SlashdotMedia AdOps Asset Management

Operation Lotus Blossom

Operation Lotus Blossom describes a persistent cyber espionage campaign against government and military organizations in Southeast Asia, stretching back over three years. Nations we have identified as targeted in this campaign include Hong Kong, Taiwan, Vietnam, the Philippines and Indonesia. The Lotus Blossom group deploys a backdoor Trojan, named Elise, after the sports car made by Group Lotus PLC of the United Kingdom.

The Evolution of the Data Centre

The data centre is facing a significant paradigm shift as the traditional model of managing infrastructure shifts to one of automation and delivering IT as a service.

The so-called ‘explosion of data’ has significantly shaped the technology landscape in recent years. The Internet of Things has only added fuel to a fire well built by other trends like mobility, big data and social media.

The whitepaper reveals some interesting insights into current data centre strategies from a survey of senior IT professionals.

Optimized Sourcing in the Hybrid IT Environment

This research paper from Saugatuck Technology discusses the multi-sourced hybrid IT environment, including how to recognize the needs that can increase costs and compromise operations, and how to optimize the environments for peak effectiveness.

Sicherheitsrisiken minimieren mit Dropbox für Unternehmen

Ältere Dateifreigabelösungen wurden in erster Linie für die interne Datensicherheit entwickelt. Sie bieten jedoch keinerlei Sicherheit für externe Dateifreigaben und mobile Nutzer – und genau darin liegen die oft unterschätzten Sicherheitsrisiken. Mit Dropbox für Unternehmen können Nutzer intern und extern Dateien freigeben, ohne dass der Datenfluss den kontrollierten und gesteuerten Bereich verlässt. Durch Freigabefunktionen, Verwaltungstools und das Monitoring von Nutzeraktivitäten können IT-Mitarbeiter Sicherheitsrisiken minimieren und eine sichere Zusammenarbeit aller Teams gewährleisten.

5 Überlegungen bei der Bewertung einer Dateisynchronisations- und Freigabelösung

Die Wahl eines neuen Dienstes oder Tools kann ein langwieriger und komplexer Prozess sein. Wenn es an der Zeit ist, nach einer Dateisynchronisations- und Freigabelösung für Ihr Unternehmen zu suchen, ist die Masse der zu berücksichtigenden Faktoren überwältigend. Wir stellen Ihnen hier 5 Hauptkriterien vor, anhand derer Sie auf die wichtigsten Funktionen achten und die richtigen Fragen stellen können.

Lösungen zur Dateisynchronisierung und -freigabe: 12 Fragen zur Sicherheit

Die Synchronisierung und gemeinsame Nutzung von Dateien können zu einer Produktivitätssteigerung beitragen. Aber wie wählen Sie eine für Sie passende Lösung aus? Lassen Sie sich bei Ihrer Entscheidung von mehreren Faktoren leiten und, wenn Sie wie die meisten Unternehmen sind, steht die Sicherheit dabei ganz oben auf der Liste. Hier sind einige wichtige Fragen zur Sicherheit, die Sie den Anbietern stellen sollten.

Evaluación de la sincronización de archivos y las soluciones para compartir: 12 preguntas acerca de la seguridad

Las funciones para compartir y sincronizar archivos pueden aumentar la productividad, ¿pero cómo se elige una solución que se ajuste a tus necesidades? Hay diversos factores que posiblemente determinarán tu decisión, pero al igual que para la mayoría de las empresas, la seguridad será para ti uno de los principales. Aquí te ofrecemos algunas preguntas importantes que puedes formular a proveedores de soluciones para compartir y sincronizar archivos en materia de seguridad.

Cinq questions à se poser pour évaluer une solution de synchronisation et de partage de fichiers

La sélection d'un nouveau service ou d'un nouvel outil est un processus parfois long et complexe. Si vous êtes à la recherche d'une solution de synchronisation et de partage de fichiers pour votre entreprise, vous avez sans doute remarqué la quantité incroyable de paramètres à prendre en compte. Voici cinq critères essentiels qui vous aideront à identifier les fonctionnalités dont vous avez besoin et à poser les bonnes questions.

