Author Archives: admin

Ex-user credentials haunting your network?

insider_threat“Joe” left two weeks ago. Are his user credentials still appearing active? Maybe because IT is backed up on “offboarding?” Or, maybe they don’t even know he is gone yet!

According to a survey done by Lieberman Software, “More than 13% can still access a previous employers’ systems using their old credentials.” This means the information that “Joe” had access to as a privileged employee, is still available…to him…right now…from outside the company. And most likely, many have that access for a rather long period of time. “Almost 25% work in organizations that do not change their service and process account passwords within 90 days,” stated the Lieberman Software survey. In the days of paper, it didn’t seem to matter that an old employee’s name still showed as a project manager on a document. Nowadays, this can not only cause confusion, it can pose serious risks to the company’s data, network, and reputation. Most employees or contractors do not pose a threat, but it is that one that you may miss that will have access to material with devastating consequences. Kentucky.com reported the following example in 2014 on the sentencing of an ex-contractor gaining access to Toyota’s systems:  “…caused considerable downtime or loss of functionality with a number of systems, affecting Toyotasupplier.com the most, according to court documents. Several Toyotasupplier.com and internal applications did not work properly or shut down for hours, according to the affidavit.”

Many companies are so busy with other tasks and decisions, the simple cleanup of the obvious things go unnoticed. We all have so many different access points to so many different applications today, that keeping track ourselves is overwhelming, but IT has to keep track of everyone’s access. Communication is the number one task to protect a company from data loss or threat risk. Tell IT–they can’t purge the system and protect the company if they are not kept informed. Today, IT is one of the most important departments for the functionality, security… lifeblood…of an organization. They should be first on the list. With access to comprehensive monitoring and reporting tools, IT can run a investigative query on demand.

What needs to be done to help protect your privileged information and network no matter where your data is located? The following should be at the top of the list:

  1. Make sure your internal process of employee onboarding and offboarding has IT included at all levels.
  2. Make sure your corporate policy is understood and signed off on when an employee is hired and again when discharged.
  3. Confirm that this policy clearly informs all employees that their actions, while using company devices, are logged, monitored, and audited.
  4. Verify that all users, including contractors, have their own, unique login credentials.
  5. Validate that your IT procedures include all levels of employee information access, especially privileged accounts.
  6. Make certain a corporate policy for discharging an employee has immediate impact on any access for that employee, even one day could be detrimental.
  7. Do not forget about social media. Many view this as a harmless side effect of today’s business world. It is not harmless. A disgruntled employee can do serious damage to a company’s reputation through this ever-increasing communication channel. Access to the company’s social media needs to be regulated just like any proprietary corporate network.

Lastly, audit…audit…audit. Use a comprehensive monitoring tool with detailed, drill-down capability to analyze data on any activity. It is always good practice to regularly screen for activity on users who are no longer with the company. Investigate any missed credentials and correct the issue before data loss, malware intrusion, or simple unethical behavior, such as accessing and posting on the company social media sites, happens. This is the only way to ensure that all avenues were covered. Today, monitoring, filtering, and reporting solutions are no longer a luxury–they are a requirement.

Wavecrest Computing has been the recognized leader in Web Security for over 19 years with CyBlock and Cyfin Solutions. These scalable filtering and forensic reporting analysis products are designed to enable organizations to successfully address Internet abuse, legal liability, shadow IT, workforce productivity, and Web security threats.

Wavecrest, the leader in Web security, and Check Point have announced a partnership.

CF_Full_FWavecrest Computing, a leading global provider of advanced Web security solutions, and Check Point Software Technologies have announced a technology partnership.

Wavecrest’s Cyfin, along with Check Point log files, efficiently and accurately make for an easy-to-manage, cost-effective log file analyzer and reporter. This integration easily addresses collection and analysis of Web-use activity data by producing rapid, accurate, and actionable, manager-ready reports for audits, investigations, or distribution. Predefined reports, such as top users or sites, bandwidth, legal liability detail, and user audit detail, as well as the benefit for managers to run selected user reports by department, provide visibility into every aspect of enterprise Web-use activity. Learn more at: https://www.wavecrest.net

Wavecrest Computing announces CyBlock Hybrid’s new reporting features.

 

Wavecrest Computing announces new reporting features are now available in the CyBlock Hybrid deployment. Reporting features, Real-Time Monitor and Dashboard Charts, can easily be accessed for both your CyBlock Cloud and local  CyBlock configurations. This enhancement allows the customer to easily monitor and develop reports on users, both local and remote.

Use Real-Time Monitor to see remote users’ current Web activity, or use Dashboard Charts to check on- or off-premises Web traffic trending by users, groups, categories, or denied and allowed traffic. Run a report for management or an audit that can include cloud, local, or all configurations. The new features proactively increase your administration capabilities while reducing the time you spend on Web management tasks.

