Over the past few months if you’ve visited a Symantec campus you may have noticed employees snapping photos with their morning coffees. What is going on you may ask? A coffee or selfie craze?!

It’s our “One Mug, One Planet” campaign, a Green Team campaign that asks employees to pledge to eliminate their use of paper cups, with the goal of meeting our corporate-wide goal to reduce paper cup usage by 15%, and to achieve 80% waste diversion at all of our audited sites.

At the start of the campaign we set a goal of 1,000 pledges signed across Symantec, and 10% of employees at sites that have opted in to join this campaign.

And we have nearly met our goal with 917 pledges to date!

To join the campaign, employees simply sign the “One Mug, One Planet” pledge online and for those sites that have opted to join¹, if employees also take a picture with their mug – a mug shot– we provide a free Symantec reusable ceramic mug.

For all employees, the most creative mug shot will win a prize announced at the end of the campaign.  

It’s been fun to catch the mug shots as they come in and we’ve been sharing them on our intranet for all employees to see including one of our most recent, this group shot from our Mountain View campus.

As mentioned in our last update, the campaign has not only been effective for raising awareness about the benefits of using a reusable mug, but it has also expanded our Green Teams with our first Latin American Green Team recently launched in Mexico City and a new team in Beijing. Five new sites have also joined the One Mug, One Planet campaign since it started for a total of 11 sites.  

Employees, sign the pledge and help us reach our goal!

Symantec employees, if you haven’t done so yet, please sign the “One Mug, One Planet” pledge– and make a commitment to use a reusable mug every day. We are close to wrapping up our six-month campaign so we hope you can sign up soon!

Remember, if one person used a reusable mug every day this year it would save 87 lbs of CO2². If all Symantec employees used a reusable mug every day for one year it would save 1,883,400 lbs of CO2.

It’s that easy to make a difference!

For more information on Symantec’s Green Teams, please contact Environmental_Responsibility@Symantec.com.

This month the vendor is releasing nine bulletins covering a total of 37 vulnerabilities. Twenty-eight of this month's issues are rated Critical.

進化したマルウェアを用いた、旧東側諸国の政府機関や大使館を標的とする組織的なサイバースパイ活動

What’s an efficient, cost-effective strategy for 24×7 IT security monitoring? A leading New Jersey-based hospital conducted a rigorous six-month analysis of options. See why they concluded that Symantec Managed Security Services was “hands-down” better than their competition, and decided to outsource. For the full case study >> http://bit.ly/1p3413I

Today I am going to be discussing an easy and simple way to test out Enterprise Vault 11’s new Mobile IMAP feature in a lab environment without the need for a physical Android or iOS device.  We will be using a program called “BlueStacks” that is an Android emulator for Windows and MacOS.

BlueStacks is a free program that can be downloaded from here:  http://www.bluestacks.com/app-player.html

(Click on the Thumbnails to see larger pictures)

Once BlueStacks has been downloaded and installed, open it and configure it to use a new or existing Google account.  This will allow you to access the Google Play store to download an IMAP compatible email app to use. 

Once you have successfully configured BlueStacks, simply search for an email app and install.  AquaMail is a simple, light-weight app that is IMAP compatible and free to download that I have used successfully in my testing, but there are many others that can be used as well.  Below you can see some screen shots of BlueStacks and navigating to the Search portion:

Once you have selected an Email app, simply add your Enterprise Vault 11 IMAP configuration settings and sync your archive to the app.  Below I've include screenshots of setting up the IMAP account in Aqua Mail as well as a sample of what you will see once the archive has been synced (minus the blurring of course)

This is a great way to verify/test and get a good idea of the look and feel of Mobile IMAP in a lab environment without the need for any physical hardware before implementing it in a production environment.

For further information, please see the following article:

• Enterprise Vault 11.0 IMAP Access: Key Topics: http://www.symantec.com/docs/DOC6624
  • This contains links to IMAP access configuration and best practice guides and IMAP client-specific behavior

General database backup error troubleshooting

Welcome to the July edition of the Symantec Intelligence report. Symantec Intelligence aims to provide the latest analysis of cyber security threats, trends, and insights concerning malware, spam, and other potentially harmful business risks.

