Archive for August, 2010
“I think it’s a pipe dream that small companies are going to really adopt cloud computing. The primary reason is that these companies are typically extremely short-handed in terms of technical talent. They’ve usually got a few overworked super sys admins fighting each day’s fires with absolutely no time to invest in learning new skills.”
Bernard Golden of CIO.com 
In an article titled “Cloud Computing: A Perfect Fit for Midsized Companies“, Bernard Golden, contributor to CIO.com and CEO of the consulting firm HyperStratus, makes the case for why midsized businesses may be “a cloud sweet spot.”
Golden thinks it’s a pipe dream that small companies will embrace and go in for cloud computing. Obviously he feels that midsized companies are a perfect fit, but what about large companies? What’s holding them back from the cloud?
“What holds back large companies is, in a sense, their success with the previous generation of computing. Because they could invest in the old model, they’ve now got an installed base of hardware and a large, top-notch technical staff on hand.”
Golden points out 5 characteristics that midsized companies share that makes them the perfect fit for cloud computing.
ChannelPro has a nice interview with Ipswitch’s Loic Triger about Ipswitch’s partner program and news of our new “Elite” partner designation and deal registration program.
Here’s a quotes from Loic that I’d like to highlight because it truly describes how valuable our partnerships are to both Ipswitch and our customers.
“Our partners are integral to our growth, as they provide value to our customers by acting as an extension of our sales team. The Elite-level expansion was created for those partners looking for even greater association and support from Ipswitch.”
Sales partners are an important branch of the Ipswitch File Transfer worldwide sales team. Our partners provide our customers with ease of doing business and consultative solutions. By continuing to invest in our partners and our partner program, our partners, our customers and Ipswitch all benefit.
Please do visit our partner webpage to find a local Distributor or Reseller, see our list of US Government and GSA resellers, or to learn more about the benefits of becoming an Ipswitch channel partner.
“A top Pentagon official has confirmed a previously classified incident that he describes as ‘the most significant breach of U.S. military computers ever,’ a 2008 episode in which a foreign intelligence agent used a flash drive to infect computers, including those used by the Central Command in overseeing combat zones in Iraq and Afghanistan.”
Brian Knowlton, in a NYTimes.com article gives us the rundown on what happened, and what this all means to the military and to the future of cyberdefense and the U.S. Cyber Command.
Deputy Secretary of Defense, William J. Lynn III, referred to the breach as “…a network administrator’s worst fear: a rogue program operating silently, poised to deliver operational plans into the hands of an unknown adversary,” and he also describes it as “a digital beachhead, from which data could be transferred to servers under foreign control.”
The nightmare of this happening to the military is enough to keep you awake at night, and thinking of this closer to home doesn’t make sleep come that much sooner.
Think of your own office where USB flash drives, removable disk drives and cell phones are making it easier than ever for employees who need to transfer large files. It’s harder than ever for companies to monitor and protect sensitive information.
“Portable devices are far too easily lost or stolen, and while most employees have good intentions, USBs are one of the easiest ways for insiders to compromise business-critical information. IT managers need to make it easier for people in their organization to move information securely. By decreasing reliance on transferring physical media and focusing more on easy-to-use browser-based or email plug-in solutions, information will be better governed.”
Frank Kenney, VP of Global Strategy at Ipswitch File Transfer.
Last year (2009) there was a study by the Ponemon Institute of nearly 1,000 recently terminated individuals. The study revealed that 42% of them used USB memory sticks to take business data and that 38% sent documents as attachments to personal email accounts.
“Digital beachhead” is such a great way to put this, especially coming from Deputy Secretary of Defense, William J. Lynn III. The images one can conjure up of storming the “digital beach” and imagining the data security version of those first 15 minutes of “Saving Private Ryan” is truly powerful stuff and should keep us up a little later at night.
Give Knowlton’s article a read and if you’re interested in hearing more from Frank Kenney on this topic, check out his surprised reaction at a recent RSA event.
According to the Washington Post, Deputy Defense Secretary William J. Lynn III just confirmed that a classified military network was breached with a single USB drive in 2008.
http://www.washingtonpost.com/wp-dyn/content/article/2010/08/24/AR2010082406154.html
As a security expert, the fact that someone used a USB drive on the wrong machine isn’t surprising: it happens every day when people use these drives to swap files between work and home computers.
What is surprising is Lynn’s statement that: “code spread undetected on both classified and unclassified systems”. This suggests that neither the content of the files being distributed nor the network behavior of the malicious application were being analyzed – even on a secure network.
This incident demonstrates that even the most sensitive network can be breached if there is only a single layer of defense. With data loss prevention (DLP), intrusion detection, antivirus and integrity technology there should be multiple layers of defense seeking and listening for threats in a coordinated manner on any modern secure network.
The government’s reaction to the incident was also interesting: ban all USB drives. The military did it in 2008…and survived.
So what about the file transfers that needed to occur between the military’s various networks? Managed file transfer technology is all about answering that question, and answering it with easy-to-use, scalable solutions built on the concept of defense in depth.
As you may have noticed Ipswitch maintains a robust network of qualified partners and distributors (including GSA providers) from which you can buy our technology.
There are also a number of web sites and other “grey” operations that sell old or “backup” WS_FTP products, dispensing license keys from old lists Ipswitch provided to resellers, dispensing copies of product that should be free (e.g., WS_FTP LE) or dispensing dead copies of the software.
From a technical point of view, there have always been risks from accepting these software packages, from installing software that may have been tampered with to add spyware to getting old product that may not work with Windows Vista and Windows 7 because it was developed before those OS’s existed.
However, you also take a risk against your credit history when you do business with these “grey” reseller firms, as they often use dubious financial services to convert your credit card information into cash. Assuming these services aren’t stooping to the level of unabashed credit card harvesting, a recent security incident demonstrates why doing these transactions is still unsafe.
One of these “grey” financial services, Amsterdam-based, Russian-run Fethard, was recently reported as hacked, possibly by a rival. This hack exposed shady internal processes and personally identifiable customer data to the entire Internet – information that criminals could use to impersonate and then draw on the credit of customers of sites that use Fethard.
Do you have any experiences with “grey” software vendors or the financial services that enable them (whether you used them for WS_FTP or not)? If so I’d like to hear them.
