5 Threats of Security Breaches to Businesses

Posted by Stefanie Kober Tue, 15 Jul 2014 12:41:00 GMT

The year 2013 is synonymous with cyber attacks and numerous data breaches. Individuals and organizations worldwide are now more aware of widespread surveillance and cyber threats. But what are the costs associated with business security breaches?

1.    Direct Financial Loss
Attackers may specifically target customers’ credit card numbers, employees’ checking account numbers, and the company’s merchant account passwords. Especially in the financial services industry, indirect legal fees or fines resulting from the security incident can significantly increase the costs, independent of whether the criminal is brought to justice.

2.    Violation of Privacy
Employees are trusted to keep personal information private. Likewise, customers trust the organization to keep their credit card numbers and credit histories confidential. If this privacy is violated, legal consequences arise. 

3.    Lower Competitive Advantage and Lost Sales
Theft, modification, destruction of propriety sales proposals, business plans, product designs or other highly sensitive information can significantly give competitors a marked advantage. Sales are also lost as a consequence of the cyber attack, and the repercussions ensue long after the incident takes place.

4.    Damage of Corporate Reputation and Brand

Building and maintaining a corporate image and establishing trusted relationships with customers and business partners is critical to an organization. However, the corporate credibility and business relationships can be considerably damaged if proprietary or private information is compromised. 

5.    Loss of Business Continuity
In the case of a service disruption caused by a data breach, the IT team must quickly address the problem, so as to minimize downtime of the system, and restore data from backup files. Nonetheless, when mission-critical systems are involved, any downtime can have catastrophic consequences. In other cases, when lost data may have to be meticulously reconstructed manually, this decreases the amount of time that systems are functioning to below acceptable levels.

Business Network Protection
As discussed above, the consequences associated with security breaches are vast and long-lasting. Several organizations now use remote access solutions to maintain a high level of security for sensitive corporate information. In particular, many companies opt for SSL VPNs due to their flexibility – SSL VPNs are not restricted to employee remote access, but incorporate partners, contractors, and possibly also customers. The increasing amount of hacking attacks and sophistication of security threats demand the use of advanced network security via a high-quality VPN as a component of a comprehensive business security policy.

If you are interested in how to secure your network from cyber attacks, we invite you to visit our website www.hobsoft.com. On our website you will be able to find data sheets of our VPN solutions as well as interesting e-books and whitepapers.

Author: Hazel Farrugia

no comments |

5 Best Practices to Boost Remote Worker Productivity

Posted by Stefanie Kober Thu, 10 Jul 2014 10:44:00 GMT

Today, mobile workforces stay connected in and out of the office and use their devices for work and personal purposes. The ultimate goal of a remote working strategy is to increase productivity and reduce costs; indeed, studies by Best Buy, Dow Chemical and many others have proven that teleworkers are 35-40% more productive than their in-office counterparts.

The drafting and implementation of an organization-wide workplace strategy will ensure that end users at all levels of the organization will enjoy a positive experience. The following are five best practices that effectively boost remote workers’ productivity:

1. Maximize Employee Participation
Maximizing employee participation is the first step to maximizing employee productivity. Not all employees benefit equally from remote working; however, without a critical mass of users, the benefits will be limited. IT teams should not restrict solutions, such as mobile workplaces, to only those who “seem” to need it. Remote working allows employees to respond to colleagues and customers faster, therefore IT teams and managers should not deter employees from working anywhere and anytime.

2. Ensure Employees Have the Productivity Tools they Require

Employees should be encouraged to use a wide range of productivity tools which do not pose network security risks. However, if IT teams are uncertain how to handle such employee requests, they generally allow employees to use these tools without providing adequate security, or block the use of the tools entirely. Regardless of the circumstances, IT teams should circumvented security risks by deploying security solutions that allow employees to utilize tools without compromising the network security.

3. Free Use of Personal Apps and Services
Whether the device is personally owned or provided by the company, employees should be able to use their personal apps and services. Blocking an employee from storing their personal information with a cloud service provider is significantly different from ensuring corporate data does not end up in the public cloud. IT teams should focus on controlling data rather than controlling devices.

