Connect with us

Tech & Innovation

HP enhances print experiences with cloud‐based services and solutions

Published

on

Image from Pixabay.com

HP Inc. announced print services and solutions that enable companies to accelerate their shift to flexible, cloud-based environments. By harnessing the power of the cloud, HP is delivering personalized services and intelligent, purpose-built solutions that help streamline and automate processes so IT departments can focus on their most strategic priorities.  

“Our customers are looking for simple, secure and intuitive solutions that enhance performance and deliver business outcomes,” said David Prezzano, General Manager and Global Head, Print Services and Solutions, HP Inc. “We’re laser focused on delivering services and solutions that know how you work, anticipate your needs and offer a compelling cost structure.”  

HP today announced a new global managed service that delivers a cloud-based, always-on print environment optimized for each client. HP Managed Print Cloud Services allows customers to leverage HP’s security innovation while maintaining the utmost control and flexibility around how the service is shaped. The offering addresses both trusted and zero-trust cloud environments and is delivered through a well-defined, modular approach with flexible services and software stacks.

“Meeting customers where they are in their journey to the cloud is a smart strategy and especially important now given the current environment,” said Patrick Moorhead, Moor Insights & Strategy. “I believe HP Managed Print Cloud Services shifts the responsibility of managing the client’s print-related technology to HP, allowing clients to redirect their critical IT investments to more strategic or urgent priorities.”

In addition, HP today announced its support for Universal Print, a Microsoft 365 cloud print solution that organizations can use to manage their print infrastructure. As part of this collaboration, HP will work with Microsoft to build a cloud-to-cloud integration with the Managed Print Cloud Services platform, allowing organizations to increase security, manage devices and release print jobs only to authorized users. This integration will enable Universal Print users to print virtually anywhere, simply and securely.

HP has also introduced a newly enhanced Flexworker Solutions program, allowing remote workers to acquire company-approved printers bundled with an extended service contract and order supplies seamlessly through an online portal, while enabling IT departments to manage supplies through central billing and consolidated reporting, saving costs and delivering a better experience. 

Tech & Innovation

Next generation businesses require security-driven network

As Big Data, hyperscale architectures, SD-WAN, 5G, Edge networking, and smart systems (such as cars, cities, and infrastructures) become mainstream, these networks will be forced to change even further. The current generation of security solutions now in place simply can’t keep up.

Published

on

Photo by Steve Halama from Unsplash.com

Today’s networks are distributed across so many devices and environments, many of them temporary and all of them in a constant state of flux, that the notion of a perimeter has been almost completely abandoned. This transition has largely been the result of an application-based business model. Users—both employees and consumers—require immediate and reliable access to critical applications and streaming services at any time, from any location, on any device. 

To achieve this, most organizations have transformed their networks to a collection of edges. In addition to the LAN edge, there is the new WAN edge, the multi-cloud edge, the distributed datacenter edge, the mobile edge, and most recently due to the rapid shift to work-from-home, a huge surge in the home office edge. And multi-edge computing (MEC)—a distributed, open IT architecture that features decentralized processing power and a virtualized network platform—is right around the corner. Powered by 5G-enabled devices and infrastructure, MEC leverages mobile computing and Internet of Things (IoT) technologies to process data locally rather than being transmitted to a datacenter. 

This level of innovation has transformed networks so thoroughly and so rapidly that traditional security tools are no longer able provide the consistent security that networks require. Traditional security solutions, often deployed after a network was in place, were designed to secure fixed perimeters and monitor predictable levels of traffic and workflows moving between static network servers and devices. 

Those days are gone. Today’s collection of edge environments are in a constant state of flux. They are not only continually adding and dropping physical and virtual devices, they also create temporary networks and are constantly fine-tuning connections. And as Big Data, hyperscale architectures, SD-WAN5G, Edge networking, and smart systems (such as cars, cities, and infrastructures) become mainstream, these networks will be forced to change even further. The current generation of security solutions now in place simply can’t keep up. 

Security-driven Networks are Designed for Today’s Digital Business 

Fortunately, there is a new generation of security designed for today’s complex, distributed, and dynamic environments. It starts with Security-driven Networking, an approach that tightly integrates an organization’s network infrastructure and security architecture into a single solution. Weaving security deep into the network in this way is essential for effectively defending today’s highly dynamic environments. And by deploying Security-driven Networking solutions across all of their edge environments, organizations can ensure consistent policy orchestration and enforcement across today’s highly flexible perimeters. This enables the network to reroute traffic, replace connections, move resources from one domain to another, and dynamically scale up and out without ever compromising the ability of security systems to track workflows, transactions, users, data, or devices. 

