archives If you want an RSS feed try this

Safeguard Enterprise 5.40 17-08-2009

SafeGuard Enterprise 5.40

Sophos announces the latest release of their flagship data encryption suite SafeGuard Enterprise. There are a number of improvements of which I think the most important includes the better integration of LanCrypt to provide network multi-user file and folder encryption.

Related Links SafeGuard Enterprise on sophos.com

Glasgow based financial services company chooses Webroot for email protection solution 06-11-2008

ecommnet has recognised that delivering Security using Software as a Service (SaaS) is the most suitable model for clients who have little to no onsite IT skills as it can be configured and managed using an online portal, is based at the Internet layer so requires no onsite installation of hardware and software and requires little day-to-day administration. This cuts down ongoing costs whilst delivering the highest service level agreement.

One of our clients a financial services business represents the ideal customer for Webroot. A busy dynamic company who has no full time IT team but who was faced with growing levels of SPAM and also required a solution that could meet the needs of compliance as they are an FSA regulated business.

Webroot’s SaaS Email Filtering service proved ideal, the customer was migrated from their existing solution within a day and immediately benefited from reduced levels of SPAM which increased the Internet bandwidth at their disposal. During the time they have used the service they have not suffered from any viruses or malware. The service is runs 24 hours a day 365 days a year and required no maintenance meaning their business is protected with no risk of downtime compromising their security or productivity. Through features such as 28 day logs, scheduled reporting and daily SPAM digests they have been able to have better visibility and traceability of email and operate on a largely self-service basis again reducing cost and increasing personal productivity.

For more information on Webroot and why it would suite your organisation please contact us

Job Vacancy Systems Engineer 01-06-2008

Vacancy IT Systems Engineer.

ecommnet has a vacancy for an experienced IT Systems Engineer. The ideal candidate will have at least 3 years experience in installing and supporting sever and workstation technologies especially; Microsoft XP and Office 2003 as well as Windows Server 2003, Small Business Server, Exchange and Linux .

While formal qualifications are an advantage experience and motivation are the qualities we are seeking. Some work will be required on customer sites and you should be a ‘self-starter’ and be capable of working professionally without direct supervision. Travel will be involved and therefore a full clean driving license is a requirement of the position.

Job Vacancy for Web Developer 01-06-2008

Job Vacancy for Web Developers

We're looking for an experienced web developer for immediate project work with our sister company Off Exploring

The ideal candidate will have at least two years experience in working with one or more web development languages including php and javascript.

Job Vacancy for Project manager 01-06-2008

Vacancy for Project Manager

We're seeking a highly skilled and commercially astute Project Manager with a strong development background to manage multiple key projects based around the development and implementation of mobile and Web applications. This is an exciting role working on high value, high profile projects and the key responsibilities include: working with the client and ecommnet's systems and development staff to deliver project objectives, build positive and professional relationships with clients. The ideal Project Manager will have a strong development background with a knowledge of .NET, C#, XML, Web Services etc., should possess excellent leadership qualities and have experience delivering high profile and complex projects, as well as a clear appreciation of the commercial pressures on the business. You should be a self starter, have excellent communication and leadership skills and the ability to produce high quality work within deadlines. This is a great opportunity to assume a senior role in a dynamic growing organisation which invests heavily in its staff. Send your CV today or call for more info.

North East Digital Awards 18-04-2008

Our sister company Off Exploring has been shortlisted in two categories of the North East Digital Awards 07. Announcements will be made at the award ceremony on the 15th May 2008 at the Hyena in Newcastle. The two categories are in the Digital Suppliers Best Use of User Generated Content and similarly in the Digital Users section again for best use of User Generated Content. Why '07' we ask?
Related Links
The North East Digital Awards 07
Off Exploring
STA Travel Journals
STA Travel main site
The Hyena Comedy Club

Email Problems 26-03-2008

our internet connection, provided by BT is presently 'down' as in not working. This has been on-going since about 11:00am today, 26th March. Unfortunately this will have affected some of the mail services that many of you rely upon. Please be assured that we are working with BT to resolve the problems as quickly as possible and restore all email and web services. We'll keep you informed through this blog, anyone requiring further information please don't hesitate to call the office or me directly. Robert Campbell.