4. Offer Self-Service Support for Everyday Activities
There is a common notion that mobile devices will result in an increase in support costs – however this is a misconception. Conversely, if the IT teams provide a self-service capability, particularly for routine activities, it usually results in decreased in support costs. IT teams should stop short of supporting personal apps and services, but should invariably offer to assist with supporting business apps.

5. Support Wide Range of Devices
For the mobile workplace program to be widely adopted, the program should support a wide range of devices. Though challenges may arise, such as Android’s variability regarding support for on-device encryption and other enterprise-level security and management controls, the overall benefit is net positive.

The Future of Remote Working
The current trend towards remote working is expected to become even more prevalent in the future. With the right practices and controls in place, employee productivity can be maximized, without putting the security of the network at risk.

If you would like to learn about the advantages and limitations of mobile workplaces, and find out how to develop a strategy for mobile workplaces with the help of VPNs, please download our free eBook “Home Offices Made Easy”.

Author: Hazel Farrugia

no comments |

6 Reasons Educational Institutions Should Use Remote Access Technology

Posted by Stefanie Kober Thu, 26 Jun 2014 09:49:00 GMT

The Background

Remote access via virtual private networks (VPNs) is a major technological advancement reshaping organizations worldwide, including educational institutions. The IT solutions of all educational institutions, ranging from primary schools to universities, face unique challenges in order to provide a more advanced learning and working environment, while also maintaining security requirements and optimal IT efficiency.

Common Applications in an Educational Institution:

Educational institutions require numerous IT applications, which are managed by the network support teams. These include: 

  • email accounts for students and faculty
  • secure email access
  • intranet set up and functionality
  • web and mail services
  • storage and management of sensitive data
  • online examination management and results posting
  • secure intra-departmental data transfer
  • secure remote access to server rooms and on-site data centers; and
  • maximum security levels preventing hacker attacks, and enabling secure login and sensitive information transfer

In addition to providing a secure mechanism to access the above list of necessary applications, IT administrators are also responsible for minimizing network downtime, monitoring uptime, and keeping service costs under control. In order to provide this, remote access technology is the optimal solution.

Reasons for Using Remote Access:
1.    24/7 Accessibility
Remote access through VPNs provides cost-effective 24/7 data access to students and staff from anywhere.

2.    Reduced Security Concerns 

VPN technology allows secure remote access to educational resources and individual desktops for faculty and staff members through encrypted connections, via Web Secure Proxy and secured authentication methods.
Innovative remote access solutions implement a security strategy that also includes firewalls, anti-virus software and intrusion prevention services to protect vital and sensitive information within the network.

3.    Reduced Investment in Technology Infrastructure
Due to the potential for mechanical failure, hardware solutions are prone to break downs. Initial costs and costs to repair cause hardware solutions to be significantly less viable than pure software solutions. Additionally, software solutions enable IT administrators to resolve several problems remotely, thereby further reducing costs and resource use. The implementation of a software based solution has the additional benefit of optimizing existing server resources, which reduces total cost of ownership.

4.    High Availability
Access from the client requires a Web browser only. This allows for specialty software applications to be made more readily and widely available to the students, staff and faculty. This high application availability allows for e-learning programs and superior online delivery methods after school hours.
The total enrollment in public and private postsecondary institutions increased 47% between 1995 and 2010, and a further increase of 15% is expected between fall 2010 and fall 2020. The growth in the number of students attending educational institutions puts network administrators under pressure to increase the amount of PCs and network facilities in order to accommodate their staff and students. An increase in terminals necessitates an increase in the number of servers; since these servers are the pillar of the institution’s Network, it is important that they be consistently reliable, as network downtime implies an interruption of essential services.
High-quality VPNs allow for workload balancing of cluster servers, meaning the division of a computer/network’s workload between two or more computers/servers. This process facilitates the system’s optimum performance, which results in faster data access. Load balancing also prevents failover, which occurs when a user cannot access a database in a cluster - either because they cannot access the database itself or they cannot access the database server.

