In large environments, it’s imperative to have a sound reporting and monitoring strategy around your backup and recovery infrastructure.  You need to know if your backups are running successfully, your boss needs to be able to show management that the company has a working solution that is delivering protection results, and in many cases, passing audit. If you don’t have this ability, then how do you know you’re getting a good return on your investment?  How can management justify that they are running the right solution? Here are a few valuable NetBackup OpsCenter benefits:

• Better predict backup storage consumption across multiple locations through maintained historical backup and archive job information.
• Reports can be created around one of the most highly managed areas of NetBackup: the policy and schedule engine.
• People can be less removed from day to day operations, and have centralized reporting for backup and archive operations.
• Business reporting previously available with VBR - including historical trending and predictive forecasting, cost analysis reports, complete report customization and support for 3rd party data protection products - now included in the OpsCenter package.

At Symantec Vision 2013 the week of April 15th in Las Vegas, come learn about one of NetBackup’s most ambitious and exciting changes in how you monitor and manage your NetBackup environment.  In this session, “Moving Beyond “Dudes with Spreadsheets”:  Monitor and Report on Your NetBackup Environment with OpsCenter”, we will enable you with information on how NetBackup customers are using OpsCenter to gain increased efficiency in their backup and recovery operations. We will take a deep dive into the roadmap covering how Symantec is bringing together optimal functionality across NetBackup, OpsCenter, and NetBackup Appliances into one platform. See our upcoming designs and have a chance to provide direct feedback to our Engineering team. The session time is:

• Thursday April 18th, 9:00-10:00am PST

For more details on this session and others, please visit our Vision Session site at:

Symantec Vision 2013 Session Search Catalog

Action Plan:

1. This week:  Attend our session
2. 30 days:  Stay tuned for collateral and information about what’s coming in NetBackup 7.6., and look for our new collateral available for enhancements to OpsCenter.     
3. 60 days: Engage your Symantec Sales and Specialist teams for discussions and lunch and learns around how NetBackup monitoring and reporting can benefit your business.

Not attending Vision?  There’s still time to register here:

http://www.symantec.com/vision/registration/?locid=las_vegas

More Information on NetBackup 7.5:

http://www.symantec.com/netbackup

www.netbackupdemo.com

http://www.symantec.com/opscenter-analytics

https://www-secure.symantec.com/connect/downloads/netbackup-activities-vision-2013-las-vegas-nv-april-15th-18th

Here is the PPT deck from the April User Group meeting. If you have any questions reach out to Jon Sharp (jon_sharp@symantec.com).

Jon Eyre

Train. Certify. Succeed!

Symantec to Partner with Pearson VUE

Effective June 24, 2013, all Symantec Technical Certification (SCS, SCP) and Technical Accreditation (STS, ASC) exams will be available exclusively at Pearson VUE testing centers worldwide. This transition globally impacts Symantec customers, partners and employees.

The Symantec Certification Program is pleased to announce Pearson VUE as its new, global certification exam delivery partner. Pearson VUE is widely known as an industry leader in providing computer-based test delivery. The partnership will result in a more efficient and engaging testing service with additional locations for examinees. Pearson VUE’s advanced registration and delivery technologies simplify the registration process, allowing faster registration, broader access to exams in over 175 countries and greater exam security to protect your investment in Symantec training and certification.  

How will this change affect Symantec Technical examinees?

Examinees who previously took their Symantec technical accreditation (STS, ASC) or certification (SCS, SCP) exams at Prometric test center locations will need to begin taking these exams at a Pearson VUE location. There is no change to the credential programs; Technical Certifications and Technical Accreditations achieved at a Prometric testing center will remain valid through their expiration dates. To quickly and easily connect to the registration sites visit the Pearson VUE’s website, Symantec Education Services’ Certification Program website, or the Symantec PartnerNet website.

When will Pearson VUE begin delivering Symantec exams?

Test delivery at Pearson VUE will begin June 24, 2013. Candidates may begin scheduling their exam appointments on June 3, 2013 and sit for exams June 24, 2013 at 8:00 AM US Central Standard Time.

Our current relationship with Prometric will remain through 11:59 PM US Central Standard Time, on June 23, 2013. Candidates may continue to take exams and use Prometric exam vouchers at Prometric Testing Centers worldwide until that date.

Will Pearson VUE accept Prometric exam vouchers?

Pearson VUE will accept valid training bundle and pay-upon-redemption Prometric exam vouchers for Symantec exams. Candidates will only need to provide the Prometric voucher number when registering for their exam with Pearson VUE. 