The CyBlock Hybrid deployment is used when an on-site CyBlock installation is paired with CyBlock Cloud to provide coverage of remote users with the convenience of local administration for all users. Contact us for more information today!

Constantly improving, developing, and enhancing to make your Web security more efficient, Wavecrest Computing has been the recognized leader in Web Security Solutions for over 19 years. Wavecrest’s scalable filtering and forensic reporting analysis product lines, CyBlock and Cyfin, are designed to enable organizations to successfully address Internet abuse, legal liability, shadow IT, workforce productivity, malware, and many other Web security threats.

Cloud Hybrid Reporting
CyBlock Cloud – Hybrid Report

 

Another exciting new enhancement from Wavecrest…Cyfin Automatic Log File Detection!

Wavecrest Computing is excited to announce a new enhancement to our Cyfin Log File Analyzer Solution, Automatic Log File Detection. This enhancement allows for the easy setup and import of log files by automatically analyzing and matching the closest suitable log file types. You no longer have to worry about making sure you select the correct log file type manually before importing. All you have to do is locate your log file and select. Cyfin Automatic Log File Detection will display a short list of matches with sample data in fields, allowing you to select from the list the best log file type ensuring you are getting the best match available.

Constantly improving, developing and enhancing, to make your Web security more efficient, Wavecrest Computing has been the recognized leader in Web Security Solutions for over 19 years. Wavecrest’s scalable filtering and forensic reporting analysis product lines, CyBlock and Cyfin, are designed to enable organizations to successfully address Internet abuse, legal liability, shadow IT, workforce productivity, Malware, and many other Web security threats.

automatic logfile analysis

Can you see your enterprise shadow IT?

shadow-it-300x171Can you? It’s there…hidden on your employees’ devices and on your network. We all know people try to use the path of least resistance in getting something done. Today, cloud computing allows us all to do almost anything from anywhere with relatively no resistance at all. Within corporations though, this can become a problem commonly known as shadow IT. “There are an astonishing 10,000 cloud services available on the market today, which creates a growing problem for IT around Shadow IT as only 9.3 percent of those apps meet enterprise data, security and legal requirements, cloud security company Skyhigh Networks found in its Q1 2015 Cloud Adoption and Risk Report.” Corporations need to control their proprietary information, network, and Web security. While employees may be thinking they can get their job done faster, the corporation is thinking about threats. “The result is technologies that empower individuals and teams limit the organisation as a whole.”

There are several views for this, all valuable. From the employees’ view, they believe they are finding ways to be more productive and efficient by using technology that is easily accessible and likely, not costing the corporation anything additional. It is quick and easy and can get the job done before the IT department would even have a chance to look at a request form. So, why would the corporation be upset? Here’s why–unauthorized applications, or shadow IT, can cause serious risks, such as Malware, data loss, and other severe network security concerns. As the responsible party, IT needs to know what is happening, especially when it comes to the random unauthorized applications users are bringing into the network.

What can be done? Which view holds more importance? That depends on your organization but gathering the information to make that decision can be quick and easy. You need total visibility into Web use so you can find and analyze any potential shadow IT. Proactive, comprehensive reporting of all Web-use activity allows a full view of users’ activities. IT and management need to see detailed drill-down activity per user, per group, or per category, and determine if the “shadow” application is to be quarantined, or discover the application is actually useful to the organization as a whole and add to the acceptable applications list.

It is important to take into consideration the employees’ need to have access to useful and contemporary tools. No post, article, or news story can tell you what to do within your organization. Only you know what will best suit your environment. Try collaboration though, between users, management, and IT. The key is to find the most useful applications and move toward applications that work, with the best interest of the overall corporation at heart.

Wavecrest Computing has been the recognized leader in Web Security for over 19 years with CyBlock and Cyfin Solutions. These scalable filtering and forensic reporting analysis products are designed to enable organizations to successfully address Internet abuse, legal liability, shadow IT, workforce productivity, and Web security threats.

Are you willing to stake your business’ success and security on another commercial buyout by a federal contractor?

buyoutWe have all heard about the Websense acquisition–Raytheon bringing Websense into the Raytheon Cyber Products fold. It is big news for a defense contractor like Raytheon to make such an acquisition in the commercial market. Many times though, this strategy of a government contractor getting into the commercial business world backfires. For current Websense customers, this risk would hurt you the most.

As a Websense customer, are you prepared to take this risk? Are you concerned that your business may not fit into the Goliath corporate mentality, or about the potential for government-level new pricing or contractual terms? These changes may happen faster than you think, or they may drag on forever with you never knowing what will come up or when.

With a positive SMB mentality, Wavecrest strongly believes in one-on-one communication with our prospects, customers, and partners.  When you reach out to us, we have a human being on the other end of the line that knows the product well, communicates well, and will take the extra step to get your enterprise and employees secure. You don’t have to go through automated calls, ticketing, or several levels of technical support to reach the person with the knowledge you need.

