Quantcast
Channel: Symantec Connect - ブログエントリ
Viewing all 5094 articles
Browse latest View live

PCAnywhere Solution EOL Statement

0
0

As I had to ask for the exact link below to the pcAnywhere Solution EOL statement, I thought it might be useful to others if I posted it here in plain text.

The text below has been extracted from the pdf release here on Symantec Connect.

pcAnywhere Solution Changes in ITMS 7.6 (March 2, 2015)

  1. What is happening to pcAnywhere Solution with the release of ITMS 7.6?
    (ITMS includes ITMS, CMS, DS) As part of the IT Management Suite 7.6 release on March 2, 2015, the End-of-Life (EOL) for pcAnywhere Solution was announced. Consequently, pcAnywhere console integration is removed during the ITMS 7.6 upgrade. However, the pcAnywhere application is not removed and will continue to function without a license. New installations of ITMS version 7.6 do not include pcAnywhere. Symantec has also partnered with Bomgar to provide two Remote Support licenses for in-depth evaluation. A new feature of ITMS 7.6 allows you to integrate Bomgar Remote Support into the r-click menu of the ITMS console.
     
  2. Can I continue to use pcAnywhere with version 7.6?
    Yes, there are two options. You may continue using the pcAnywhere application without console integration after the 7.6 upgrade. See Question #9 for more details. If you want to continue using pcAnywhere with the console, the following document describes how to reinstall console integration. http://www.symantec.com/docs/HOWTO110286
     
  3. Is pcAnywhere Solution included with new ITMS installations?
     No, pcAnywhere Solution will not be available on new ITMS installations. Instead, customers are entitled to Bomgar licenses that can be integrated into the ITMS console.
     
  4. How will my licensing work with this change?
     ITMS, CMS, and DS customers with active maintenance are entitled to receive two free Bomgar Remote Support licenses and one year of maintenance. Symantec customers will also receive preferred pricing for additional Bomgar products and services. The following link provides information about the entitlement and provides a form to submit your entitlement request: www.bomgar.com/pcanywhere
     
  5. Will pcAnywhere Solution still be supported by Symantec technical support after the ITMS 7.6 upgrade?
    For ITMS 7.5 and 7.6 environments, Symantec will continue to provide technical support for pcAnywhere Solution until March 1, 2016. After that time, Symantec will no longer provide formal support for pcAnywhere Solution.
     
  6. Will Symantec support Bomgar solutions?
    No. The Bomgar license entitlement is directly with Bomgar. Bomgar will provide support and all license fulfillment for this entitlement.
     
  7. What happens if I need more than (2) two concurrent administrator licenses of Bomgar?
    ITMS, CMS, and DS customers with active maintenance are entitled to receive two free Bomgar Remote Support licenses and one year of maintenance. Symantec customers will also receive preferred pricing for additional Bomgar administrator licenses. Please visit www.bomgar.com/pcanywhere to learn more and sign-up to receive the two Bomgar licenses.
     
  8. How does Bomgar licensing differ from pcAnywhere?
    pcAnywhere was licensed on a per client basis with no specific licensing needed for the administrative console. Given this, it was required to have a 1-1 license ratio for the number of nodes that are supported in each environment.

    Bomgar is licensed on a per concurrent administrator basis. Regardless of the number of endpoints in an environment, the administrator connecting to an endpoint is what consumes the license on a concurrent basis. For example, if you have 6 admins that need to access machines remotely but only two will be used at a time, then only two licenses are needed.

  9. Which pcAnywhere components are uninstalled when performing a 7.6 upgrade?
    The pcAnywhere console integration will be uninstalled. However, the pcAnywhere application itself will remain installed. Specifically, pcAnywhere Manager will remain on the Notification Server. pcAnywhere hosts will remain on client computers. pcAnywhere Quick Connect installations will remain installed. The console integration that is removed during the ITMS 7.6 upgrade includes: pcAnywhere installation policies; the Host configuration view in the console; pcAnywhere reports; rclick menu to launch remote sessions. For customers that want to continue using pcAnywhere with the console, the following document describes how to reinstall console integration. http://www.symantec.com/docs/HOWTO110286
  10. What does Symantec recommend before upgrading to ITMS 7.6if I am using pcAnywhere Solution?
     If you intend to use pcAnywhere for some time after upgrading to 7.6, follow these steps before the upgrade:
    • Save pcAnywhere usage reports for historical purposes
    • Create clones of the default reports, if you intend to run reports after the upgrade. Note that the reports will be available but data will not change after the 7.6 upgrade.
    • Perform any remaining pcAnywhere host deployments and configuration updates that you intend to use
    • Perform all pcAnywhere Quick Connect deployments that you intend to use after the upgrade.
    • Create a host configuration file update policy if you intend to update the configuration file while pcAnywhere hosts are still in your environment. • When you implement a pcAnywhere Solution replacement, use the pcAnywhere uninstall policies to remove all pcAnywhere hosts.
     
  11. How do I start a pcAnywhere session after the ITMS 7.6 upgrade is complete and the console integration has been removed?
    To start a pcAnywhere Solution session after the ITMS 7.6 upgrade, you can launch the pcAnywhere Manager on the Notification Server. Or, you can launch the Quick Connect application. For customers that want to continue using pcAnywhere with the console, the following document describes how to reinstall console integration. http://www.symantec.com/docs/HOWTO110286
     
  12. How will I remove the pcAnywhere hosts and Quick Connect applications when I’m ready to migrate to another remote access solution?
    You may continue using pcAnywhere Solution for as long as you like. The host uninstall policies and Quick Connect uninstall policies will be available even after the ITMS 7.6 upgrade. Use these policies to uninstall the software when you are ready.
     