A VPN is highly scalable and supports many different platforms. VPN technology provides remote access via any device, such as desktop computers, notebooks and tablets, and all operating systems are supported, including Microsoft Windows, Apple MAC OS X, and Linux. In addition, this technology allows educational institutions to purchase resources as needed. If the institution experiences significant growth, it can easily increase the capacity of their remote access solutions. Conversely, if their needs decrease, they can scale down.

6.    Single Sign-On
Single sign-on is a capability that enables secure authentication across many services with only one password.  It allows users to be logged into multiple services once the user has signed in to one. Single sign-on streamlines the authentication process for the user, while simultaneously protecting the institution’s resources.

Remote access technology has proven beneficial to several organizations as it optimizes resources, decreases administrative costs, increases productivity and enhances the learning process. Today, remote access technology for educational institutions is considered an essential part of a comprehensive IT security infrastructure.

Author: Hazel Farrugia

no comments |

The Role of WAN Clustering in Load Balancing

Posted by Stefanie Kober Wed, 18 Jun 2014 13:08:00 GMT

In one of our last blog posts, we introduced the concept of WAN clustering (the use of multiple redundant computing resources housed in different geographical locations that form, what appears to be, a single, highly-available system), and its role in disaster recovery and business continuity. Part II takes a deeper dive into WAN clustering and its role in load balancing.

The Need for Load Balancing
In the Internet Age, the networking (connecting) of enterprise IT infrastructure to its customers or suppliers has become mission critical. Data centers full of server farms were created by the proliferation of servers for diverse applications. The complexity and challenges in scalability, manageability, and availability of server farms is one driving factor behind the need for intelligent switching. It is unacceptable for a network to fail or exhibit poor performance, as either will virtually shut down a business in the Internet economy. In order to ensure scalability and high availability for all components, load balancing emerged as a powerful tool to solve many of the issues associated with network failure and poor performance.

Load balancing is the division of computer/server/network workload amongst two or more computers/servers. Load balancing can be implemented with hardware, software or a combination of both.

In the case of load balancing Web traffic, there are several options. For Web serving, one option is to route each request to a different server host address in a domain name system (DNS) using the round-robin technique. Usually, if two servers are used to balance a work load, a third server is needed to determine to which server work is assigned. Another option is to distribute the servers over different geographic locations.

Benefits of Load Balancing
This technique offers a number of important benefits, including increased network utilization and maximized throughput; minimizing the load on individual systems and decreasing response time; improved user satisfaction, reliability and scalability.

Generally, load balancing is the primary reason IT teams opt for a clustering architecture. Companies whose websites receive large volumes of traffic also commonly select clustering architecture, so as to avoid a situation where a single server becomes overwhelmed. Workload balancing of cluster servers facilitates the system to attain optimum performance, resulting in faster data access. 

Additionally, the process also prevents failover, which occurs when a user cannot access a database in a cluster, due either to inability to access the database itself or inability to access the database server. 

VPN Technology
Virtual Private Network (VPN) technology is also critical to an effective load balancing strategy. A fast, safe and secure transfer of critical business data among servers optimizes the user experience, while simultaneously giving employees/users anytime, anywhere access to critical information.

As implementation of web applications grows and user bases become more geographically diverse, load balancing becomes increasingly less of an option, and more of a requirement in IT planning and provisioning. Load balancing enables organizations to run uninterrupted operations when WAN clustering is supported by reliable, well-managed VPNs.

If you would like to learn more about WAN clustering, and explore how VPNs can help you to create an optimal WAN clustering solution for your needs, download this free eBook:
Effective WAN Clustering Relies on High-Quality VPNs

Author: Hazel Farrugia

no comments |

F5 Agility 2014 - From Australia to Denmark

Posted by Tobias Eichenseer Thu, 12 Jun 2014 14:33:00 GMT

On June 17-18, 2014 HOB will be exhibiting again at the F5 Agility Roadshow in Copenhagen, Denmark! At the end of April we went Down Under to Australia to present our software solutions to the Asian Pacific market. This time, we will make a shorter journey to Copenhagen where we will attend the F5 Agility Roadshow for a second time as a Gold Sponsor.