Wavecrest also has the products you require–agile and reliable solutions for your Web Security needs, ranging from software and hardware deployments to cloud and hybrid deployments. No matter your business size, industry, or distributed workforce, Wavecrest has a solution for you.

Leave the government contractor-level pricing, contractual terms, and confusion behind. Don’t become another ticket number. Let Wavecrest focus on your business and your specific requirements. Talk to us today.

Raw log file download capability is now available for CyBlock Software, CyBlock Appliance, and CyBlock Cloud.

bigdatakeyWavecrest keeps increasing and enhancing the capabilities of CyBlock to provide more efficiency and ease-of-use features–all so that you can concentrate more on your mission-critical operations. Our newest enhancement to CyBlock Software, CyBlock Appliance, and CyBlock Cloud allows you to download and view raw log files collected with CyBlock. Quickly downloaded through Data Management’s Log Data Source, it is stress-free to access your organization’s Internet-usage big data information. The log files are compressed and combined into a ZIP file to be downloaded to a location of your choice, for potential future use in forensic investigations, required log file storage, or per your enterprise’s employee security policy. Log file selections can be chosen for downloading one day or a range of days making it easy to focus on exactly what you need.

Raw log file download is just another way Wavecrest supports your need for easy access to detailed organizational Internet-usage security information, To find out more about Wavecrest and our Web Security Solutions, visit www.wavecrest.net.

Export Web-use data in CSV format for external analysis with Wavecrest’s Audit Data Export.

Import-wizard-overviewWhen it comes to Web-use data, organizations need easy and flexible access to protect their network, their users, and their company. Management or IT may need to externally analyze or manipulate the data due to events such as audits or incident investigations. Wavecrest has made it easy to export details of users’ Web activity, in one or more categories, with our Audit Data Export in Version 9.1.6 of Cyfin and CyBlock Software.

Is management requesting usage data on gambling sites for analysis by an external forensic data team? Or are they interested in social media and shopping usage for performance evaluations or audits? The administrator can easily select a time frame and one or more categories, run the report manually or set it to run automatically, and export a file in CSV format. Every visit made by a user is listed separately in chronological order and includes the user name, IP address, category, date/time, Web site, and full URL. The exported file can then be imported into, or opened with, most text-ready external applications, such as relational databases or spreadsheets, as needed for analysis. Cyfin customers also have available the export selection of a single log file configuration or all log file configurations.

To find out more about this feature and all of our products, visit: www.wavecrest.net.

Prioritize network traffic and increase network QoS with CyBlock Bandwidth Management.

In the current Internet-connected enterprise, constant and rapid changes require IT to have proactive control over the organization’s bandwidth. Many organizations now allow the use of tools such as DropBox, social media, and streaming, as well as BYOD use for, and during, business operations. The idea is to use these tools for business productivity. But then combine this with any personal use of these tools, or other services, and you have a bandwidth drain on the company network. For an IT administrator, this holds many more challenges in how to make sure priorities are set for bandwidth. With CyBlock’s Bandwidth Management feature, we can help you battle bandwidth hogs, improving your network QoS and keeping your mission-critical operations running smoothly!

Learn more: https://www.wavecrest.net/products/cyblock/sa/include/BandwidthManagement.pdf

realtimebandwidthmonitor

The all-in-one, enterprise class, Web Security hardware solution

The all-in-one, enterprise class, Web Security hardware solution, CyBlock Appliance, now available with local logging and reporting, can be easily paired with a CyBlock Cloud account as a Hybrid deployment, extending Web filtering and monitoring to your off-premises employees!

applianceLGet instant real-time information and proactive, reliable control over your network’s Internet users. CyBlock Appliance, the leading, turn-key, gateway appliance solution for Web-access Security, provides ease-of-use setup, configuration, and management at your fingertips! And now, you no longer have to worry about any remote logging that would require an external server or appliance. CyBlock Appliance now supports local logging and reporting!

The benefits of CyBlock Appliance are many, and your administrative choices are extensive. With minimal time and effort, the Appliance is up and running. Choose to use the Appliance as a proxy to monitor all your selected HTTP/S traffic, or inline, “transparent” to add the control and monitoring of P2P, torrents, IM, and e-mail, as well as public access Wi-Fi areas. Either configuration gives you granular controls, drill-down reporting, filtering, real-time monitoring, bandwidth throttling, as well as reducing risks of malware and data loss–your options are endless. CyBlock Appliance will proactively support all your organization’s Web-use needs fast and efficiently, without the need for constant administration.

Remote or mobile users? Safeguard all networks and employees in the organization. Add CyBlock Hybrid! Using CyBlock Appliance and CyBlock Cloud, the Hybrid deployment secures your additional remote and mobile employees so there is no need to route traffic back to the main office. All policies are managed from a single interface and sync automatically. Free up local server bandwidth and be assured that Web filtering for these users is occurring in the cloud with CyBlock Hybrid!

For more information, visit: Wavecrest Computing