Archive for October, 2017

Hot Access Control Trends

Wednesday, October 25th, 2017

Philip Verner, EMEA Sales Director, CEM Systems talks about the latest access control trends including:

  1. Smart buildings & smart intelligent security
  2. Intelligent smart apps at the door
  3. Smart cards & credentials
  4. Mobile credentials
  5. Frictionless Access Control versus multi-modal biometrics
  6. Wireless / offline locks
  7. Industry partnerships & cross-industry co-operation

“There are many trends and topics which will dominate the security industry this year. These include the growth of ‘smart security systems’ and ‘intelligent smart applications’ which add value beyond security, as well as the growing use of mobile credentials, wireless/offline locks and multi-modal biometrics. There will continue to be challenged within the industry such as the move from legacy technologies to a more secure smart card or an alternative form of credential, and with more and more manufacturers moving into areas that typically where not their core business, we will continue to see the adoption of more open standards and greater cross-industry co-operation.”

1. SMART BUILDINGS & SMART INTELLIGENT SECURITY

There is a lot of talk in the industry about the rise in ‘smart buildings’ and ‘smart security systems’, but what does this actually mean? With the incorporation of information technology and the Internet of Things (IoT), it basically means businesses are getting smarter in everything they deploy. Going beyond the physical security realm, the access control system needs to pay for itself and add real measurable value to businesses. This can be achieved by either reducing operational costs (by combining the use of several devices into one multi-functional unit) or by doing more by enhancing operational efficiencies (through the use of ‘intelligent smart applications’ at the door or the centralised command and control of integrated systems).

From a security viewpoint, the access control system and integrated subsystems such as video, fire, intrusion, etc. need to work smarter for the user, with systems accurately sharing information and data to optimize total building performance.

A recent example of a CEM Systems ‘smart building’ deployment is the new iconic ‘One Albert Quay’ project in Cork, Ireland. Renowned as ‘Ireland’s smartest building’, One Albert Quay has all its critical systems including lighting, heating, power, access control, video, fire detection and fire suppression all connected to enable the smart use of data.

As the industry moves more towards preventative security measures, the role of systems integration and the unified gathering of analytics from building ‘data’ becomes even more profound.

“After all Intelligent Security shouldn’t be about capturing the event after it has happened. 2017 will see the growing use of collaborative building data and analytics to look at vulnerabilities before they happen”.

2. INTELLIGENT SMART APPLICATIONS

Very often the access control system is seen as a ‘grudge’ purchase. To help change this mindset and to enable the access control system to help pay for itself, CEM Systems has a range of intelligent security products that add business value. This includes the emerald multifunctional access terminal which effectively takes the functionality of numerous security devices and combines them into one powerful terminal. As an intelligent touch-screen card reader and door controller in one, emerald features an internal database, scramble keypad, integrated Voice over IP intercom and the highest level of built-in smart card technology. However, as an intelligent edge device, emerald goes beyond primary access control functions. Using a range of ‘smart applications’ directly on the emerald terminal, users can perform what was historically client PC application functionality right at the door, without the need to install dedicated PC software and licenses. Smart applications include among other things a ‘Local Access’ app for locally changing cardholder privileges directly on the terminal, an integrated staff ‘Time & Attendance’ app, a building ‘Entry/Exit Checklist’ app where cardholders have to answer pre-defined questions before access is granted and a meeting ‘Room Booking’ app.

The unique emerald ‘Room Booking’ app eliminates the requirement for a separate room booking solution from the access control system. Here users can easily create and edit meeting room bookings through their Microsoft Outlook® exchange calendar or directly on the emerald terminal at the door. This provides a smart, quick and convenient way to ensure efficient meeting room allocation.

“It’s also important to remember that a smart solution doesn’t always have to be a smart app”. Harland & Wolff’s engineering facilities in Northern Ireland recently deployed CEM Systems S3040 portable hand-held card readers at dry dock areas to successfully enable people counting and “mustering on the fly” in emergency situations. This created measurable efficiency gains for Harland and Wolff by successfully bringing their evacuation drill mustering time down from 45 minutes to nine minutes.

