)

LMP + Remote Manager = automation

This capability stems in part from the fact that LMP also contains within it Trend Micro’s Remote Manager.

This radically streamlines many of the licensing management processes by plugging them into industry-standard RMM and PSA solutions like Autotask, ConnectWise, Kaseya and LabTech.

So, you no longer have to manually drive your billing process, for example. Instead, LMP can use ConnectWise to auto-issue invoices and create end-to-end billing the moment a new endpoint or device is deployed.

Likewise, there’s a lot less juggling of multiple processes in order to set customers up. LMP syncs with LabTech, so you can map customers from LMP to customers in your LabTech solution, and then, within the latter, just “point and shoot” to deploy, issue licences etc. No jumping around between applications!

LMP and LabTech sync
No jumping around between applications – LMP and LabTech sync, so that deploying and issuing licences to your customers is as simple as a mouse click. (Click to enlarge)

Service plans the way you and your customers want them

Whilst we’re on the point of service plans, it’s worth mentioning that LMP has rewritten the rulebook somewhat in this respect too, offering real flexibility.

You can activate licences into live services in any number of formats – monthly, yearly, quarterly, on receipt of PO – and you can schedule in additional features so that they don’t have to be managed manually.

For example, a new customer that has committed to your services for two years initially, but whose contract needs to revert to a monthly rolling arrangement after this initial period, can have a service plan created in LMP that will deliver this arrangement – automatically.

From where we’re sitting, it’s probably the only example of a service plan mechanism that combines customer-friendly flexibility and features with management tools that don’t place an unsustainable drain on your resources!

Powerful but flexible reporting

Of course, if you can’t easily see what’s billable, automated provisioning and service plans won’t stay viable for very long!

Here, too, LMP shines. Not only is the reporting itself automated, it provides up-to-date detail of everything that has been in any way consumed by the end-user, ensuring that consumption and billing are always in step with each other.

At the same time, the automation allows a window of manual adjustment to cope with cancellations, error correction, atypical deployment scenarios, and other exceptions.

In essence, LMP has enough automation to make the majority of billing scenarios far easier – and far more economical – to manage.

CLP: Convenience for the end-user

But what’s really innovative in LMP, in our view, is that it enables the end-user to manage some of their own licensing, giving them the convenience of direct control, whilst also (let’s be candid) fattening your margins by reducing your workload!

This is because LMP contains a Customer Licensing Portal (CLP), which enables customers to manage licence keys for selected parts of their security estate, based on role. That partial autonomy and flexibility works for them, which makes you look good.

But the fact that the CLP can also carry your own branding will do your business profile no harm at all, either!

“Nobody does it better”, goes the old song. And at the moment, our Trend Micro team seems to be singing it around the office quite a lot. Funny, that.

Zero day exploitsIn the wake of a Windows 10 zero day exploit that had Microsoft all a-flutter, we explore these insidious threats - and how to combat them.

In the last blog in this series, we looked into ransomware, what it is, and how you can stop it. In this blog, we put another cyber-threat under the microscope – the zero day exploit.

We’ve looked into what the zero day exploit is and how it ticks – and we’ve “zeroed” in (sorry!) on some things businesses and their security partners need to consider in order to confront the danger head-on.

Zero day exploits: what are they?

Perhaps no other threat is guaranteed to drive software vendors’ marketing departments into public fits of bluster and defensiveness quite like the zero day exploit (see Microsoft’s recent performance in this piece in Ars Technica, for example!)

This is because zero day exploits are all about urgency and panic. Typically, they attack newly released software through vulnerabilities even its designers often don’t yet know exist (although legacy software can also sometimes be a target).

They are so called, as Wikipedia explains, because the hapless software vendor has “zero days” to fix the problem, or communicate helpfully about it, before it goes public – since the hackers themselves have usually already publicised it for them!

Zero day exploits love targeting browsers and office applications like Word and others (because we all use them) and they also hijack the common SMTP email protocol to find their way into these vulnerable applications in the first place.

But what makes zero day exploits so dangerous is that they tend to evade typical security software defences.

Why? Because many of the latter rely on triggers like malware signatures and known URL blacklists – intelligence that accumulates over time. And by definition, a zero day exploit has none of this history behind it!

What damage can zero day exploits do?