At the HOB booth, we will be presenting exciting live demos of our software solutions. One of the many highlights will be the presentation of HOBLink JWT for F5® BIG-IP Access Policy Manager® (APM), which is the result of a technology partnership with F5. HOBLink JWT is a scalable solution that provides all F5 BIG-IP users a Remote Desktop Client which enables communication with Microsoft Windows Terminal Server with Remote Desktop Services.

Our proprietary and high performing Remote Desktop Protocol is platform-independent and requires no client-side installation. This reduces IT administration efforts and total cost of ownership. This purely software-based solution allows enterprises to leverage existing physical and virtual IT infrastructure investments while ensuring security.
We’re already looking forward to presenting our latest innovations to the Copenhagen audience and engaging with other IT experts!

If you can’t make it to Copenhagen, don’t worry! To learn more about the HOB and F5 partnership and HOBLink JWT visit the combined solution website. Here you can also find the product data sheet and configuration guide.
Alternatively, you can also come visit us at the next F5 Agility event in New York City on August 4 – 6, 2014. We hope to see you in Copenhagen!

F5, BIG-IP, and Access Policy Manager are trademarks or service marks of F5 Networks, Inc., in the U.S. and other countries. The use of the words “partner,” “partnership,” or “joint” does not imply a legal partnership relationship between F5 Networks and any other company.

no comments |

The Role of WAN Clustering in Disaster Recovery and Business Continuity

Posted by Stefanie Kober Tue, 10 Jun 2014 13:24:00 GMT

Remote access through a Virtual Private Network is essential when an organization’s operations have been disrupted. WAN clustering allows business continuity in the event of a natural disaster or cyber-attack.

As the majority of mission-critical business processes are IT-based, companies and institutions are becoming increasingly dependent on the availability of their digitized information in order to maintain functionality. The ability for a network to recover from a disaster is a function of its hardware and software architecture.

In today’s business environment, server clustering is essential to providing the high availability and scalability of services that are required to support 24/7 operations. Clustering increases the reliability of Internet-based systems because it eradicates several of the single points of failure that are possible in a single server system.
WAN clustering, also called geoclustering or remote clustering, is a network architecture through which multiple servers and other computing resources housed in different geographical locations form, what appears to be, a single, highly-available network. WAN clustering can be used for almost any computing resource, including mainframes, file servers and software application stacks.

Benefits of WAN Clustering
WAN clustering allows business environments to run operations uninterrupted and maximize employee productivity by ensuring information assets are available anytime, anywhere – a substantial competitive advantage.

Compared to server clusters which are not geographically distributed, WAN clustering’s main advantage is that applications are always available. Even in cases of extensive regional disaster whereby entire processing centers are destroyed, servers in the cluster continue running, with little to no interruption. 

Business Continuity
The ultimate goal of WAN clustering is to support enterprise business continuity, by providing location-independent load balancing and failover. Business continuity, defined as the ability to do business under any circumstances, is a vital to a company’s success. It aims to prevent problems before they happen, and in the case that they do, it ensures that there are the necessary tools and protocols in place to reduce the damage.

Network Connections
Formerly, stored data was connected to servers in very basic configurations: either point-to-point or cross-coupled, whereby the failure or maintenance of a single server often made data access impossible for a large number of users, until the server was back online. More recent advances, such as the storage area networks and cloud computing, make any-to-any connectivity possible among servers, data storage and other systems. Usually, these networks utilize several paths between the server and the network, each consisting of complete sets of all the components involved. A failed path can result from the failure of any individual component of a path. IT teams employ multiple connection paths, each with redundant components to avoid single points of failure, helping to ensure that the connection is still viable even if one or more paths fail.

Disrupted Communications and the Virtual Private Network (VPN)

When disaster strikes, disrupted communications inevitably ensue, rendering the normal operational tasks unavailable. However, workers can generally perform several tasks using remote access solutions such as a virtual private network (VPN).

Recovery options are extremely limited if applications and servers are not accessible via remote access or VPN service, since one may need to temporarily locate recovered users away from the server environment. A high-quality VPN facilitates safe, effective and cost-efficient WAN clustering – an architecture critical for organizations with offices around the world.