If a candidate has purchased a pre-paid voucher directly from Prometric, it will expire if not redeemed and an exam completed at Prometric by June 23, 2013. Prometric will not offer a refund for any pre-paid voucher that is not redeemed and an exam completed by June 23, 2013. The exception is for candidates who received a SCS or SCP certification voucher from Symantec Education Services, as part of a training bundle; Symantec and Pearson VUE will honor those vouchers.

Symantec Education Services will contact candidates with exam vouchers and encouraging them to redeem pre-paid vouchers that were purchased directly from Prometric.

Where can I find more information and answers to frequently asked questions (FAQs)?

Review the detailed FAQs about this announcement.

For more information about the Symantec Technical Certification and Technical Accreditation Program, contact Global_Exams@symantec.com

Our Professional SEO Services has the following steps or approach

• We make sure that the content of your website is well written and most importantly well presented to the client, in a simple and well informed manner. The content is also high on the readability factor.
• The framework and the designing code of your website is important as that might determine the time for which your client has to wait for the page to open.
• We look into the links that are present in your website and check whether all are still active, increasing the number of healthy acts as a significant contributor.
• We keep various web directories informed about your website.

With our services you can increase the visibility of your website considerably and provide yourself with a chance to gain the top ten SEO rankings in search engines. Since we provide affordable SEO services we are well known among our clients and also for customer satisfaction. We have professional SEO services for delivering offshore services in India. Our work hence is well known and appreciated everywhere.

Search Engine Marketing ::

You can use our search engine marketing services to enhance sales through few of the best search engines in the web. We deliver professional SEO services that help increase sales in websites like Google, Yahoo, MSN etc. This form of online advertising is pocket friendly and provides to you the largest platform for advertising your product. To top it, we make matters more convenient for you by delivering affordable SEO services at your doorstep.

We at AM Technologies understand your needs better than anyone else and hence our developers are able to provide you with the most effective SEO services available in the market. Being one of the leading firms that provide professional SEO services we have a reputation that is unparalleled in this field. We have a number of clients who use our search engine marketing services, both Indian and offshore. Those who have experience of our services have appreciated our work and given positive comments about the affordable SEO services that we deliver.

With AM Technologies you gain access to professional SEO services like

• Complete background knowledge of your project work and similar working procedure
• Along with optimization of page rank we also have services like web editing and web designing that we provide at cheap rates
• The quality of developers we provide for your project is excellent as they are few of the most efficient developers any firm provides
• They maintain the time limits and never compromise on the quality of work that is being undertaken

Social Media Marketing ::

Social media marketing services have various advantages for your business that is cost effective and provides high returns

• You make very high commissions at very less expenditure
• Here you can gather clients and propagate your business at the same time
• Through professional social media marketing you can potentially expand your business and its network worldwide
• Social media marketing in India and abroad is very useful as it allows very high interaction with the clients.

If you interested in our Services please visit free our website: http://www.amtechnologies.in/seo-services-india.php

A couple of weeks ago, Google announced it would be canning its Google Reader service. Not a particularly strategic tool you might think - it simply enabled users to collate and organise feeds from news, blog and other content sites.

For those still using the product however, this is a problem. Google Reader offers a window onto the world of web content, and its removal is tantamount to walking into someone's house and removing their TV set. Or the calendar from the wall. Or, in the corporate environment, a library shelf full of books and newspapers. You get the picture.

Plenty of Google Reader users exist - as illustrated by the Change.org petition (LINK: http://www.change.org/petitions/google-keep-google...) which is currently running at nearly 150,000 responses. Clearly, if anyone thought that the reader was no longer used, a lot of people never received the memo.

Should we care? After all, Google was offering a free service and what you don't pay for, you can't complain about, right? Perhaps. Equally, surely other RSS readers exist? Indeed they do - Feedly, Bloglines and their ilk all provide similar services.

Equally, this is not just about Google Reader. Numerous applications and services have been withdrawn from use over recent years - Twitter's acquisition and subsequent end-of-life-ing of the Tweetdeck desktop app for example. And others have had functionality impaired - for example the RememberTheMilk task management application, which relied upon (now defunct) Google Gears. (LINK: http://www.rememberthemilk.com/services/googlegears/)

There's a debate to be had about whether vendors have a duty of care to users of 'free' (aka advertising-supported) products, and this is not the place for it. All the same, use of such tools continues to broaden in corporate environments. Social networks, online storage and collaboration tools, voice over IP, messaging and the like, smart devices and 'freemium' mobile apps make up an increasing part of the average employee's technology toolkit.