  13. How does this announcement affect Deployment Solution? Will I be able to use pcAnywhere Solution?
    The same changes and entitlements apply for customers that are using DS with Remote.
     
  14. What is required to obtain my Bomgar entitlement and preferred pricing discount?
    Symantec customers must have active maintenance for ITMS, CMS, or DS. You must complete the form found at www.bomgar.com/pcanywhere and provide your Symantec maintenance renewal ID. If you don’t have it, this ID can be obtained by contacting Symantec customer service @ 1-800-721- 3934.

Transerring SSL Certificates between web servers

0
0

Like many Symantec customers just now, I'm evaluating a Bombgar remote control appliance.

To speed up the process of getting the applicance running, I decided to fire off our SSL cert request immediately on a Windows Server and work on the appliance request and subsequent import into our vCenter as parallel tasks.

This meant creating the request on a Windows server and then sending that off to Trend (a process which in IIS takes just a few moments). Later, when we got our cert chain back from Trend, the tricky bit was importing the resulting certificate chain into the Bombgar appliance with the private key that IIS generated.

The process (using openssl) was nicely described in the article below,

https://www.sslshopper.com/move-or-copy-an-ssl-certificate-from-a-window...

In short you,

  1. Complete the certificate process on the Windows Web server
  2. Export the cert and private key as a .pfx file
  3. Break apart the .pfx file into plain text cert and private key files using openssl.exe
  4. Import the certificate chain and private key into the Bombgar appliance

Nice that my Google-Fu worked for once... ;-)

Information Protection & Data Privacy: Taking Back Control

0
0

As enterprises and individuals struggle to keep pace with the deluge of data that now proliferates at every turn, the battle to protect information and keep their data private – particularly in the face of increasingly persistent and sophisticated attacks – has never been more urgent or complex.

Symantec’s strategy is to protect information wherever it might be going – whether the cloud or mobile devices. Data Loss Prevention and Identity Management are two key areas for Symantec. DLP helps us to understand the data and identity is all about the data itself: who is using it and what they are using it for. So the actual device involved is less relevant, because organisations are moving between these all the time.

Information Protection Analyst Day_picture1_0.jpg

Central to Symantec’s future focus will be behavioural analytics inside the firewall. What we are trying to do with Unified Security is to take these two behavioural procedures and integrate them, so organisations can make informed decisions, whether that be inside the organisation itself or outside, in the cloud. Tokenisation will enable us to track a user/computer/IP address, and therefore have a clear traceable line back to the individual. So, if there is a vulnerability, you can see, for example, that it’s a laptop involved specifically within an IT software shop. Tokenisation allows you to carry out the relevant analytics, whereas anonymisation in the cloud prevents that.

Symantec’s Unified Security solution will be going to Proof of Concept soon and organisations will have three options when managing data:

  • SHARE EVERYTHING– process everything and get the best outcome
  • SHARE DATA– but ‘pseudonymise’ everything.
  • SHARE NOTHING– the price being that you can’t do any of the analytics.

Think about the new draft EU legislation, which, when it comes into force, would mean that loss of personal data would have to be reported within a set timeframe, perhaps as quickly as 72 hours. That could prove costly for organisations, if they don’t have the right security technology in place.

Equally, it’s worth keeping in mind the ‘Right To Be Forgotten’ – sometimes referred to as the ‘Right of Erasure’ – an idea foreshadowed by a European Court of Justice ruling in 2014 that forced Google to amend some of its search results. Most importantly, there will be no implied consent over the use of citizens’ data and, even when consent is granted, it will be easier for that to be retracted. Organisations will need to ensure compliance with these strictures.

What might that mean in practice? Companies managing personal data may be required to hire a Data protection Officer, implement privacy by design, understand how their data flows and carry out mandatory impact assessments.

Ultimately, the key to success for organisations will lie in understanding that anything can be personal data, particularly in the BIG Data world where we can aggregate data that might identify an individual. The new rights around access and erasure, the role and liability of Data Controllers versus Data Processors are all new challenges that have to be tackled head on.

Who is the real leader in backup appliances? A closer look at IDC PBBA report.

0
0

IDC recently published the 2014 annual revenue numbers for Purpose Built Backup Appliance (PBBA) in their press release, “Worldwide Purpose-Built Backup Appliance (PBBA) Market Revenue Breaks the $1 Billion Mark in the Fourth Quarter, According to IDC” 

Since it has been more than a year when I last reported on PBBAs, Integrated PBBAs: The Times are a Changing, the time was right for an update.  For those of you following my last PBBA blog and the fate of my former Blockbuster video store, it has been remodeled and is now a Banfield Pet Hospital. 

What is New? 

The PBBA market broke the $1 billion mark in Q4 2014. This milestone is significant as the market continues to show positive growth and IDC forecasts the total PBBA market to grow to $4.4 billion by 2018 (a five-year CAGR of 7.5%). Symantec is well positioned to meet this growing customer need and continue to gain market share. 