CPS lose Control of Data Disks 20-02-2008

Crown Prosecution Service

While the Government reels under another Data Gate episode its worth considering this particular case in detail. The fact that the 'disks' didn't go missing, were not stolen or the details leaked, or so we are led to believe.
However, I'd argue that the fact that they sat in someone's draw for weeks if not months without anyone being alerted to the fact was as serious a case of data loss as any.

The data was sent by the Dutch Police on hard media, be that CD-ROM or DVD or a SATA disk, it matters not. Exchanging data in this manner makes it impossible to audit in any effective way. To be sure that the data is dealt with correctly any system used to exchange sensitive data should at least deal with some or all of the following issues.

encrypt the data
require strong authentication to access the data
record automatically who received the data
record automatically who reads the data
provide alerts on data being read
provide alerts when data is NOT read
time control validity of data (expiration)

Without mechanisms such as these and the information they provide on the usage or access of the data we lose control, without that control we can not say the data is safe or secured.

Take a look at the Cyberark Inter Business Vault it does all of these things and more.

EntitySpaces on Mono 03-02-2008

Regular readers of this column will have noticed that we are great fans of the EntitySpaces the Persistence Layer and Business Objects for Microsoft .NET. Now EntitySpaces on MONO and Mike Griffin has posted a blog on their site with screen-shots and everything.

Seems like Pro.Coder the competition winner did the hard work :-)
Related Links
Using EntitySpaces and Resco Toolkit
Getting Started with EntitySpaces and Windows Mobile Development
Nokia IntelliSync Mobile Push Email and PIM Sync

Nokia on a software aquisition trail, buys Trolltech. 02-02-2008

Nokia bids £78m for Norwegian Trolltech mobile software firm in continuing diversity strategy into software. This strategy clearly started a couple of years ago when Nokia bought Intellisync giving them access to the best PIM and push email, device management and databse application platform for mobile devices.

Related Links
Intellisync Wireless email push email, calendar, contacts, notes and tasks from Microsoft Exchange, Lotus Domino, Groupwise or IMAP.
Intellisync File Sync, push files and data to your mobile devices
Intellisync Application Sync, Integrate back end KPI solutions from Enterprise Data Sources with hand held mobile phones and PDAs
Intellisync Device management, deploy and manage large scale mobile solutions with ease.
Trolltech Code less create more deploy everywhere

Laptop and Data Encryption 29-01-2008

Encrypt that data or face a £5000 fine!

The Information Commissioner reportedly told the Lord's Constitution Committee that he favours making careless handling of data a criminal offence. Anyone knowingly or recklessly flouting data protection principles is likely to be liable for fines up to £5000. This potentially includes anyone with data that contains any personal details needs to look at data encryption now.

Information Comissioner view on Data Encryption 29-01-2008

Opinion

It's now very clear that the use of encryption is as good as mandated when personal information is involved. In a recent ruling the ICO served an enforcement notice on a major commercial company, M&S, in which the use of encryption on all the company's laptops must be implement by April 2008. Since failure to comply with such a notice is a criminal offence this is not a matter that M&S will take lightly.

Indeed given that in the ICO's most recent article on their web site entitled Our approach to encryption it is stated that
'...where such losses occur and where encryption software has not been used to protect the data, enforcement action will be pursued.
we think you need to do something about it now. Why not get a quotation for all your laptops?

What to do next
Get a quote for SafeGuard Easy laptop encryption
Call us to discuss your requirements 01661 854 492
Related Links Technology for dealing with lost laptops : ITPRO Posted Nicole Kobie at 8:17AM, 28th January 2008

Information Commisioner raps M&S 28-01-2008

The Information Commissioner Richard Thomas has severely criticised Marks and Spencer for losing data containing personal details of some of their employees when a laptop was stolen recently. It has been reported that the details of nearly 30,000 employees was lost when a laptop was stolen from the home of a contractor last year.