Yes, sometimes, a personal email account may be used to send a file which is too big for the corporate system to handle. Or it may be well known that the best way of getting hold of a busy executive is via Twitter - his/her phone always goes to voicemail.

We can, equally, debate the meaning of the term 'consumerisation'. From the IT department's perspective, use of non-corporate kit and online services is something to either be embraced or avoided, depending on who you ask. For sure, helpdesk staff bear the brunt - inundated with calls about how so-and-so device can't connect to the board room projector via Bluetooth.

Beyond all such debates lies both an opportunity and a growing risk. To take a specific example, nurses working on wards now have access to simple, cheap mobile apps which can help them do their daily jobs. Sometimes these cost a nominal sum of money, sometimes they don't. But the apps are useful, and the nurses are using them to the benefit of patients. Should such behaviour be prevented?

If corporate IT has achieved anything over the years it has - like all good bureaucracies - delivered a level of continuity and stability of service for its users. Whatever the potential of our increasingly fragmented, cloud-based and mobile IT landscape, businesses and public bodies cannot build themselves on technological sand.

It is for this reason that IT departments will always have a role, wherever technology resides and however it is delivered. As examples such as Google Reader illustrate, users of many free services have little recourse should they be withdrawn. We need our in-house specialists to triage both services and service providers, and as a result, deliver the capabilities we need to do our jobs. But we also need them to work directly with front-line users, rather than acting as a bottleneck.

Technology is not going to get any simpler. But recognising IT's vital role - as keepers of the keys of service delivery - offers both a starting point and a route through what is an increasingly complex landscape.

I am really looking forward to Vision this year.  For me it is a chance to see friends and colleagues from around the world.  There are quite a few good sessions this year I am looking forward to.

If you are around on Monday I highly recommend Patti's session.

IA B48 - Enterprise Vault Administrator’s Secrets

• Patti Rodgers - Sr Princ Business Critical Engineer, Symantec

This session explores some of the lesser-known features and functions of Symantec Enterprise Vault and shares “secret tips” from administrators. Configuring multiple welcome messages, task-level Global Catalog binding, power database queries, and filtering spam from your journal archiving are just a few of the power tips!

One of the complaints I have heard in the path is that sessions aren't technical enough, well this should solve that!  :)

Also, be sure to check out this one,

IA B52 - Launching Enterprise Vault 10.0.4 – No Ordinary Maintenance Release

• Rick Krieger - Product Manager, Symantec

Symantec Enterprise Vault 10.0.4 is scheduled for release in the summer of 2013 with many new features. This session is a deeper technical introduction to headlining features such as Enterprise Vault Extensions and new PST migration capabilities. Enterprise Vault Extensions provide a way to get many different forms of content into Enterprise Vault, whether that be UNIX files, social media, or Exchange 2010 personal archives. Learn how 10.0.4 will make an Enterprise Vault administrator's life easier. The discerning Enterprise Vault customer will not want to miss this session!

Don't worry if you can't make it to Vision, I plan to blog daily with updates!

If you are going, see you there.

Tony

Just wrapped up attending IA B48 - Enterprise Vault Administrator’s Secrets, what a great session by Patti Rodgers!  I won't steal any of her topics and material as I am sure it will be posted soon enough but lots of good content there and really good audience participation.  We need more of these kind of technical sessions!

Be sure to check out Patti's whitepaper on Monitoring EV:

Advanced Strategies for Monitoring Enterprise Vault

Our own Rob Wilcox contributed!

Don't forget there is Vision On Demand if you can't be here: https://www-secure.symantec.com/connect/visiononde...

Now off to do some socializing!

Cheers,

This is the first year Symantec Education Services has offered free e-learning at Vision to help customers prepare to get Symantec Certified.  According to Vision alumni and customer Melvin Smith from General Dynamics: "Having the free e-learning is worth its weight in gold!"

The Symantec Internet Security Threat Report (ISTR) 2013 reveals how the threat landscape is evolving, compiling information from more than 69 million attack sensors in 157 countries around the world. This year’s report shows more targeted attacks, an increasing focus on smaller businesses, and the continued development of new threats.

Targeted attacks, hacktivism, and data breaches

Targeted attacks saw a 42 percent increase in 2012, bringing the average number up to 116 per day, with a corresponding increase in data theft and incidents of industrial espionage. Attackers appear to be changing their targets as well. Small businesses make up a larger percentage of those targeted for attack than in 2011—a threefold increase—with 31 percent of all targeted attacks directed at companies with fewer than 250 employees. Attackers are evidently finding valuable data to steal from such small companies and fewer defenses in place to stop them. Manufacturing is now the most targeted business sector, making up 24 percent of targeted attacks.

