In the developing work, 42 percent of girls are not enrolled in school. And in India, 40 percent of girls do not make it to secondary school. To address these issues, Symantec has proudly supported the work of Room to Read since 2008, funding school libraries and girls’ education programs in Sri Lanka and India, and in FY2014 provided technology investments that expand the organization's capacity to assist governments and NGOs.

We're pleased to showcase the inspiring story of how one father, Bhajnu, and Room to Read's Girls' Education Program are breaking down barriers to ensure girls in India complete a crucial first step to future social and economic stability. Read on below, or see the full story here. 

For India’s School Girls, One Father’s Support Gets Multiplied

“Education is a lamp that can brighten a child’s life. Their education can, in turn, brighten the society and bring progress and prosperity.” 

— Bhajnu, father and education advocate in his village

Last year Sonam and Kavitha, two sisters from a poor family in a remote region of Madhya Pradesh, India, were about to drop out of school when their neighbor, a man named Bhajnu, tried to stop them. In a country where 40% of girls never even make it to secondary school and many fewer graduate, this was a strange occurrence indeed.

The sisters had been glad to join Room to Read’s Girls’ Education Program, which helps girls finish secondary school — a notoriously tough milestone for girls from low-income countries — but their interest in school plummeted when they failed an important exam. Their elder brother, who had been against sending them to school, wasn’t much help either. In his opinion, since they’d failed there was no point in spending more money on their education.

{Read the full article on Room to Read's blog here.}

Call for Symantec Advanced Threat Protection (ATP) Product Practitioners -- Complete the SCS Blueprint Survey

The Symantec Certification Team -- https://www.symantec.com/services/education-services/certification --  has begun the design and development of the Administration of Advanced Threat Protection 2.x SCS Certification exam.

The next step in the process is a Web-based survey that will identify the objectives that will be tested on the exam, and to which extent. You will be asked to rate the exam objectives based on the importance, frequency, and competency required for each objective. Your opinion will be combined with the input from other Symantec ATP product practitioners and used to determine how many questions will be asked on the test for each objective.

Input from experienced practitioners such as you is vital to validating the usefulness and appropriateness of the exam. We greatly value the input you provide.

To access the survey:

Visit: http://goo.gl/forms/sTF5VLnQJM - you will be taken to a Google Forms page hosting our Blueprint Survey.

When is the survey available and how long will it take to complete?

The survey is available 24/7 starting today and will be available through Tuesday, May 17th.  Please plan on setting aside approximately 15 to 25 minutes to complete the survey. Your results will only be counted if you complete and submit the entire survey.

Who should complete this survey?         

You should complete the survey if you have the relevant technical knowledge and experience with ATP. Ultimately, we seek a minimum of 30 Symantec ATP product practitioners to complete the survey. If you know others in your organization that should participate in this survey, I encourage you to forward the blueprint survey link so that they can also participate.

Thank you for supporting Symantec Education! 

Symantec celebrates Bike to Work Day with an energizer station for participants featuring snacks, beverages and give-aways for participants.

If someone said you could do something good for the planet, that makes your brain and body stronger, that burns calories, and injects some fun into your commute, wouldn’t you say sign me up now?!

Well this Thursday, May 12th, you can make this happen by joining Symantec, our Bike to Work Day partner the Silicon Valley Bike Coalition, as well as the American League of American Bicyclists and thousands of people across the US for Bike to Work Day, "an annual celebration of active transportation"!

This year marks the 22nd San Francisco Bay Area Bike to Work Day (60th nationally) and similar to years in the past, Symantec will join our Silicon Valley peers including Google, Facebook, LinkedIn, SAP and others in hosting an Energizer Station for Bike to Work participants. At the Energizer Station riders can visit for snacks, drinks, free give-aways, to mingle with fellow riders or just to take a breather!