3. SMART CARDS & CREDENTIALS

The move away from legacy technologies to using Smart cards is still a challenge in the industry today. CEM Systems will continue to work with customers to smoothly migrate them from unsecure technologies (such as 125 kHz, Proximity and early MIFARE smart card technologies), to a more secure smart card technology with encrypted algorithms (like DESFire EV2). However, every project has its challenges. The challenges that small companies face when implementing smart cards are cost and knowledge about the technology. Larger companies will have additional concerns such as how they physically manage the migration process and roll out of the new smart cards; especially when multiple sites and multiple security systems are deployed globally. There is also the overall challenge of new technology compatibility with customers’ existing systems and the critical decision of whether to opt for pre-personalised smart cards versus customer personalisation on site.

4. MOBILE CREDENTIALS

Another growing trend in the industry and an example of how access control systems are getting smarter for users is the use of mobile phone credentials. Using smartphones as a form of credential is a viable option and can be used either as a supplement or a complete replacement for an ID card. After all “Some people forget their ID card, but no one forgets their phone”. The benefit of the mobile credential is that it saves time and the cost of physically sending out an ID card, making it an ideal solution for businesses with remote workers and numerous remote sites. Obtaining a card from one central location can be a hindrance as it’s often a distance away. Rather than users having to visit the ID unit to obtain a card they simply download an app via the iOS® or Android™ platform store and the credential is swiftly sent to their smartphone and enabled via email.

5. FRICTIONLESS ACCESS CONTROL VERSUS MULTI-MODAL BIOMETRICS

In a perfect world, the ultimate goal is ‘frictionless access control’ where the door is smart enough to know that you are the right person going through the door without an ID having to be presented. Although technology continues to progress to support non-credential access control for obvious reasons, we are not there yet. The use of wearable technology such as the smartwatch is a growing trend, but there are limitations with the practicalities of its use, as required NFC (Near Field Communication) capabilities, etc. are not deployed in most watches.

To ensure the highest possible level of security and in light of the growing vulnerabilities of card cloning, biometric deployments are continuing to grow. The biometric industry is exploding in terms of reliability and availability of sophisticated products, with many now becoming technically and financially viable. Speech and voice recognition without an ID card is gaining popularity, along with facial recognition. However, biometrics does have its limitations in certain environments. For example, within airports, there are many light areas and shadows where the accuracy and quality of the facial read can be greatly affected and reduced.

“Biometrics always come with challenges and trade-offs. Customers opting for biometrics must analyse cost and the level of security required versus its reliability in terms of false rejection and acceptance rates”.

To overcome biometric reliability challenges within the industry in general, we are now seeing the growing deployment of ‘multi-modal (dual) biometrics’ as a more sophisticated and reliable biometric option. To ensure higher levels of reliability, we will continue to see dual biometric checks like Iris & Face or Fingerprint & Vein being deployed at the same time. The combination of the two biometric options gives users a much more superior read and the fusion of these two technologies provides low failure to enrol rates.

CEM Systems also continues to overcome challenges in a number of ways. In addition to having our own fully integrated access control and biometric enrolment solution, we have partnered with third-party biometric providers such as Safran Morpho to develop high-level integration of Finger & Vein readers at the software enrolment level. Here MorphoAccess® biometric enrolment is seamlessly integrated into the AC2000 access control system software. This integrated process means a quicker biometric read time, fewer errors at the door and ultimately fewer lines of throughput traffic/queues at access control points.

6. WIRELESS / OFFLINE LOCKS

More and more businesses are securing doors via a hybrid approach; with high-security doors installed with intelligent card readers and typically less secure areas (that perhaps wouldn’t have been secured), now fitted with wireless locks. The wireless/offline locks trend will indeed continue to grow as we see its installation into areas such as server room racks and cabinets. With wireless locks data and analytics fully integrated into the access system for central monitoring and reporting, customers have a comprehensive and powerful platform that not only enables the smart gathering of data but supports the growing trend towards smart buildings.

