CyBlock/Cyfin Release 9.2.2 Now Available

We are pleased to announce the release of several enhancements in the new version of CyBlock and Cyfin. The first major enhancement is the new Wavecrest URL List 9 that adds specific cloud service categories, such as Collaboration and Cloud Storage, as well as renames and remaps categories, giving you more visibility into the Web sites and cloud services your employees are using. To report on cloud service activity, we have added the Cloud Services Detail and Cloud Services Summary reports.

Another enhancement is for CyBlock Appliance. The Real-Time Protocol Monitor has been updated to function just like the Real-Time Web Monitor. With icons now available on the monitor, you can easily control the live protocol traffic you want to see.

For CyBlock Cloud, logon accounts have been enhanced for individual customers as well as Managed Service Providers (MSPs). MSP-linked customers can now be given full access to the product interface and be licensed for additional logons. MSPs can create logon accounts for their own company as well as for their customers and also view the last interface logon for their customers. The enhancements are highlighted below.

Wavecrest URL List 9. The following features have been added:
- The new URL List 9 includes new categories, category changes, default abuse threshold changes (not applicable to CyBlock Cloud), cloud service categories, and updated category descriptions. See Category Update for more information.
- (not applicable to CyBlock Cloud) For existing customers on a previous list version, the following changes apply after upgrading the product:
  - On the Home page, the Wavecrest URL List Update section indicates that the new list is available and that you read the Category Update document before upgrading the list. A link is provided to go to the URL List Version page.
  - URL List Version Page:
    - The List 9 option has been added to the page.
    - After you upgrade to List 9, the service is restarted, and you are required to download the list. You are then returned to the URL List Version page which indicates that the current URL List version is 9.
    - A List Conversion Summary Report shows the policies and URL customizations that were affected by the change to List 9. It will also be sent via e-mail to the administrator.
- Individual CyBlock Cloud customers and MSP Partners will be sent the List Conversion Summary Report via e-mail. MSP Partners will receive one e-mail per customer account.
- For CyBlock Hybrid customers, ensure that your local CyBlock installation is on List 9 in order to sync with your cloud account.
Cloud Services Reports. The following features have been added:
- Report Selection. On the Report Selection page, a Cloud Services Reports section has been added. Cloud Services Detail and Cloud Services Summary are listed in this section and generate reports on only cloud service categories.
- Cloud Services Summary. This is a high-level report that shows employee Web use of cloud services. Web activity includes visits to sites in the following cloud service categories: Audio Streaming, Cloud Infrastructure, Cloud Storage, Collaboration, CRM, Development, File Sharing, HR, Personal E-Mail, Video Streaming, and VoIP Services. The report can be used to identify cloud service usage patterns, better manage cloud subscriptions, and highlight abnormal activity.
- Cloud Services Detail. This is a low-level report that shows the specific URLs of cloud services by user, that is, visits to only the cloud service categories. It provides management with a complete view of every cloud service URL the user has clicked. This information can be used for cloud usage audits, identifying the most active users and the most heavily visited sites.

CyBlock Appliance

Real-Time Protocol Monitor. The following features have been added:
- The Real-Time Protocol Monitor page has been updated to function like and have a similar user interface to the Real-Time Web Monitor.
  - The selections for the Controls field have been moved to the Real-Time Protocol Monitor and replaced by icons.
- On the Real-Time Protocol Monitor, the controls and settings are available in a toolbar and can be changed while the monitor is gathering data in real time.

CyBlock Cloud

Additional Admin Accounts. The following features have been added:
- On the User Management – Logon Accounts – Add screen, the Additional Logons field displays the number of additional logon accounts that have been created in the interface out of the number of licensed additional logons.
- On the User Management – Logon Accounts – Delete screen, the Logon Accounts label has been added to the selection box.
- If you are an MSP Partner adding or deleting a logon account, the Customer menu in the upper-right corner is removed, and the Customer field is displayed allowing you to select a customer or your own company.

MSP Partner Portal. The following features have been added:
- Interface Access for MSP-Linked Customers:
  - MSP-linked customers can now have full access to the product interface.
  - MSP-linked customers will be licensed for 5 logon accounts and can add and delete logon accounts from these licensed logons.
  - Once a logon account has been created for an MSP-linked customer, they will receive an e-mail notification to complete their registration by logging on to the interface.
  - After logging on with the temporary password, they will be required to change their password on the Change Your Password screen.
- Home Page:
  - When you click a customer name in your customer list, an Interface Details section is now displayed on the General tab.
  - The Last Interface Logon field shows the last date/time on which your customer logged on to the interface.
  - The Additional Logons field displays the number of additional logon accounts that your customer has created in the interface out of their number of licensed additional logons.

