VPN

Absolute Software Achieves Common Criteria Certification

Absolute Software | February 04, 2022

Absolute Software, a leader in self-healing Zero Trust solutions, announced the company’s secure access product, NetMotion Mobility 12.14, has achieved Common Criteria Evaluation Assurance Level (EAL) 4+ – the highest certification level recognized internationally under the Common Criteria program for software products. Absolute is the only network solutions provider to achieve this certification across Android, iOS, macOS, and Windows for its Virtual Private Network (VPN) technology.

The certification demonstrates that NetMotion Mobility continues to meet the highest level of security requirements and satisfies the complex security needs of national and enterprise customers. Achieving Common Criteria EAL4+ certification, which is considered the gold standard for government-grade security, reaffirms Absolute’s commitment to delivering products that meet or exceed stringent international security standards.

Absolute’s secure access solutions are designed specially for the remote workforce, enabling resilient connectivity to mission-critical mobile applications and data. Absolute is the only provider to offer Resilient Zero Trust Network Access (ZTNA) alongside a VPN solution, enabling organizations to leverage the same secure tunnel to gradually adopt ZTNA while also retaining an enterprise VPN to be used when needed.

Our secure access products enable thousands of organizations worldwide – including public safety agencies, governments, and enterprises – to provide remote access through VPN and ZTNA in a way that actively improves the employee experience, and assures maximum security and uncompromised productivity. With the number and severity of threats posed by careless or malicious insiders, cyber criminals, and nation-state actors at an all-time high, we believe our continued investment in this evaluation and certification process is critical to being a leading, trusted security provider.”

John Herrema, Executive Vice President of Product and Strategy at Absolute

Common Criteria (ISO 15408) is regarded as an international benchmark for IT product security certification and is mutually recognized by 31 member countries in the Common Criteria Recognition Arrangement (CCRA), including Australia, Canada, France, Germany, Italy, Japan, Spain, Sweden, the United Kingdom, and the United States. The Common Criteria is a framework that provides assurance that the process of specification, implementation and evaluation of a computer security solution has been conducted in a rigorous, standard, achievable, repeatable, and testable manner at a level that is commensurate with the target environment for use.

About Absolute Software
Absolute Software accelerates customers’ shift to work-from-anywhere through the industry’s first self-healing Zero Trust platform, helping to ensure maximum security and uncompromised productivity. Absolute is the only solution embedded in more than half a billion devices, offering a permanent digital connection that intelligently and dynamically applies visibility, control and self-healing capabilities to endpoints, applications, and network access to help ensure their cyber resilience tailored for distributed workforces. Trusted by nearly 16,000 customers, G2 recognized Absolute as a leader in Zero Trust Networking in the Fall of 2021.

Spotlight

Dell EMC has partnered with VMware to deliver data protection solution for VMware Cloud™ on AWS.


Other News
VPN

Banyan Security Research Uncovers Primary Considerations Influencing Zero Trust Network Access (ZTNA) Adoption

