SERVER VIRTUALIZATION

New Audit Resources from ISACA Help Professionals Keep Pace with 2022 Audit and Compliance Trends and Updates

ISACA | December 22, 2021

As the year winds down, many audit professionals are shifting their focus to 2022 priorities—including developing dynamic new strategies such as agile auditing, revisiting established technologies from a remote or hybrid working environment perspective, and closing any gaps between compliance expectations and current practices—and how they can enhance their skills to meet the needs of the evolving audit landscape. To meet these needs, ISACA has released three new audit resources—its VPN Security Audit Program, Destination: Agile Auditing white paper, and a new edition of its IT Control Objectives for Sarbanes-Oxley publication.

During the pandemic, the reliance on virtual private networks (VPNs) was heightened as many shifted to working from home—as did the need to manage its risks and implement safeguards. ISACA’s VPN Security Audit Program provides a foundation for auditors to provide assurance around the effectiveness of implemented VPN controls, including pre-audit planning, governance and oversight, implementation and configuration, operations, and maintenance and monitoring, to avoid some of the following risks:

  • The increase in number of end users combined with extended VPN use may put additional pressure on infrastructure and adversely affect performance.
  • Failure to detect unauthorized VPN activity may cause denial of service due to excessive traffic or connection attempts.
  • Lack of alignment of data classification requirements with VPN requirements and configuration may impair compliance initiatives that are reliant on data classification.

During the pandemic, organizations embraced methods to increase agility and efficiency, including by using Agile. Destination: Agile Auditing outlines how audit professionals can incorporate Agile principles into their audit methodologies. Auditors can learn the basics about Agile auditing, its benefits, how Agile complements established assurance standards, how developing competency in Agile can enhance the planning, fieldwork, and reporting phases of an audit. The white paper also includes examples of elements from the Agile tool set, including an Agile road map and Agile audit engagement workflows and illuminates key components like sprints, audit backlog and daily standups.

Internal and external auditors, IT auditors and managers, and financial and operational managers can also ensure they are keeping up with the latest guidance in complying with the Sarbanes-Oxley Act in a new edition of ISACA’s IT Control Objectives for Sarbanes-Oxley publication. This latest edition incorporates updated guidance and standards from the Public Company Accounting Oversight Board (PCAOB) and the American Institute of CPAs (AICPA) and its Auditing Standards Board, with updates including:

  • Integrating guidance for implementing internal control over financial reporting (ICFR) using COBIT® 2019, for IT and financial management within enterprises and for their internal and external auditors and consultants
  • Aligning with COBIT 2019 Focus Area: Information & Technology Risk
  • Providing the mapping of the role of COSO Internal Control – Integrated Framework, 2013 to COBIT 2019
  • Highlighting technological innovations and their impacts on auditing IT controls.

The audit landscape is constantly shifting as technologies and regulations evolve, making it essential that audit professionals prioritize continuous learning to ensure they are applying the most current and effective audit practices. ISACA is committed to equipping the global audit community with the tools they need to deliver the highest audit standards at their organizations.”

Robin Lyons, IT Audit Professional Practices Lead

About ISACA
For more than 50 years, ISACA has advanced the best talent, expertise and learning in technology. ISACA equips individuals with knowledge, credentials, education and community to progress their careers and transform their organizations, and enables enterprises to train and build quality teams. ISACA is a global professional association and learning organization that leverages the expertise of its more than 150,000 members who work in information security, governance, assurance, risk and privacy to drive innovation through technology. It has a presence in 188 countries, including more than 220 chapters worldwide. In 2020, ISACA launched One In Tech, a philanthropic foundation that supports IT education and career pathways for under-resourced, under-represented populations.

Spotlight

Multi-cloud is now the dominant architecture, providing companies with speed and agility. But multi-cloud infrastructure can also be complex and costly. Learn how a family of Cross-Cloud services from VMware can help companies thrive in the multi-cloud era.