One of the most significant innovations in targeted attacks is the emergence of watering hole attacks. The attackers compromise the security of a website that an intended target is likely to visit and once the target visits the website, their computer becomes infected with malware. This successful tactic, popularized by a group known as the Elderwood Gang, has infected up to 500 companies in a single day.

Data breaches declined in 2012, but the number of identities stolen increased, totaling nearly 240 million. Healthcare, education, and government accounted for the majority of these identities stolen, and while most reported breaches were due to outside attacks, the risk of insider-caused attacks remains high.

Vulnerabilities, exploits, and toolkits

Zero-day vulnerabilities increased to 14 in 2012, and overall vulnerabilities rose to 5,291. Also increasing are mobile vulnerabilities, up to 416 discovered last year. Cybercriminals use these vulnerabilities to compromise the security of their targets, which are particularly vulnerable when they fail to frequently apply patches and updates. This failure on the part of IT is largely responsible for an increase of 30 percent in attacks while new vulnerabilities are increasing at a much slower pace.

Even those without technical skill can become cybercriminals through the use of toolkits, which use previously discovered vulnerabilities in browsers and plugins to perpetrate attacks. The toolkit called Blackhole made up 41 percent of all Web-based attacks in 2012.

Social networking, mobile, and the cloud

Social networks are the new source of spam, with fake offerings making up 56 percent of social media attacks. These are made easier by the personal information made publicly available and the propensity of people on these sites to share links and data with others. Other tactics include creating fake “like” buttons that install malware, or tricking users into downloading fake browser extensions.

Mobile vulnerabilities are rising, with 387 reported for Apple iOS alone. By contrast, the Android platform only showed 13 vulnerabilities, yet its large market share, open platform, and multiple distribution methods for applications, likely accounts for the fact that the majority of mobile threats are directed at Android devices (158 of 163 unique threats). Overall, mobile malware increased by 58 percent in 2012.

As more businesses take advantage of cloud computing, they enjoy overall greater security and lower costs. But there are security concerns with the cloud as well. Retrieving data from a disreputable cloud provider can be a challenge, and attackers are discovering that attacking these providers can yield large amounts of data. In the future, attackers may also begin to attack virtual machines that are used to support the cloud infrastructure.

Spam, phishing, and malware

As social media spam picks up and authorities crack down on botnets, traditional spam has been declining slightly from 75 percent of all email in 2011 to 69 percent in 2012. Pharmaceutical spam has been replaced by adult/sex/dating spam as the most common form, accounting for 55 percent of spam. Despite the decline, 30 billion spam emails are still sent each day. The shift in cybercriminals’ tactics is also evident in the decline of email as a phishing vector. Overall, one in 414 emails is now a phishing attempt, down from one in 299 in 2011.

Malware is found in one out of every 291 emails, and among those emails 23 percent contain URLs linking to websites with malicious code. Every day, approximately 247,350 Web-based attacks were blocked, an increase of 30 percent over 2011. 2012 also represented the first wide-spread case of malware specifically targeting Macs, with the Flashback attack exploiting a Java threat to infect over 600,000 Mac computers. The number of Mac-specific threats is now on a general upward trend. Other new malware attacks include ransomware, which locks the computer until the user pays a fee to the cybercriminal.

For more details on the current threat landscape, see the full ISTR.

Some of us are numbers people.  We like nothing more than digging into a big batch of numbers.  I confess I’m the other type of person. I still fumble around a spreadsheet and can’t add without the aid of a calculator. For numbers people the ISTR is a terrific document. This year’s report is 160 pages of numbers that do a pretty good job of describing the threat landscape. If you’re a numbers person, feel free to dig in to the full report. You can also check out highlights in this graphic.

If you’re like me, and not really a numbers person, then read on. I’ve bullied my way through the numbers so you don’t have to. Let me give you the highlights, some of the interesting correlations of numbers we’ve made and even a few insights the “numbers guys” might end up missing.

Targeted Attacks Are on the Rise

It seems like every week we hear of a big named company that’s been attacked. There is a reason for that— targeted attacks, meaning those attacks focused on specific organizations or individuals, rose 42 percent in 2012. These attacks are aimed at everyone in an organization, from the CEO down to the person reading a shared mailbox like info@yourcompany.com. In 2012, knowledge workers - people who work with sensitive company IP and sales employees were the most common targets – but, all employees are at risk. 

