AMD's SEV tech that protects cloud VMs from rogue servers may as well stand for Still Extremely Vulnerable

theregister | July 10, 2019

Five boffins from four US universities have explored AMD's Secure Encrypted Virtualization (SEV) technology – and found its defenses can be, in certain circumstances, bypassed with a bit of effort.In a paper [PDF] presented Tuesday at the ACM Asia Conference on Computer and Communications Security in Auckland, New Zealand, computer scientists Jan Werner (UNC Chapel Hill), Joshua Mason (University of Illinois), Manos Antonakakis (Georgia Tech), Michalis Polychronakis (Stony Brook University), and Fabian Monrose (UNC Chapel Hill) detail two novel attacks that can undo the privacy of protected processor enclaves.

Spotlight

95% of global enterprises will have both a choose-your-own-device (CYOD) and a formal bring-your-own-device (BYOD) plan in place. 81% of employees use personal devices at work Company data is vulnerable to hacks, as unapproved devices are being used to access work emails, files, and even transact money.

Spotlight

95% of global enterprises will have both a choose-your-own-device (CYOD) and a formal bring-your-own-device (BYOD) plan in place. 81% of employees use personal devices at work Company data is vulnerable to hacks, as unapproved devices are being used to access work emails, files, and even transact money.

Related News

VIRTUAL DESKTOP STRATEGIES

VMware Spurs CSP Network Modernization with Major Advances in Telco Cloud Portfolio

VMware | September 30, 2022

Mobile World Congress Las Vegas 2022 – VMware today unveiled new product innovations and partnerships that will enable communications service providers (CSPs) to rapidly modernize their networks in a cost and energy efficient manner and accelerate 5G core, RAN and edge deployments and lifecycle management. CSPs are accelerating the pace of 5G and Open RAN deployments to meet the demands of consumers and enterprises as they increase their appetite for ultra-low latency and high speed networks to support their digital transformation. This rapid pace of deployment introduces operational complexities from network lifecycle management to vendor interoperability along with network service assurance. “Today’s CSPs find themselves in a unique position in the edge value chain, with the ability to act as principals and provide the most cost and energy efficient path to edge transformation, At the same time, CSPs need to rapidly modernize their networks and deploy overlay services to monetize their investments. VMware’s flexibility and consistency in delivering a multi-cloud approach allows our CSP customers to meet this challenge head-on.” Sanjay Uppal, senior vice president and general manager, Service Provider and Edge, VMware Expanded VMware Telco Cloud Platform Ecosystem—Now Supporting 275+ VNFs and CNFs VMware Telco Cloud Platform 2.5 with VMware Telco Cloud Automation 2.1 enable CSPs to expedite the innovation cycle to deliver new network services, reduce operational complexities for VNF and CNF onboarding, instantiation, and lifecycle management to achieve substantial TCO savings. The latest release of VMware Telco Cloud Platform adds the capability to: Upgrade control plane and worker node pools separately, amid management of cluster failures. Protect and better secure 5G networks from sophisticated security attacks with intrusion detection and prevention systems (IDPS) for east-west network traffic. Accelerate the deployment of network services with an expanding partner ecosystem of over 275 virtualized and containerized network functions (VNFs and CNFs) including Mavenir’s Converged Packet Core. “The success of 5G rollouts hinges on the ability to disaggregate networks and roll out new services at a faster pace and larger scale,” said Ashok Khuntia, Mavenir’s President, Core Networks. “With Mavenir’s 5G Converged Packet Core certified through the VMware Ready for Telco Cloud program, we were able to quickly validate our CSAR package conformity as well as the steps for onboarding and lifecycle management of our network functions. As a result, VMware and Mavenir will enable CSPs to quickly onboard and deploy network functions resulting in time, money and integration savings.” VMware Telco Cloud Automation 2.1 extends multi-cloud operations and automation capabilities with new support for AWS and Amazon Elastic Kubernetes Service (EKS) enabling CSPs to provision CNFs directly on native Amazon EKS. “DISH Wireless has already deployed thousands of edge nodes to build the world’s first hyper-distributed cloud, and it’s growing exponentially. Our 5G Open RAN network is the first application deployed and supported by VMware Telco Cloud Automation,” said Marc Rouanne, EVP and Chief Network Officer, DISH Wireless. “VMware Telco Cloud Automation enables DISH to automate deployment and management of physical and virtual infrastructure and applications, at scale. We, with the help of VMware, can now offer a new platform for developers to stretch the cloud to end devices and create a bridge between hyper-scale clouds.” Extended Capabilities for Closed-Loop Operations of Large-Scale Mobile Networks The latest release of VMware Telco Cloud Service Assurance 2.0 enables new use cases for mobile service assurance, including CaaS, 4G and 5G mobile cores, network slicing, and RAN. To streamline the testing and proof of concept (PoC) of this software, VMware has expanded its scope of work with its customer DISH Wireless. DISH Wireless is testing VMware’s software to monitor its distributed-cloud infrastructure and collect metrics and logs to provide actionable insights and facilitate closed-loop automated provisioning and management. “At DISH Wireless, data is the most valuable product generated by our wireless cloud. We are now trialing VMware Telco Cloud Service Assurance to enhance our ability to collect data from the edge, anticipate issues, maintain high system reliability, and ultimately, expose great value to our enterprise development community,” said Brian Mengwasser, Vice President of MarketPlace & Apps Design, DISH Wireless. Enabling Rapid Deployment and Cost/Energy Savings for the Disaggregated RAN VMware Telco Cloud Platform RAN™ 2.0 accelerates and simplifies deployments across distributed RAN sites with cloud-smart automation. This release enables improved performance, operability, and scale, helping accelerate adoption and time-to-launch. The addition of VMware Bare Metal Automation provides CSPs with simplified zero-touch provisioning and lifecycle management from bare metal provisioning to telco cloud infrastructure and network functions. VMware ESXi enhancements (included in the platform) provide bare metal equivalent latency performance and the flexibility, agility, and security benefits inherent to virtualization platforms. About VMware VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda.