7. INDUSTRY PARTNERSHIPS & CROSS-INDUSTRY CO-OPERATION

The security industry is becoming increasingly complex with more and more suppliers now proliferating disparate areas outside of their core business. For example, with the release of the emerald access terminal, CEM Systems is now operating in areas outside of access control such as the intercom and room booking space. As manufacturers continue to supply and integrate with third-party products from third-party partners, the importance of cross-industry co-operation becomes even greater. However, it does represent challenges for suppliers. We will continue to see industry player’s work together to tackle integration software challenges such as maintaining backward compatibility of integrated systems. We must also ensure that products support industry standards and open protocols, such as the recent Open Supervised Device Protocol’ (OSDP), which was introduced as an open protocol to replace insecure Wiegand communication between the card reader and door controller.

Conclusion:

As technology continues to progress this year it will be interesting to see where we move with regards to pure frictionless access control, as well as the measurable operational gains being reported from smart buildings. It is also likely that more and more industry standards will be introduced. On a personal level, I will be keeping an interested eye on robotics and how that evolves into the security industry; but that trend is for another day.

View the original article by CEM Systems.

Three key actions from Cyber Security Awareness Month you can take

Friday, October 20th, 2017

In a world where the Internet has become significant part of our everyday lives, we all need to be responsible for making sure our online identities are kept safe and secure. Much of our personal data is stored online which exposes us very easily to all sorts of threats. In a year of high-profile hacks and security vulnerabilities hitting the news headlines businesses and consumers are thinking a lot more about their online security. That’s what the Cyber Security Awareness Month is all about.

What is Cyber Security Month?

October is National Cyber Security Awareness Month (NCSAM) in the US which is an annual campaign that aims to raise awareness about cybersecurity. This year also marks the 5th anniversary of the European Cyber Security Awareness Month. NCSAM was launched by the National Cyber Security Alliance and the Department of Homeland Security in October 2004. It’s a collaborative effort between government and industry to ensure that everyone – from consumer and small businesses to corporations and academia, has the resources they need to stay safe and secure online. NCSAM carries the global message that cybersecurity is one shared responsibility.

This year kicked off with a global launch event to highlight the international adoption of Cyber Security Awareness Month. Let’s look into some of the main actions we can take.

1. Focus on consumers and their online safety

With the first few weeks of the initiative now behind us, we saw an even stronger focus on consumers and their online safety. This year also marks the 7th anniversary of the STOP. THINK. CONNECT. campaign, which aims to help all consumers stay safe and secure online. It is based on three easy to follow actionable practices:

  • STOP: make sure security measures are in place
  • THINK: about the consequences of your actions online
  • CONNECT: and enjoy the internet
  • Week 1 addressed the top consumer cyber concerns, encouraging users to be more vigilant about using the Internet and sharing their personal data online.

    Simple steps to follow to stay safe online include using stronger authentication like two-factor, biometrics, making your password long and strong, sharing/ opening files with care, to name just a few.

    We have a good and detailed checklist here: 10 tips to prepare for Cyber Security month. The most important tips include:

  • Make sure your password is secure
  • Regularly update your software
  • Beware of email scams
  • Password protect your laptop and smart devices
  • Install malware protections
  • The Internet touches almost all aspects of our everyday lives, so it is important that consumers are made aware of its most common risks. In the video below, former ethical hacker Jason Hart, who now works for Gemalto, explains how a man-in-the-middle attack works. A man-in-the-middle attack is where a hacker inserts themselves into a conversation between two parties and can affect your PC, mobile and the Wi-Fi network.

    Here are videos of Jason Hart explaining how phishing scam and karma attack work.

    2. Today’s predictions for tomorrow’s internet

    We live in an incredibly connected world with smart devices populating every aspect of our lives. There are many ways that an attacker can access data on our connected devices. So, how do we secure the Internet of Things? Data is the fuel that makes smart devices work, so looking for ways to secure it is essential. We see three essential pillars to secure the IoT data and rest in motion: securing the device, securing the cloud and managing the lifecycle of security components in the IoT. The importance of securing the IoT has also been recognized by the US government. Earlier this year two US lawmakers proposed new legislation that will seek to address the vulnerabilities in IoT devices.