Other News
VIRTUAL DESKTOP TOOLS

Exoprise Customers Achieve Significant ROI With SaaS and Digital Experience Monitoring

Exoprise | September 12, 2022

Exoprise, a leader in Digital Experience Monitoring (DEM) solutions, announced that its customers continue to realize significant Return on Investment (ROI) with Exoprise solutions and achieve positive ROI within six months of implementation. Troubleshooting remote worker issues using traditional tools creates visibility challenges, severely impacting business continuity and productivity. According to the latest Forrester future of work survey, 20% of employees contact the service desk support team weekly, and 10% contact them daily – far too often to remain consistently productive. In current economic conditions, companies have the potential to save thousands to millions in IT costs using features and capabilities offered by Exoprise DEM solutions. As one of the Exoprise customers, a global CRM head at a financial services company, told us, "Upon returning from a weekend, our employees could not access their Salesforce app in the morning. As a result, IT and several other teams spent at least half a day trying to find the root cause, which cost the company about $500K. With Exoprise synthetics, we would have immediately narrowed the problem to a change made by the network team and saved a huge loss to the company." Exoprise customers achieve superior ROI with their DEM investment by: Recovering Service Level Agreement (SLA) credit – IT teams receive Service Level Agreement (SLA) violation credits when Microsoft 365 has downtime. For example, Microsoft services such as Azure, Teams, OneDrive, etc. may not be available due to an outage or technical issue. Service availability less than the SLA of 99.9% requires Microsoft to reward credits to the customer. Exoprise provides actionable availability reports that act as evidence of true downtime, outage length, events, errors, and corresponding service health. Customers quickly verify and claim their credits to recoup the cost of the Exoprise system. Saving Costs on Device Refresh and Upgrades – IT departments often need to upgrade their infrastructure with new hardware or software, so employees remain productive and job satisfaction remains high. However, with a shrinking economy and flat expense budget, businesses struggle to keep up with that mandate. Utilizing Exoprise Service Watch Real User Monitoring (RUM), operation teams are driving upgrade decisions based on hard network and device telemetry data, segmenting different user groups, and auditing remote endpoint devices. The result is an optimized device refresh schedule and cost-effective companywide upgrades. Another Exoprise user, a Microsoft Teams administrator at a manufacturing services company, "We had frequent complaints from users about poor Teams meetings/calls. Initially, we would upgrade the hardware to the latest to fix the problem and spend thousands doing that, but the problems persisted. So, when we started using Service Watch, we could see exactly where the problem was for each user - and avoid upgrading when the problems were due to corporate network or weak Wi-Fi access points." Preventing Network Upgrade Surprises and Downtime – Future proofing the business means frequent network optimization. Enterprises rely on mission-critical services such as Microsoft 365, Salesforce, AWS, and SAP. Delivering these services via ISPs, MPLS, SDWAN, and VPN providers becomes susceptible to performance fluctuations. Exoprise provides end-to-end baseline views of the network for mission-critical applications before, during, and after any network transformation takes place. As a result, network administrators can ensure that the end-user experience is improved and access is more reliable. Delivering Better Digital Experiences Anywhere and reducing MTTR – The Modern Workplace demands remote flexibility along with the freedom to work anywhere. ITOps teams require end-to-end visibility into apps, the network, and system performance for these Digital Nomads, and the Exoprise platform delivers. Once deployed, Exoprise helps customers safely transition to a hybrid work model. Proactive synthetics provide early outage detection while crowdsourced analytics reduce the troubleshooting time in half. Improving Productivity with Less Dropped Calls for Teams, Zoom, and Webex – Today, knowledge workers collaborate using Unified Communication (UC), VoIP, and streaming applications such as Microsoft Teams, Zoom, and WebEx. Customers use Exoprise to proactively test and tune their networks for the collaboration platforms and offer complete coverage with Service Watch RUM. As a result, there is a significant ROI in reduced dropped calls and smoother call quality. "Due to Covid, our IT model has shifted from primarily supporting call center operations to supporting a significantly larger virtual environment. That was when we became interested in better measuring digital experiences from the end user's perspective. Synthetic sensors in our central data centers collect performance data on Microsoft 365, but we wanted an even more complete picture. Together with a real user monitoring on-demand solution, we can better understand the issues of our users at any geographic location," said Kevin Santos, Senior Director of IT, Network Operation Center, BCD Travel. "Exoprise has always been at the forefront of supporting our customers with innovative digital solutions and addressing hybrid workforce challenges with a complete view into the end-user experience, Our Service Watch product rapidly isolates call quality problems with VoIP and streaming apps such as Microsoft Teams, WebEx, and Zoom in real-time and ensures smooth collaboration from anywhere. In addition, our technical ability to deliver synthetics and real-user behavior insights in one platform differentiates us in the market." Exoprise CEO Jason Lieblich Read more about the combination of RUM and synthetics in our latest whitepaper and ensure the best digital employee experience for streaming, collaboration, and VoIP apps such as Microsoft Teams, Zoom, WebEx, and GoToMeeting. Better Together: Combine Real User Monitoring with Synthetics About Exoprise Exoprise enables IT teams to effectively deploy and manage its monitoring solution and mission-critical, cloud-based applications and services. CloudReady provides real-time performance visibility from behind the firewall to the cloud and back with synthetic monitoring. Service Watch provides location-independent end-user experience insights for SaaS and third-party web applications with real user monitoring. By leveraging proactive network path diagnostics, real user experience metrics, actual app usage data, and crowd-sourcing data analytics, organizations now have visibility, speed, and agility to easily assure the best cloud service performance.