The average number of spear-phishing attacks per day has dropped back to a similar level seen in May. The .doc file type continues to be the most common attachment type used in spear-phishing attacks, followed by .exe files. Organizations with 2500+ employees were the most likely to be targeted, where non-traditional services, such as Business, Amusement, and Repair-related services, lead the Top-Ten Industries targeted, followed by Manufacturing.

The largest data breach reported in July resulted in the exposure of 900,000 identities. Hackers continue to be responsible for 49 percent of data breaches over the last 12 months, most often exposing real names, government ID numbers, such as Social Security numbers, and home addresses in the data breaches.

W32.Sality and W32.Ramnit variants continue to dominate the top-ten malware list. The most common OSX threat seen was OSX.RSPlug.A, making up 38 percent of all OSX malware found on OSX Endpoints.

There were 575 vulnerabilities disclosed during the month of July, though no zero-day vulnerabilities were discovered. Internet Explorer has reported the most browser vulnerabilities in the last 12 months, while Oracle’s Java reported the most plug-in vulnerabilities over the same time period.

There were four Android malware families discovered in June. Of the mobile threats discovered in the last 12 months, 24 percent steal information from the device and 22 percent track the device’s user. In terms of social networking scams, 63 percent were fake offerings and 27 percent were manually shared scams.

Finally, the phishing rate was down in July, at one in 1,299 emails, down from one in 496 emails in June. The global spam rate was 63.7 percent for the month of July, one out of every 351 emails contained a virus, and of the email traffic in the month of July, 7.9 percent contained a malicious URL.

We hope you enjoy the July Symantec Intelligence Report. You can download your copy here.

Sometimes the niggles in Enterprise Vault drive me crazy. For example, just now I’ve tried to create a new FSA Target, and of course, I wanted this data to go to a new Vault Store. It’ not straight forward though…

I had to exit out of the new FSA Target wizard, and create the new Vault Store (and partition). That’s fine, I did that pretty quickly, as this is just a lab machine. But then when I go back to the FSA Volume Target wizard, and get to the point of picking the vault store, I can’t see my newly created vault store. So I have to exit the wizard, again.

I refreshed the part of the UI I was in (right click, refresh, on the FSA Target).  I went back through the wizard, and got to the Vault Store selection page, and still..  I can’t see the new Vault Store.

I thought I was going to have to restart the VAC, but I was determined not to unless I really had to.  In the end, I discovered that if I right clicked on the list of Vault Stores, and did a refresh there, then when I go back into the FSA Volume Target Wizard, I can see the new Vault Store:

Bit of a pain, but I got there in the end!

Since 2002, Symantec has partnered with TechSoup Global to help us deliver on our mission— working toward a time when every nonprofit and NGO on the planet has the technology resources and knowledge it needs to operate at its full potential.

Today this partnership has brought crucial online security products to over 80K non-profits and public libraries’ systems, across 36 countries worldwide. Symantec has donated over 1.5 million product licenses and has saved nonprofits and public libraries over $154 million dollars.  In FY14 alone, Symantec donated $24M worth of product, reached over 24,000 organizations and saved organizations $21.5M in product costs (compared to them buying full retail value versions).

This month, I am happy to announce that the program has expanded to India – taking the total number of countries to 36.

The program will be offered through our partner in the region – Big Tech – the donation program of the NASSCOM Foundation (NF). This is Symantec’s first software donation program in the India market, and will help further NF’s mission in the region by ensuring nonprofits and public libraries not only have access to vital technology but that they have the protection needed to effectively leverage these tools in today’s increasingly complex online space. 

In a world driven by Information and Communication Technology (ICT), a large number of nonprofits in India are using either outdated or free-to-use security solutions with limited protection, making them highly vulnerable to hacking, data thefts, trojan horses, viruses, worms, spyware, adware, rootkits, and other security threats.