Here’s just a short list of zero day threats and the havoc they can potentially wreak, curated from various sources covering the last year or two:

  • Suspected North Korean State threat actors were observed exploiting a vulnerability in a word processing application
  • A targeted attack unveiled vulnerabilities in Microsoft Office and Windows, hidden within a Microsoft Word document
  • Adobe and Windows zero day exploits were made use of by Russia’s APT28 gang in a highly-targeted hack
  • Vulnerabilities in Microsoft font drivers were found to allow remote code execution, potentially rendering businesses open to ransomware, data theft, etc.

And, at the time of writing, a memory corruption bug affecting several Windows operating systems was declared capable, in this advisory, of remotely causing a denial of service (DDoS) attack!

Zero day – how do you defeat an enemy you can’t see?

But what defence is possible if security software can’t even recognise a zero day exploit when it’s sitting on top of one?

One effective response to this is to choose security solutions that don’t go hunting for known malware signatures, but instead zoom in on the structural behaviour of the applications that are likely to be targeted by zero day exploits.

Unexpected behaviours in those applications can indicate that they are being asked to do something they shouldn’t – and in tests, this approach has led to security vendor Bitdefender being able to block all Flash player exploits, including zero day, encountered in the space of a year.

It follows that the more extensive the analysis of these applications and the data they generate, the more effective a security solution is likely to be in recognising the signs that a zero day exploit is at work.

Enter Trend Micro, which has woven together an extraordinary mesh of vulnerability intelligence sources that include behavioural, statistical, heuristic and protocol analyses, all drawing on a constantly updated and monitored worldwide threat intelligence network.

Backed up by artificial intelligence (AI) and machine-learning techniques that extend through multiple different security layers, analyses of the entire possible zero day attack surface can be interlinked.

In other words, a more holistic understanding of which of the business’s applications are being asked to do what, and whether this is likely to constitute risky behaviour, is formed.

It’s less about putting a name and face to the exploit itself, and more about spotting changes across the business’s often very complex IT environments that aren’t explicable in any healthy way!

Anti-zero day solutions – what the industry says

An enlightening read for those investigating this area is industry analyst Gartner’s recent Magic Quadrant for endpoint security (which you can download here, and in which Trend Micro, incidentally, is positioned highest and furthest amongst the contenders).

It hits on many of the points we’ve mentioned above – application and process analysis, behaviour monitoring, machine learning, browser and office software vulnerabilities, memory manipulation – to paint a pretty comprehensive picture of what the industry is doing to address the fundamental difficulty of stopping a threat that is, initially at least, invisible.

Meanwhile, keep your eyes peeled for our next topic in this blog series – viruses!

AppRiver Nautical PlatformAppRiver’s Nautical platform makes all aspects of security service provision manageable from a “single pane of glass”. We look at the benefits.

For security service providers, or resellers wanting to break into the MSP space, there is a double challenge at hand: selecting solutions whose performance will delight their customers, yet that are easy enough to “drive” on a day-to-day basis to prevent margins being eaten away by costly management overheads.

This is why the appearance of AppRiver’s Nautical platform has set our antennae a-twitching. It promises a unified management console that enables service providers to deliver and manage a raft of cloud-based security solutions from one place, without the profit-sapping expense.

Here are just a few ways in which that could benefit service providers and their business.

The business benefits of Nautical, (1): Devolved management

Managing everything from under a “single pane of glass” is a seductive sell, but (I hear you say) doesn’t that just make for a crammed and complex window onto your world, which in turn drives management and admin costs up?

But Nautical turns this on its head, by enabling role-based interaction, so that different users each have different views of what is under the pane and can exercise different levels of control over it – and this includes the end-users themselves.

In this way, management workflows are made more targeted and efficient, but also flexibly devolved to customers where possible - taking even more of the admin burden off the service provider’s desk.

AppRiver Nautical Management
A single pane of glass, multiple kinds of access and interaction - cost reduction through targeted workflows and customer self-service (Click to enlarge)

The business benefits of Nautical, (2): Easy upscaling

Theoretically, cloud-delivered services can easily scale up to meet the needs of increasing numbers of end-users, thus supporting service providers’ revenue growth.

But critical to this process is the ease with which those new users can actually be brought on board. All the cloud service capacity in the world is no money-spinner if it is difficult, time-consuming and costly to connect users to it.

One of the killer new features in Nautical is a configurable user account management function that enables new users to be brought on board, and the overall user count to be increased, very easily.