Small Businesses Are in the Line of Fire

The end goal of cybercriminals is theft of information, often intellectual property that can be sold to competitors or otherwise monetized. And while larger businesses have a greater amount of information to steal, smaller companies also have intellectual property, including information given to them by large businesses with which they have relationships. Thirty-one percent of targeted attacks today are aimed at businesses with fewer than 250 employees. This is a significant threefold increase from 2011.

Poor Website Security Puts us all at Risk

Sixty-one percent of all websites propagating malware are legitimate sites. Using toolkits the bad guys are easily finding and exploiting poor patch management on legitimate websites. This is not driven by a rise in new vulnerabilities; the ISTR documents only a six percent increase in new vulnerabilities.  It’s that 53 percent of legitimate websites have unpatched vulnerabilities. Even targeted attacks, traditionally launched via spear phishing, are taking advantage of this. In 2012 we saw the popularization of watering hole attacks, where attackers break into the websites that their targeted visit.

Mobile Threats Focus on the OS

Vulnerabilities likely will become a factor in mobile malware, but they were not in 2012. Apple’s iOS had the most documented vulnerabilities in 2012, but there was only one threat created for the platform. Compare this to the Android OS; although only 13 vulnerabilities were reported, it led all mobile operating systems in the amount of malware written for the platform. Today Android’s market share, the openness of the platform, and the multiple distribution methods available to applications embedded with malware make it the go-to platform of malware authors.  And the amount of malware for mobile keeps going up. 2012 saw a 58 percent increase in mobile malware families compared to 2011.

There are more highlights—we’ve collected data and analyzed the 2012 trends on malware, spam, data breaches, hactivism, exploits, toolkits and half a dozen other security topics.  I can’t cover them all in a single blog, so you’ll have to check out report for that. Sure there are a lot of numbers in the report, but it’s the best place to get the whole story of the threat landscape.  

1. Assess
2. Prepare and plan
3. Ready to migrate
4. Post-migration management

One of the biggest problems information security encounters is either the perception or reality of slowing down the business. I’ve encountered this myself in my career.  One of the ways I dealt with this problem is through an effective use of the risk assessment process. An effective Risk Assessment process can be the cornerstone or the hub of activity for Information Security.  Picture a group that gets involved in all projects from inception to deployment, understanding all the security needs of their customers, providing iterative security requirements, understanding the needs of the different security groups, and providing management with accept risk reduction or a decision to accept some type of risk. Risk assessment requires a robust process that keeps pace with the project and doesn’t slow it down. Security teams need to make sure all risks are known and addressed in some way prior to construction or development. This way IT/Development has what they need to proceed. If issues arise during the construction or development phase they’re more easily addressed in a timely manner.
 
This can be remedied by a team of risk analysts that are fairly technical, understand technology and security, and know how to build effective relationships with their customers.  In my experience, an effective team of risk analysts are not just checklist jocky’s. Checklist jocky’s are slow, don’t generally understand what they’re assessing, tend to get stuck on innocuous issues and definitely aren’t interested in building a lasting relationship with IT/developers or the business.  This is what creates the bad impression for the business and technologists. However, an effective team of risk analysts are experienced professionals that know how to ask effective questions based upon checklists, engage the customers in a dialog to “understand” the technology or application in question, and are really interested in cultivating lasting relationships. Additionally, these are folks that can be very decisive as to what constitutes a high risk versus a low risk and provide immediate feedback as to how to mitigate a risk. 
 
Your team of expert risk analysts can identify and qualify the risks and how these impact the business in terms the technology and business customers can understand. Now, its one thing to identify a risk, but a whole different activity to provide a mitigation strategy that meets the needs of the protecting the business while at the same time not slowing the delivery of the project for the business. The identification of a good risk mitigation strategy involves another dialog with the technologists and/or the business to “negotiate” a result that works for both in a timely manner. The other important factor is to not identify yet another point security solution to solve any problems, but instead to find solutions within the context of the entire security architecture first and then if you need a security solution make sure that it fits within this security context. I’ve seen this work to the extent that project teams already start to think about the security issues they’ll potentially run into even before Information Security is involved.
 
While the above is but a thumbprint of the details you need to be successful, consider that the key points above can be an important foundation to building better relationships with your customers and help elevate your teams to that of trusted advisor and partner. That’s how you start to change your colors.