Top 5 Vendors, Worldwide PBBA Factory Revenue, 2014 (Revenues in $ Millions)

Vendor

2014 Revenue

2014 Market Share

2013 Revenue

2013 Market Share

2014/2013 Growth

1. EMC

$2,030.2

62.3%

$1,958.8

62.5%

3.6%

2. Symantec

$417.5

12.8%

$359.4

11.5%

16.2%

3. IBM

$205.9

6.3%

$234.9

7.5%

-12.3%

4. HP

$134.5

4.1%

$150.5

4.8%

-10.6%

5. Quantum

$73.3

2.2%

$69.9

2.2%

4.9%

Others

$397.8

12.2%

$359.7

11.5%

10.6%

Total

$3,259.2

100%

$3,133.1

100%

4.0%

Source: IDC Worldwide Purpose Built Backup Appliance Quarterly Tracker, March 19, 2015

While the overall PBBA market shows 4.0% year-over-year growth, the real growth is in Open Systems. Open Systems (filters out mainframe PBBAs) is growing at 6.8% annually. It may not seem like much, but it is 70.9% greater than the overall PBBA market.

PBBA Growth 2014-2013.jpg

Within Open Systems, Integrated Appliances continue to outpace Target appliances by 25.6% (7.9% versus 6.3%).

Integrated appliances are tightly integrated with backup software and can have master or media servers built into the system to orchestrate the backup and movement of data to other systems or removable media such as tape.1 

Target appliances are used in conjunction with third-party backup software and designed to integrate in heterogeneous environments.1 

Market Highlights:

  • Symantec continues to gain market share.  It is the only Top 5 Vendor to increase market share.   
  • Integrated appliances are growing 25% faster than target appliances.
  • The popularity of Integrated appliances continues to grow, and highlights how they address the increasing cost and complexity organizations face today, Realizing OpEx Savings with Symantec Backup Appliances.

How is Symantec Doing? 

Symantec, soon to be Veritas, continues to be the fastest growing PBBA vendor. More importantly, it is driving the growth within the Integrated PBBA market and continuing to gain market share.  In less than four (4) years, Symantec has gained 39.3% market share.    

PBBA 2010 - 2014 growth_0.jpg

In comparing Integrated PBBA revenue, Symantec has grown 16.2% over the last year, more than twice the market growth of 7.9%.  What is especially telling is EMC’s performance, which led to declining revenue, -2.9%, and prompted the question, “Why do I think EMC is worried about losing ground in backup appliances?”

Integrated Appliances21032014YoY
Symantec$359.39$417.5116.2%
EMC$533.03$517.46-2.9%

Market Highlights:

  • Symantec led the Integrated Appliance market growth, 16.2%
  • EMC had a decline in market share, down to 49%
  • EMC had negative growth, -2.9%

Conclusion

The purpose built backup appliance (PBBA) market is showing strong year-over-year growth. Within the PBBA market, integrated appliances are growing 25% faster than target appliances. 

Symantec is leading the growth in the market. With its Integrated appliances, Symantec NetBackup integrated appliances are addressing the most significant challenges organization face; limited headcount and resources. 

Learn more about NetBackup appliances.  

Footnotes
1.  IDC Worldwide Quarterly Purpose Built Backup Appliance Tracker - 2014 Q4, Pub Date: 3/23/15.  All charts and graphs are based on this report.  

Coordinated takedown disrupts Changeup malware distribution network

0
0
Law enforcement agencies and security vendors join forces to take down long running malware delivery network.

続きを読む

Friends Against Bullying – 2015 Friends Online Report Highlights Youth Cyberbullying Trends in Sweden

0
0

friends.png

Last month our national nonprofit in Sweden Friends released their third annual ‘Friends Online’ report. Sponsored by Symantec and HP, the report aims “to capture the voices of children and adolescents on the topic of harassment, other acts of intimidation and bullying online via mobile phone, computers and tablets.”

The report surveyed over 1,040 children from ages 10 to 16 in Sweden and this year included a focus on the topic of sexual harassment. Highlights from the report include:

  • One in two young people use a mobile phone, computer and tablet an average of 3–6 hours a day
  • 1/3 of all young people have been subjected to harassment or other acts of intimidation via mobile phone, computer or tablet at least once in the past year
  • Girls are subjected to cyberbullying to a greater extent than boys. The results show that 8% of girls and 4% of boys were bullied via mobile phone, computer or tablet in the past year
  • 35% of respondents say that people who have victimized them online have victimized them offline as well
  • 7% of girls have been subjected to sexual harassment via mobile phone, computer or tablet in the past year
  • Gaming environments are the most common places where boys are victimized. Social media forums such as Kik and Instagram are the most common places where girls are victimized

As a national sponsor of Friends we encourage our employees and stakeholders to consider the role we each play in contributing to a safe online experience for youth. How can we as adults all be more effective at protecting ourselves and our youth?

Some tips from Friends’ research and experience in this space include:

  1. Show interest in children's and young people's life online. For example, the report reveals that only one in five respondents feel that adults at home are good at trying out the activities that children and adolescents are most commonly involved in online.
  2. Talk about how you should treat others. For example, the report shows only one in three respondents feel that adults at home are good at explaining what they can do if they have been subjected to harassment, intimidation or bullying online.
  3. Tell them that you are there if something happens. The report showed that victims felt confiding in an adult at home helped them the most. Additionally, girls more commonly confide in a friend or an adult, while boys tend not to and/or respond back with something hurtful.
  4. Leverage reporting functions within forums.
  5. Inform the police in the case of more serious violations.

To read the full Friends Online report in English please click here.

For more information on Symantec’s global partnerships and innovative programs to reduce cybercrime please visit our Corporate Responsibility website.  

Carolina Schattauer Ramnö is Symantec's Nordic PR Manager

Symantec Connect Will Be at RSA. Will You?

0
0
We're giving away 4 tickets to the Symantec suite at the San Francisco Giants game
続きを読む

USB Swiss Arm: Winaero Tweaker portable universal tweaking tool

0
0

Winaero Tweaker is a universal tweaker software which supports Windows 7, Windows 8, Windows 8.1 and the upcoming Windows 10. Winaero Tweaker has an easy to use user interface to access all the features from a single app.