Previously, this would have entailed multiple workflows in multiple environments; using Nautical, however, it is now a far simpler (and therefore cheaper) process.

AppRiver easy upscaling
More users, more usage, more revenue – and bringing them on board’s a cinch (Click to enlarge)

The business benefits of Nautical, (3): App-style agility and healthchecks

To go back to a previous point, bringing on additional users also inevitably drives demand for more products and services. Any service provider that delivers on the first point but not the second is painting themselves into a corner.

Nautical, however, makes it possible for both service providers and their customers to add and integrate new products and services with the kind of pick-and-mix agility you’d expect from something like an app store.

But (I again hear you ask) doesn’t that, in itself, create another management challenge – namely, monitoring all those disparate products and services without excessive (and expensive) manual intervention?

Here, too, Nautical comes up with the goods, thanks to its cross-product diagnostics that deliver a single, regular, unified application healthcheck to service providers’ customers and all the solutions they’re using.

Apps on demand
Apps on demand – and a unified monitoring and management system to keep them profitable (Click to enlarge)

What else should you know about Nautical?

Nautical has been described as “an entire channel programme in one portal”, but what’s really striking is that this deep integration across all aspects of security service provision comes at no charge.

Nautical simply becomes automatically available when a service provider chooses to deliver AppRiver’s security solutions – including anti-spam / anti-virus, web protection, email encryption, Exchange and mailbox protection – and this of course covers existing AppRiver service providers, too.

All in all, Nautical takes the hard work out of delivering MSP services that can really boost service providers’ bottom line, by making all business activities manageable from one place.

Now that really is something you should know.

Business Continuity2017 will see greater demand for security products than ever before. Backup and recovery are predicted to be big business for security channel partners!

Security predictions for 2017 are coming thick and fast – and there’s little for businesses to be cheery about.

“A major bank will fall as a result of cyber-attack,” the BBC relates in this article, whilst, at the other end of the scale, a solicitor has found itself embroiled in an email fraud scam that has, to date, left a homeowner £67,000 out of pocket.

But it’s perhaps ransomware, explored in a previous post, that will see the most noticeable growth in 2017, and it’s a major factor driving businesses’ and security partners’ interest in business continuity solutions like backup and recovery.

After all, if a business can reinstate critical backed-up data at will, ransomware loses much of its bite, and therefore its attractiveness to those who perpetrate it!

So what does an effective business continuity solution look like?

Business continuity solutions – what to look for

True business continuity is about more than just security applications – there’s a whole host of cultural and organisational requirements too, as this basic guide from CSO Online explains.

But from the solutions point of view, business continuity is basically about two things: reliable and bomb-proof (perhaps literally!) data backup, and rapid data recovery.

Two metrics are critical, here: Recovery Point Objective (RPO) and Recovery Time Objective (RTO).

The former dictates how much data a business could afford to lose before it caused any real and lasting damage – and therefore reflects considerations like how often backups need to be performed, what volumes and formats of data need to be involved, and how robust the backup environment is.

The latter dictates how rapidly that backed-up data can not only be accessed (hint: off-site tapes just don’t cut it any more!) but actually redeployed in a form that the business’s hungry systems can once again get to work on – not just files and folders, but settings, too - to get the business back on its feet post-incident.

Between them, these two metrics hinge on a host of solution capabilities that can be problematic.

For example, one oft-cited issue is that when backup and recovery data is being streamed back into a stricken business, the data can’t be accessed or used until the recovery process is complete – and that can take many precious hours, days, or even longer. Unhelpful.

Reliance on recovery via hardware is also a sticking point, since it may be impaired by the very hack that caused the data incident in the first place (ransomware is a very good example of this!)

What’s the appetite for business continuity solutions in 2017?

Nonetheless, business continuity has been a problem crying out for a solution for a long time before 2017; ransomware has simply put an especially shrill edge on it!

Scary statistics abound; did you know, for example, that according to a study by Onyx Group, 71% of UK SMEs only ever manage to back up part of their data?

Or that 75% of SMBs have no disaster recovery plans in place at all?

But even more terrifying, when considered in the light of the ransomware issue, is that, according to one estimate, 58% of small businesses could not withstand any amount of data loss whatsoever!

Think about that for a moment. It means the hackers’ job is made much, much easier. Even holding the slightest amount of a business’s data to ransom could easily provoke a payout. Minimum effort, maximum return – which means more hackers getting involved in this kind of activity in the future, of course!

