Written by Lauren Smith

Maintaining a work-life balance is extremely difficult for some – especially network managers who are on-call 24/7. A great article titled Mobile Network Management Smartphone Apps for On-the-Go Engineers on SearchNetworking.com got us thinking about all the ways network management software for smartphones and tablets helps make network managers’ lives easier and achieve that work-life balance we all try so hard to maintain.

Before the rising trend of mobile network management software apps, network managers would receive a notification of an issue through email on a mobile device or a pager and have to find a computer as quickly as possible to identify the problem and the cause of it. What a hassle!

Thankfully, mobile network management smartphone apps now enable users to react to events immediately after receiving an alert or notification of a problem. As a result, network managers are able to drill into the problem and identify the cause right from a handheld device. No more running back to the office at 3a.m. — what a relief!

Network managers can now enjoy vacation and home life, while staying connected to their networks at the same time. According to the SearchNetworking.com article, network engineer Eric Steel received a phone call while he was on vacation that his company was having bandwidth problems in numerous office locations. He used his mobile management tool to identify and solve this problem quickly. He stated, “When I was on vacation, I was able to stop what I was doing and solve the issue quickly…and get back to my vacation.” Today mobile network management smartphone applications, like our WhatsUp Gold Mobile Access, have made this convenience possible for thousands of network administrators.

Enhanced by Zemanta

As more and more of our personal information is collected and stored online and on computers, we need to ensure that the businesses storing this information are keeping it safe and giving us quick warning if it falls into the wrong hands.”
Senator Mark Pryor (D-Ark.) and chairman of the Subcommittee on Consumer Protection, Product Safety and Insurance.

Senator John Rockefeller (D-W.V.) and Senator Mark Pryor (D-Ark.) have introduced The Data Security and Breach Notification Act. The goal of this is to make sure that any firm that collects and stores personal information must then be responsible for making sure that they have “reasonable security policies and procedures” put into place that will prevent leaks or breaches.

Kenneth Corbin, Associate Editor at InternetNews.com, gives his account of this bill, and what’s happening with it, in this recent article.

It’s interesting that there have been two similar bills introduced, but those bills never made it past the senate floor.

With all the threats and breaches we’ve been seeing, coming from outside organizations AND inside them, you’ll want to give Corbin’s article a read and see where your tax dollars (if you’re in the US) are going.

Big shout out to GKlausner for his video on WS_FTP.  Your creativity, knowledge and love of Polly Pocket dolls and WS_FTP is both informative and amusing!

Pantless geeky flight attendant:  “Check out a company called Ipswitch.  They have a product called WS_FTP, and this thing is the private luxury liner of safe and speedy data movement…. WS_FTP ROCKS!”

[youtube]http://www.youtube.com/watch?v=5EHigR4EtF0[/youtube]

This blog post is also an open invitation to the millions of Ipswitch File Transfer customers out there around the globe….. We’d love to hear about how you’re using our solutions too, just email us at MyStories@ipswitch.com.  Dolls optional.

I recently blogged about some pretty alarming statistics from the newly published 2010 Data Breach Investigation Report.

Let’s take a closer look at the 48% of breaches that involved privilege misuse.

I guarantee you that a large chunk of employee misuse is 100% non-malicious.  In many cases, it’s the hardest working and most dedicated employees that feel forced to find their own way – any way – to get the job done because they were not provided the appropriate tools.

Over the last year I’ve spoken to well over 100 people that admitted to many of the items in the chart above.

In fact, I’m sure many of you blog readers have used a personal hard drive to temporarily store company data because you simply want to back-up your important work files.  What about copying company files to a USB/DVD as a convenient way to transport data — or even subscribing to a file sharing website or using your personal email account — simply because you can’t send or receive large files from your work email account?  And how many of you access company email or files from that shiny new smartphone of yours?

And you know what, I’m guilty too.  But with total non-malicious intent I assure you.  :-)

Sometimes it feels like Murphy’s law is in full-swing. Everything that could go wrong does go wrong. As an IT admin this can be particularly frightening when the well-being and success of a business relies heavily on the integrity of its IT infrastructure.

Fortunately, when there is impending doom, WhatsUp Gold’s comprehensive Network Management Solutions can alert you to a problem before users notice anything, so it can be resolved with little to no repercussions. However, there can be times when the visibility of your network is impeded. In this case you would normally be up ____ creek without a paddle. But, with the WhatsUp Gold Failover Manager plug-in you have one more, high availability trick up your sleeve.