The Recovery Process
The functions of a particular server or entire network location are taken over by any server(s) at a different location should one server or network location becomes unavailable for any reason, such as scheduled down time, hardware or software failure, or a cyber-attack. This process occurs automatically, so that the procedure is as seamless as possible to the end user. A 2013 study on data center outages conducted by Ponemon Institute reported that 91% of the companies investigated had experienced an unplanned data center outage in the past 24 months; in cases of server downtime, WAN clustering makes business continuity possible.

The recovery process can apply to any aspect of a system, such as protection against a failed processor, network connection, storage device, Web server, as well as protection against locally limited natural disaster effects, such as flooding or blackouts.

Fundamentally, business continuity ensures a business can endure any emergency or disaster by safeguarding a company’s greatest assets: its employees and its data. The concepts of high availability and disaster recovery are made possible by WAN clustering, which relies on high-quality VPNs.

If you would like to learn more about WAN clustering, and explore how VPNs can help to create optimal WAN clustering solution for one’s needs, download this free eBook:
Effective WAN Clustering Relies on High-Quality VPNs

Author: Hazel Farrugia (Link to LinkedIn)

no comments |

4 Reasons Your Remote Working Strategy Is Not Secure

Posted by Tobias Eichenseer Tue, 03 Jun 2014 10:28:00 GMT

More and more, “work” is being defined as something people do, rather than the place people go. Today’s organizations are shifting away from the usual nine-to-five workday, and progressing towards the trend of remote working (also called telecommuting). Remote working enables organizations to gain a competitive advantage from higher productivity, better work-life balance and decreased costs.

However, IT teams frequently face several problems related to mobile workplace deployments. The most common pitfalls are:

1. Ignoring Common Threats
Security risks posed by malware have been on the top agenda of many security teams; however, a more frequent threat nowadays is mobile phishing. Phishing occurs when identity thieves collect user information such as name and password, Social Security number, date of birth, ATM PIN or credit card information, for use in committing fraud or other illegalities. Since it is more difficult to identify fake URLs on a mobile device, it is more likely that remote workers will succumb to a phishing scam, than their in-office counterparts.

2. Taking a One-Size Fits All Approach
Managing mobile device security is more limited, and normally exerts a level of inconvenience for users. For instance, mobile virtualization can allow users to work remotely without any data on their devices; however this may be overkill for the employee who simply wants access to corporate email.

3. Failing to Educate Users
As more organizations adopt the mobile workplace strategy, managing the employees who use mobile technology has become more arduous. IT teams should educate employees to participate in keeping corporate data secure.

4. Assuming Users will Follow Security Policies
The organization should draft, write and implement comprehensive and reasonable security policies to efficiently manage and protect information. IT teams should focus on protecting the company's highly-sensitive information assets, rather than the devices used by remote workers themselves. IT teams must also educate users on why it is important for them to follow the policies put in place.

For any business which has implemented a remote workforce strategy, or those wishing to deploy such a strategy, it is important that IT teams overcome these problems in order to protect the company’s resources.

If you would like to learn more about mobile workplaces, and find out which security issues need to be addressed, you can download our free eBook “How VPNs Help Providing Secure Mobile Workplaces”.

no comments |

Demand for Remote Access Solutions Is Still Gaining Momentum

Posted by Tobias Eichenseer Fri, 09 May 2014 10:36:00 GMT

At the end of last year, we conducted a survey of more than 200 CIOs and CTOs in the U.S. The survey quantified the trends and challenges IT decision makers experience when implementing remote access solutions and revealed that remote access solutions are still gaining momentum, despite the associated security risks. Below you will find a beautiful infographic that summarizes the main findings of our survey.

The complete statistics and results of the HOB survey are now also available as a free ebook. “The State of Remote Access Security in the U.S.,” and many other ebooks can be downloaded from the HOB website.

no comments |

5 IT Security Trends from RSA 2014

Posted by Tobias Eichenseer Fri, 07 Mar 2014 12:39:00 GMT

As a gold sponsor of RSA 2014, the HOB team was fortunate to be at the epicenter of all things IT security. Not only were we able to showcase our own contributions to the industry, RSA was an opportunity for us to join the conversation of IT security experts discussing trends and debating the future of the industry. 