    Smart cars, connected homes and smart healthcare devices have become inseparable part of our reality. And while there are massive benefits for connectivity, it is important to understand how to use cutting-edge tech in safe and secure ways.

    3. Building Resilience in Critical Infrastructure

    Building resilience in key systems like electricity, financial institutions, water treatment facilities, public healthcare and transportation is another key theme of this year’s events. These are all systems that store and will run based on data. We recently addressed end-to-end security of the smart energy ecosystem at European Utility Week. The final week will look at how cybersecurity relates to keeping our traffic lights, running water, phone lines and other critical infrastructure safe.

    There we have them – the key actions from cyber security awareness month, aiming to educate us on the importance of keeping our online identities safe. So, what will you do? Let us know by leaving a comment below or tweeting to us @Gemalto.

    This report was taken from Gemalto.com

    A deeper dive into GDPR: Identity and Access Management

    Wednesday, October 18th, 2017

    An important part of GDPR addresses the need for strong, two-factor authentication, as well as physical access controls to organisational information systems, equipment, and the respective operating environments to authorised individuals. Are you ready?

    Mapping the GDPR article to authentication
    GDPR greatly expands the requirements for organisations to prove identity and basically aims to get rid of the password once and for all. Organisations will need to verify the legitimacy of user identities and transactions and to prove compliance, or face big fines, which can be more than four percent of an organisation’s global worldwide revenue or €25 million. So let’s take a look at the articles of GDPR and how they call for stricter authentication controls.

    Article 5 covers principles relating to the processing of personal data. It says, however, data is processed, it needs to be secured from unauthorised access and loss. This is achieved through multi-factor authentication. Multi-factor authentication ensures a user is who they claim to be and can be achieved using a combination of the following factors something you have (such as a token or smart cards), with something you know (PIN or password) and/or something you have (biometric). The more factors used to determine a person’s identity, the greater the trust of authenticity.

    Asking for a second authentication factor ensures a simple stolen password won’t be sufficient to gain unfettered access to sensitive systems.

    Article 24 says organisations are required to take reasonable security measures that respond to the likely risks and threats they face. This not only covers the data itself, but calls for solutions that restrict access to corporate networks, protect the identities of users, and ensure users are who they claim to be. As a first line approach to data security, requiring multiple factors of authentication to verify a user’s identity helps mitigate the risk of unauthorised users accessing sensitive systems to manipulate data.

    Article 32 calls for additional security of processing, and calls for organisations to consider the risk associated with data processing such as data loss and unauthorised access when choosing the right level of security. Authentication solutions make it harder for unauthorised users to access sensitive environments while also mitigating the risk posed by administrators with privileged access.

    Authentication solutions such as Public Key Infrastructure (PKI) or access management services offer a complete set of provisioning rules and policy engines that cover privileged users and the varying levels of security they may need for their roles. Organisations can increase or decrease the level of access security to their data and network according to the level of sensitivity of the data concerned. In addition, PKI allows for other advanced security functionality, such as digital signature and email encryption as well as physical access that we’ll talk about next.

    Article 33 covers notification of a personal data breach to the supervisory authority. Organisations will need to ensure individuals only process data when authorised. Authentication solutions automatically apply rules in real time to users based on their group membership and their need to access certain levels of private data. The rules’ default setting can keep users out of processing systems, or offer only a narrow level of access until instructions are given from the data controller. Once processing is complete, administrators can return settings to a more restrictive default that prevents any further data processing. In addition, some authentication solutions provide extensive log and report mechanisms to give up-to-date snapshots of all authentication and management events.

    Wrapping up
    Authentication and access management solutions, come in many shapes and sizes, including cloud access management, PKI, certificate-based authentication, one-time password authentication, identity federation, complete lifecycle management and auditing tools. We hope you find this blog helpful in planning your authentication needs for GDPR.

    For more information on GDPR’s due diligence requirements along with other topical issues such as breach notification, security, and data control obligations, check out our expanded ebook, The General Data Protection Regulation.

    View the original post by Gemalto.