Not for nothing is the Business Continuity Institute’s agenda focused “overwhelmingly” on cyber-resilience in 2017.

(And in case you’re wondering, the disaster recovery-as-a-service market, in which backup will play a key role, is estimated to be worth $11.11 billion - £8.83 billion - by 2021. Ripe for the picking!)

Where can I check out the latest business continuity solutions?

Clearly, what we’ve said above also means that the competitive landscape for security partners in this space is going to become challenging.

But for an insight into how one backup and recovery solution is evolving to deliver both strengthened protection to end-users and a more compelling proposition to the security partners who sell to them, take a look at this data backup and recovery features update.

And keep watching this series of blogs – we’ll be looking at a whole range of security solutions for 2017, covering email, web, cloud, data centre, and Office 365.

Trend Micro HESTrend Micro HES has long been an attractive cloud solution for users who want email security without on-site hassle. Read how it just got better!

We see a lot of email security solutions, but it’s fair to say that Trend Micro’s Hosted Email Security (HES) has recently upped its game to deliver a user experience that’s slicker, protection that’s broader and more agile, and service management that’s easier (and therefore ultimately more profitable!)

Here’s how Trend has taken HES to the next level.

New in Trend Micro HES, (1): Smoother interface, better data insights

Trend has now extended the successful interface designs found elsewhere in its stable of solutions to HES too, meaning that if you can “drive” other Trend solutions (like Worry-Free or OfficeScan), you can now just as easily drive HES.

For both end-users and service providers, this potentially means smoother workflows, easier internal adoption, lower training and implementation costs, and, overall, sharper ROI.

Trend Micro HES Dashboard
Trend has brought HES into line with its standard interface design and given its threat analysis tools a shot in the arm.

An improved dashboard in the solution now also makes it easier for end-users and service providers to glean more information about the threats they face, thanks to advanced analysis details and top advanced threat charts.

New in Trend Micro HES, (2): Sandboxing now comes for free!

Sandboxing – the ability, in the context of the SMTP protocol, to take mail offline and rigorously test it for threats before it reaches the recipient – is a potent tool in the security partner’s armoury.

But, typically, it’s also very costly – and it’s here that Trend has broken the mould. HES now includes free-of-charge access to new sandboxing solutions including Advanced Threat Scan Engine and Social Engineering Attack Protection.

Tick a box, get sandboxing for free – Trend’s Christmas present to service providers seeking to add value to their customers’ accounts!

Advanced Threat Scan Engine uses combined pattern-based and heuristic scanning to not only combat known email threats, but identify characteristics and behaviours that can suggest new ones (making it particularly effective against stealth threats like ransomware and zero-day exploits).

Social Engineering Attack Protection (now built into the AntiSpam Engine) is part of Trend’s recently much-vaunted machine learning stable, which includes the XGEN solutions.

It detects suspicious behaviour in multiple parts of each email transmission, including the email header, subject line, email body, attachments, and the SMTP protocol information.

Suspect messages are returned to Hosted Email Security for further action or policy enforcement, ensuring the attack does not reach its target.

These services are easy to activate too, by simply ticking a policy check box – convenient for end-users and service providers alike.

New in Trend Micro HES, (3): Protection against spoofing

Spoofed email identities are the gateway to unwitting activation of all manner of threats, from phishing, to whaling, to dangerous attachment payloads, and more.

HES now supports DKIM (Domain Keys Identified Mail) signatures in both incoming and outgoing messages. These authenticate the domain name associated with a message to detect any mismatches, which in turn protects users against receiving messages that have been tampered with – for instance, to spoof the sender name.

Protection against spoofing
Spoof email? That’s so passé!

New in Trend Micro HES, (4): Marketing-friendly segregated email

Trend has consistently led the field in anti-spam protection, but the reality is that what is often defined as marketing spam can in fact be a source of new opportunities or competitor intelligence for some departments in your customers’ businesses.

For this reason, HES now offers email segregation, which enables certain types of user or policy group within the end-user’s organisation to choose to receive marketing and promotional email (whilst still subjecting it, of course, to all the other new and existing HES security features).

Marketing-friendly segregated email
Yes, please market to me! Or just don’t, OK?