Is your backup strategy working for your business? In an environment of exploding data growth, shrinking IT budgets, and increasing regulatory complexity, you need a plan that will help you:

•             Minimize business risk

•             Address complex regulatory/compliance issues

•             Reduce overall TCO

•             Shift capital cost to operating expense

At today’s “Backup as a Service” presentation, senior strategists from HP and Symantec will explain how the companies are working together to solve your business challenges related to backup. Join me there at 2:30 pm.

Contributor: Sandeep Ingale

When it comes to financial organizations, being informed about best security practices is every customer’s right. Many organizations provide this information on their websites to help their customers learn how to take full advantage of the services available to them while staying secure. Interestingly, these Web pages, meant for the guidance and protection of customers, were mimicked by phishers with the intent of tricking people into handing over personal information.

In March, we discovered a phishing site spoofing a popular credit card services company that asked users for confidential information, allegedly for additional security. It should be kept in mind that a legitimate site will never ask for confidential information for this reason.

The phishing site prompts users through a three-step procedure for activating their card and adding higher security. The first step asks users for personal and card-related information. The personal information includes the users’ name, date of birth, residential address, phone number, and email address. The card information includes name of bank, name on card, card number, expiration date, and card verification code.
 

Figure 1. Users asked for personal and card-related information
 

The second step asks users for their social security number, 3D password, and ATM pin number.
 

Figure 2. Users asked for social security number, 3D password, and ATM pin
 

Finally, users are asked to choose an online payment service and then submit their email address and password for the chosen service.
 

Figure 3. Users asked for online payment credentials
 

After the requested information is entered, the phishing site acknowledges the submitted information and states that the card is ready for safe usage.
 

Figure 4. Acknowledgement of submitted information
 

If users fall victim to this phishing site, the phishers would have successfully stolen their information which, more than likely, will be used for financial gain.

Users are advised to adhere to the following best practices to avoid phishing attacks:

• Do not click on suspicious links in email messages
• Do not provide any personal information when answering an email
• Do not enter personal information in a pop-up page or screen
• Ensure the website is encrypted with an SSL certificate by looking for the padlock, “https”, or the green address bar when entering personal or financial information
• Update your security software frequently (such as Norton Internet Security which protects you from online phishing)

  
Today is the day Symantec Vision 2013 ramps up to full speed--with a packed slate of keynotes, super sessions, breakouts and labs, activities, and parties.

Power Up at a Vision Super Session
After the opening keynote, head over to one of four Super Sessions to hear senior Symantec experts share the latest news from key Symantec solution areas. Log in to your session catalog and pre-register for the Super Session that corresponds to your track of interest. All four Super Sessions will be held Tuesday from 11:00 am to 12:00 pm. Since you can only attend ONE Super Session, you can catch the ones you missed online by logging into the Best of Vision On Demand. You can also use this great resource to:
• Collect additional technical information from sponsors and Symantec groups
• Check out videos from the most popular sessions at Vision
• Download Symantec presentations and other materials
 

Get Your Game On at the "Meet Your Match" Party and User Group Challenge
The Vision after hours party scene continues tonight at the Partner Expo Party in the Marquee Ballroom starting at 6:00 pm. Kick the evening off by finding the sponsor partner delegate with your matching badge number and bringing them to the Expo Hall information counter. If you're one of the first three pairs to check in, you'll split a $500 prize. If not, you'll still earn bonus points and there will still be plenty of food, drinks, arcade games, and other great prizes to keep you entertained all evening. Finally, stick around to cheer on your Symantec User Group friends as they compete in a Minute-to-Win-It style competition for the coveted Symantec User Group Challenge trophy.

Play Hacker for a Day
How well do you know your enemy? There's no better way to find out than testing your own hacking skills later today at the Cyber Readiness Challenge in the Marquee Ballroom. From 5:30-7:30 pm, you'll get the opportunity to hack into a live production system, collect flags and earn points, and win all kinds of great prizes--including a $2,500 grand prize. Stop by the Conference Services desk to sign up and join the fun--or just come by and observe the players as they compete.

The unstoppable BYOD trend is crossing over to the mainstream and continues to impact the way businesses must think about and address mobile productivity. Users are mastering mobile devices on their own time and are using them as time-saving tools, creating increased demand on businesses to respond with appropriate policies and technologies to keep their data safe. Symantec’s Internet Security Threat Report, released today, highlights a 58 percent increase in mobile threats targeting these devices, with almost a third designed to steal information. Symantec already offers the broadest array of technologies to keep mobile business data safe, and we have recently added several more items to that list with new updates to the Symantec Mobile Management Suite.