While this story is not a particularly unusual one in that we report regularly on such incidents it is the first time the Information Commissioner has instructed the company in question to use laptop encryption to protect personal data. The company has until April to comply with the enforcement order, failure to do so would be a criminal offence.

HMRC Data Loss 28-01-2008

Yet another data theft hits the news. This one is a little more impressive than the others we have commented on. The loss of two CD-ROMs from the HMRC premises in Washington, Tyne and Wear which contain the details of 25 million people, aproximately 7 million families, is beyond belief. At the time I write this the police still haven't found the disks dispite deploying over 50 officers from the Northumbria force alone. According to sources close to the search team, "they could be anywhere, Washington, Longbenton, the NAO or somwhere within TNT's network..". Their task is being made more difficult due to the fact that the disk's apparently haven't been labelled either!

This is not the first Identity theft issue involving the HMRC, we discussed the personation issues in a previous article Fraud and personation at the Tax Office closes Tax Credit Web Portal.

Everyone's Concerned about VoIP Vulnerability 18-12-2007

Everyone's predicting that VoIP vulnerabilities and their exploitation will be of increasing concern over the next few months. With a significant majority of new PABX installations including VoIP (63%) or indeed wholly VoIP (18%). All this and considerable interest in FMC will mean that Telephony will become more complex and prone to errors and exploitation.

ecommnet have a seminar planned for the new year which will concentrate on the advantages and implementation options for FMC, please contact us for more details. The provisional agenda will be published here in a couple of days.

Related Links
Major VoIP exploit predicted By Tim Greene, Network World (US)

ecommnet achieves Nokia Expert Mobility Status 14-12-2007

Ecommnet have achieved Nokia Expert Mobility Partner status. This confirms our commitment to developing solutions for our customers in the area of mobility. Having worked with the IntelliSync Mobile Suite for a number of years we're now able to take advantage of Nokia's brand deliver truly enterprise class solutions for our customers.

Related Links
Nokia for Business
Nokia for Business : Mobile Version

More VoIP Security Issues 11-12-2007

Another article recent article spotted at Internetevolution by Ira Winkler on the dangers of VoIP, this time calling into question the P2P based system from Ooma. While I can't quite see any enterprise customers for this technology it does illustrate the complexity and naivety of this market. Related Links
Ooma CEO Wants Hackers to 'Bring it On!' Written by Ira Winkler 12/10/2007
Ooma P2P VoIP Technology promises Unlimited calling in the US with no monthly fees or contracts

FASTHOSTS Security Breach 06-12-2007

You may have read in the news this morning that Fasthosts, the Gloucester based web hosting company has suffered a major security breach.

The incident appears to have affected all Fasthosts web customers and according to some reports involves the compromise of their password gateway. Such a significant breach may have exposed customer's whole web infrastructure and may even include controls for managing dns and domain name registration services.

ecommnet have always maintained that customers should treat the issues of Domain Name Management, Hosting and the provision of Bandwidth as 3 completely separate concerns. ecommnet have provided secure domain name; colocation and web hosting services for the past 8 years and while we may not be the cheapest in the marketplace we pride ourselves in looking after your data and Intellectual Property as if it was our own.

We know of at least one customer who today is very glad we moved his web sites to our servers after several earlier issues with FASTHOSTS.

Related Links
FASTHOSTS
Sites shut down after hack on Fasthosts Web hosting firm still to reset some passwords : By Leo King
Fasthosts customers still frozen out of websites The Register
Fasthosts customers blindsided by emergency password reset

VoIP Hacking Proof of Concept 25-11-2007

Peter Cox demonstrated a prof of concept application that shows how easy it is to eavesdrop on any VoIP based phone call. Peter has set up a new VoIP security consultancy after leaving Borderware Technologies a company he help to found way back when.

Related Links
Borderware Firewall Server
Expert scares world with VoIP hacking proof By John E. Dunn, Techworld

Information Security: Striking a Balance Between Risk and Reason 14-12-2007

The fiasco at HMRC the other day is made even more ironic as I discover the president and chief executive officer of EDS, Ron Rittenmeyer, the IT Management Company running the IT services at the benefits office has very recently made a speech at the Southern Methodist University's briefing series outlining the importance of information security.