    WPA2 vulnerability (KRACK attack)

    Tuesday, October 17th, 2017

    The exploit is called KRACK and details about this vulnerability have been published in true White Hat fashion, by the Imec-DistriNet research group of KU Leuven. Mathy Vanhoef and his team have identified as many as ten vulnerabilities in the WPA and WPA2 protocols, which secure all modern protected Wi-Fi networks. These vulnerabilities were academically well-researched and responsibly reported in a manner allowing the industry to proactively prepare updates.

    Go to the Ruckus support site to learn about Ruckus’ counter-measures.

    Broadly, the exploit deals with how the WPA/WPA2 protocol handles requests to reinstall the encryption keys used to encode/decode traffic between a wireless client and an AP. The vulnerabilities can be described in two groups. The first set of vulnerabilities may allow the reinstallation of a pairwise transient key, a group key, or an integrity key on either a wireless client or a wireless access point. A transient key is one that is derived as part of the encryption of individual client sessions. It is not the PSK or user credentials and is a temporary key that is different for every client and every session.

    The second set of vulnerabilities may affect wireless supplicants supporting either the 802.11z (Extensions to Direct-Link Setup) standard or the 802.11v (Wireless Network Management) standard. This could also allow the reinstallation of a pairwise key, group key, or integrity group key.

    If a compromised key is installed (via a reinstallation procedure) an attacker can theoretically decrypt the transmissions between a client and an AP. Note, however, that each wireless client creates different temporary encryption keys that it uses with an AP. This is not a global attack but rather attacks a specific, targeted device. These vulnerabilities also only deal with the encryption of data using transient keys that are derived as part of the WPA2 protocol for each session. They are not the same as passwords or any other kind of credentials such as certificates.

    What does this mean for you?

    1. Don’t panic. No, you do not need to shut down your Wi-Fi network. The Internet did not suffer the equivalent of an EMP attack.
      1. Vulnerabilities exist on both sides of the 4-way handshake relationship (client and AP) and both sides need to be patched.
      2. Microsoft, Apple, Google, Intel, and other major vendors have been working on fixing these vulnerabilities for a few months now.
      3. Until client vendors provide updates, disabling 802.11r can help mitigate the attack by eliminating one source of vulnerability (Fast BSS Transitions, otherwise known as 802.11r roaming).
      4. Some client types, such as Android 6 are more vulnerable than others.
      5. iOS and Windows are not vulnerable to the first set of exploits because they don’t accept retries of handshake message 3.
    2. The sky isn’t falling. One, the attack must happen on-premises. Two, while the attacker can decrypt client-to-AP traffic, the attacker cannot inject arbitrary traffic into a WPA2-AES session and cannot get any authentication tokens or keys.
      1. To be successful, the attacker would need to be sophisticated, onsite, and armed with specialized hardware and software. To reiterate, there is currently no publicly available code that enables this attack.
      2. All current certificates and Wi-Fi passwords are still secure. This attack does not reveal passwords.
      3. While networks that use TKIP are vulnerable to packets being injected into the stream, AES does not allow for code injection. (TKIP and WEP have been broken for years so if your network is still either this may be a good time to do something about it.)
      4. A MitM (Man-in-the-Middle) attack is required prior to performing this because the 4thEAPOL message (part of the handshake) must be intercepted/prevented in order to allow retries of handshake message 3. This means that the attacker must spoof the MAC of the AP.
      5. Mesh and PtP links may be vulnerable (please see above).

    Steps You Can Take Now:

    1. Mitigate the risks caused by a MitM attack. By default, Ruckus has rogue detection enabled and automatically classifies spoofed MACs as a malicious threat, which can generate alarms for admins. Further, admins can enable APs to protect against Man-in-the-Middle attacks by deauth’ing clients connecting to a malicious rogue AP, which is required to carry out this attack.
    2. Eliminate the 802.11r vulnerability. Ruckus disables 802.11r by default on all SSIDs. If it is enabled on your network, consider disabling it until a fix is in place.
    3. Ruckus APs have additional protection against MiM attack for Mesh links – this makes the attacker be even more sophisticated to hijack the Ruckus Mesh link. Mesh-enabled networks that are not using mesh can have that disabled on a per-node basis.
    4. Refer to Ruckus Support. Security patches from Ruckus are forthcoming and will be posted as they are available.