WhatsUp Gold Failover Manager enables the configuration of a Primary and Secondary server both running the exact same version of WhatsUp Gold. With Failover Manager in place, WhatsUp Gold continues to collect data and run critical monitoring services during planned or unplanned downtime:

  • Set up Primary and Secondary WhatsUp Gold servers for manual or automatic failover
  • Select specific event occurrences and conditions that can trigger ‘failover’ and ‘failback’
  • Ensure monitoring data protection through the support for remote database operation
  • Remotely manage the failover process from anywhere on the network
  • Report failover actions in the Alert Center for single console operations management
  • Virtually eliminate the risk of ‘dark periods’ or monitoring data loss

Interested in learning more about insulating yourself from network failure with WhatsUp Gold Failover Manager?

Take advantage of our limited-time offer: Save 10% on Failover Manager and receive a FREE copy of the new Engineer’s Toolkit when you purchase before September 30th!

Enhanced by Zemanta

As technology evolves so does the ability for people to hack it.

Ipswitch WhatsUp Gold is staying ahead of the game with its versatile network traffic analyzer, Flow Monitor.

Did you know it’s rarely an apocalyptic hack, like the ones depicted in SyFy films, of which businesses should be weary? Instead – according to a recent report on the Black Hat Briefings by SearchSecurity.com– – it’s the persistent, targeted attacks that weaken a company’s IT infrastructure and compromise its business.

SearchSecurity.com reported last week on two researchers who demonstrated examples of hacks at the Black Hate Briefings. The duo’s hacks ranged from zero-day PDF attacks to memory-based rootkits.

The presenters, Nick Percoco, senior VP at Trustwave’s SpiderLabs and Trustwave senior forensic investigator Jibran Ilyas pointed out what WhatsUp Gold Flow Monitor customers already know:

That attackers are hiding in plain sight and that they are moving data out of organizations using tried-and-true means, such as FTP, HTTP and SMTP.

Firewalls are of little use in these situations. They won’t flag HTTP traffic as an anomaly.

What you need is the ability to monitor traffic moving over TCP port 31337. WhatsUp Gold Flow Monitor, in conjunction with Alert Center, provides this ability and alerts users in real-time when a security breach happens.

In addition, the new release of WhatsUp Gold Flow Monitor allows users to set up monitors on multiple TCP ports (80.8080, etc) so by setting up an alarm specifically for port 31377, you can monitor in real-time and detect the kinds of attacks that Black Hat is reporting.

To download a free trial of Flow Monitor click here.

Estimate how many pieces of sensitive files and data your company has … Now multiply that by $204. I’m sure you’ll agree that the ROI on the time and resources spent to protect company data are well worth the investment.
Hugh Garber – in a July 28th, 2010 blog

Hugh and the rest of the world have been talking about the 2010 Data Breach Report from Verizon Business that was released last week.

One of the many frightening figures given was that “96% of breaches were avoidable through simple or intermediate controls.”

Here’s a bit of a catch 22 though, in a recent article by Stuart Sumner of Computing, he says that “while technological advances can provide more capable security, they can also often provide opportunities to cyber criminals.”

What can we do?

Here’s where things get … interesting, and leaves me thinking that perhaps Cyberdyne Systems isn’t such a fictional company after all (yes, that’s a “Terminator” reference – c’mon “cyborg” is in the title of this post)

Sumner suggests that CIO’s can fight back against these data breaches with enforced encryption, reporting and biometric technology, and that “selecting the correct blend of tools to protect the business is key for CIOs today, and encryption and end point security can help.”

The concept and practice of biometric technology is not new to us, and it seems that the case can be made that biometric technology is truly becoming a necessary solution for all businesses.

The article is a quick read on what CIO’s can do to help fight data breaches and it makes a motivating case for biometric technology.

In writing this blog post I find myself interested in your thoughts on that, is biometric technology something that your company would benefit from?

Want to learn how to manage and grow your IT infrastructure without having to buy another server? There is useful little article floating around the web, titled Practical Steps for Building and Managing an Internal Cloud, by one of our network managers, Stephen Dalgar, and our Director of Product Marketing, Marina Gil-Santamaria.

By now we’ve all recognized the importance of virtualization and its growing prevalence among IT professionals. Moving to a virtual environment significantly reduces hardware costs and complexity, while increasing server utilization and reducing the overall cost of ownership. Here at WhatsUp Gold, we not only provide tools to monitor your virtual environment, we also share our best practices for virtualization with you. After all, we haven’t purchased a single server in almost three years of sustained network growth, so read on to learn how we achieved this.