To truly keep business data safe in today’s increasingly complex IT environment, mobility solutions must be able to effectively address the challenges across multiple use cases. Companies need mobile device management (MDM) for some situations and mobile application management (MAM) for many others. Assuring the identity of the user is always important, and protecting data at rest and in motion is critical, but not always easy when you don’t control the device or the communications channels, as with BYOD.

In addition to Symantec’s recent integration of MDM and MAM into a single product and console, we’ve added a new secure email client to address the highest use app for confidential data, single sign-on to simplify the user experience and SSL with URL whitelisting to protect data in motion. Together, these additions support Symantec’s promise of high mobile productivity and flexibility with the seamless coexistence of personal and business use on the same device.

Secure email included as part of the Suite
New to the suite is a secure email client for both iOS and Android platforms, providing safeguards to users’ email, calendar, address book and to-do lists. Administrators are able to configure multiple policies specific to individual groups of users, including Exchange server and user names, passcode requirements, SSL requirements, copy and paste restrictions, widget controls, and synchronization and attachment size limits. This new free secure email client may be easily configured and controlled through the Mobile Management Suite console.

Single sign-on across wrapped apps
With the suite’s new single sign-on capability, end users are now only required to login once for access across multiple wrapped apps. Administrators are also able to apply controls to this feature, such as designating time allowances for a single sign-on session. Authentication sources include LDAP and SAML, plus new integrations with Symantec O3 and CA Siteminder. The benefit of single sign-on is two-fold – it improves the end user experience by simplifying the authentication process and it improves security by enabling broader usage of authentication controls. Multiple authentications may be centrally managed more easily and tied to changes in group policies and authorizations.

SSL policing and URL whitelisting for secure app connections
Much of today’s business productivity relies on third-party apps on mobile devices. Although these apps provide key functionality, they are not always designed or able to deliver data protection once it leaves the device. By adding SSL policing to the app-level policies and enforcing URL whitelist rules, data in motion will be encrypted and guaranteed to only be delivered to the server or service preconfigured by the business.

With these recent enhancements, the Symantec Mobile Management Suite – a single solution for mobile device management, mobile application management and mobile security – addresses a broader range of mobile productivity use cases, while also meeting the demands for business data protection and personal privacy. Competitive technologies, such as sandboxing and mobile virtual machines, force a compromise on user productivity, privacy or both. Symantec doesn’t believe in “balancing” the productivity and flexibility needs of users against the data protection requirements of IT, or compromising on either charter; both must be executed to the highest degree. This is the secure coexistence of professional and personal that Symantec is delivering, all through a single, integrated solution.

Additional Information and Details

• Data Sheet: Symantec Mobile Management Suite
• Symantec Mobile Solutions

寄稿: Sandeep Ingale

こと金融機関について言えば、基本的なセキュリティ対策（ベストプラクティス）を知ることは、すべての顧客の持つ権利です。多くの金融機関はこういった情報を Web サイトに掲載しており、顧客が安全を保ちつつサービスを十分に利用するための方法を伝えています。しかし皮肉なことに、顧客を保護するための案内であるはずの、こうした Web ページがフィッシング詐欺師に模倣され、ユーザーを欺いて個人情報を引き出す目的に利用されています。

3 月にシマンテックが発見したフィッシングサイトは、有名なクレジットカード会社に偽装し、セキュリティ強化のためと称してユーザーの個人情報を要求するものでした。正規のサイトがこのような理由で個人情報を要求することは絶対にありません。その点を忘れないようにしてください。

このフィッシングサイトは、ユーザーのカードを有効化してセキュリティを強化すると称して、3 段階の手順に従うよう指示します。第 1 段階では、ユーザーの個人情報とクレジットカード情報を入力するよう求められます。個人情報として要求されるのは、ユーザーの名前、生年月日、現住所、電話番号、電子メールアドレスなどで、クレジットカード情報として要求されるのは、銀行名、カード記載の名義、カード番号、カードの有効期限、カードの確認コードなどです。
 