There are also a number of corrections in this release. To see the full release notes for your product, visit our Web site or knowledge base. You can upgrade to the latest release by going to the Help – Check for Updates screen in your product.

For additional assistance, please feel free to contact us.

Wavecrest Continues to be a Valued GSA-Approved Vendor

Wavecrest Computing has once again been awarded a renewal for a GSA Contract. Our first award was in 2000, and now we are proud to be renewed all the way to 2021!

Our clients include:

National Archives
Superior Court of California
U.S. Computer Emergency Readiness Team (Homeland Security)
U.S. Department of Veterans Affairs
Florida Department of Health
New York City Department of Buildings
Georgia Department of Transportation
Defense Logistics Agency
U.S. Department of Justice
National Ground Intelligence Center
U.S. Army

Wavecrest’s CyBlock and Cyfin solutions are built with today’s unique business in mind, offering comprehensive cloud services management and visibility into Shadow IT and insider threats, as well addressing legal liability, workforce productivity, and Web security threats such as malware and phishing attempts. We offer multiple deployments that include Cloud Access Security Broker (CASB), Cloud, Hybrid, Software, and Hardware deployments that fit any business type or size. Wavecrest Computing is headquartered in Melbourne, Florida, U.S.A.

For more information on the company, products, and partners, visit https://www.wavecrest.net or follow us on LinkedIn, Facebook, and Twitter.

20 Years Young and Excited About the Next 20!

We are proud to announce that Wavecrest Computing has reached a pretty big milestone…its 20th anniversary! It has been a path we have happily taken with innovative products and a dedicated staff, many of which have been with us since the beginning. We would also like to thank you…our customers, partners, and followers for sharing this journey and challenging us to be constantly reaching for the stars…or the cloud, as the case may be! Here is to an exciting next 20 years where we will remain “at your side” securing your growing, distributed, and agile workforce.

Since 1996, Wavecrest Computing has been a global leader in employee Web-access security and Web-use monitoring and analytics solutions, with scalable filtering and reporting analysis, forensic data tools, and products designed to enable organizations with today’s distributed workforce to successfully address cyber threats. Wavecrest’s CyBlock and Cyfin solutions are built with today’s unique business in mind, offering comprehensive cloud services management and visibility into Shadow IT and insider threats, as well addressing legal liability, workforce productivity, and Web security threats such as malware and phishing attempts. We offer multiple deployments that include Cloud Access Security Broker (CASB), Cloud, Hybrid, Software, and Hardware deployments that fit any business type or size. Wavecrest Computing is headquartered in Melbourne, Florida and is a longstanding GSA contract holder.

For more information on the company, products, and partners, visit https://www.wavecrest.net or follow us on LinkedIn, Facebook, and Twitter.

MSP: Manage Client Bandwidth and Cloud Services

Are unsanctioned cloud services using up all of your clients’ bandwidth? As a managed service provider (MSP) today, knowing your client’s cloud services usage is crucial. Cloud services can range from acceptable collaboration tools to unsanctioned personal usage apps that waste critical bandwidth. Most businesses run cloud services to be able to communicate & collaborate more efficiently. Employees, though, tend to find apps that suit their needs best, even when unsanctioned. Help your clients by finding & managing their bandwidth and cloud services with Wavecrest’s CyBlock.

CyBlock Cloud Services Right Here on the Space Coast

Wavecrest Computing, a leading provider of advanced Web security and Cloud Access Security Broker (CASB) solutions, introduces a new cloud services location right here on the Space Coast.

As a successful Space Coast-based business since 1996, Wavecrest is proud to help local businesses keep mission-critical cloud service applications, and more, running smoothly and securely, on or off premises, with CyBlock Cloud service now located within TerraCom Direct’s secure, Tier 3 purpose-built facility in Melbourne.

“The ability to centrally manage policies and activities is crucial for enterprises that want to make strategic use of cloud services while still controlling their users’ activities. End users, MSPs, and resellers now have the opportunity to manage their cloud services locally, with professionals from their community and within an environment that is comprehensive and secure. In today’s world, it is almost impossible to find experts in a company’s own backyard.” Dennis McCabe, CEO, Wavecrest Computing.

Wavecrest’s CyBlock Cloud and CyBlock Hybrid provide security policy enforcement points placed between cloud service users and cloud applications to combine and interject enterprise security policies as the cloud-based resources are accessed. These points provide cloud service visibility, threat prevention, data protection, and regulatory compliance by finding anomalies, user activity, or threats, such as unsanctioned cloud services use, unnecessary data sprawl, and underused or unused cloud services. CyBlock provides data loss protection, analytics of usage behaviors, automated alerting and reporting, and easy-to-use policy management tools including filtering and bandwidth management.