When making a move to virtualization, there are steps you can take in order to stay organized and maintain efficiency. According to Dalgar and Gil-Santamaria, the following checklist proved indispensible when building our cloud:

  1. Properly scope your virtualization project, objectives and goals, as well as success metrics
  2. Get buy-in from all key stakeholders (sponsoring, business and technical)
  3. Put a policy in place for how physical to virtual migrations are to be executed
  4. Put strict controls in place to allow for VM creation
  5. Closely monitor physical resources, cpu, interface, memory, and disk utilization.
  6. Use Resource pools allowing production servers to take precedence over hardware.
  7. Look for a management tool that offers single console monitoring across network devices, servers, applications, virtual resources, network traffic and events and log data
  8. Inventory your physical and virtualized environments on an on-going basis
  9. Overlay compliance and data security policies and organizational and management requirements
  10. Don’t forget to monitor, alerts and report on critical vCenter alerts, there are actually 300+ vCenter events

    You should also establish set infrastructure management strategies for when the cloud is in place.

    WhatsUp WhatsVirtual is precisely the tool to help with the virtualization process with one console to manage both your physical and virtual environments. Once you have WUG you simply refresh your license to get automatic discovery, mapping and documentation of the physical servers and virtual resources that make up your entire infrastructure. WhatsVirtual also integrates with VMware API to collect performance metrics, gain access to key management tasks, and oversee VMware vMotion or High Availability live migrations. When your environment is in place you have the ability to control virtual machine actions like power on, power off, suspend, reset, and backup as well. Additional capabilities include workspace reports for physical host servers, virtual machines, and virtual clusters; and seamless integration into the WhatsUp Gold Alert Center.

    Learn more about WhatsUp WhatsVirtual or download your free 30 day trial!

    Now through August 15, buy WhatsUp Gold WhatsVirtual at a Special Introductory Price!

    To learn more about building and managing a virtual environment, view the full article.

    I’ve been sitting on some startling statistics for a couple weeks now, and it has been hard to keep my fingers quiet… But today is the day Ipswitch is sharing them with the world.  Here are a few key takeaways from the survey that Ipswitch conducted at the recent InfoSecurity Europe 2010 show in London.

    40% of IT professionals surveyed admitted to sending sensitive or confidential information through personal email accounts as a way to eliminate the audit trail of what they sent and to whom.

    Forty percent!

    Let’s be clear:  Almost half of IT professionals use their personal email as a way to send sensitive company files while hiding their activity from company auditing and reporting.  Yikes, that’s a major security and compliance breach!

    But wait, there’s more:

    69% said that they send classified information, such as payroll, customer data and financial information, over email (with no security) at least once a month;  34% said they do it daily.

    IT folks seem to be swayed by a similar set of drivers that as other worker bees – Namely, speed, convenience and the ability to send large files without the hassle.

    This leaves us with an environment where IT professionals are:
    (1)    Feeling the same pains as their end users
    (2)    Smart enough to sidestep the very security and governance policies put in place
    (3)    Deliberately break company policy and controls as a way to hide what they are doing

    And just establishing a file transfer policy isn’t enough.  While 62% of organizations have file sharing policies in place, many don’t have the means or tactics in place to enforce them.  Despite increasingly strict governance and compliance mandates, 72 percent of respondents said that their organizations lack visibility into files moving both internally and externally.

    Organizations that lack true visibility, management and controls around sensitive information now find themselves wide open to all kinds of risks, namely data breaches and compliance.  The fact that risk contributors include those tasked with protecting IT networks in the first place, and that it’s being done on a premeditated and recurring basis, just brings the whole situation to an entirely different level of ugly.  Try explaining THAT to an eDiscovery judge!

     

    Of the 385 organizations hit with data breaches so far this year, 113 were in health care.”
    The Identity Theft Resource Center (ITRC).

    Are Dr. Howard, Dr. Fine and Dr. Howard in charge of the health care industries data security? You’ll most likely need 113 aspirin after reading this article on eWeek.com by Brian T. Horowitz.

    In it Horowitz quotes Jay Foley, executive director of the ITRC, who says that when it comes to data breaches that “hospitals are vulnerable to insider data breaches with the multitude of doctors, nurses, lab technicians, janitors and food service personnel circulating throughout the facility.

    The article also quotes Ipswitch’s very own Frank Kenney, VP of global strategy, who confirms the ITRC’s diagnosis. Frank notes that “health care facilities are not complying with HIPAA (Health Insurance Portability and Accountability Act) and regional government regulations on data privacy.”

    As usual Frank has a way of breaking the issue down to it’s most honest and simplest point, and he stats that “even signing your name in at the front desk in a doctor’s office for all to see is a breach of HIPAA regulations.”

    It’s an interesting read that may have you reaching for the Anacin.