NGOs from across the country will now be able to protect themselves from these risks and fulfill their organizational security and backup needs like online transactions/donations, employee and donor privacy, and even protection against data loss due to system/server crashes.

With Symantec security solutions, India’s large- and medium-size organizations can have a simple and affordable desktop security that protects against today’s most dangerous threats. On the other hand, through the backup and recovery solutions, they can eliminate complexity, perform backups, and keep costs down without compromising availability of their information.

At TechSoup Global, we believe that technology is a powerful enabler for social change.

For over 25 years TechSoup Global — an international network of 58 partner NGOs in Africa, the Americas, Asia Pacific, Europe, and the Middle East — has leveraged technology to build NGO capacity towards solving social problems in local communities and fostering global social change.

With one NGO per 600 people in India and over two million operational NGOs, this partnership will help strengthen the technology infrastructure of India’s leading social change agents. On behalf of TechSoup Global,  I thank Symantec for our ongoing partnership, helping us provide secure technology access to the organizations in India and across the world that need it the most.

Allyson Bliss is TechSoup Global's Senior Relationship Manager

VVR 6.1 introduces two new features, SRL Batching and Bulk Transfer, to reduce CPU / IOPS utilization and increase replication throughput.

Those of you who follow Symantec know that we announced our FY15 first quarter earnings last week, delivering solid results with revenue, non-GAAP operating margin and earnings per share above guidance. This steady progress was driven by productivity improvements in both our new business and renewals team. In particular, our federal and renewals teams both delivered one of their best quarters ever.

So, why is this an important topic for IT? It is significant because IT plays an important role in improving product renewals and customer retention for Symantec. It has always been my philosophy that IT should drive increased business productivity and efficiencies, delivering services that help a business grow. At Symantec, that includes improving renewals and retention. 

There are several areas where we are making significant enhancements – they include:

• Renewals data quality and visibility
• Quoting and related tool capabilities
• Providing technology support

Here’s a view of how we’re doing this by category.

• Improving renewals data quality and visibility.
  In Q1 of this year, we insourced several small and medium business renewals capabilities, resulting in a 23% uplift in the number of renewal notifications sent to customers each quarter. We’ve also developed renewals notification analytics which drive outbound calling opportunities that would otherwise be missed.

  Currently underway is the creation of a renewals data engine that will deliver a global renewals opportunity data set which will automate and eliminate much of the manual data manipulation occurring today, and will ultimately increase rep pipeline visibility to 9-12 months. 
   

• Quoting and related tool capabilities:
  So far we’ve enabled 200 of our Dublin, Ireland renewal representatives to support in- and out-bound call handling using the newest computer telephony integration capabilities. On Oracle, we’ve made performance upgrades and reporting enhancements to improve rep efficiency and limit the impact of the Oracle timeout requirement.

  Currently in the works – we are extending existing sales tools to our renewals representatives that will ultimately enable them to better drive retention and reduce discounting. And, our ongoing focus is to identify and deliver against “quick wins” to improve the experience for reps and sales administrators by enhancing quoting and order processing capabilities.
   

• Providing technology support to license compliance group
  Finally, we’re improving data reporting and access to provide improved visibility to a customer’s entitlements, and will be automating the quarterly notification process. We are also exploring opportunities to move case management for this group to the Salesforce platform, and to enable online usage reporting for customers and partners.

Everyone knows that retaining existing customers, understanding their needs and what other services they might need are essential. Having the ability to proactively renew and recommend services provides additional value to the customer relationship. And, improvement in account retention ratios can have a dramatic effect on your bottom line. We hope to drive continued growth to Symantec’s bottom line as we improve the IT renewal and retention processes.

The video is not real, scammers are enticing users to download software and fill out surveys.

The video is not real, scammers are enticing users to download software and fill out surveys.

How do you know how much cybersecurity is enough? Security expert, Ian McShane, will explore this question and others in more detail in a #DirtyTopics chat, Underinvesting in Cybersecurity, on Thursday, August 21 at 11 a.m. PT / 2 p.m. ET.