New in Trend Micro HES, (5): Time-of-Click Web Protection

Boosting Trend’s already significant arsenal of web reputation and security solutions, Time-of-Click protection automatically rewrites URLs contained in received emails.

This means that the default action when a user clicks on these links is not to take them straight to the site concerned, but to submit that underlying site to Trend for real-time prior security and reputation analysis.

Lucky Trend automatically rewrote this URL and checked it before the recipient got taken to the site…

The delay for the user in accessing a legitimate site is fractional, but the protection against accessing non-legitimate sites is comprehensive, since no access is granted until HES has confirmed that the site is not a source of threats or reputational damage.

More on what’s new in Trend Micro HES

There’s not the space here to cover off all the detail, but suffice it to say that Trend’s latest version of HES delivers additional benefits that could enable service providers to really differentiate their offering in both existing and new accounts.

Here’s a full list – and you know where to come if you want to discuss it!

General data protection regulationGDPR is coming! Here’s what the security channel needs to focus on to create opportunity out of regulatory upheaval.

On 25th May 2018, the EU General Data Protection Regulations (GDPR) become law.

But despite the burden of compliance that this places on the channel, isn’t it also a major opportunity for channel partners to sell more of the solutions that help end-users to address GDPR-related issues?

Here’s what we found when we dug into GDPR, and the opportunities it potentially presents, a little further…

GDPR opportunities – 1: Greater technology freedom?

A noteworthy feature of GDPR is that it does not prescribe specific data protection technologies – like a certain encryption algorithm, for example – and, therefore, does not automatically exclude others.

Instead, it prescribes processes, meaning that partners potentially have greater freedom than before to choose from a palette of vendor solutions that can satisfy those process requirements.

It’s a growth outlook reinforced by the IT industry’s most high-profile membership and training organisation, CompTIA. They have publicly stated to IT channel partners that GDPR means “Clients will be relying on their providers to help them meet regulations, which is a great opportunity to build on your relationships, all while creating new business with current and potential end users.”

So, given that GDPR is seemingly less proscriptive on the technology front than we might have previously assumed, what are the GDPR hot topics to which security partners’ offerings need to provide a compelling (and compliant) response, if they are to make the most of the opportunities at hand?

 GDPR opportunities – 2: Data protection controls

GDPR has serious teeth, but given our background in security software distribution, and from the point of view of security partners’ offerings, we believe it bites hardest around three key internal and three key external threat scenarios, which we’ve paraphrased from this recent research:

(including employee mistakes and malicious insiders)

  • Making lost data valueless if found – in other words, encryption methods that keep data safe if a device with personally or professionally identifiable information on it is lost or stolen.
  • Remote kill and wipe, to easily remove data from lost or stolen devices, or render them unusable, no matter where they are in relation to the user.
  • Data loss prevention (DLP), to control the types and sensitivities of data that users move around or out of the organisation.

(third-parties exploiting the organisation)

  • Locking-down, to control what kind of applications can and can’t run on an endpoint
  • Virtual patching, to stop remote exploitation of unpatched vulnerabilities
  • Breach detection, to flag where a network has been compromised, and thus enable users to block attempted data theft.

Should security partners be quaking at the sound of these snapping jaws? Not a bit of it.

Security solutions are already available that enable partners to deliver many of these GDPR-focused benefits to end-users, from vendors including Trend Micro (in both SMB and Enterprise formats) and others.

Plus, a recent survey of European businesses cited in this Information Age article found that 69% of those polled are not only likely to invest in security technology as a result of GDPR, but to do so in areas including file-sharing. (This hints at a growth in the cloud app-centric security requirement space, into which, as we discussed in an earlier post, at least one vendor already plays strongly.)

GDPR opportunities – 3: The size of the market

But it’s filthy lucre, predictably, that hints most effectively at the pot of GDPR gold at the end of the partner rainbow. And make no mistake, we are talking big money here.

, for example, has predicted that GDPR will create a $3.5 billion market opportunity for security and storage vendors – in which their partners, of course, will share – as the severity of fines drives enterprises to “radically shake up their data protection practices, seeking…new technologies to assist with compliance.”

An additional push factor in the groundswell of GDPR opportunities for security partners also came with the recent comment by the European Commission's Justice Directorate, according to the International Association of Privacy Professionals (IAPP), that companies judged to have invested responsibly in security can, under certain conditions, see any fines for non-compliance reduced.