Dropbox Entreprises aide les services informatiques à réduire les risques

Les solutions de partage de fichiers utilisées dans le passé avaient été conçues pour garantir la sécurité des données internes. En revanche, elles n'offrent pas de protection dans les situations de partage externe des données et de mobilité des utilisateurs – autant de situations qui peuvent être à l'origine de risques informatiques inattendus. Dropbox Entreprises permet aux utilisateurs de partager des données en interne comme avec l'extérieur, sans limiter le contrôle et la surveillance des flux de données exercés par le service informatique. Grâce aux commandes de partage, aux fonctions d'administration et au suivi de l'activité proposés par Dropbox Entreprises, le service informatique peut plus facilement réduire les risques pour que toutes vos équipes collaborent en toute sécurité.

In che modo Dropbox for Business aiuta l’IT a ridurre i rischi

Le soluzioni di condivisione di file del passato erano studiate per garantire la sicurezza dei dati interni, ma non fornivano strumenti per salvaguardare la condivisione esterna e la mobilità degli utenti, un fattore che poteva comportare rischi imprevisti per il reparto IT. Con Dropbox for Business, gli utenti possono condividere internamente ed esternamente senza compromettere il controllo e il monitoraggio del flusso di dati. I controlli della condivisione, le funzionalità amministrative e il monitoraggio delle attività aiutano l'IT a limitare i rischi, in modo che tutti i team possano collaborare senza problemi di sicurezza.

How Dropbox for Business helps IT reduce risk

Legacy file sharing solutions were designed to keep internal data secure. They don't, however, provide safeguards for external sharing and user mobility — and this can introduce unexpected IT risk. With Dropbox for Business, users are enabled to share internally and externally without compromising your ability to control and monitor the flow of data. Sharing controls, administrative capabilities, and activity monitoring help IT limit risk so that all of your teams can collaborate securely.

Software Supply Chain Management with BOMtotal

BOMtotal is a free service that generates a bill of materials from any executable code.

Anyone who uses software has a right to know what's inside it. Just as you can examine any piece of food in a supermarket to see its ingredients, you should be able to know what's inside software that you use or might use.

Enabling anyone to generate a bill of materials (list of ingredients) for any piece of software results in a better world for all of us. Buyers gain visibility into software during their procurement cycles by requesting bills of materials from builders. Builders examine bills of materials for their own products to make sure they have no surprises. Ordinary people benefit because when builders and buyers effectively manage their software supply chains, the entire ecosystem becomes safer, more reliable, and more secure.

Software Supply Chain Management with BOMtotal

BOMtotal is a free service that generates a bill of materials from any executable code.

Anyone who uses software has a right to know what's inside it. Just as you can examine any piece of food in a supermarket to see its ingredients, you should be able to know what's inside software that you use or might use.

Enabling anyone to generate a bill of materials (list of ingredients) for any piece of software results in a better world for all of us. Buyers gain visibility into software during their procurement cycles by requesting bills of materials from builders. Builders examine bills of materials for their own products to make sure they have no surprises. Ordinary people benefit because when builders and buyers effectively manage their software supply chains, the entire ecosystem becomes safer, more reliable, and more secure.

What is Fuzzing: The Poet, the Courier, and The Oracle

Fuzzing is well established as an excellent technique for locating vulnerabilities in software. The basic premise is to deliver intentionally malformed input to target software and detect failure. A complete fuzzer has three components. A poet creates the malformed inputs or test cases. A courier delivers test cases to the target software. Finally, an oracle detects if a failure has occurred in the target. Fuzzing is a crucial tool in software vulnerability management, both for organizations that build software as well as organizations that use software.

Synopsys solutions help deliver a more comprehensive security offering for the SDLC by adding black box testing capabilities, including the Codenomicon Defensics® tool for file and protocol fuzz testing, and the Codenomicon AppCheck™ tool for software composition analysis and vulnerability assessment.

A Guide to Data Privacy for Business and IT Executives

Do you lie awake at night wondering if your company is doing all it can regarding data privacy? You probably should. Almost daily, the news media reports another privacy breach, and it’s hard to escape it as a persistent problem in our information economy. Stories about the privacy foibles of major companies grace the covers of newspapers and magazines. We witness a continuous stream of regulatory fine and sanction announcements and breach notifications. We see organizations singled out in news stories and blog posts and on talk shows for bad privacy practices.