Achieving this requires implementing a security solution strategy designed to encompass the entire network development and deployment life cycle, allowing security to function as the central consideration for all business-driven infrastructure decisions. With security at the core, networks can evolve, expand, and adapt without concerns that an expanded attack surface or security gap could compromise the organization. 

Three Critical Steps for Implementing a Security-driven Network: 

Secure PDIO: A Security-driven Networking strategy must be part of the entire network Planning, Design, Implementation, and Optimization lifecycle. But it starts in the planning stages, before everyone agrees on what new infrastructures and applications and devices are needed. And that requires everyone to agree that all development must support a central security fabric strategy—an approach for ensuring consistent visibility, orchestration, response, and enforcement across the entire network. 

Want a new cloud infrastructure? It doesn’t just need to include security. It needs to use a security platform that can function as part of the central security fabric. Building and deploying a new application? The security fabric not only needs to be able to see and inspect the application and its traffic, but it should also be built using the exact same security tools used to protect the rest of the network. And when virtual devices need to spin up or out, or when connections between a branch office and business applications in the cloud need to roll over, the Security Fabric needs to literally be part of that process, ensuring that security is always watching, always sharing, and always ready to respond. 

Access Control and Segmentation: When new devices are added to the network, the integrated security system needs to automatically identify them and apply rules before granting access to network resources. That includes automatically assigning devices to secured network segments that have been enhanced with authentication for increased control and flexibility. These network segments are then monitored by the security fabric to prevent unauthorized behaviors, inspect applications, and secure workflows, driving access security deep into the distributed network. And because security and networking are tied together, any changes to the network infrastructure automatically include changes to security. 

Consistent Protection Everywhere: Data never stays in one place. It gets shared, cross-referenced, mined, and processed. Security-driven Networking protects data, applications, and workflows along their entire data path through the implementation of a single, integrated Security Fabric, ensuring that the secure handoff of data and workflows between network domains is seamless. Achieving this requires integrated security platforms deployed across the network to consistently secure that traffic even as it passes across and between different network segments, dynamic multi-cloud environments, data centers, and devices.  

This requires a solution designed to function natively in all public and private cloud environments and comes in form factors ranging from powerful datacenter edge devices, to small desktop footprints, to virtual solutions running in cloud environments, to cloud-based solutions designed to secure devices and data off-network, to software running on endpoint devices, to versions designed to run in a container or be added to an application to secure data and transactions. All of these must function as a powerful security solution within their own sphere, track and adapt as the environment changes, and work as a single, integrated system that spans all environments to add a level of visibility, control, and response previously unavailable. 

Digital Innovation Demands Security-driven Networking 

Security-driven Networking is an essential next step for securing today’s dynamic and evolving digital infrastructures. Security platforms integrated into a unified security fabric and woven into the network infrastructure enable organizations to embrace digital innovation and expand their digital footprint without exposing critical resources to new risks compounded by the loss of visibility and control—often due to the complexity of trying to secure an evolving network using traditionally isolated products. Security-driven Networking is designed to expand and adapt in sync with the network, providing the flexible protections and controls that today’s digital businesses require. 

Continue Reading

Tech & Innovation

Boxes to tick when choosing a threat intelligence provider

For any chief information security officer (CISO) or IT lead, operating in today’s highly digitalized environment, not only are they tasked with establishing and maintaining the digital transformation efforts of their companies on a tight budget, they must also ensure that the company’s IT policy is compliant with the data protection regimes in the markets that they operate in.

Published

on

Photo by Igor Miske from Unsplash.com

By Yeo Siang Tiong
General Manager for Southeast Asia, Kaspersky

A long time ago in the cybersecurity space far far away, the choice of a threat intelligence service was often restricted to a handful of providers. Today, the cybersecurity industry in APAC is worth at least USD 30.45 billion and expected to grow at an annual rate of 18.3% from 2020 to 2025, with multiple cybersecurity vendors seeking a bigger slice of the proverbial pie. 

For any chief information security officer (CISO) or IT lead, operating in today’s highly digitalized environment, not only are they tasked with establishing and maintaining the digital transformation efforts of their companies on a tight budget, they must also ensure that the company’s IT policy is compliant with the data protection regimes in the markets that they operate in. 