Read More

VMWARE

VMware Announces Settlement of Previously Disclosed Investigation by the Securities and Exchange Commission

VMware | September 16, 2022

VMware, Inc. announced that it has reached a settlement with the U.S. Securities and Exchange Commission (the “SEC”) to resolve a previously disclosed investigation related to the Company’s backlog disclosures in public filings for its 2019 and 2020 fiscal years, which ran from February 3, 2018 through January 31, 2020. Under the terms of the settlement, the Company has agreed to pay a civil monetary penalty of $8 million without admitting or denying the SEC’s findings, which relate to the Company's disclosures. The SEC’s findings do not include any findings that the Company failed to comply with generally accepted accounting principles. The SEC Staff has confirmed that it does not intend to recommend enforcement action against any current or former VMware officers or other member of management in connection with the investigation, and this settlement concludes the matter. VMware believes this settlement is the right course of action for the Company and continues to be committed to operating at the highest level of integrity, including with respect to its public filings and communications with investors. About VMware VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda.

Read More

VIRTUAL DESKTOP TOOLS

Opera ships its new VPN Pro service to Windows and Mac to give you an extra level of security as you travel

Opera | August 08, 2022

Opera (NASDAQ: OPRA), the company behind the eponymous web browser, recently announced the expansion of its security features with the new VPN Pro subscription service, a premium device-wide VPN that can be used without the installation of a separate app. The VPN Pro service, previously available on Android, is now coming to Opera users on Windows and Mac. Travelling with no limits Opera VPN Pro is now multi-platform Opera VPN Pro is now multi-platform Opera ships its new VPN Pro service to Windows and Mac to give you an extra level of security as you travel Opera ships its new VPN Pro service to Windows and Mac to give you an extra level of security as you travel Opera ships its new VPN Pro service to Windows and Mac to give you an extra level of security as you travel Opera ships its new VPN Pro service to Windows and Mac to give you an extra level of security as you travel The summer is a time of travel, with people once again changing their location: for leisure or to attend industry events. The pleasures of travel, however, also come with the cybersecurity risks of using public Wi-Fi. The Opera browser, which is known for its free browser VPN, which is still available to all of our users, is providing its users with a device-wide solution that protects their laptops no matter where they go and what connections they use – from subway hotspots to hotel Wi-Fi. Opera VPN Pro users can enjoy safe and seamless connections wherever their vacation or business trip takes them. The subscription-based service will cover up to six devices connected to one account. Opera is offering a free month with an unlimited secure VPN connection to those who subscribe to VPN Pro via desktop before August 31st, with an opportunity to cancel the subscription at any time. Working from the beach, airport, or a cafe, as well as just browsing the web for fun, is now safer thanks to the VPN Pro solution. To use the new Opera VPN Pro, users need to install Opera Browser on Windows, or Mac on their computer, then sign into their Opera Account and try it for free. From that point, whenever the VPN is switched on, all the data that users send to the internet will be encrypted and sent to one of thousands of VPN servers around the world. This not only protects them while using unencrypted Wi-Fi at airports, restaurants and city centers, but also makes it harder for advertisers to track them. With a simple click on the Opera