CyBlock is designed to fit all types and sizes of businesses. End users will see efficiency and productivity increase while protecting the company’s interests and network data. MSPs will find a proactive and agile Cloud Access Security Broker solution that will provide the visibility and control to take care of clients with minimal time and effort. Increase profits, growth, and service quality while knowing that a local team of experts is here to help. Find out more at www.wavecrest.net.

About Wavecrest Computing

Wavecrest Computing, headquartered in historic downtown Melbourne, FL, has provided commercial business and government clients with reliable, accurate Web-use management and Cloud Access Security Broker products since 1996. Managed Service Providers, IT specialists, HR professionals, and business managers trust Wavecrest’s Cyfin and CyBlock products to manage employee Internet usage — managing cloud services, reducing liability risks, improving productivity, saving bandwidth, and controlling costs. Wavecrest has clients worldwide, including General Electric, Lockheed Martin, Florida Department of Health, Siemens, Department of Homeland Security, and a growing list of global enterprises and government agencies. For more information on the company, products, and partners, visit https://www.wavecrest.net.

Since the holidays are about good cheer, don’t be a grinch this year!

The holiday shopping season is fast approaching once again. Every year, more and more people use online shopping for the majority of their purchases. Is your business ready for the online shopping that your employees will likely do during business hours? Is your bandwidth ready to make sure your mission-critical applications take priority?

Cyber Monday will come up faster than you think, but that is only one day of online shopping. Cyber Monday 2014 ranked as the heaviest online buying day that year with $2.038 billion in desktop spending, but the day after Cyber Monday wasn’t far behind, ranking second for the season at $1.796 billion. It doesn’t even stop there! On the second Monday in December (Green Monday), online buying was $1.615 billion! These are all regular business days! And each year the amount of time and money spent online shopping increases! The whole season is about shopping for those important to us, and employees are going to try to get online to grab the best deals no matter what day, or time of day, it is.

Since the holidays are about good cheer, don’t be a grinch this year. Find ways to satisfy all your business and employee needs. Give your employees the gift of online shopping time during this holiday season, while making sure your IT team receives the gift of proactively throttling bandwidth for noncritical applications when needed.

Wavecrest Computing has been the recognized leader in Web Security for over 19 years with CyBlock and Cyfin Solutions. These scalable filtering and forensic reporting analysis products are designed to enable organizations to successfully address Internet abuse, legal liability, shadow IT, workforce productivity, and Web security threats. FREE bandwidth audit available!

The Tip of the Spear . . . Phishing

Spear phishing has become a leading way hackers gain access to business systems and data. They use natural human familiarity as the weakness. You receive an e-mail from an executive within your company. Will you take the time to second guess the sender? Will you hesitate clicking a link or an attachment that is deemed important by this person? Likely not. Even those who know the risks and precautions may easily fall victim to this type of hack. It thrives on the information that is already available to the hacker. They find out enough about you to make the e-mail not only look like it is from someone you know, but also include information within the e-mail that will reinforce this familiarity, such as referring to a project or another team member.

For a business to try and fight against this type of hack, employee communication is important. In 2014, 56% of those polled by Dark Reading cited “lack of employee awareness” as the most dangerous social engineering threat to organizations. Consistent training and constant communication will give employees the tools to proactively question an e-mail they receive.

Avoiding the most obvious risk should be lesson number one. No matter who the e-mail is from, even the CEO of the company, make sure employees know not to give out information such as passwords or business account numbers. They should question and verify the e-mail when this type of information is requested at any time. You can no longer trust an obvious phishing sign like a request from a foreign national looking for money. Spear phishing takes the extra effort to look past the initial information in the e-mail into the overall intention.

As always, make sure your employees know to think before clicking a URL or downloading any files. Today, malicious attachments come in all types, not just .exe files, and URLs may lead them to a Web site that looks legit but is actually a phishing site that will then request confidential information, such as logon credentials. It is easy to verify a domain or run a scan on an attachment, so users should know the necessary steps of verification.

Lastly, recommend that your company take precautions when it comes to cybersecurity. Instead of large, all-in-one product add-on tools that just give you a small, top-level view of activity, recommend that your company use the most targeted security tools available. To mitigate security risks, this should include the ability to proactively block malicious URLs, discover and analyze Shadow IT and cloud services, and supply comprehensive drill-down reporting on Web-access activity for your entire distributed workforce.

CyBlock Cloud service is now in a service location near you!