To quote from the article on EDS web site
The fact is, security breaches within business and government are more common than we'd like to admit, whether they result from: unintentional security errors, large-scale cyber-attacks or crimes for profit.
The article was written on October 31st this year. I wonder if he knew or was just being a bit previous.

The fact is the use of a CD-ROM, password protected ZIP files or not, should not have been the de-facto means to send data of any type to and from the NAO. It's not efficient, it's not secure and it provides no audit trail. I have long since given up trying to extol the virtues of encryption on it's own, there is the compliance issues and the attendant needs for 'security assurance', the old triple 'A' notion, to be taken into consideration. Without the ability to audit actions such as burning data to CD and stuffing the resulting discs into an envelope in the internal mail, no one can tell what's gone wrong and how to stop it happening again!

Footnote

Triple A

Authentication, Authorization and Audit

Related Links
Information Security: Striking a Balance Between Risk and Reason
Cyber-Ark's Inter Business Vault The best way to send sensitive data between you business partners.
Better data protection 'required' : BBC News
More firms 'admit disc failings' : BBC News
It's 10pm: do you know where YOUR data are? : FT Techblog

Borderware Security Platform Release 7.1 15-08-2007

Borderware launch a new major update of their Security Platform. Previously known as MXtreme the highly rated Borderware Security Platform has evolved in to a multi service web, email and messaging firewall.

This new release of the Borderware Security Platform, verion 7.1 includes many new features and improvements and makes it the best and most efficient platform for controlling SPAM and IM and Web malware, phishing and messaging threats and vulnerabilities.

ADDITIONAL IM PROTOCOL SUPPORT: The BSP offers support for Windows Live Messenger and Yahoo Messenger IM protocols.
SEPARATE WEB AND IM ACTIVITY VIEWS, REPORTING, & LOGS: The BSP offers new reporting and activity views to offer a clear understanding of web and IM traffic in your organization.
ENHANCED HISTORY SEARCHING: The BSP offers better searching capability for all supported messaging protocols.
INTERCEPT ANTI-SPAM IMPROVEMENTS: The BSP has enhanced the Intercept Anti-Spam scanning engine to combat against new forms of spam and URL obfuscation techniques.
OVERALL PERFORMANCE IMPROVEMENTS: The BSP product offers overall performance improvements in the areas of email, web, and IM messaging.

Related Links

ecommnet win £1M project with ALPS in T-Mobile Consortium 29-06-2007

University Health and Social Care students to use innovative mobile learning and assessment methods through contract with T-Mobile®, ecommnet® and MyKnowledgeMap®.

The Assessment and Learning in Practice Setting (ALPS) Centre for Excellence in Teaching and Learning announced today that it has signed a contract with T-Mobile®, ecommnet® and MyKnowledgeMap® (MKM) to provide an innovative mobile learning environment for health and social care students in five Yorkshire Universities.

ALPS is a collaboration led by University of Leeds together with the Universities of Bradford, Huddersfield, Leeds Metropolitan and York St John and its aim is to ensure that students graduating from health and social care courses are more confident and competent in core skills such as communication, teamworking and ethical practice.

ALPS will work with T-Mobile and its partners to provide an innovative mobile learning environment that can be used by students undertaking practice assignments. They will be able to use hand held computers to connect to learning material, reflect on their experience in practice and undertake assessments of their progress.

The £1million contract will enable around 1000 ALPS students to use T-Mobile’s devices and networks, together with software from Nokia®, Utimaco®, MKM and EMC Documentum®, to connect securely to their universities’ learning and teaching systems such as Virtual Learning Environments and library resources. ecommnet and MKM will integrate these products into a solution for ALPS

MyKnowlegeMap
NOKIA
T-Mobile
Utimaco
ALPS gets a mention in IT Week

EntitySpaces and Mobile SQL-CE / UPDATE 30-05-2007

UPDATE

The guys over at EntitySpaces have released their latest version EntitySpaces 2007 V0.0528.0; don't be fooled by the version number, this is a full blown product whcih has undergone extensive testing over the past six months.