Clearly, it is not an easy task to take, but little things like having the right threat intelligence service can make life easier. We have been hearing a lot about this for several years now. But what is it threat intelligence exactly and what you should be looking for in a threat intelligence service provider?

Turning intelligence into action

Let’s have a quick refresher. Threat intelligence is data collected and analyzed by an organization in order to understand a threat actor’s motives, targets, and attack behavior. It empowers organizations of all shapes and sizes to make faster, more informed security decisions and shifts their cybersecurity posture from reactive to proactive in the fight against breaches and targeted attacks. 

I am aware that there are a lot of free threat intelligence if one has a knack on researching. However, let me put it this way. A premium threat intelligence report or feed is like a special block screening of an amazing movie. You get the first dibs of the plot and perhaps get to know the characters even. Eventually, the film will be shown in major cinemas. Then after say, six months or more, it will land on several streaming services.

With us at Kaspersky, we provide comprehensive, real-time, organic, and actionable information on our premium threat reports and data feed which is why they are exclusive to the enterprises and organizations which have subscribed to our services. We see to it that we share such with the law enforcement agencies as well, because cooperation is key to fighting cybercriminals.

After a few months, we will then make such data available in public. Why is it not ideal to wait until the mass release of a threat report? Because it will allow you to act fast, to assess your risks, check your endpoints, fix the loopholes which they may exploit. Because knowing first-hand such critical information can save you money, reputation, and headache. Because proactive security is necessary at this time and age.

You may wonder why don’t we make our findings public to begin with? Let us remember here that public here means anyone – including them, cybercriminals. The last thing we want is to tip them off.

Aside from these, what else should you be looking for in a threat intelligence service provider?

  1. Check their sources

Threat intelligence should make your systems smarter through data feeds. To get the feeds you need sensors scattered all across the globe to ensure that your data is reflective of the real-time, global threat landscape. 

For example, our very own Threat Intelligence portfolio is powered by millions of Kaspersky’s global users who agreed to share their anonymized data. This huge network builds our Kaspersky Security Network (KSN) which collects more than 340,000 malicious files per day, allowing us to get rich information compared with firms with limited sensors and workforce.

  1. The data collection strategy needs to be GReAT

Speaking of human force, a threat intelligence service’s data collection strategy should be the most important factor to consider in your evaluation of their capabilities because they can only provide intelligence as far as the parameters of their data sources. Given that cybersecurity attacks are often transnational in nature, it is important that a vendor can source information globally and put pieces of the puzzle together in a way that makes sense for your IT staff. It should not be aggregated, it should be organic. It should also be critically monitored and studied by the brightest minds who can understand tactics, techniques, and procedures (TTPs).

To assess whether a threat intelligence service has such a capability, look at their research team and see what kind of campaigns that they have uncovered. For example, Kaspersky’s Global Research & Analysis Team (GReAT) found that the Lazarus APT group shifted their modus operandi to launch targeted ransomware attacks against businesses in Asia, extending as far as France in Q2 this year. 

  1. Check the visibility

I have already mentioned the borderless nature of cyberthreats. Hence the visibility of your provider should be another box you have to tick. Look into their Advanced Persistent Threat (APT) logbook and their database. Are they monitoring cyberthreats only from a particular country or region? Or do they have a global reach? Are there researchers only based in one country? Or do they have a network of experts scattered around the world? The answers for these questions are essential.

  1. The provider should understand the difference between intelligence and data 

At the heart of the debate between intelligence and data lies the concept of context. Assuming now you’ve got your data sources setup and information is feeding in from all corners of the globe, but you’re asking yourself the million dollar question: how do I know what is important and why is it important?

Things such as threat names, timestamps, resolved IPs addresses of infected web resources are useless on their own if they are not enriched with actionable context. When a relationship context is established, the data can be used more readily to answer the questions of “who”, “what”, “where”, “questions”. It is only at this point that data becomes the finished article – intelligence – and you now receive a boost to incident investigation, as well as uncover new Indicators of Compromise (IoC) in your IT network. 

  1. The ability to integrate is key

Integration can be a dirty word of the IT industry. With constant technological upgrades and the evolution of standards happening all the time, the ability to integrate new processes into existing IT operations is a never-ending challenge. 

Similarly, for threat intelligence, it is important that your service provider can provide delivery methods, integration mechanisms and formats that support smooth integration of threat intelligence into your existing security controls. 