VPN Badge in the Opera browser address bar, or via the tray icon, users can enable full protection at any moment. Opera VPN Pro is available in English, German, French, Spanish, Polish, and Brazilian Portuguese. Available on Android, Windows and Mac Back in March, Opera released VPN Pro, a full-featured VPN solution that encrypts all traffic going out of the user's Android device. Today, it's boosting users' privacy on desktop. "VPN services are becoming an essential part of browsing, regardless of the device being used. Therefore, we decided to expand our offering so that users can connect up to six Android and desktop devices to their VPN subscription at once and stay safe online," said Krystian Kolondra, EVP PC & Gaming at Opera. VPN Pro satisfies the needs of those users who are looking for increased protection. It provides security to the entire device and protects up to 6 different Android and Win or Mac devices within one subscription. User data stays safe behind a wall of next-generation encryption, no matter what application is used. Just like Opera's Free VPN, VPN Pro is a no-log service. It offers access to 3,000+ private network servers in over 30 locations around the world, allowing users to download files and browse the web securely with a speedy VPN connection and unlimited bandwidth for all supported devices. There is no need to sacrifice speed for better security since VPN Pro gives access to high-speed servers, so users can browse faster than ever. Additionally, users can run data-saving mode alongside VPN Pro to ensure they never go overboard on their data. How to get started VPN Pro can be used on Windows and Mac by installing Opera Browser for desktop. To enhance device security and safety, users can subscribe to Opera VPN Pro directly inside the Opera Browser by following 5 simple steps: download the latest version of Opera Browser; log into Opera Account and select desired subscription period; follow the payment steps; enjoy a seamless and protected connection to the web! To use the same subscription on your Android device, simply download the Opera Browser for Android from the playstore, sign in to the same Opera account you have on your desktop and start using your VPN Pro on your phone! With Opera VPN Pro, existing Opera users can easily subscribe using their Opera account without the need to download another app or create another account. The pricing options vary from $1.99 to $5.99 per month (depending on the duration of the subscription) of VPN protection, making Opera VPN Pro one of the safest and most economical solutions on the market. If a user ever needs any help with the service, Opera's team of industry-leading experts are always available to assist. Support can be easily reached through the Help Center or by Chat & Email support, both available here. VPN Pro is currently available for users in the majority of markets around the globe. There is a 7-day free trial period and a 30-day money-back guarantee. Before the 31st of August, new users of VPN Pro on desktop can get one month of subscription for free. The release has a pricing offer of $5.99 for one month, $2.99 per month with a 6-month subscription, and $1.99 per month with a 12-month subscription for VPN protection. To discover all the benefits, visit the dedicated VPN Pro page. About Opera Opera is a global web innovator with an active base of hundreds of millions of monthly active users who have sought a better internet experience. Building on over 25 years of innovation that started with browser products, Opera is now leveraging its brand and highly engaged user base in order to expand its business into new segments. Today, Opera offers users around the world a range of products and services that include PC and mobile browsers, the newsreader Opera News, and apps dedicated to gaming, Web3 and e-commerce. Opera is headquartered in Oslo, Norway and listed on the NASDAQ stock exchange (OPRA).

