30 Security Vendor Behaviors That Set Off a CISO’s BS Detector

Spark Media Solutions, LLC | February 19, 2019

I had never seen such disdain and aggravation from a CISO. Richard Rushing (@SecRich), CISO of Motorola Mobility, sent me an email with a litany of vendor pitches. Each one punctuated with vitriolic commentary and frustration. It appears a lot of companies will fully protect his network and automatically detect threats. Rushing’s diatribe was so vicious that any security vendor would be horrified to know their marketing emails were eliciting this reaction. Now I’m telling you. ‘Tried and true’ marketing and sales techniques can often be irritants to very wise security buyers. They’re not fooled. Worse, they’re turned off. Read on for sales techniques and claims you should avoid when communicating to a security professional. For each item to avoid, I asked security professionals how they’d prefer to be engaged. This is a long article, but it’s jammed with gems. Take it slowly.

Spotlight

Modern management is all about radical simplification and automation of PC management tasks, leveraging techniques that customers have long taken advantage of with MDM – reducing IT costs, improving security, and ensuring a better user experience. And it’s a far better fit for the modern workforce that is more mobile and often remote and off the corporate network.


Other News
VIRTUAL SERVER INFRASTRUCTURE

iolo Launches World’s Most Private & Affordable VPN Service

iolo | March 11, 2022

iolo, the award-winning privacy and security software company today announced the immediate availability of ioloVPN. The Virtual Private Network (VPN) software subscription service features privacy-first hosting infrastructure, costs as little as $1.16 per device per month for five simultaneous devices. Privacy is delivered via bank-grade 256-bit encryption over a 100% dedicated VPN server infrastructure with a zero-tolerance policy for data logging or tracking. Moreover, ioloVPN is the only VPN service to offer extra 24/7 customer phone support delivered by live human beings. “The VPN market is very competitive. We are confident ioloVPN will stand taller than the rest due to our unwavering commitment to privacy and affordability,” said Avani Patel, VP of Product at iolo. “We are a privacy-first company! ioloVPN is built for maximum customer privacy – encrypting your connections and providing you the most speed. Lastly, we do not and will never track, log, aggregate or sell your information, browsing patterns, giving you the most privacy.” User benefits of ioloVPN subscription service include: Encrypts all data traffic with bank-level 256-bit data security Works anywhere in the world, on any WiFi hotspot, on both PCs and mobile devices Privacy is assured: zero customer data is tracked, logged, aggregated or sold Unlimited data; access your favorite streaming content from anywhere Activates automatically Protects 5 simultaneous devices for one low price starting at $5.80/month when billed annually (which works out to just $1.16 per device) Money-back guarantee 24/7 live phone support available at extra cost Running underneath, ioloVPN operates on a world-wide network of VPN server locations on every major continent on the planet (except Antarctica). Each datacenter location is dedicated to VPN processing only (unlike cloud-based providers such as AWS or Azure) and runs OpenVPN, IPSEC, and IKEv2 with MOBIKE (RFC4555) services. iolo also enables Perfect Forward Secrecy (PFS) throughout its VPN network, which is optimal for securing instant messages because it switches encryption keys after every message. About iolo iolo is a brand of RealDefense LLC, which develops award-winning software that optimizes and secures both mobile phones and PCs. iolo’s product line of software and services includes its flagship System Mechanic®, which is an 8-time winner of PC Magazine’s Editors’ Choice awards.

Read More

VIRTUAL DESKTOP STRATEGIES

Scale Computing Partners with SecureServ to Deliver a VMware Alternative to the Australian Market

Scale Computing | April 12, 2022

Scale Computing, a market leader in edge computing, virtualization and hyperconverged solutions, today announced its partnership with SecureServ, an Australian-based cyber security solutions and network performance distributor. The partnership will afford SecureServ the opportunity to deliver simple, reliable, affordable, and easy-to-deploy infrastructure solutions to the Australian market via Scale Computing’s award-winning HC3 virtualization platform, while simultaneously expanding its partner community in the region. ogether, Scale Computing and SecureServ are bringing a virtualization alternative to the Australian market. The HC3 virtualization platform combines servers, storage, and virtualization into a single solution to make IT infrastructure easier for organizations of every size. Whether an organization has one IT administrator or hundreds, the award-winning HC3 hyperconverged infrastructure eliminates complexity, lowers costs, and frees up management time. Many of today’s virtualization solutions consist of multiple vendor products, making them more complicated and expensive than necessary. Moreover, properly configuring disparate server and storage components takes up valuable department resources, and that's even before a company has installed and configured hypervisors or tested for compatibility and performance. Scale Computing’s HC3 virtualization software and appliances, meanwhile, are based on patented technologies designed from the ground up to minimize infrastructure complexity and cost. Whether an organization is considering migrating from its existing virtualization platform or is virtualizing from scratch for the first time, Scale Computing’s hyperconverged approach is the shortest path to affordable virtualization that’s easy to deploy, easy to manage, and easy to scale. “To navigate today’s complex infrastructure environments, businesses need flexibility, scalability, and resiliency. Scale Computing has a strong reputation for delivering results to IT operation leaders around the world, and we’re thrilled to be offering the HC3 solutions to the Australian market. This partnership further demonstrates our commitment to providing our partners and customers with the most innovative and reliable solutions,” SecureServ Director of Operations, Vic Whiteley. About Scale Computing Scale Computing is a leader in edge computing, virtualization, and hyperconverged solutions. Scale Computing HC3 software eliminates the need for traditional virtualization software, disaster recovery software, servers, and shared storage, replacing these with a fully integrated, highly available system for running applications. Using patented HyperCore™ technology, the HC3 self-healing platform automatically identifies, mitigates, and corrects infrastructure problems in real-time, enabling applications to achieve maximum uptime. When ease-of-use, high availability, and TCO matter, Scale Computing HC3 is the ideal infrastructure platform. Read what our customers have to say on Gartner Peer Insights, Spiceworks, TechValidate and TrustRadius.