Banyan Security | June 28, 2022

Banyan Security, a leading provider of Zero Trust Network Access (ZTNA) solutions, today revealed new research highlighting organizations’ preferences and hesitations for adopting modern remote access solutions. The independent survey was conducted by Sapio Research and engaged over 400 senior decision makers from mid- to large-sized companies in the U.S. and Canada, who are responsible for IT security and are aware of both virtual private networks (VPN) and ZTNA. The key findings from this study include: Over half (54%) of VPN owners stated that secure remote access is a priority at this time. VPN usage is still prevalent among a majority (90%) of security teams who have highlighted cost, time, and difficulty as reasons to not move forward with ZTNA adoption. Almost all organizations (97%) say that adopting a zero trust model is a priority, with 93% of organizations having committed a budget to enhance their VPN or move toward ZTNA within the next year or two. More than half (53%) of respondents have already started rolling out zero trust solutions. Personal Devices and VPNs Do Not Mix The last two years have shifted how we work, producing a new remote workforce that was essentially created overnight. As highlighted in this study, this has resulted in most workers – in this case 51% of respondents – using a combination of corporate and personal devices to connect to business applications and resources. Personal devices often used by less security-conscious family members. This creates a very risky environment as personal devices are easy targets for threat actors especially since IT teams cannot fully monitor activity on these devices. Additionally, personal devices are often used by other family members – particularly children – which make them even more susceptible to malware and other viruses. Despite known security issues, VPN usage continues to thrive, with 90% of respondents currently using a VPN in some capacity for secure remote access. When access is permitted on a personal device, it creates a risky situation for not only the user, but the entire organization. VPNs lack many of the application-level access controls and integrated security that are common in ZTNA solutions. As a result, cybercriminals will often target VPNs because a single set of compromised credentials can provide all of the access needed to carry out a data breach, ransomware incident, or other attacks. “As this study shows, VPN usage continues to be prevalent, often viewed as ‘good enough’ for remote access among organizations simply because that is what they have always used, What this doesn’t account for is the poor administrative and end user experience, not to mention that on-premises access must be handled with separate, siloed tools. We have plenty of evidence to show that legacy VPNs no longer adequately protect nor provide consistent and easy access to corporate resources for today’s ‘work from anywhere’ workforce.” Jayanth Gummaraju, CEO & Co-Founder of Banyan Security Key Drivers for ZTNA A majority of the respondents (97%) stated that adopting a zero trust model is a priority for their organization, where 44% said they have plans to roll out zero trust but are in the early stages, while 53% said they have already begun to roll out zero trust solutions. For organizations who have begun to roll out ZTNA solutions, the survey revealed that secure remote access (48%), improving the end user experience (34%) and eliminating exposure to VPN vulnerabilities (34%) were the top three drivers in their decision to choose ZTNA. Unlike VPNs, ZTNA provides access on a case-by-case basis, which is decided based on user, device, and application-level access and security controls. What’s Holding VPN Users Back from Making the Switch? Over two thirds of organizations (69%) believe implementing a ZTNA strategy would require a large undertaking. Aside from the general familiarity and comfortable usage of their traditional VPN solution, organizations stated that cost/budget constraints are the biggest barriers (62%) for VPN users to adopt ZTNA. Thirty percent of VPN owners said that it would be difficult to implement ZTNA infrastructure in their current security environment; however, 82% of respondents stated they would likely implement ZTNA if there was an easily deployable, inexpensive option. Apathy also appears to be one of the biggest barriers preventing VPN owners from adopting ZTNA solutions with 46% of respondents stating that modern, secure remote access is not a priority at this time. “While it is good to see that awareness of ZTNA solutions amongst IT security professionals continues to grow, the actual implementation of a ZTNA architecture is still considerably low, with just over 17% of respondents having truly begun to roll out a ZTNA strategy,” continued Gummaraju. “As we look toward a future where remote and hybrid work are the standard for most organizations, it’s encouraging to see that IT teams are looking beyond VPNs at more comprehensive zero trust network access solutions.” Research Methodology The survey was conducted among 410 Senior Decision Makers from mid- to large-sized companies in the U.S. and Canada, who are responsible for IT security and are aware of both VPN and ZTNA. The interviews were conducted online by Sapio Research in April 2022 using an email invitation and an online survey, with results accurate to ± 4.8% at 95% confidence limits. About Banyan Security Banyan Security provides secure, zero trust “work from anywhere” access to infrastructure and applications for employees, developers, and third parties without relying on network-centric legacy VPNs. Deep visibility provides actionable insight while continuous authorization with device trust scoring and least privilege access deliver the highest level of protection with a great end user experience. Banyan Security protects tens of thousands of employees across multiple industries, including finance, healthcare, manufacturing, and technology.