A few fun facts that we hope will inspire some of you to leave the keys at home and opt for your bike this Bike to Work Day:

• There are numerous health benefits from biking – reduced stress, increased strength and flexibility, increased cardiovascular fitness and stamina, with less impact on the body as with other forms of exercise such as running
• Even when factoring in pollution in many dense cities, it is still more beneficial to engage in active transportation than not to, according to recent studies
• Bicycling makes your brain stronger[1]
• Bikes are up to 50% faster than cars during rush hour[2]
• 40% of all trips in the U.S. are less than two miles[3]
• More than one million San Francisco Bay Area residents live within five miles of their workplace and over 62,000 residents in the area use their bicycle as the primary way to get to work in the morning[4].
• Can you guess the 20 most bike-friendly cities on the planet? Click here for the 2015 list from Copenhagenize Design Company.

For any bike commuter expert or novice, the League of American Bicyclists provides helpful general bike commuting how-to and road safety tips including how to choose the right gear and reasons to commute by bike (if you aren't already convinced).

We hope to see you spinning your wheels out on the road this Bike to Work Day!

Ashley Savageau is Symantec's Community Relations Manager

Email is still the most popular and pervasive tool cybercriminals use to launch and distribute threats such as malware. According to the Symantec Internet Security Threat Report (ISTR) Vol 21, there were approximately 190 billion emails in circulation each day in 2015, a number that we predict to grow by as much as 4% by the end of 2016. For criminals who want to hit the largest number of people electronically, email is still the favored mean to do it.

Meanwhile, many organizations turn to cloud-based email and productivity solutions such as Microsoft Office 365; in fact, Gartner predicts that by 2018, cloud office systems will achieve a total market penetration of 60%.

But with the migration to cloud-based services, what about security?

Office 365 includes signature-based anti-malware and anti-spam protection capabilities, but additional services or add-ons are required for handling more advanced threats, such as zero-day attacks. While providing a good basic foundation, the built-in security features of Office 365 are not as effective against today’s sophisticated attacks.

How do enterprises protect themselves while using Office 365?

Fortunately, Symantec can help you enhance the security of your Office 365 deployment.

In this first installment of a series looking at the security recommendations for Office 365, I’d like to explain in more detail about a few of the key capabilities of Symantec Email Security.cloud and how it can augment the security of Office 365.

Intelligent real-time link following and advanced heuristic technology

Symantec Email Security.cloud traces full or shortened redirect links all the way back to their final destinations, analyzes the content, and prevents emails with bogus links from ever showing up in your users’ inboxes—all in real-time.

Skeptic, Symantec’s advanced heuristic technology, interprets and analyzes more than 8.4 billion email messages and 1.7 billion web requests collected daily by Symantec’s Global Intelligence Network, which is made up of more than 63.8 million attack sensors and records thousands of events per second.

Overall, Skeptic uses all these components to detect and block new forms of malware.

This lets you catch and stop zero-day attacks and sophisticated threats that traditional anti-malware solutions typically miss. Think of this as an extra intelligent, adaptable layer of protection for your organization that can stop evolving and changing malware.

Industry-leading SLAs with guaranteed results

Symantec Email Security.cloud is delivered through high available, top-tier data centers located around the globe. And we back our claims with very stringent service level agreements (SLAs).

For example, credit back or other remedies provided if performance targets are not met: 100% protection against known and unknown email viruses, no more than .0001% false positives, 99% spam capture, 100% email delivery and service uptime, and more.

Symantec helps you transition to the cloud with confidence

Microsoft Office 365 is an excellent platform to enhance your productivity and while it does include some security measures, you should enhance and extend security measures with Symantec. To fight advanced threats, you need advanced protection. Symantec Office 365 Protection helps fill in the security gaps that Office 365 misses. We help enhance the security of Office 365 and most of all, create defenses to help protect your organization and your sensitive data.

Looking for more insights?

Visit Symantec Office 365 Protection

Since 2015, Symantec has been supporting Mouse, a national youth development organization that uses technology as a catalyst to engage, empower, and inspire underserved youth. Our 2015 grant helped Mouse create and launch a Security, Identity & Privacy addition to the organization's Web Literacy curriculum. The curriculum was piloted in schools, available via Mouse's online platform and offered as an open resource via Mozilla Foundation's web literacy platform.