This portable tool has several functions to change hidden options, for example allows to customize specific features of the Windows operating system like the Drive letters shown first or before Drive Label ( one of my favourite customization..)

Winaero Tweaker.jpg

Winaero Tweaker main features:

Appearance options

  • Aero Colors
  • Customize Shortcut Arrow
  • Customize Window Borders
  • Slow down window animations
  • Sync Metro/Aero Color(Windows 8/Windows 8.1)
  • Opaque Taskbar (Windows 8/Windows 8.1)
  • Drive Letters
  • Startup sound

Operating system behaviour options

  • Disable "Look for an app in the Store" Notification (Windows 8/Windows 8.1)
  • Disable Aero Shake
  • Disable Aero Snap
  • Disable New Apps Notification (Windows 8/Windows 8.1)
  • Startup speed up for Windows 8/8.1
  • XMouse Options
  • Default Drag-n-Drop action

Boot and Logon options

  • Boot Options
  • Disable Lock Screen (Windows 8/Windows 8.1)
  • Don't display last login user name
  • Enable CTRL + ALT + DEL logon requirement
  • Verbose Logon Messages

User accounts

  • Disable or Enable UAC
  • Enable Built-in Administrator

Pinning options (Windows 8/Windows 8.1)

  • Enable "Pin To Start" for all files

Network options

  • Enable Network Drives over UAC
  • Enable TCP/IP Router
  • Administrative shares

System information

License : Freeware

Note: portable program

Link: Winaero Tweaker 


Ransomware: Return of the mac(ro)

0
0
Ransomware attackers have resorted to reviving a very old attack vector, the malicious Word macro.

続きを読む

Enhancing Trust in the CA/Browser System

0
0
Consequences for those that disobey the rules

Browsers and Certificate Authorities are in the news again over the reported mis-issuance of an SSL server certificate to google.com domains. Discovered by Google most likely via technology known as key pinning and discussed by Google’s Adam Langley in this blog, a Chinese certificate authority, CNNIC (Chinese Internet Network Information Center), apparently issued an intermediate certificate to an Egyptian company called MCS Holdings. Because the CNNIC root certificate is included in the root store of most major browsers, users would not see any warnings on sites that have certificates issued by CNNIC or MCS Holdings. When MCS installed their intermediate into a Man in the Middle (MITM) proxy device, that device could then issue certificates for sites which users connected via that proxy would visit.

There are several violations of the CA/B Forum Baseline Requirements and Mozilla Root Program Requirements here. First, Mozilla specifically prohibits using public roots for MITM applications. (While there may be legitimate corporate use cases for these proxy devices, using public root certificates as part of the implementation is prohibited and is a violation of public trust). Second, any sub CA certificates (issued from the Root) must be publicly disclosed and audited or be technically constrained(using the technology known as “name constraints” which limits the domains which the CA can issue to). Neither appears to be the case here. Third, indications are that the key was not generated and stored in a proper Hardware Security Module (HSM). There are several other mistakes as well but these are the major ones.

CNNIC documents show that the sub CA certificate was only issued for a short duration and was to be used for test purposes only. While this may be the case, it ignores the reality that the misuse of such a certificate can cause great harm to end users. Users can be deceived to go to a fraudulent website and have their credentials stolen. The fact that bogus certificates found their way onto the public Internet due to this “test” makes it clear that improper controls were in place at both CNNIC and MCS Holdings as well as a limited understanding of the rules surrounding public CAs.

The major browsers quickly moved to un-trust the MCS Holdings certificate to protect their users from potential fraud. MCS sent a report to Mozilla with their assessment of the situation. Google has announced that they are taking action to distrust the CNNIC root certificates.  Google will “whitelist” all existing CNNIC certificates and has provided a path for re-inclusion into their browser by insisting all future certificates use Certificate Transparency.  Firefox will be updated to distrust any CNNIC certificate with a notBefore date of April 1, 2015. The current CNNIC root will remain in the Mozilla root store to validate current certificates and CNNIC can reapply for full inclusion but may be subject to additional scrutiny and controls during the process. This is essentially a punishment for violating the Baseline Requirements and the Mozilla root program rules.  Microsoft is still evaluating whether to take further action than just distrusting the MCS Holdings Intermediate certificate. No word from Apple so far.

Three recently introduced technologies and controls namely Certificate Authority Authorization (CAA) and Certificate Key Pinning (HPKP), which are designed to prevent mis-issuance, and Certificate Transparency (CT) which is designed to detect mis-issuance, significantly raise the level of security of the CA/Browser cryptography system. CT and HPKP are being implemented by some browsers and CAA is a function that CAs will have to deploy. 

What is the lesson learned here? Not all CAs are created equal. Clearly CNNIC broke the rules and got caught. Whether it was intentional or not is being debated in the public. It doesn’t appear from the evidence that this was intentionally malicious. Symantec and all the SSL issuing CAs are held to high standards with regard to the ecosystem rules including CA/B Forum Baseline Requirements, Network Security controls, and Mozilla, Microsoft, Google, Apple and other root program requirements. We have strict controls in place to insure sub CA certificates are either disclosed or constrained, have strong and knowledgeable vetting and authorization teams, obtain regular audits from accredited WebTrust auditors and work closely with the major browser vendors in the CA/B Forum. While we do issue sub CA certificates to third parties, we are well aware of the strict rules surrounding this practice and the need to remain vigilant. Symantec supports the use of CT, CAA, and HPKP technologies and urges adoption by all participants in the ecosystem.  In the end, it matters which CA you choose so pick one that has a long track record and invests in its infrastructure to insure its customers are protected.