    The WPA/WPA2 protocol is not fundamentally flawed. This means that exposure is limited and fixable without throwing out WPA2 altogether. Software/firmware patches that address this are already being rolled out. It is important to remember that, while concretely feasible, these attacks require not only access to your network, but a degree of knowledge and sophistication well beyond, say the Experian hack, for a lot less return. We always recommend that anyone interested in securing their WLAN network should perform regular audits of their security infrastructure and procedures to ensure everything is in compliance with best practices and vendor recommendations.

    Additional Information:

    Security Bulletin

    • Security Bulletin 101617 v1.3 – Multiple Vulnerabilities discovered in 4-way handshake of WPA2 protocols (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13084, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088) – PDF download

    Knowledge Base Articles

    Ruckus Wireless Technical Response and Communications

    KRACK WPA/WPA2 Vulnerability Mitigation

    Support Forum Discussions

    Industry Technical Response and Communications

    ACADEMIC RESEARCH

    INDUSTRY ASSOCIATIONS

    INDUSTRY EXPERTS

    Deloitte data breach demonstrates why MFA and user access controls are a must

    Monday, October 9th, 2017

    The severe Deloitte breach revealed last week is indicative of several issues that many companies are seemingly slow to absorb when it comes to protecting intellectual property, reputation and customer data.

    Move to the cloud can be a double edged sword: According to IDC, worldwide spending on public cloud computing will increase from $67B in 2015 to $162B in 2020 attaining a 19% CAGR. This means that more and more companies are storing sensitive systems, applications and data in the cloud. Cloud applications are excellent at providing organisations the best applications at a quick time to value, zero maintenance overhead and infinite scalability. The immediate fulfillment and instant productivity provided by cloud apps comes, however, with a price tag: IT departments lose visibility into who is accessing what application. And risk increases as apps are managed from multiple disparate consoles.

    Compromised credentials are the root cause of the majority of breaches: According to Verizon’s 2017 Data Breach Investigations Report, 81% of hacking-related breaches leveraged either stolen and/or weak passwords. Indeed, the Deloitte breach was apparently caused when the hacker gained access to an administrator email server account by logging on with a simple username and password.

    Lack of effective monitoring systems: Brian Krebs, in his Krebs on Security blog, earlier this week writes that ‘a person with direct knowledge of the incident said the company in fact does not yet know precisely when the intrusion occurred, or for how long the hackers were inside of its systems’. This gap may reflect weak monitoring systems and lack of central controls over whom was accessing various systems, when these systems were being accessed and visibility into the access control measures in place.

    Cloud-based applications play a vital role in fulfilling productivity, operational and infrastructure needs in the enterprise. The points mentioned above, indicate however that enterprises need to be focused in their cyber-security strategies, and implement protections at the most vulnerable points. Applying effective access security mechanisms such as multi-factor authentication, privileged account access, cloud access management controls as well as continuously monitoring who is accessing which service, when and with what credentials – are vital front line security measures that can prevent unwanted persons from accessing cloud and enterprise services and reduce the risk of breach. Doing otherwise is akin to gambling with your data.

    Avoid a data breach, get the Research and Best Practices Toolkit to do Web Application Security right.

    View the original post by Gemalto.

    6 Misconceptions about Network Security

    Tuesday, October 3rd, 2017

    When assessing or implementing network security, misconceptions can be dangerous, leading your company’s data to be at risk and, with it, your reputation, your revenue, and possibly your business. With that in mind, be on guard against these six insidious misconceptions:

    1. Threats only come from the outside. This is a common misconception, but the truth is that most infiltration issues and security breaches happen from inside the network. While this could be due to a malicious employee, most often it is simply the result of ignorance. For example, an employee may bring his own device and use it for work – but it is unsecured. Another person may have a hub sitting underneath her desk to which she connects multiple machines – some of which are personal. You must have a diligent secure access strategy in place that includes internal security compliance to prevent such security risks.