Our additional grant in 2016 will expand and deepen the number of engaged students and educators participating by developing new lesson-based media that engages learners in difficult concepts. This includes seven new activities that use active, engaging lessons to teach key technology safety lessons such as creating strong passwords, reading Terms of Service agreements, and avoiding phishing scams.

Today we thank Mouse Senior Director, Learning Design, Marc Lesser for joining us to provide a look into the importance and impact of these programs. 

Privacy and security are topics that have endured decades of heated concern and debate by parents and educators that, in the end, have mostly yielded results that perpetuate a familiar fear narrative, where “stranger danger” lurks behind every new chat window.

Enculturating a sense of danger has been the prominent education strategy deployed to address privacy and security in technology for learners at almost every level.  Even as youth spend evermore time online and we prepare them to harness the same information and tools to face the very dynamic problems of their time.

On the one hand we create a landscape of fear, and on the other hand, we aim to foster a culture of exploration and empowerment. There are a number of problems with this approach. At Mouse we believe a central one is that fear typically keeps us from learning how things work, not the other way around.

That being said, the challenge of doing things in a new way is big. Questions loom:

• How do we fulfill learning outcomes that include privacy and security but strike young people as practical and not preachy?
• How do we balance our encouragement of youth to “participate” in an information-rich culture with cautions about the risks that might be part of their experience?
• How do we make any of it engaging to 12-17 year olds, most of whom haven’t thought much about any of it, if at all?

Almost two years ago, philanthropic support from Symantec helped learning designers from our team at Mouse create and launch a Security, Identity & Privacy addition to our Web Literacy curriculum.

In the fall of 2015, we began testing new learning experiences with middle and high school students in New York City. We started by focusing on the internet, where students in the United States are all living at least part of their lives. We looked for ways that privacy and security fit into a larger group of competencies that support students as citizens of an information web that is more ubiquitous than ever. And we carried over principles from our experience in Positive Youth Development that starts every brainstorm with the potential of each young person, not the problem or dangers they face.

In a game called Ring ToS, learners experience the casual fun of carnival games while contemplating serious issues, like the privacy they surrender in website Terms of Service agreements.

A lesson called Phish Market aims at helping students to understand how easily scams are created in order to build their understanding about what to look out for.

Another example, Ad Battle, gets groups to role play the inner-workings of advertising servers to build technical literacy about how ads work on the internet, and how private information can and can’t be used by advertisers.

With Mouse, students learn how to make the most of technology in creative and innovative ways, while balancing the need for privacy and protection.

As a result of Mouse’s preliminary pilot, educators involved report that students have increased web literacy competencies in key ways including:

• 100% improved competencies in managing and maintaining account security
• 83% increased knowledge in how unsolicited third parties can track users across the web
• 83% view debating privacy as a value and right in a networked world

Mouse is grateful to continue this work in the coming year with renewed support from Symantec. We’ll work with new educators to disseminate learning content, and turn our focus to graphics and video that can support learners in visualizing difficult concepts.

To learn more and follow our progress, find us at https://mouse.org/.

About Marc: As the Senior Director, Learning Design at Mouse, Marc engages and inspires students to be leaders, innovators, creators, makers and thinkers, and is recognized as a visionary leader within the ed tech community. Specifically, he directs the design and development of web-based and live learning environments for Mouse.

He holds a Master’s degree from NYU’s Educational Communication & Technology program, is co-founder of Emoti-Con! the NYC Youth Digital Media and Technology Festival and, in 2012, was named a National School Boards Association “20-to-Watch” among national leaders in education and technology.

“If you know the enemy and know yourself, you need not fear the result of a hundred battles. If you know yourself but not the enemy, for every victory gained you will also suffer a defeat. If you know neither the enemy nor yourself, you will succumb in every battle.” Sun Tzu.

Sun Tzu’s words still resonate today. Organizations who know their adversaries, while being aware of their own strengths and vulnerabilities, stand a better chance in the ongoing cyber security war. Don’t wait until after your organization has been attacked to bolster your security posture. Go on the offensive against attackers. 