Backup Exec 15 Fully Supports vSphere 6 today. Don't Wait to Upgrade!

0
0

Be sure to tell your customers that they can upgrade to vSphere 6 today . . . . no need to wait! Backup Exec 15 is generally available now with first-to-market, FULL support for vSphere 6 for small to mid-sized businesses. Now is the time to get the word out to your customers. Encourage them to download Backup Exec 15 trialware and enjoy the benefits of vSphere 6 protection today.

This product has only been available a few short days, but we're already starting to see the great feedback roll in:

“Using Backup Exec 15 means that I sleep well, because our physical and virtual environment is fully protected. I’d choose it over any other backup and recovery solution any day.”

  • Caroline Kiel, CEO of PingUs Solutions

Make sure your customer's don't miss out on this powerful, flexible and easy-to-use solution! And if you have a Twitter handle, here are a few suggested Tweets you can use to help spread the word:

  • Want to protect vSphere® 6 today? Download Backup Exec™ 15 trialware, fully-functioning and free for 60-days! http://symc.ly/be15trial
  • Backup your vSphere® 6 VMs free for 60 days. Download Backup Exec™ 15 today! http://symc.ly/be15trial  

Database support matrix Available on SORT

Simda botnet hit by Interpol takedown

0
0
Infrastructure owned by the Simda botnet (also known as Rloader) has been seized in an Interpol-led law enforcement operation.

続きを読む

Tips to "Be SAFE"

0
0
Be Safe.

If you connect to the Internet, allow other people to use your computer, or share files with others, you should take steps to protect your computer from harm. Why? Because there are computer criminals (sometimes called hackers) who attack other people's computers. These people can attack directly, by breaking into your computer through the Internet and stealing your personal information, or indirectly, by creating malicious software to harm your computer.

Fortunately, you can help protect yourself by taking a few simple precautions. This article describes the threats and what you can do to defend against them.

Be Safe: Antivirus Software

Many of the more common viruses morph or change frequently to make them more difficult to detect. Viruses spread rapidly and by many different ways (for example, via email attachments; infected document files; Web sites that contain hostile code that can infect your computer through vulnerable browsers; and unprotected fileshares). Your computer may be vulnerable to virus attacks if you are not using antivirus software and updating it regularly. Using Symantec AntiVirus and configuring it to update virus definitions automatically will help keep your computer protected. Download Symantec AntiVirus and be sure to set it up for automatic updates.

Symantec-Endpoint-Protection-Changes-Registry-Key-Location-2_2.png

Important: New computers often come with trial versions of antivirus software. Having two different antivirus programs installed on one computer can cause conflicts. Always uninstall the antivirus software that came on your computer before installing the Symantec software.

Be Safe: Back Up

Most people know that they should back up their files, but don't do it, because they don't know how, figure it takes too much time, or think it might cost too much. However, there are many methods for backing up your files at a low cost. Don't wait until you lose hours or even years of work in a single moment. Take a few moments right now to identify a method that will work for you.

Here are some methods you can use:

  • Portable Hard Drives

An external hard disk is a fast, efficient way of backing up all of your data. Models are available that either plug into your computer’s USB port, or connect via your wireless network. Most are so compact that they can easily be stored off-site.

These typically range from 320 Gigabyte (320,000 Megabyte) models costing less than £50, to those providing up to 4 Terabytes (4,000 Gigabytes) for around £275. To give you an idea of the amount of storage they provide, one photo of reasonable quality taken on a digital camera or camera phone will typically be between 1 and 5 Megabytes. A music file in MP3 format will be between 3 and 8 Megabytes. So even on the 320 Gigabyte drive mentioned above, you could fit over 100,000 average-sized photos or 64,000 music tracks. 

Some portable hard drives provide a ‘one touch’ feature which backs up your data at the touch of a button, or automatically at pre-set intervals. 

It is important to test that the data you have backed up on your portable hard drive can be recovered if needed. You should test this by using a different computer to ensure that the backup is compatible – and recoverable – in the event of the loss of your existing computer. 

online-file-backup.png

  • Online Backup (Cloud Backup)

The use of online backup (also known as ‘cloud backup’) is increasingly popular owing to its added convenience, security and low cost. 

You may back up any data from one or two documents or photos to the entire contents of your computer, with virtually no limitation on storage space. Some providers supply limited storage free of charge, but generally the cost of backups increases proportionally to the amount of data involved. 

There are many providers of online backup. These include internet service providers (ISPs), internet security software vendors and companies such as Apple with the iCloud – to specialists. 

Increasingly, the Cloud is being used for not only backups but primary storage. This enables you to access your data from any computer, smartphone or tablet anywhere in the world without having to carry the data with you, with its associated security risks. Using the Cloud for primary storage also ensures data security as providers back up your data as well as storing it. This overcomes most of the risks associated with storing data stored on your computer. 

  • Other Advice

Do not use USB memory sticks, recordable CDs or DVDs to back up your data. Although these may appear to be inexpensive and convenient methods, they share limited capacity and are also easily lost or stolen. CDs and DVDs are also very slow to transfer your data. 

Be Safe: Firewalls

a253fe23-4fb7-48d2-b52f-f52cb0e82734_57.jpg

Automated attack tools are always seeking ways to break into and take over your system. Severe attacks may delete important data, crash your system, spawn new attacks, or even steal personal information, such as passwords and credit card numbers. A firewall can help protect your computer by blocking potentially hostile connection attempts. Unit firewalls (firewalls that are designed to help protect multiple computers in a university department, or a home or apartment complex network) and properly configured personal firewalls (firewalls that you can install on your own computer) can each provide effective security to suit various needs. For home use, personal firewalls are often free.