I've been doing some new development for a Windows Mobile 5 application using EntitySpaces and SQL Server 2005 Compact Edition. EntitySpaces is a Persistence Layer and Business Objects for Microsoft .NET The ease with which its possible to develop a quite complex application is startling. I've written a couple of articles on the subject which you can read over at the EntitySpaces Team Blog.

The first article is Getting Started with EntitySpaces and Windows Mobile Development and describes how to develop a demo master-detail application using EntitySpaces. A short follow article Using The Resco Controls with EntitySpaces shows how to use the design time binding capability of the Resco AdvancedList and DetailView controls.

ecommnet are hiring 20-05-2007

Vacancy Due to significant and rapid expansion ecommnet has a vacancy for several experienced or well motivated graduate systems engineers and developers. The roles are customer facing and involve working on multiple projects including our own sister companies Off Exploring and AutoBestBuy as well as our own systems.

Developers .NET C#

The ideal candidate will have at least 2 years experience in developing in C# and .NET. Experience in Windows Mobile 5 and CompactFramework would be considered as a distinct advantage. While formal qualifications are an advantage experience and motivation are the qualities we are seeking. The position will give you plenty of opportunities to expand and develop your skills in all aspects of applications development and become part of a small ambitious team.

Microsoft Systems Engineers

The ideal candidate will have at least 3 years experience in installing and supporting server and workstation technologies especially; Microsoft XP and Office 2003 as well as Windows Server 2003, IIS and Small Business Server and Exchange. A thorough understanding of WWW services, networks, LAN, WAN, VPN and ADSL systems is considered essential. While formal qualifications are an advantage experience and motivation are the qualities we are seeking. The position will give you plenty of opportunities to expand and develop your skills in all aspects of networking and security technology. Some work will be required on customer sites and you should be a self-starter and be capable of working professionally without direct supervision. Travel will be involved and therefore a full driving licence is a requirement of the position.

Both of these vacancies are open to both male and female applicants and are required to start immediately. Call the office directly or send me your CV

15-03-2007

I'm due to speak, and chair a session at the forthcoming Securities and Investment Intitute in London on the 22nd & 23th March 2007 at The Brewery, Chiswell Street, London EC1Y 4SD, Blackfriars, London. The event co sponsored by the North East Fraud Forum is the 7th such Annual Conference, this year on Money Laundering & Financial Crime. It includes guest speakers from all aspects of the financial sector the regulatory bodies and various Enforcement agencies including Lucy French, Financial Systems & International Standards, HM TREASURY and Nigel Coles, Head of Industry Exchange Branch, SOCA as well as Phil Vickers, BARCLAYCARD and DCI Oliver Shaw, Economic Crime Unit, CITY OF LONDON POLICE. It looks to be a gathering of many of the influential names in our industry and should prove to be an informative couple of days. My talk by the way is entitled 'CYBERCRIME: MY NETWORK BOUNDARY HAS DISAPPEARED' a discussion on the changing nature of the approach to IT Security in the face of modern day industry practices and then Internet. Tickets are still available from the Securities and Investment Institute web site or contact Lisa Maree and tell her I sent you. Related Links The Jericho Forum

archives If you want an RSS feed try this

Utimaco SafeGuard Easy

Laptop Encryption

Protect the data on your laptop with full hard drive encryption and pre-boot authentication using SafeGuard® Easy.

Utimaco SafeGuard Advanded Security

USB Memory Drives

It'll store 1Gb of uncompressed data, it's un-detectable and it's bootable. Read how to manage and control the use of USB Memory Drives and other Plug and Play devices

Utimaco SafeGuard PDA

PDA Encryption

Prevent unauthorised access to your PDA and encrypt sensitive data using SafeGuard® PDA

PasswordCourier

PasswordCourier is the industry standard for secure, self-service password reset and synchronization, featuring multiple options, robust help desk integration, and the ability to enforce consistent password policies for any system, application, or Web portal.

Borderware

MXtreme Secure Email Server

email is a business critical service make sure yours doesn't stop with MXtreme's High Availability and load balancing options. Borderware Mxtreme the only EAL 4+ certified email server.