Tag Archives: Cloud Security

Over the last week we have seen an increase in the amount of companies receiving emails containing Zepto Ransomware, a file encrypting virus based on the infamous Locky cryptoware.
Most of the emails have been carefully crafted to ensnare the victims using social engineering techniques, typically greeting the recipient by first name and asking them to open an attachment which they had requested.
zepto image
The attachment will typically be either a .zip extension or .docm extension and once opened will run a malicious JavaScript which then encrypts all files on the users machine with the .zepto extension

To try and combat the infection, we offer the following advice
1. To protect against JavaScript attachments, tell Explorer to open .JS files with Notepad.
2. To protect against VBA malware, tell Office not to allow macros in documents from the internet.
3. Ensure your AntiMalware program is upto date
4. Ensure your users are careful with email attachments and only open the ones they are sure they have requested
5. If possible set email filtering to quarantine all .zip and .docm files

Brian-A-Jackson1

On a weekly basis there are now articles regarding a big brand company which has been hacked, these usually relate to what data has been lost, how they are notifying those affected and what they are going to be doing to prevent this from happening again.

So how do you prevent it from happening in the first place?

From experience I can see that if a hacker wants to get details from somewhere they will take the easiest target, the ‘Low Hanging Fruit’ as they say, in ensuring your company has some basic security principles in place can help mitigate this.

So how do you ensure you are not the ‘Low Hanging Fruit’

Simple measures can be taken within your environment to help secure it. As a basic level you should be meeting the following guide - CyberEssentials Requirements

This sets out some advice regarding Firewalls, User access control, Passwords, Malware protection and Patch management.

Once you have met the standards given within this document you should be looking to increase the security standards within your organisation. The most effective we have found is the use of education, once educated your staff will be able to react to the threats quicker and reduce the risks to your company.

McAfee Security

It’s getting to that time of year when thoughts turn to peace and goodwill, and we look to reward those who have worked hard and the customers who have stayed loyal.

Which is why the big bag of coal that McAfee has dropped in your Christmas stocking this year is an especially nasty surprise. For you and your customers alike.

McAfee – the situation

Here’s the Christmas story, McAfee-style.

Firstly, you buy MX Logic to strengthen your digital security portfolio. Then, you get bought by Intel. Then Intel drops your name. Then Intel says that it’s working on a comprehensive new security package, and promptly puts McAfee’s SaaS email security into end-of-life.

It’s the gift that keeps on giving. Because although the announcement was originally reported at the end of October, we’ve since learnt that many other security offerings (like Nuvotera, Spam Soap, Spambrella, etc.) were white-labelling McAfee’s service, so end-of-life becomes a potentially huge issue for all of them – and the end-users they serve.


“What does this mean for me and for my customers?”

In January 2016, Intel Security will stop selling McAfee SaaS Endpoint and SaaS Email Protection and Archiving, with the majority of subscriptions and support ending in 2017.  As this table shows, some limited support will continue for certain subscriptions until 2021.

Now, Christmas hangovers don’t usually come this early in the month, but rest assured that the decision to discontinue McAfee SaaS products represents one ho-ho-ho-hell of a headache for partners.

They must now identify new solutions and then go through entire deployment and provisioning processes all over again - just so their customers can keep the endpoint and email security that they’ve previously enjoyed.

They have to factor in the time it takes to learn new technology and user interfaces (this includes both internal and customer training), how pricing models will be affected, and what support they need to give and receive.


A frenetic festive season for McAfee users

Needless to say, all this is a massive annoyance to end-user customers, too.

Apart from all the usual pain associated with sudden business and technology platform change, across potentially hundreds or thousands of users, email security often gives rise to complex requirements around archiving - as explained in guides like this one – through which Intel has now successfully driven a sleigh and reindeers.

While customers’ email archiving will continue until their subscriptions’ expiry dates, new emails will no longer be archived after the subscription has expired.

Additionally, customers will only have six months to import their archived emails into their new platform, and any emails that have not been moved at that point will be permanently deleted.


What should partners do next?

If there’s a cheering undertone to this seasonal lament, it’s this: SaaS is an enduringly and increasingly popular delivery model for email, security, and archiving, and is not going away anytime soon.

Add to this the fact that there are other vendors that can provide similar security solutions, and my advice to partners seeking new solutions providers boils down to these basic points:

  • Security pedigree: How long has the solution provider been in business?  Are they security-focused (i.e. how much of their business does security represent? Do they seem distracted by other revenue streams?)
  • Reputation: Who do they partner with (e.g. software distributors) and what level of respect do those partners have in the security space? What do their partners say about them publicly? Will they let you speak with partner references privately? If not, why not?
  • Support: Can you access live customer support whenever needed, provided by employees of that company? If the support expertise is coming from somewhere else, is that support provider trained and qualified? Where’s the proof (certification)?
  • Commitment to the Channel: Does the vendor offer good margins, friendly terms, competitive pricing? Do they have proven relationships with distributors and other partners who can add value through automated management tools, MSP options, dedicated account managers?

Wanting to move quickly to transition your customers to viable alternatives, don’t end up choosing alternative vendors who aren’t truly viable.

(That would be turkeys voting for Christmas.)


“So where do I point my McAfee customers now?”

As a specialist security software distributor who’s been working with some of the world’s biggest security names for over 15 years - and some very agile newer ones, too - I’m ideally placed to consider the choices that your customers can make.

I’m not going to tell you that any one vendor is now the definitive star on the top of the Christmas tree. (Intel has hastily named Proofpoint as a quick fix for McAfee customers, and to me it smacks of expediency, rather than suitability).

But consider this: if a security vendor’s business was born in the cloud, and has been established almost as long as my own, I regard it as being worth a look.

If it offers 24/7 support, is capable of securing much more than just email, and has innovative pricing plans that means savings can be passed on to the end-users, it’s worth a look.

If it protects more than 8.5 million mailboxes for over 47,000 corporate clients worldwide, but is still prepared to give you and your customers a free trial to try it out for yourselves, it’s worth a look.

So do you want to keep the present under wraps until Christmas? Or do you want to be the one to bear early gifts to all those desperate McAfee customers? It’s your call, but ripping off the paper is as easy as this.

And the Three Wise Men? That’ll be the first three partners who click on the link above…