Important: Windows 7 and Mac OS X have built-in firewalls. It is important to ensure your firewall is enabled for complete protection. Many Linux or other UNIX-based systems also have firewall or filtering capabilities that should be enabled.

Be Safe: Malware

Malware, or malicious software, is hostile, intrusive, or annoying code that includes viruses, spyware, adware, worms, trojan horses, and other unwanted programs.

Malware and spyware are written and released on a daily basis. Many of the more common malware morphs or changes frequently to make them more difficult to detect. Malware spreads rapidly and by many different ways: for example, via e-mail attachments; infected document files; Web sites that contain hostile code that can infect your computer through vulnerable browsers; and unprotected fileshares. Your computer may be vulnerable to virus attacks if you are not using antivirus software and updating it regularly. 

120px_malware2_0.jpg

Spyware is often installed as a component of freeware programs, including some peer-to-peer (P2P) applications. Most modern antivirus programs contain mitigation technologies for spyware. To further protect yourself from spyware, be cautious when downloading freeware or accepting free downloads.

To protect your computer from malware or spyware, download Symantec AntiVirus and be sure to set it up for automatic updates. Note that new computers often come with trial versions of antivirus software, and having two different antivirus programs installed on one computer can cause conflicts. Always uninstall the antivirus software that came on your computer before installing the Symantec software.

Be Safe: Phishing Tips

Phishing involves fraudulent email requests for personal information.The goal of a phishing scam is to steal your valuable personal data, such as credit card numbers, passwords, account data, and other information. The con artists who design phishing scams send out millions of fraudulent email messages that appear to come from organizations you know and trust, like your bank, credit card company, or school. The email will direct you to provide personal information such as your bank account number or social security number. The bogus e-mails often include links to authentic-looking Web sites that have logos taken directly from legitimate Web sites. If you think you've received a phishing email message, do not respond to it.

Many people think that computer security concerns only relate to viruses, but personal security is equally important. There are numerous types of fraud that can endanger computer users on a personal level—and email is an extremely effective way to distribute fraudulent messages to potential victims.

Privacy protection has become essential today because of the wide spectrum of dangers including identity theft, email hoaxes, phishing scams (fake email messages that request sensitive data), malicious attacks and spyware technologies which increasingly target Internet users. If it looks too good to be true ... for example, you receive a message that says you won $3 million from an online lottery you've never heard of ... then it is too good to be true. No matter how tempting it seems, never respond to a message that asks you to send money or personal information.

On occasion, phishing scams are directed at students, faculty and staff. Fraudulent email appearing to come from official government offices invites the reader to click on a link or share private information. In the case of a compromised account or an incident involving sensitive information, contact your IT Administrator / Security Manager. For cases of harassment or direct threats, contact your local police department.

Be Safe: Secure Passwords

Your digital identity and computer security are only as safe as your passwords. Make sure you have strong, safe passwords for your computer, and systems that store your important data and confidential information. A common method by which intruders break into computer systems is through administrator accounts that have no passwords. Similarly, malicious individuals often enter systems by cracking a poor user password, logging in, and exploiting your information and computer access. Therefore, selecting a good password initially and changing it periodically are important ways to avoid having your computer or account compromised.

images (1).jpg   

Use Identity Safe:

https://identitysafe.norton.com/

Use Password Generator:

https://identitysafe.norton.com/password-generator/

Important: Your password is the key to many electronic services. Guard your password just as you guard your bank card PIN. Don't write it down or make it easy for someone to crack. Never share your password with others.

Be Safe: Security Updates

Relying on the fact that many computer users fail to install software patches on their machines, hackers create worms to take advantage of these vulnerabilities. Most software vendors, including Microsoft and Apple, offer updates to correct security gaps that worms and other malicious programs can use to attack your computer. Running Symantec AntiVirus is not enough. You can configure your computer to automatically seek out updates for hassle-free security.

Microsoft-Announces-Critical-Security-Updates-for-Windows-Internet-Explorer-388300-2.jpg

How to schedule automatic updates:

Important: If you are running Windows 7, we strongly recommend that you install the Windows 7 Service Pack are up to date. 

Be Safe: Social Networking

Social networking Web sites such as Facebook and MySpace make it easy to meet people on a personal or professional level. By providing personal information using blogs, chat, email, or instant messaging, you can meet new friends and communicate with others who share your interests. However, digital relationships can be deceptive. Watch out for computer security dangers such as phishing schemes, spyware downloads, and Internet fraud. Never share your password with anyone or provide credit card or social security numbers insecurely.

120px_social_media_1.jpg

Remember: Information you share online potentially available to the world—friends and strangers alike. Although social networking sites create an illusion of intimacy, they are not private. They are easily accessible not only to school administrators, potential employers, and law enforcement officials—but to scam artists and criminals. If you use social networks, you should also be aware that what you post may not be appropriate, may be misinterpreted, or may cause harm to your reputation. Some individuals have been expelled from school, lost out on great job offers, or had grad school admissions withdrawn because of pictures or statements they posted. Others have become the victims of stalking, identity theft, or other crimes.

Important: Windows 7 and Mac OS X have built-in firewalls. It is important to ensure your firewall is enabled for complete protection. Many Linux or other UNIX-based systems also have firewall or filtering capabilities that should be enabled.

Is someone hacking into my account

Changing your password is a good measure if you fear that somebody might have been illegally using your account, but the mails you have been receiving recently are probably caused by a virus and not by a hacking attempt into your account.