Read More

VIRTUAL DESKTOP TOOLS

Innovators Across the Industry to Gather at VMware Explore 2022 US

VMware | August 24, 2022

VMware, Inc. a leading innovator in enterprise software, today announced the general session keynote speakers and the conference sponsors for its global multi-cloud event, VMware Explore 2022 US taking place at the Moscone Center in San Francisco Aug. 29-Sept. 1, 2022. VMware Explore is the center of the multi-cloud universe and an evolution of the company’s flagship conference, VMworld. The re-imagined event, in person again after two years, is focused on the evolution of today’s multi-cloud era, and will highlight technologies, ecosystem, industry experts, and developer communities that are shaping the future. VMware CEO Raghu Raghuram will provide a behind-the-scenes look at how multi-cloud is enabling and enhancing an always-on, digital world. He will also showcase VMware’s strategic partner ecosystem, which is helping customers scale their business, drive innovation and transform customer experiences. The session will also feature VMware President Sumit Dhawan and CVS Health CIO, Roshan Navagamuwa, to discuss the U.S. healthcare leader’s customer-centric approach as it puts multi-cloud into action. Additionally, VMware leaders CTO Kit Colbert and CTO of Americas Amanda Blevins, along with DevOps guru and Google principal engineer Kelsey Hightower, McLaren Racing head of commercial technology Ed Green, and best-selling author and professionally trained futurist Jacob Morgan, will discuss multi-cloud leadership, cloud-native platforms, cloud and edge transformation, and the hybrid workforce. In addition to the general session, VMware Explore 2022 US features a variety of sessions spanning key technology themes and industries, including: Explore VMware Cross-Cloud Services - In this session, attendees will learn how to navigate the opportunities of multi-cloud environments by embracing the world of modern application development and Kubernetes, modernizing infrastructure, and enabling hybrid workforces. vSphere+ and vSAN+: The Next Evolution of VMware Enterprise Workload Platform - This session will introduce new product innovations in vSphere+ and vSAN+ that help customers improve workload performance, enhance operational efficiency, and increase time to value for DevOps. Are Your Networking and Security Cloud Smart? - Learn how VMware is enabling customers to implement Zero Trust across multi-cloud environments with zero appliances, zero tickets, zero taps and zero disruptions. VMware’s annual conference will feature 800+ unique breakout sessions, tutorials, and keynotes from VMware and its community of customers and partners. Notable sponsors for VMware Explore 2022 US include Amazon Web Services (AWS), Dell Technologies, Google Cloud, Intel, Microsoft, and NVIDIA. View the full list of VMware Explore 2022 US sponsors and exhibitors here. Beginning Aug. 29, VMware Explore will deliver rich technical content both in-person and on-demand. Attendees will have the opportunity to learn about multi-cloud and edge architectures from the perspective of VMware product experts and industry thought leaders. Additionally, attendees will learn how to streamline developer experiences and DevOps practices across applications. About VMware Explore 2022 VMware Explore is an evolution of the company's flagship conference, VMworld. The event has transformed to be the industry’s go-to-event for all things multi-cloud. VMware Explore 2022 features more industry-led solution and technical sessions than ever before, an extensive ecosystem of 90% of the top cloud partners, a thriving marketplace of multi-cloud ISVs and several networking events with VMware Cross-Cloud™ services and open source communities. With an unparalleled view into multi-cloud services, from public to private to edge, for all applications, VMware Explore 2022 attendees will gain the tools they need to solve challenges by simplifying multi-cloud complexity without compromise. About VMware VMware is a leading provider of multi-cloud services for all apps, enabling digital innovation with enterprise control. As a trusted foundation to accelerate innovation, VMware software gives businesses the flexibility and choice they need to build the future. Headquartered in Palo Alto, California, VMware is committed to building a better future through the company’s 2030 Agenda.

Read More