What are some measures to ensure your organization is cyber resilient and ready for battle? We created the following tactical cyber security checklist based on best practices from the 2016 Internet Security Threat Report (ISTR), our annual report which provides an overview and analysis of the year in global threat acitivity. 

1. Ensure all devices allowed on company networks have adequate security protections.
   Use active monitoring and configuration management to maintain an up-to-date inventory of devices connected to the enterprise network. This includes servers, workstations, laptops and remote devices.
    
2. Implement a removable media policy.
   Where practical, restrict unauthorized devices such as external portable hard-drives and other removable media. Such devices can both introduce malware and facilitate intellectual property breaches, whether intentional or unintentional. If external media devices are permitted, automatically scan them for viruses upon connection to the network and use a data loss prevention (DLP) solution to monitor and restrict copying confidential data to unencrypted external storage devices.
    
3. Be aggressive in your updating and patching.
   Update, patch, and migrate from outdated and insecure browsers, applications, and browser plug-ins. This also applies to operating systems, not just across computers, but mobile, ICS, and IoT devices as well. Keep virus and intrusion prevention definitions at the latest available versions using vendors’ automatic updates. Most software vendors work diligently to patch exploited software vulnerabilities; however, such patches can only be effective if adopted in the field. Wherever possible, automate patch deployments to maintain protection against vulnerabilities across the organization.
    
4. Enforce an effective password policy.
   Ensure passwords are strong and at least 8 -10 characters long with a mixture of letters and numbers. Encourage users to avoid re-using the same passwords on multiple websites, and sharing of passwords with others should be forbidden. Passwords should be changed regularly—at least every 90 days.
    
5. Ensure regular backups are available.
   Create and maintain regular backups of critical systems, as well as endpoints. In the event of a security or data emergency, backups should be easily accessible to minimize downtime of services and employee productivity.
    
6. Restrict email attachments.
   Configure mail servers to block or remove email that contains file attachments that are commonly used to spread viruses, such as .VBS, .BAT, .EXE, .PIF, and .SCR files. Enterprises should investigate policies for PDFs that are allowed to be included as email attachments. Ensure that mail servers are adequately protected by security software and that email is thoroughly scanned.
    
7. Ensure that you have infection and incident response procedures in place.​​

• Keep your security vendor contact information handy, know who you will call, and what steps you will take if you have one or more infected systems.
• Ensure that a backup-and-restore solution is in place in order to restore lost or compromised data in the event of successful attack or catastrophic data loss.
• Make use of post-infection detection capabilities from web gateway, endpoint security solutions and firewalls to identify infected systems.
• Isolate infected computers to prevent the risk of further infection within the organization, and restore using trusted backup media.
• If network services are exploited by malicious code or some other threat, disable or block access to those services until a patch is applied.

While you check off these best practices, be sure to also test, test, and test. Are your security solutions updated regularly? Do you know how your team will respond in the event of a data breach? It’s important to constantly test not only your security technology but also the teams that manage the solutions to stay ahead of threats. 

I currently run SEP v 12.1.6 in what I believe is an unmanaged account status - I am federal employee and our agency uses SEP and employees have be extended the use of SEP on their home computer systems. 

I am currently receiving a pop-up alert that svchost.exe is being blocked. Upon investigation, this blockage is associated with my Windows Media Center and specifically with my "exetender", which is a Ceton Echo Media Extender. At present, I run my televisions through Windows Media Center and the extender (Ceton Echo) is necessary to connect the TV with Windows Media Center on the TV. With svchost.exe being blocked, my Ceton is unable to connect to Windows Media Center. I have been running my TV's through Windows Media Center ever since I purchased my computer several years ago. The operating system on my computer is Windows 7. 

I have read some blogs that suggest IPv6 is being blocked, causing this alert. I turned off IPv6 and restarted the computer, but this did not fix the problem. 

Can anyone provide assistance to help me fix this issue?

Tom