The endgame 

The above-mentioned tips are just a few of the many other aspects you should consider when looking for a threat intelligence service, but they serve as a good stepping stone in bolstering your cybersecurity posture for now. With threats becoming increasingly complex and malicious, having the latest enterprise security programs are no longer sufficient. Adding threat intelligence to your arsenal of cybersecurity countermeasures will allow you to bring the fight to them. 

Continue Reading

Tech & Innovation

Start protecting these 4 things to keep your business going

When a business invests in its people, stakeholders, resources, and processes, they are better able to cope with the outcomes and financial losses from unprecedented times and cybersecurity incidents.

Published

on

Photo by Damian Zaleski from Unsplash.com

With the lowest recorded drop of 16.5% in the Philippine economy since the mid-80s, Kaspersky advises small and medium enterprise (SME) owners in the country to begin protecting its employees, customers, suppliers, and infrastructure to stay in the game during these uncertain times.

Making short term decisions that will have an impact on their businesses in the longer term should be the SME sector’s top priorities during the current downturn, according to the cybersecurity company.  

“At the onset of the pandemic, we have recommended for companies to look after their employees first and foremost. Nine months into lockdown, we still advise businesses to keep their employees working and provide support for them under the safest possible conditions. At this point, we suggest for businesses with good liquidity to also take care of their customers and suppliers because recovery for every stakeholder means a steady run for the business towards the coming recovery,” says Yeo Siang Tiong, general manager for Kaspersky Southeast Asia. 

For the SME sector, Yeo emphasized the value of making investments in the business’ future during an economic slump, not after.

“If you look at post-recession recoveries in the past, what companies choose to invest into their businesses has played a big role in how weak or strong they fared after a crisis. It’s about time that Filipino SMEs pay attention to this during this period,” says Yeo.

Data from the Philippine Statistics Authority in 2018 show that 99.52 percent of business establishments in the country are MSMEs. In recent years, most small and medium enterprises, like their major league counterparts, have learned to adopt digital tools as they joined the e-commerce arena, enjoying wider market reach and higher revenue than they ever had with offline systems.

Since the start of the lockdown due to the pandemic, the Philippines recorded more than 75,000 online business registrations in the first nine months of the year, one local mobile money services provider reported a 150% surge in registrations in one month and the government allowed 56 more institutions accepting digital payments during the first months of quarantine.

Like the big boys, too, the dynamic SME sector has been officially in the radar of cybercriminals.

In a report from the cybersecurity company, ransomware attacks against almost 19,000 computers of SMEs in the region with Kaspersky software were blocked in the first half of 2019. While the number of ransomware attacks on computers of small and medium enterprises is observed to be dropping, there is a monitored increase in sophisticated targeted ransomware, phishing attacks, and crypto mining attempts.

Unfortunately, the IT department is the least prioritized concern of most SMEs. Oftentimes, the single person assigned to take charge of monitoring the entire infrastructure is not even a full time employee.

Kaspersky shares the following top five tech checks an IT administrator can routinely do:

  1. Set an alarm in your calendar about certificate renewal. Potential customers get scared exploring your website further when they get warnings that it has no SSL certificate.
  2. Update router firmware. Keeping software up to date means lesser vulnerabilities. 
  3. Revoke unnecessary access rights of dismissed employees.
  4. Back up your data.
  5. Update AV licenses on servers.

Claire Hatcher, head of the fraud prevention department at Kaspersky, said the pandemic has given cybercriminals a new context to exploit but the attack is the same. “The nature of the attack never really changes that much and it naturally increased because people have become susceptible now,” she said.

When a business invests in its people, stakeholders, resources, and processes, they are better able to cope with the outcomes and financial losses from unprecedented times and cybersecurity incidents.

“We found out that small and medium enterprises are willing to know how to perform better especially while securing their cash flow during these times. We know it’s not always economically viable to maintain a dedicated IT security team. Get help on what is not your core. This is where technology can come in to support,” says Yeo.

Businesses with limited cybersecurity expertise and resources but need help on having company-wide insights on incidents and the ability to respond will greatly benefit from solutions such as the new Kaspersky Endpoint Detection and Response Optimum. KEDRO is actually an efficient way for SMEs to reduce costs while saving on protection as it complements protection for endpoints such as mobile phones, tablets, and laptops connected to the company network.

Continue Reading

Trending