Read More

VIRTUAL DESKTOP STRATEGIES

Citrix a Leader in Zero-Trust Network Access

Citrix | June 22, 2022

When it comes to protecting apps and data in the world of hybrid work, zero-trust network access (ZTNA) is the name of the game. And according to the GigaOm Radar for Zero-Trust Network Access, Citrix Systems, Inc.is a Leader and Fast Mover in delivering solutions companies can use to win it. “Virtual private networks (VPNs) have long been the default method of securing remote access, However, VPNs are limited with respect to the level of control they can provide, as they are unable to take into consideration the context in which legitimate users are accessing resources.” Chris Ray, Security Researcher, GigaOm Designed to assist IT organizations in identifying more modern ZTNA solutions that provide greater control, the GigaOm Radar for Zero-Trust Network Access evaluated 12 vendors on the following criteria: AM & MFA Vendor Integrations Cloud & SaaS Integrations UEBA-Like Capabilities Unmanaged Device Support Legacy Application Support Session Monitoring Capabilities Citrix was ranked as a Leader and Fast Mover in all categories, and noted for the extensibility, integration maturity and technical innovation of its ZTNA solutions. Citrix provides a unified stack of cloud-delivered secure access solutions that give employees the flexibility and choice to work where and how they prefer and IT the visibility and control to ensure they do so in a secure manner. “When it comes to securing apps and data, there’s more at stake than protecting against threats and vulnerabilities,” said Pankaj Gupta, Senior Director, Product Management, Citrix. “To remain productive and engaged, employees must be able to access the resources they need to get work done in a hassle-free way that is transparent to them.” With Citrix, they can. Citrix secure access solutions leverage the latest ZTNA technology to secure user access to all corporate applications—web, SaaS, client/server, and desktop as a service (DaaS)—whether they're deployed in public clouds or on-premises datacenters. Unlike traditional VPN and SSO which authenticate at login only, Citrix ZTNA solutions continuously evaluate risk factors throughout each session. When suspicious activity is detected, granular security controls automatically kick and work in the background to change how users are authorized to interact with apps to keep things safe without hampering their experience. “Citrix’s strategy to combine holistic security with a great user experience is a key differentiator,” Ray notes. Among the other strengths called out within the report: Completeness of solution Very strong, well-thought-out features Unmanaged device support through a remote browser Robust data loss prevention technologies Simple, mature integrations with other technologies “Network and application security has gotten complicated, and we are pleased to be recognized by GigaOm as a leader in delivering solutions that companies can use to simplify it by enacting a modern approach that supports the future of work,” Gupta said. About GigaOm GigaOm provides technical, operational, and business advice for IT’s strategic digital enterprise and business initiatives. Enterprise business leaders, CIOs, and technology organizations partner with GigaOm for practical, actionable, strategic, and visionary advice for modernizing and transforming their business. GigaOm’s advice empowers enterprises to successfully compete in an increasingly complicated business atmosphere that requires a solid understanding of constantly changing customer demands. GigaOm works directly with enterprises both inside and outside of the IT organization to apply proven research and methodologies designed to avoid pitfalls and roadblocks while balancing risk and innovation. Research methodologies include but are not limited to adoption and benchmarking surveys, use cases, interviews, ROI/TCO, market landscapes, strategic trends, and technical benchmarks. Our analysts possess 20+ years of experience advising a spectrum of clients from early adopters to mainstream enterprises. GigaOm’s perspective is that of the unbiased enterprise practitioner. Through this perspective, GigaOm connects with engaged and loyal subscribers on a deep and meaningful level. About Citrix Citrix builds the secure, unified digital workspace technology that helps organizations unlock human potential and deliver a consistent workspace experience wherever work needs to get done. With Citrix, users get a seamless work experience and IT has a unified platform to secure, manage, and monitor diverse technologies in complex cloud environments. For Citrix Investors: This release contains forward-looking statements which are made pursuant to the safe harbor provisions of Section 27A of the Securities Act of 1933 and of Section 21E of the Securities Exchange Act of 1934. The forward-looking statements in this release do not constitute guarantees of future performance. Those statements involve a number of factors that could cause actual results to differ materially, including risks associated with the impact of the global economy and uncertainty in the IT spending environment, revenue growth and recognition of revenue, products and services, their development and distribution, product demand and pipeline, economic and competitive factors, the Company's key strategic relationships, acquisition and related integration risks as well as other risks detailed in the Company's filings with the Securities and Exchange Commission. Citrix assumes no obligation to update any forward-looking information contained in this press release or with respect to the announcements described herein. The development, release and timing of any features or functionality described for our products remains at our sole discretion and is subject to change without notice or consultation. The information provided is for informational purposes only and is not a commitment, promise or legal obligation to deliver any material, code or functionality and should not be relied upon in making purchasing decisions or incorporated into any contract.

Read More

VIRTUAL DESKTOP TOOLS

Red River Named as a VMware Regional Academy for IT Support and Training

Red River | July 01, 2022

Red River, a technology transformation company serving government and enterprise customers, announced today that it has been designated as a VMware Regional Academy for IT support and training. In partnership with the VMware IT Academy, Red River will provide instructors and students at academic institutions with training and learning resources for high-demand IT skills such as digital workspace, application modernization and multi-cloud. VMware academic programs have created positive change throughout the pandemic, providing next-generation technology to academic institutions, allowing instructors to teach virtually and giving students access to industry certifications. “Red River understands the evolving needs of the IT Industry and its talent,” said Jackie Barker, Director of VMware IT Academy. “VMware IT Academy is thrilled to work with Red River to provide educational resources and experience to students in academia.” As a VMware Regional Academy for IT support, Red River will contribute to industry and economic development, providing skills to students seeking high-demand careers in areas such as cloud, dev ops, data, mobility and security. Red River will also support the remote delivery of VMware courses, helping students excel through online certification opportunities, hands-on labs and other VMware learning resources. “We are pleased to be a part of the Regional Academy, sharing years of technology expertise to benefit the next generation of IT professionals, This opportunity enables us to invest in our industry, so we can better prepare students for work and career growth in a digital world.” Richard Ackerman, Vice President of Workforce Development for Red River Red River’s workforce development program offers extensive training programs, new career opportunities and dedicated partnerships. The company is set on making a positive impact on employees, customers, partners and communities. To learn more about workforce development at Red River visit www.redriver.com/resources/workforce-development. For more information on the VMware IT Academy, visit https://www.vmware.com/company/it-academy.html. About VMware VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda. About Red River Red River brings together the ideal combination of talent, partners and products to disrupt the status quo in technology and drive success for business and government in ways previously unattainable. Red River serves organizations well beyond traditional technology integration, bringing 25 years of experience and mission-critical expertise in security, networking, analytics, collaboration, mobility and cloud solutions.