As part of our RSA recap, we’d like to share 5 trends we observed during the conference:

  • Although an atmosphere created by the exposure of NSA activity, and its subsequent fall-out, is to be expected at any IT security conference, this was especially true at RSA. Prior to the conference, Reuters reported that the RSA organizer was engaged by the NSA and was responsible for creating loopholes for the agency. As a result, several digital security experts declined to attend and speak at RSA. In opposition to this movement, Stephen Colbert, who gave the closing remarks, called Snowden, “practically a war criminal,” and encouraged the American people to take responsibility for their actions:

    "We all deserve credit for this new surveillance state that we live in," he said, "Because we the people voted for the Patriot Act. Democrats and Republicans alike. We voted for the people who voted for it, and then voted for the people who reauthorized it, then voted for the people who re-re-authorized it."

  • Corporate firewalls with authentication services from the past created the notion of corporate security as an island fortress. The more remote the island, the more secure the company. Today, the prevalence of BYOD has created several bridges to that island, and the workforce is eager to make use of these bridges. At RSA, we saw that IT admins are less inclined to manage multiple security vendors and systems.

  • Along this same thread, enforcing security policies in the cloud was also heavily discussed at RSA. Overall, companies were looking for a mix of private, hybrid and public cloud services, whereby some applications remain stored in corporate data centers and others housed in a public cloud.

  • The many security breaches that occurred in 2013 sparked the discussion about which team – admins or hackers – is winning the security match. The several billions being spent on IT security didn’t prevent severe attacks on Target, Neiman Marcus and Snapchat, to name a few, and thousands of people suffered as their personal data was exposed.

  • In order to combat malicious hackers, we saw a trend toward the application of big data to IT security. The use of massive amounts of data could enable the early detection and removal of security breaches.

Which IT security trends did you discover at RSA 2014? Let us know in the comments!

no comments |

Remote Access in Education

Posted by Tobias Eichenseer Thu, 13 Feb 2014 11:39:00 GMT

From primary schools to universities across the country, educational institutions are increasingly leveraging technology in order to provide a more advanced learning and working environment. For example, secure remote access has significantly helped educational institutions optimize resources, keep administrative costs down, increase productivity and enhance the learning process. It has been gaining wide acceptance and is now considered an essential part of a comprehensive IT security infrastructure.

Secure remote access continues to benefit educational institutions in a number of ways, including:

Reduced Investment in Technology Infrastructure
Software-based remote access solutions enable the educational institutes to effectively decreasing their costs. Thus, the solutions fit perfectly into their existing IT infrastructures – without the need to invest in additional hardware. Secure remote connectivity optimizes existing server resources and reduces total cost of ownership. It can make the use of incompatible systems (e.g., Windows vs. Mac) a seamless interaction.

Extended Classrooms
With secure remote access to campus PCs and computer labs, students can access course materials, files and software applications anytime from any location on or off campus via an Internet connection. This extends the classroom beyond campus buildings and hours and accommodates students interested in e-learning and distance learning. In addition, secure remote access services provide a level of convenience as students can use their preferred PC, laptop, tablet or mobile device.

Reduced Security Concerns
Many education institutions experience thousands of data breach attempts every day. According to the associate dean of research policy at University of Wisconsin, Bill Mellon, the amount of attempts to penetrate university systems has reached up to 100,000 per day. With that said, it is vital that universities implement remote access solutions as part of a security strategy that includes firewalls, anti-virus software and intrusion prevention services.

Ability to Quickly Scale Services to Match Demands
Many secure remote access solution providers allow universities and schools to purchase resources as needed. For example, if the institution experiences significant growth, it can easily increase the capacity of their remote access solutions. In an opposite circumstance, they can scale down services if their needs decrease.  

Over the past few years, secure remote access has gained significant momentum in many industries, including education. Secure remote access has easily become an essential part of a campus-computing infrastructure that has the power to solve countless problems for universities and schools.

Readers, have you implemented a secure remote access solution for your education institution? Please share your experiences in the comments below.

no comments |