Read More

SERVER VIRTUALIZATION

Companies Rethink Strategies for Enabling Hybrid Work

Citrix | August 05, 2022

Forced by the pandemic to provide employees with access to the systems and information they needed to work from home, IT organizations around the world turned to traditional technologies like Virtual Private Networks (VPN). And they worked. But as the world moves to hybrid work, 96 percent of IT leaders who participated in a recent global survey conducted by Gartner Peer Insights on behalf of Citrix Systems, Inc. (NASDAQ: CTXS), say they no longer cut it. And they’re rethinking their approach. A Seismic Change Hybrid models have radically changed where and how work gets done – and even who does it. Of the organizations who participated in the Citrix poll: 96 percent have a hybrid work policy or allow both fully remote and hybrid work 85 percent say their workforce is more geographically dispersed than it was two years ago 75 percent have seen an increase in the number of seasonal, contract, or freelance workers A Major Miss When it comes to supporting these changes, respondents say the solutions they put in place to enable remote work fall short in the following areas: Fail to protect against additional security risks posed by employees working from anywhere (96 percent) Create a digital divide between in-office and remote employees (63 percent) Don’t provide a consistent user experience (46 percent) Hinder efficient collaboration among distributed employees (46 percent) Don’t support bring-your-own-device initiatives (33 percent) Difficult to scale and manage (25 percent) A Strategic Shift And they are increasing their investments in technologies that allow them to provide a simpler, more consistent and secure experience for employees regardless of where they work, including: Virtual desktop infrastructure (VDI) (69 percent) Virtual apps and desktops (56 percent) Desktops as a Service (DaaS) (42 percent) Zero trust network access (34 percent) A Layered Approach VPN remains the most popular solution to support remote work. But as the Citrix research reveals, it’s not enough to enable safe and productive hybrid work on its own. According to the poll, 87 percent of respondents using VPN have implemented at least one other solution to close the gaps, including: VDI (69 percent) Virtual Apps and Desktops (49 percent) DaaS (39 percent) Desired Results And in doing so, they’re achieving their goal. When asked to identify the top three benefits their hybrid work solutions provide, participants in the Citrix poll said they: Provide layered protection for all devices on the network, including unmanaged and BYOD Create an equitable work experience by providing employees with consistent and reliable access to applications and data regardless of where they are working Provide layered protection and consistent security management for all applications “Hybrid work is the future of work, Innovative organizations recognize this and are reimagining the solutions used to support it so they can deliver it today.” Tim Minahan, Executive Vice President of Strategy, Citrix Citrix provides a complete digital workspace platform that companies of all sizes can use to enable secure work. With Citrix, employees can work where and how they prefer, and IT can be confident their information and devices remain safe. Click here to learn more about Citrix solutions and the value they can provide. About Citrix Citrix builds the secure, unified digital workspace technology that helps organizations unlock human potential and deliver a consistent workspace experience wherever work needs to get done. With Citrix, users get a seamless work experience and IT has a unified platform to secure, manage, and monitor diverse technologies in complex cloud environments.