Ebola news is bait for attackers to steal login credentials and install Trojan.Zbot, Trojan.Blueso, W32.Spyrat, and Backdoor.Breut malware.

A mailbox archive in Enterprise Vault will typically have on it, something called 'inherited permissions'. This is the owner. From time to time it might be necessary to remove this access, for example if someone is transferring to a different department or region.

The permissions show up like this:

If you try to remove them using the Vault Admin Console, you get the following pop-up:

What you have to do is use EVPM and Zap the Archive. How to do this is described in this technote: http://www.symantec.com/business/support/index?page=content&id=TECH44818. Once that's done, refresh the list of archives in the VAC, and the permissions will be gone:

Hello avid packagers.  

I would just like to inform you that Raynet is aiming to add SWV support to its RayPack product by the end of September.  

I will update you again when it is available.  

Scott.

-

Often considered the backbone of global business, SMBs are a unique mix of entrepreneurial drive, daring ingenuity and highly customer-centric practices.

SMBs need to compete in the virtual marketplace with players of all sizes, where square footage doesn’t matter; they are forever seeking ways to stay competitive. One arena where they have a greater chance to level the playing field is in the virtual marketplace.  They have more opportunities to take advantage of a variety of digital platforms, from Web-based businesses and social media outlets to SEO to mobile devices, all for a faster time to market. The Internet allows SMBs to use their limited budgets in ways that they can impress customers and help their brand become more relevant and recognized—even amidst enterprises with extensive budgets and brand

What can SMBs do to stay competitive and maneuver quickly in the digital world, without compromising data security or breaking their wallet?  The answer is “Always On SSL” from Symantec, also known as HTTPS everywhere. It’s ideal for SMBs working online, and supported by major digital players like Google, PayPal, Facebook, Twitter and Microsoft. Keep reading to learn how this powerful form of SSL will completely secure your data in transit and help improve search result rankings.

THE COMPLETE SSL SOLUTION: BROUGHT TO YOU BY THE LETTER “S”

Imagine locking the front door to your home but leaving the back door wide open. That is essentially what happens when websites use common HTTP SSL, otherwise known as “Intermittent SSL”, to protect only certain pages, like logins and transactions. Some companies think they are protected against data theft and hacking by only applying "Intermittent SSL” to one or two areas of their site but they are really leaving the rest of their site completely exposed and vulnerable to attacks such as Sidejacking.

How can you protect every page of your website, and keep your customers safe? With Always On SSL from Symantec.

ALWAYS ON SSL MEANS ALWAYS SECURE AND ALWAYS CONFIDENT.    

As a member of the Online Trust Alliance and CAB Forum, Symantec has always advocated Always On SSL, which means that each and every page on a website has an HTTPS:// (i.e. SSL certificate), and not just the login and transaction pages. Moving from an "http” site to a fully “https” secure site is the only way to 100% ensure that every interaction with every page of your website is completely encrypted—from the moment a visitor arrives to the moment they leave. Protecting login and transaction areas alone doesn’t prevent hackers from stealing the cookies that store a user’s session. If those cookies are stolen, attackers can use them to recreate a website session and gain access to all kinds of sensitive data—over and over again. Slidejacking (using Firesheep) and SSL Strip are common types of attacks that prey on vulnerable sites with limited security. In the end, unprotected pages and their associated cookies negate any effort and expense put toward protecting login and transaction areas with Intermittent SSL.

 THE FINANCIAL IMPLICATIONS OF DATA BREACHES

To put end-to-end data protection in financial perspective, in the US alone, in 2012, almost 35,000 data breaches occurred—with over 100,000 data breaches worldwide. It cost US businesses $5.4 million to find the causes of these breaches, including direct expenses like data forensic experts and hotline support for free credit monitoring and indirect expenses like in-house investigations and communications and lost customers.* Malicious or criminal attacks were the main causes of data breaches, and they could have been reduced, prevented and even anticipated with Always On SSL. 