Read More

SERVER VIRTUALIZATION

Beyond Identity Expands Integrations With Leading SSO Providers

Beyond Identity | April 18, 2022

Invisible, unphishable multi-factor authentication (MFA) provider Beyond Identity today announced integrations with additional single sign-on (SSO) solutions from CyberArk, Google Cloud, OneLogin by One Identity, Shibboleth, and VMware to accelerate enterprise and higher education adoption of completely passwordless MFA. These new integrations – which come on the heels of Beyond Identity announcing $100 million in Series C funding – further expand the industry’s most extensive ecosystem of identity and SSO providers committed to the advancement of passwordless MFA. Passwords remain the most vulnerable link in the authentication chain and are involved in 80% of data breaches. Passwords are a compromised authentication method and an initial attack vector for ransomware and account takeover attacks. Adversaries employ phishing techniques to steal credentials or simply purchase previously stolen passwords to gain access. Recent high-profile security breaches, such as TransUnion South Africa, further underscore the fact that passwords are the root cause of cyberattacks. The prevailing assumption is that MFA will protect organizations from password-based attacks. Unfortunately, attackers are easily bypassing existing MFA solutions at scale. To shore up the federal government’s cybersecurity defenses and deliver on President Biden’s Executive Order on Cybersecurity, the Office of Management and Budget (OMB) recently released a Zero Trust Architecture Strategy that requires agencies to stop using easily phishable MFA, including push notifications, one-time passwords over SMS, and voice-based systems. “Strong authentication” is a foundational component of any zero trust strategy, and the U.S. government now requires “passwordless MFA.” “Beyond Identity’s approach aligns with the OMB’s recent guidance: passwordless MFA with no phishable factors,” said Kurt Johnson, Vice President of Strategy and Business Development at Beyond Identity. “We are thrilled to welcome cybersecurity leaders CyberArk, Google Cloud, OneLogin by One Identity, Shibboleth, and VMware into our technology ecosystem. We look forward to bringing secure and frictionless MFA to these important solutions with our Secure Work product that transforms the user experience while significantly bolstering defenses.” Secure Work, one of three products built on Beyond Identity’s cloud-native platform, safeguards an organization’s SaaS apps, cloud resources, and critical data by eliminating passwords and restricting access to authorized and secure devices. It empowers zero trust by cryptographically binding a user’s identity to their devices with proven public/private key technology. The solution ensures every device has the correct security settings and required security software running at the time of login – before granting access. Beyond Identity’s advanced authenticator collects dozens of device security posture checks at the time of login. These granular security attributes can then be used to enforce security policies and stop risky users and devices from authenticating, protecting all critical resources. About Beyond Identity Beyond Identity is fundamentally changing how the world logs in with a groundbreaking invisible, unphishable MFA platform that provides the most secure and frictionless authentication on the planet. We stop ransomware and account takeover attacks in their tracks and dramatically improve the user experience. Beyond Identity’s state-of-the-art platform eliminates passwords and other phishable factors, enabling organizations to confidently validate users’ identities. The solution ensures users log in from authorized devices, and that every device meets the security policy requirements during login and continuously after that. Our revolutionary approach empowers zero trust by cryptographically binding the user’s identity to their devices and analyzing hundreds of risk signals on an ongoing basis. The company’s advanced risk policy engine enables organizations to implement foundationally secure authentication and utilize risk signals for protection, rather than just for detection and response.

Read More

VIRTUAL DESKTOP TOOLS

GoodAccess Offers Protection Against Online Threats With its Built-in Threat Blocker Feature

GoodAccess | March 09, 2022

GoodAccess, an anytime-anywhere zero-trust remote access company, has added the Threat Blocker feature to its platform. Threat Blocker enables businesses to provide network security on the public internet and protect remote employees from dangerous domains, phishing attempts, malware and network attacks. Threat Blocker is a native feature of the GoodAccess platform and is automatically enabled for all customers with no additional setup required. It uses several threat intelligence feeds to identify and block connections with malicious domains in real-time (so-called DNS filtering). The feeds are constantly updated with the latest information on malicious domains, so businesses can be confident that their employees are protected from the newest threats. Threat Blocker is an important addition to the security features of our platform. When phishing, ransomware, and other online adversary techniques are still at large, GoodAccess Threat Blocker will help businesses to elevate their security posture against them and reduce the attack surface introduced by remote work." Artur Kane, CMO at GoodAccess For monitoring and compliance reasons, employees' access to harmful websites and content is tracked and logged. Also, GoodAccess users can define their custom domain blacklists (denylists) to strengthen their security controls. The new feature helps businesses to: prevent employees from accessing malicious websites and keep their data safe and secure, block malware before infiltrating business network and launching larger attacks (advanced persistent threats, APT), detect and block connections with C&C botnet networks, prevent ransomware attacks to keep data safe and systems up and running, prevent unauthorized access to the business network as a result of successful phishing and identity theft, reduce the risk of sensitive business data exposure. GoodAcces cloud VPN with zero-trust network access controls streamlines the way organizations handle remote networking and mitigates security risks introduced by distributed workforce, constant mobility and decentralized IT. Since 2020, GoodAccess has earned the trust of more than 1000 business customers from 120 countries worldwide.

Read More

Spotlight

Modern management is all about radical simplification and automation of PC management tasks, leveraging techniques that customers have long taken advantage of with MDM – reducing IT costs, improving security, and ensuring a better user experience. And it’s a far better fit for the modern workforce that is more mobile and often remote and off the corporate network.

Resources