Read More

VIRTUAL DESKTOP TOOLS

Fintech Security Innovator, Venn, Challenges VDI with LocalZone Technology the Industry's First Virtual Desktop Alternative

Venn | August 29, 2022

Venn, the industry's first Virtual Desktop Alternative (VDA) built for regulated and security-minded organizations, today announced the launch of its breakthrough LocalZone™ technology. The new solution addresses the modern security and compliance challenges of remote and hybrid work environments, and increased reliance on Zoom and other modern SaaS applications. New research from Venn underscores the dangers of legacy solutions that no longer support the modern mode of work. According to a recent Venn/Harris Poll study among more than 900 employed (full-time/part-time) Americans, nearly three-quarters (71%) admit to working around their company's IT policy or procedures in order to be more effective and efficient at their job*. To learn more about these findings, see here. LocalZone addresses these modern and growing risks with a perimeter that isolates and secures work applications and data on any local device. Unlike conventional remote desktop solutions, LocalZone allows users to work locally with sensitive information while ensuring employee privacy by separating professional from personal computing activities on the same device. With LocalZone, IT departments and Managed Service Providers (MSPs) can deploy turnkey Zero Trust security and provide a 10X improvement in user experience by eliminating the lag and compatibility challenges associated with legacy Virtual Desktop Infrastructure (VDI) solutions. "LocalZone Technology marks a powerful new approach for MSPs and IT leaders who have seen legacy virtual desktop infrastructure tools fall further and further out of step with the modern mode of work, Our game changing new technology empowers them to work locally on any device of their choosing while ensuring productivity, protection, and privacy." David Matalon, CEO and Co-Founder of Venn How LocalZone Works Venn's patented LocalZone Technology is a groundbreaking solution for securing work applications, network traffic, files, and data on a user's own device. Its secure work perimeter lets end users work safely with sensitive applications and confidential company information on any device of their choosing, including personal laptops, tablets, and mobile phones. This zone of protection is marked by a bright blue border around anything on screen that is work-related. At a glance, users can verify that anything inside that blue border is controlled and protected by the organization, and anything outside of the border is kept private. Unlike client hypervisors and virtual machines, LocalZone does not virtualize the operating system or applications. Instead, its patented application, filesystem, and network isolation techniques enable work applications and data to safely co-exist locally with a user's personal files and data. The result is a profound leap forward in user experience that allows applications to run as intended, with none of the compatibility issues normally associated with VDI. With LocalZone, a new era of Freedom without Compromise is made possible by putting users first and delivering a fast, familiar, and flexible work experience – all without compromising organizational security or compliance. The benefits of this virtual desktop alternative over legacy VDI solutions include: Productivity -- Venn empowers users to work locally - the way they want to - on the devices of their choice, from anywhere. Protection -- Venn protects work files, data and SaaS applications from accidental or malicious exfiltration, compromise, or loss. Privacy -- Venn separates digital work from personal computing and ensures that employees' non-work-related activities are not monitored. Venn LocalZone Launch at IT Nation Connect Venn will unveil its LocalZone technology at a virtual launch event running concurrent with the IT Nation Connect conference in Orlando, Florida, this afternoon at 1 p.m., ET. Venn – A New Name, Logo, and Brand To coincide with the introduction of LocalZone, the company has updated its brand and logo to Venn. Venn reflects the organization's more modern and human approach to empowering people to thrive at the intersection of work and life. The new brand includes a new digital presence, including website, social media profiles, and more. "The new Venn brand embodies the power of our new platform and LocalZone technology – a solution really purpose-built for a more modern approach to work and life," Matalon said. "We've heard it from countless customers and users. Today, it's no longer about work versus life. It's about work plus life. Our Venn brand and all of our efforts represent that sweet spot where work and life come together." About Venn Venn is the industry's first Virtual Desktop Alternative (VDA) built for regulated and security-minded organizations. Venn introduces patented LocalZone™ technology that protects SaaS applications and data and delivers Zero Trust security with a 10X better user experience than legacy VDI. Over 700 organizations, including Fidelity, Guardian, and Voya, trust Venn to meet FINRA, SEC, NAIC, and SOC 2 standards.

Read More