* 2013 Cost of Data Breach Study: Global Analysis, Ponemon Institute

GOOGLE IS NOW GIVING MORE VALUE TO SITES THAT ARE PROTECTED WITH ALWAYS ON SSL OR HTTPS—AND SO SHOULD YOU

One major endorsement of Always On SSL –specifically end-to-end HTTPS encryption—came from Google on August 6th, 2014 via its Online Security blog. The plan is to give more weight—or better search ranking results—to sites that are fully HTTPS encrypted. And the reason is pretty simple, according to Google Webmaster trends analysts Zineb Ait Bahajji and Gary Illyes. “We’d like to encourage all web site owners to switch from HTTP to HTTPS to keep everyone safe on the web. A big part of that is making sure that web sites people access from Google are secure.” Their message couldn’t have been clearer: “We hope to see more web sites using HTTPS in the future.”  It’s about encouraging sites to change the way they protect themselves for the better—and to fully protect data in transit all over the web. You can see a full Google presentation on the importance and implications of HTTPS here.

HTTPS HELPS SMBs COMPETE BETTER

Protecting your site with HTTPS can help SMBs compete better in the virtual marketplace by:

• Improving brand recognition in Google rankings—especially against larger companies who may not have embraced HTTPS. At the very least, SMBs can benefit from a level playing field by adopting HTTPS.

• Making the most of better search results, Symantec’s Seal-in-Search™ can lead to a higher click-through rate by displaying the Norton™ Secured Seal—the most recognized trust mark on the Internet—right in the search result.

• Strengthening brand and reputation by showcasing your commitment to online security.

• Increasing transactions and conversion rates.

• Protecting the entire user experience and all data in transit—not just at login or during a transaction.

• Using Extended Validation for the highest visible display of trust.

Symantec has a variety of proven Right for Me SSL solutions from our multi-brand portfolio. We can help any kind of business choose the “Always On SSL” solution that best meets your needs—from a single SSL cert to Wildcard and SAN certificates to Extended Validation certificates, which displays the green bar. All of our certificates feature the highest level of encryption, protecting data in transit such as identities, cookies and financial information.

ALWAYS ON SSL ISN’T NEW, BUT ITS TIME HAS COME

For years Always On SSL has been advocated by industry leaders, including Microsoft, PayPal, Facebook and Twitter. Together with Symantec, they are part of the Online Trust Alliance (OTA), whose mission is to enhance online trust and empower users, while promoting innovation and the vitality of the Internet. “It is incumbent on all of us to work together to implement web security best practices to protect consumers from harm,” according to the OTA’s white paper. “The general state of online security throughout the industry has reached a tipping point, and websites must change in order to preserve end-to-end trust and consumer confidence. One of the most important benefits of Always On SSL is customer reassurance.

WHAT YOU CAN DO FOR COMPLETE WEBSITE SECURITY

Here are some steps you can take to ensure end-to-end protection with “Always On” HTTPS:

1. Enforce Persistent HTTPS on Every Web Page

Secure clients’ personal information, identities, and cookies by having https enabled for every web page. Learn more here.

2. Ensure Correct Implementation of Your SSL Certificates

To enable HTTPS, you should use a valid SSL/TLS certificate from a trusted certificate authority (CA) like Symantec, telling your customers that the domain’s identity has been verified and authenticated by a trusted source.   Learn more here.

3. Set the Secure Flag for All Session Cookies

A session cookie can be set with an optional “secure” flag, which tells the browser to contact the origin server using only HTTPS whenever it sends back a cookie. This will also enable reliable, proactive HTTPS protection and reporting.

4. Enhance Security and Trust with Extended Validation Certificates

To reassure customers of a website’s value and security, use an Extended Validation (EV) SSL certificate from Symantec. The green address bar provides an organization’s name right in the cert and visually makes customers feel more secure of a website operator's identity reassuring your clientele they are safe to proceed on your website.

For more insight, try these articles:

Google smiles on safer connections (Internet Retailer August 8, 2014)

Understanding Always On SSL and SEO (Symantec | Connect January 2014)