There are a number of viruses/worms that can forge the sender's address (the virus designated "Klez" is one of them, for instance). The main characteristic such viruses share is that they all make the infected machine send email messages (containing the virus in their turn) to any email address it finds in the user's contact email list. The subject line and name of the attached file (typically with the .exe, .pif, .bat, or .scr extension) are random and do not have a specific label.

Many users have received email messages which appear to be from webmaster@us.govpostmaster@us.gov, as well as several others when in fact, the messages are not from those senders.

You should forward the infected email showing the FULL headers of the infected mail to your Email security department / IT security department.

Only by looking at those headers the people at the Security Operations and Services might be able to determine the real sender of the mail in question and, in case the email came from any company domain, block the infected computer from sending out more email until it is disinfected.

Never open an email attachment you were not expecting. Be certain you have an updated version of anti-virus software.

Here are few tips for safely using email and the web

  1. Use caution when opening email attachments. Email attachments (files attached to email messages) are a primary source of virus infection. Never open an attachment from someone you don't know. If you know the sender but weren't expecting an attachment, verify that the sender actually sent the attachment before you open it.

  2. Guard your personal information carefully. If a website asks for a credit card number, bank information, or other personal information, make sure you trust the website and verify that its transaction system is secure.

  3. Be careful when clicking hyperlinks in email messages. Hyperlinks (links that open websites when you click them) are often used as part of phishing and spyware scams, but they can also transmit viruses. Only click links in email messages that you trust.

  4. Only install addons from websites that you trust. Web browser addons allow webpages to display things like toolbars, stock tickers, video, and animation. However, addons can also install spyware or other malicious software. If a website asks you to install an addon, make sure that you trust it before doing so.

North America Channel Marketing Update: April 2015

0
0
Twitter カードのスタイル: 
summary

As we make progress in separating Symantec into two independent companies, we continue to release new market intelligence, products and co-branded campaigns to ensure our partners are armed with the necessary information and tools to best serve our joint customers.

Symantec’s Internet Security Threat Report

Symantec’s Internet Security Threat Report leverages an unparalleled amount of data and the knowledge of Symantec’s global cybersecurity experts to provide you with a 2015 threat landscape overview. It looks at the ever-evolving threat landscape to help keep you informed so you can build a Cybersecurity posture that keeps your customers prepared and safe from cyber-attacks. Be sure to download the latest Internet Security Threat Report (ISTR) from go.Symantec.com and watch our ISTR on-demand partner webcast to keep yourself and your customers in-the-know.

Latest Product Releases

Symantec Embedded Security: Critical System Protection is a lightweight, signature-less security client designed for connected devices being built for the collective category known as the Internet of Things. Optimized for embedded systems and resource constrained environments, Symantec Embedded Security: Critical System Protection can be integrated by device manufacturers or installed post market as part of an asset owner's cyber security strategy.

The Symantec Endpoint Encryption 11.0.1 release extends our management capabilities to include support for FileVault2 (Apple’s native OS encryption offering), as well as support for Opal-compliant self-encrypting drives. It provides your customers with the freedom to choose whichever encryption platform best meets their needs. Additional enhancements include smart card support on UEFI systems for our public sector customers, as well as support for CD/DVD/Blu-ray and support for Device Session Passwords, further enhancing our removable media capabilities for multi-user workstation/kiosk use cases.

IT Management Suite 7.6 is now generally available and is all about IT flexibility and user freedom. IT can now securely manage remote users, rapidly deploy and support new devices, platforms, and applications while also working smarter with simplified administration and reporting tools. Your customers can try it now for free here.

I encourage you to visit PartnerNet for additional information and materials on the latest product releases, including data sheets, white papers, on-demand webcasts, GRID campaigns, and more.

Backup Exec 15: Co-Branded Partner Campaign

Symantec partners can start generating leads today with the new co-branded Backup Exec 15 campaign, now available in The Symantec GRID. Launch this campaign to educate your customers on how to solve backup challenges, meet recovery objectives, and reduce costs with Backup Exec 15. The campaign also offers customers a free fully-functioning trial for 60-days. Click here to launch your campaign now.

We’re excited to deliver these latest updates to our partners, and encourage you to keep visiting this blog where we’ll be posting more information as it becomes available. If you have any questions, feel free to comment below.


How the Private and Public Key Pair Works

0
0
Twitter カードのスタイル: 
summary

Did you know this month was “couple appreciation month”? Let’s use this as an opportunity to explain in simple words how the security of an online transaction relies on a happy, inseparable couple: a public key and a private key.

Public keys and private keys are part of a general structure we call PKI – Public Key Infrastructure. The SSL and TLS protocols, which are globally used to secure not only websites, but also emails and web applications, are based on this structure. So we might as well say that there are thousands and thousands of public and private keys in operation right now around the world!

Keys are used in algorithms to encrypt and decrypt data. You may think the same key is used to encrypt and decrypt, but there’s a twist: there are algorithms in this world which are able to encrypt data with one key… and decrypt it only with the help of another key! Magical, isn’t it? (For those who don’t believe in magic, you can read more about trapdoor functions here). In the case of SSL, one key – the public key - is used to encrypt data; only the corresponding private key can decrypt it. What a lovely (and useful) couple.

Couple_Appreciation_1.png

In the SSL protocol, public keys and private keys are generated by servers. The private key remains locked and secure in the server, while the public key is pinned to the server’s SSL certificate. Whenever a browser connects to the server, the server sends its SSL certificate which contains the public key. The browser can then use this public key to encrypt data and send it to the server, which is now the only one able to decrypt such data thanks to its private key.