    2. Our employees would never fall for a phishing scam. Yes, they would. And they do. Phishing is very sophisticated nowadays, with spear phishing campaigns that are personalized and tailored to a specific individual. Even a savvy employee can fall prey to an email that looks and sounds authentic.

    3. Network access control (NAC) is too difficult to use. Five years ago, that may have been the case. NAC was hard to understand, tough to implement, and irritating for the end user. With business trends evolving to support initiatives like BYOD and IoT, however, network access control has also adapted to meet such demands. For example, Pulse Secure’s NAC solution, Policy Secure, is streamlined, simplified, and user-friendly. You can easily profile your network and get a clear picture of exactly what is residing on it and connecting to it, both internally and externally. Plus, you can gain full visibility into which people and devices have access to what data.

    4. Our firewall checks everything. It may – but the danger of using VPN components that are offered by next-generation firewalls is that they don’t always perform enough checks. Contrast that with a Pulse security solution that validates software patches, apps, and other elements through host-checking capabilities prior to allowing them on the network as well as during connections, and you’ve got yourself a fast and reliable secure access solution that will protect your company’s data yesterday, today, and tomorrow.

    5. The cloud is secure. We want to believe this, but it’s not that simple. The cloud is where everything is going; in essence, we are moving to huge server farms hosted by large organizations such as Google or AWS, and their primary product offering is space, processing power, and bandwidth – not security. That is their niche and their expertise. To protect that space, you must look to the secure access experts for the best security platform solutions that can be deployed across hybrid IT environments.

    6. Our security is good enough. This is the biggest and most dangerous misconception of all: companies assume that if their security was good enough last year or three years ago, it is good enough today … even if it hasn’t been updated in recent history. So, before you say, “Our security is good enough,” ask yourself: are you willing to bet your business on that? Ransomware can get through VPNs or open ports outside the network, potentially encrypting your entire network. Don’t jump onto this bandwagon too fast: your network security could be on the line.

    Maybe yesterday’s network security isn’t good enough. If you’re serious about security, it’s time to do some serious security upgrades.

    Learn more about the importance of upgrading hardware here.

    View the original article by Pulse Secure.

    Ruckus Expands “The Pack” on Unleashed

    Tuesday, October 3rd, 2017

    We are excited to announce new updates to the Ruckus Unleashed products, our Wi-Fi option for small organizations with limited IT resources. We are making the Unleashed products easier to manage and install without compromising on performance. We are also releasing three more Unleashed access points (APs). Let’s get right into the details.

    The third software release of the year is packed with exciting features and capabilities. Here are some highlights:

    • Ruckus R720, T610 and H320 – our popular 802.11ac Wave 2 APs are now part of the Unleashed Family
      • R720, a premium Wave 2 AP with multi-gig backhaul, ideal for high-performance indoor use cases; H320, an entry-level Wave 2 AP that works great as an in-room access point; T610, a mid-range Wave 2 AP, ideal for medium density outdoor deployments. This makes the unleashed product portfolio complete with a wide variety of AP options.
    • All new Mobile App version 2
      • Social login – Link Unleashed mobile app can connect via Gmail, Twitter or Facebook accounts to manage Unleashed networks remotely and locally without altering your firewall.
      • Remote management – Invite someone to deploy, manage or troubleshoot your Unleashed network with a simple text or email from the mobile app.
      • User Interface (UI) enhancements
    • Simplified and faster deployment – Reduced time to deploy an Unleashed network by 33%
    • Multi-site Support
      • Unleashed can now be deployed in multiple small sites and managed with the mobile app or the new Ruckus Unleashed Multi-Site Manager. If you think your business will grow in the future and are looking for Wi-Fi solution that is scalable – this is it!
    • Enhanced Administrative Control
      • Define network speed limits for each of the Unleashed networksUnleashed mobile app
      • Assign users to different VLANs based on their roles
    • Multiple language support further enhanced; Italian language added

    Here is a sneak-peak to the Unleashed mobile App