Security partners, it seems, are likely to become many businesses’ new best friends!

GDPR: What next for security partners?

This piece in ChannelPro perhaps best expresses what partners need to do, as GDPR relentlessly approaches, to turn a disruptive regulation into a profitable business opportunity:

“1. Read up on the changes and ensure they become the trusted expert on the new regulations

  1. Educate their customers about the impact of the EU GDPR
  1. Ensure they’ve got the solutions available to help customers with compliance”

From where we’re standing, point 3 looks to be the least of partners’ worries…

mcafee-end-of-life-3Who can security partners and end-users turn to once McAfee products are end-of-lifed? We look at some compelling options.

In one of our recent posts, we highlighted some of the likely disruption caused by Intel’s ongoing end-of-life (EOL) programme for many of its McAfee-branded products.

But EOL must not spell end-of-business, and although we certainly haven’t discovered the secret of eternal life, our research found there are more than enough security vendors and solutions “out there” to fill McAfee’s shoes!

Here’s our shortlist.

Goodbye (and hello) Endpoint Encryption

“People are still the biggest security risks”, proclaims this article in CIO.com.

Yet in June 2017, McAfee is EOL-ing its Endpoint Encryption solution - arguably one of the most effective methods of ensuring that endpoints lost by employees, or stolen from them, cannot surrender their valuable data..

(And its migration path seems murky, involving a product name change and an upgrade.)

Enter its Trend Micro namesake, which enables security partners and end-users to remotely encrypt, lock and wipe any endpoint – including desktop, laptop, mobile, and removable media – so that businesses can still enjoy productivity-boosting mobility, without the associated data breach risk.

Trend Micro Endpoint Encryption also features automated methods of deploying and policing encryption and security policies, plus comprehensive audit and compliance records to satisfy the regulators (a big deal in the light of the approaching GDPR law!)

Fighting evil in the email

The demise of McAfee’s Email Gateway is not due to happen until 2021 – but, at the same time, the evolution of email-borne threats is likely to hasten the search for a replacement, rather than give it breathing space.

Indeed, with the Verizon Data Breach Report recently stating that 77% of malware infections are now due to users receiving a malicious email with a web link or attachment, according to this white paper, security partners and end-users alike need to move fast to secure alternatives.

Vendors’ offerings in this area are diverse, but compelling. Malwarebytes, for example, rolls email protection into an overall layered security approach that does not displace or conflict with existing security solutions – a boon for partners (it offers them an easy additional revenue stream) and end-users (it doesn’t disturb their current security arrangements) alike.

Trend Micro, for its part, offers multiple email security solutions for both SMB and Enterprise clients. Hosted Email Security solution has achieved 99% blocking effectiveness in independent tests, and takes the security maintenance headache off customers’ desks, as updates, patches and hot fixes are delivered 24x 7 by Trend’s own teams.

Smart Protection Complete, for its part, protects not only mail servers and gateways but also the cloud-based collaboration applications like Office 365 on which end-user businesses are increasingly reliant.

Finally, another convincing contender is Bitdefender, whose products have been rated the best tested for corporate security and performance by independent test lab AV-TEST. Its email security solutions within the GravityZone product set also boast the top antispam detection rates and can be installed in minutes!

Mobile security: a moving target

Keeping mobile devices  - official or otherwise - secure in populous, often geographically diverse enterprise environments is always a challenge, but when your chosen security solution ups sticks and disappears into the sunset (as McAfee’s Enterprise Mobility Management will do in January 2017) it’s time to seriously start nailing down alternative options.

Again, Trend Micro plays pretty strongly in this space, with a comprehensive mobile security and management offering (within Smart Protection Complete) that combines protection (DLP, VPN, app control, web filtering, gateway anti-virus etc.) with centralised visibility and control.

The latter means that the entire enterprise’s mobility is easily secured and managed from a single “pane of glass”, taking the pressure off partners and end-user security admins at the same time (a feature also be found, in similar form, in Bitdefender’s GravityZone Security for Mobile Devices).

EOL for McAfee? New beginnings for your security.

This is just a snapshot of the many new opportunities that McAfee’s EOL programme unearths for the security partners who resell solutions or deliver them as MSPs, and the end-users whose business integrity depends on them.

It may be EOL for many McAfee solutions, but that’s AOK when you’ve got a plan to move to something better.

(Psssst! Have you got a plan to move to something better?)