Both keys are inseparable, and of course each pair is unique: the public key belongs to its corresponding private key and only to this one.

Couple_Appreciation_2.png

Public and private keys are essential to the security of our exchanges. Thanks to them, we don’t have to worry about someone eavesdropping on our conversations. But there is still a major issue: what if a hacker intercepts the server’s public key, and sends their own public key instead?

What guarantees the browser that the public key received is actually the public key from the server it wanted to reach?  This is why Certification Authorities like Symantec play an essential role: CAs authenticate servers and their public key through a unique document called the SSL certificate!

If you’re curious about SSL and more specifically about how SSL certificates work, you can find more

Symantec Connect Will Be at RSA. Will You?

0
0
We're giving away 4 tickets to the Symantec suite at the San Francisco Giants game
Twitter カードのスタイル: 
summary

We're excited to be attending this year's RSA conference. We'll have a booth where we're looking forward to talking about all the ways that Symantec Connect can help you solve your challenges. 

We don't want to miss the chance to get to talk to you. That's why we're holding an invitation-only event for Symantec Connect users. Join us for drinks and snacks.

Tuesday, April 21st 
4-6 PM
Park Central Hotel

While you're there, be sure to enter our raffle for 1 of 4 tickets to join us in the Symantec suite at the San Francisco Giants game on Wednesday, April 22. 

Register for the event here so we can send you all the details.

Symantec Connect Will Be at RSA. Will You?

0
0
We're giving away 4 tickets to the Symantec suite at the San Francisco Giants game
Twitter カードのスタイル: 
summary

We're excited to be attending this year's RSA conference. We'll have a booth where we're looking forward to talking about all the ways that Symantec Connect can help you solve your challenges. 

We don't want to miss the chance to get to talk to you. That's why we're holding an invitation-only event for Symantec Connect users. Join us for drinks and snacks.

Tuesday, April 21st 
4-6 PM
Park Central Hotel

While you're there, be sure to enter our raffle for 1 of 4 tickets to join us in the Symantec suite at the San Francisco Giants game on Wednesday, April 22. 

Register for the event here so we can send you all the details.

Top 5 Priorities for Proactive Cybersecurity

0
0
Attackers are moving faster while defenses are not, according to the newly released Symantec Internet Security Threat Report Vol 20

続きを読む

The Threat Landscape Grows Ever Darker – Time To Fight Back!

0
0

With Symantec’s 2015 Internet Security Threat Report (ISTR) just released, in which our global cybersecurity experts have identified, analysed and provided extensive insights into, and commentary on, the key emerging trends in the threat landscape, it is all too evident that the threat landscape is growing ever darker and more menacing.

Our latest ISTR, covering 2014, reveals a year in which the attackers took their onslaughts to a new level of intensity and sophistication, with:

  • Faster attacks
  • Files held to ransom
  • Far more malicious code then previously seen.

Most worrying revelations in our ISTR are that:

  • Cyber attackers are leap-frogging defences in ways companies lack the insight to anticipate
  • Attackers are moving faster, while defences are not
  • Attackers are streamlining and upgrading their techniques, while companies struggle to fight old tactics
  • Malware used in mass attacks has increased and continues to adapt.

What is all too clear is that, as businesses rush to shore up any immediate breaches through which attackers have penetrated, while looking to vendors to create and roll out patches, the attackers are already way ahead of the game, using zero-day vulnerabilities to press home their advantage. The first Heartbleed attacks, for example, were recorded within four hours of disclosure. As enterprises try to play ‘catch-up’, the next wave of infiltration has already taken place.

Scriberia_Threat Landscape.jpg

As external threats are impacting organisations more and more, what exactly are the attackers after? Just knowing the organisation has been attacked doesn’t tell you what the objective of that attack is – e.g. to capture and sell on personal data or to hold the business to ransom? What about undetected attacks: how many businesses are victims without realising this? How long have the attackers been inside their walls? Without improved detection and better analytics, they may well be living in a world of false security.

In response to all of this, standards have to be driven up. But this improvement needs to accelerate, if enterprises are to close the ‘credibility gap’ between them and their attackers. Another big concern is the under-investment by most organisations in safeguarding their systems and data, which means they do not have the resources in place to address this issue. Yet without the right levels of information protection, they remain at the mercy of assailants now well versed in the skills needed to hijack a company’s own infrastructure and turn that against them, as the 2015 ISTR reveals. It comes as no surprise, therefore, that a much more rigid approach to software engineering is called for.

The scale of challenges that organisations now face is all but overwhelming – making investment in information protection the more urgent. The argument businesses do not have the necessary levels of investment to hand to make this happen has become a specious one. Because, without that investment, they cannot keep their businesses secure, creating a situation where attackers are more or less given carte blanche to commandeer their most valuable and sensitive data at any time. It is not a question of if a company may be attacked, but when, and the consequent impact from such a breach must be minimised with the right investment.

From social media and scams to targeted attacks (the top 5 zero-day vulnerabilities being exploited were unpatched for a total of 295 days in 2014), and from data breaches and privacy to crime and malware (almost 1 million new threats created each day in 2014), the pressure on enterprises has never been so great. Unless they can fight back on an equal footing, they are leaving themselves open to untold damage, and even simple measures like blocking executable file attachments will help.

You can download the ISTR report and other materials here: http://bit.ly/1Ddn7KD

If you would like a briefing with Symantec’s global experts to discuss the findings with you in more detail please contact Patricia_Valuch@symantec.com.

Viewing all 5094 articles
Browse latest View live




Latest Images