Read More

VIRTUAL DESKTOP STRATEGIES

Tailscale SSH Now in Beta for Simple and Secure Remote Connections

Tailscale | June 27, 2022

Tailscale has released Tailscale SSH to beta, which makes authentication and authorization trustworthy and effortless by replacing SSH keys with the Tailscale identity of any machine. With Tailscale, each server and user device gets its own identity and node key for authenticating and encrypting the Tailscale network connection, and uses access control lists defined in code for authorizing connections, making it a natural extension for Tailscale to now manage access for SSH connections in your network. “SSH is an everyday tool for developers, but managing SSH keys for a server isn’t so simple or secure, SSH keys are difficult to protect and time consuming to manage. Protecting your network connections with SSH keys requires that admins spend significant resources managing, provisioning, or deprovisioning user access. Tailscale SSH removes the pain from SSH key management with the same powerful simplicity Tailscale offers for virtual private networks.” Tailscale Product Manager Maya Kaczorowski Kris Nóva, Senior Principal Engineer and published distributed systems expert used Tailscale to create a private network between her homelab in New York and a datacenter in Iceland: “Tailscale is seriously the best user experience of my life. I ran a Kubernetes 1.24 cluster on Tailscale with eBPF CNI networking on top of a tailnet, which connects my private subnet at home, across the Arctic ocean to a private subnet in a volcano-powered datacenter in Iceland. It blew my mind how easy and powerful it was to use. I’m excited to use their new SSH feature.” With Tailscale SSH, users can now securely code from their iPad running Tailscale, across operating systems to a Linux workstation, without having to figure out how to get their SSH private key onto their iPad. Enterprise Tailscale customers will reduce churn and resources on SSH key management or bastion jump boxes, and avoid risk of exposing memory unsafe servers to the open internet. The beta release gives all users: Authentication and encryption: Authenticate, authorize, and encrypt SSH connections using Tailscale. No need to generate, distribute, and manage SSH keys. SSO and MFA: Use existing identity providers and multi-factor authentication to protect SSH connections the same way you authorize and protect application access. Built-in key rotation: Tailscale makes it simple to rotate keys with a single command and manages key distribution. Node keys can be rotated by re-authenticating the device, as frequently as every day. Re-verify SSH connections: Tailscale works with existing identity providers and re-verifies before SSH connections are established, and gives users the option to re-authenticate when establishing high-risk SSH connections. Revoke SSH access easily: When an employee offboards, Tailscale allows admins to revoke access to SSH to a machine almost instantaneously with Tailscale ACLs. Manage permissions as code: Define connections to devices using a standard syntax and understand SSH access controls in a centralized configuration file. Reduced latency with point-to-point connections: Connect directly from a device to a server, without having to hairpin through a bastion. Developers can connect wherever they work, without slowing them down by routing their traffic through the main office. Add a user or server painlessly: Maintain users and servers in a network without adding complexity. Tailscale ACLs to give the right people access and add it to a team's known hosts. Tailscale makes network security accessible to teams of any scale and gives developers and DevOps teams the ability to connect to resources easily and securely in the cloud, on-premises, and everywhere in between. Tailscale uses the WireGuard® protocol, the open source, opinionated standard for secure connectivity. It is set up and configured in a matter of minutes on average, while other VPN solutions take weeks to fully implement and several hours a week to maintain. About Tailscale Tailscale builds software that makes it easy to interconnect and secure devices, no matter where they are. Every day, banks and multinational companies use Tailscale to protect their corporate networks. Homelabs and start-ups trust Tailscale to collaborate and share access to tooling. We're building a future for the Internet that's easy, small and safe, like it used to be. Founded in 2019 and fully distributed, we’re backed by Accel, CRV, Heavybit, Insight Partners, and Uncork Capital.

Read More