図 1.個人情報とクレジットカード情報を要求される
 

第 2 段階では、ユーザーの社会保障番号、3D セキュアパスワード、ATM の暗証番号を要求されます。
 

図 2.社会保障番号、3D セキュアパスワード、ATM の暗証番号を要求される
 

最後に、オンライン送金サービスを選択し、そのサービスに使っている電子メールアドレスとパスワードを入力するよう求められます。
 

図 3.オンライン送金サービスのログイン情報を要求される
 

要求された情報の入力が終わると、送信した情報がフィッシングサイトで確認され、安全にカードを使えるようになったというメッセージが表示されます。
 

図 4.送信した情報の確認
 

このフィッシングサイトに騙されたユーザーは、各種情報を盗まれ、その情報は高い確率で金銭の詐取に悪用されてしまいます。

フィッシング攻撃を防ぐためにできる限りの対策を講じることを推奨します。

• 電子メールメッセージの中の疑わしいリンクはクリックしない。
• 電子メールに返信するときに個人情報を記述しない。
• ポップアップページやポップアップ画面に個人情報を入力しない。
• 個人情報や口座情報を入力する際には、鍵マーク、「https」の文字、緑色のアドレスバーなどが使われていることを確かめ、その Web サイトが SSL で暗号化されていることを確認する。
• ノートン インターネットセキュリティなど、オンラインフィッシングを防止するセキュリティソフトウェアを頻繁に更新する。

* 日本語版セキュリティレスポンスブログの RSS フィードを購読するには、http://www.symantec.com/connect/ja/item-feeds/blog/2261/feed/all/jaにアクセスしてください。

Secure Hash Algorithm 256 (SHA-2 or SHA-256) support on Symantec Code Signing for Individuals and Symantec Code Signing for Organizations is available starting April 1st, 2013 on the following Symantec Code Signing platforms: Microsoft® Authenticode™, Java™, Adobe® Air® and Microsoft® Office Visual Basic® for Applications (VBA). You will be able to select the option for SHA-2 through the ordering pages, reissue process and via the Application Programmatic Interface (API) for QuickOrder, QuickInvite and Reissue.

SHA-2 was published by National Institute of Standards and Technology (NIST) as U.S. Federal Information Processing Standard.

Please note that some older applications and operating systems do not support SHA-2, for example, Windows™ XP Service Pack 2 or lower does not support the use of SHA-2. Java SDK 1.4.2 or higher needs to be installed and used on the server for SHA-2 support for Java server support.

If you are using a Windows environment, please refer to the following blog for SHA-2 deployment:  http://blogs.technet.com/b/pki/archive/2010/09/30/sha2-and-windows.aspx

Please refer to http://docs.oracle.com/javase/1.4.2/docs/guide/security/CryptoSpec.html for SHA-2 deployment on Java servers.

In addition, Apache™ version 2.x or higher is required to support SHA-2 on Apache based servers and Open SSL 1.1.x will be required  for certificate signing request and private key generation.

SHA-2 support is available to you as option in securing your code signing certificates. Please select the secure hash algorithm that is aligned with your corporate policy.

Contributor: Christopher Mendes

On the afternoon of April 15, 2013, just when many people were on the cusp of conquering another personal milestone by completing the Boston Marathon, they were hit hard by an act of cowardice. Two bombs struck near the finish line of the Marathon on Monday. Within hours of the bomb blast, large malware-laden spam emails started doing the rounds.

Symantec customers are protected from this attack. Symantec blocks the attack by multi-level detection using Antispam, Intrusion Prevention System technology (IPS), and antivirus (AV). The AV detects the downloaded file as Packed.Generic.402. IPS detects the attack as Web Attack: Red Exploit Kit Website.

The spam email is very simple. The message body contains either a link to [REMOVED]/news.html or [REMOVED]/boston.html.

Figure 1. Examples of spam emails

Clicking the link opens up a compromised Web page as shown in Figure 2. The Web page shows a series of videos of the attack site. There is an unloaded video at the bottom of the Web page that leads to the Red Exploit Kit which exploits various vulnerabilities on the user’s computer. Once an exploit has been successful, the user sees a popup asking them to download the file boston.avi_______.exe.

Figure 2. Compromised Web page

The spam email messages may have the following subject lines:

• Subject: 2 Explosions at Boston Marathon
• Subject: Explosion at Boston Marathon
• Subject: Explosion at the Boston Marathon
• Subject: Boston Explosion Caught on Video
• Subject: Boston attack Aftermath
• Subject: Boston Aftermath

Figure 3. Boston marathon spam email volume

The spammers’ intention is not to share videos or information regarding the bomb blast but to exploit a terrible tragedy to spread malware.

Don’t fall prey to such despicable acts! Symantec recommends users not to click on suspicious links in email messages and to update security software frequently.

More info. 

If you are looking at tuning performance of your backups generally, recommend you to go through the Backup Exec 2012 performance tuning guide:

The actual size of the write operation during a backup job can be verified using Procmon. Filter the output of Procmon to entries from beremote.exe with writefile operations with the details column showing the actual length of the write operation. Additionally the VMWare Agent backups can be debugged.