We are excited to announce that we are expanding our reach! We have always prided ourselves on providing premium service to our customers no matter where they are located but now, with our new Canada location and U.K. location, we can bring you improved and efficient access to CyBlock Cloud and CyBlock Hybrid services! Start covering your remote users or satellite offices, or move all your users to CyBlock Cloud! No matter what type of distributed workforce you have, we can help.

CyBlock Cloud provides all the agile and comprehensive capabilities of CyBlock with filtering, reporting, cloud services management, real-time monitoring, bandwidth management, threat protection, and more, all in a deployment requiring no hardware or software to buy and install, and no maintenance!

CyBlock Hybrid will give you coverage for your remote users and satellite offices while your main office is covered with an on-site CyBlock Software installation, both managed with one convenient administration console.

Find out more about our CyBlock Cloud and Hybrid deployments, and our new Canada and U.K. service locations by calling 321-953-5351, Ext. 3. Request a FREE TRIAL today!!

Ex-user credentials haunting your network?

“Joe” left two weeks ago. Are his user credentials still appearing active? Maybe because IT is backed up on “offboarding?” Or, maybe they don’t even know he is gone yet!

According to a survey done by Lieberman Software, “More than 13% can still access a previous employers’ systems using their old credentials.” This means the information that “Joe” had access to as a privileged employee, is still available…to him…right now…from outside the company. And most likely, many have that access for a rather long period of time. “Almost 25% work in organizations that do not change their service and process account passwords within 90 days,” stated the Lieberman Software survey. In the days of paper, it didn’t seem to matter that an old employee’s name still showed as a project manager on a document. Nowadays, this can not only cause confusion, it can pose serious risks to the company’s data, network, and reputation. Most employees or contractors do not pose a threat, but it is that one that you may miss that will have access to material with devastating consequences. Kentucky.com reported the following example in 2014 on the sentencing of an ex-contractor gaining access to Toyota’s systems: “…caused considerable downtime or loss of functionality with a number of systems, affecting Toyotasupplier.com the most, according to court documents. Several Toyotasupplier.com and internal applications did not work properly or shut down for hours, according to the affidavit.”

Many companies are so busy with other tasks and decisions, the simple cleanup of the obvious things go unnoticed. We all have so many different access points to so many different applications today, that keeping track ourselves is overwhelming, but IT has to keep track of everyone’s access. Communication is the number one task to protect a company from data loss or threat risk. Tell IT–they can’t purge the system and protect the company if they are not kept informed. Today, IT is one of the most important departments for the functionality, security… lifeblood…of an organization. They should be first on the list. With access to comprehensive monitoring and reporting tools, IT can run a investigative query on demand.

What needs to be done to help protect your privileged information and network no matter where your data is located? The following should be at the top of the list:

Make sure your internal process of employee onboarding and offboarding has IT included at all levels.
Make sure your corporate policy is understood and signed off on when an employee is hired and again when discharged.
Confirm that this policy clearly informs all employees that their actions, while using company devices, are logged, monitored, and audited.
Verify that all users, including contractors, have their own, unique login credentials.
Validate that your IT procedures include all levels of employee information access, especially privileged accounts.
Make certain a corporate policy for discharging an employee has immediate impact on any access for that employee, even one day could be detrimental.
Do not forget about social media. Many view this as a harmless side effect of today’s business world. It is not harmless. A disgruntled employee can do serious damage to a company’s reputation through this ever-increasing communication channel. Access to the company’s social media needs to be regulated just like any proprietary corporate network.

Lastly, audit…audit…audit. Use a comprehensive monitoring tool with detailed, drill-down capability to analyze data on any activity. It is always good practice to regularly screen for activity on users who are no longer with the company. Investigate any missed credentials and correct the issue before data loss, malware intrusion, or simple unethical behavior, such as accessing and posting on the company social media sites, happens. This is the only way to ensure that all avenues were covered. Today, monitoring, filtering, and reporting solutions are no longer a luxury–they are a requirement.

CyBlock/Cyfin Release 9.2.0.a Now Available

We recently released a new version of CyBlock and Cyfin. This release contains the following corrections:

CyBlock

Using Application Controls, allowed YouTube videos now load properly with secure YouTube connections.
When Safe Search and SSL Inspection are enabled, adult content is now properly blocked in Bing search results.

CyBlock and Cyfin

The Compress Reports for E-Mail report option now works when only one report is e-mailed.
On the Data Management – Report Database – Delete – Schedule screen, the correct message is displayed when the Enable option is selected.
Logon accounts are no longer limited to five accounts.

To see the full release notes for your product, visit our Web site or knowledge base.

If you are at version 9.0.5 or later, you can upgrade to the latest release by going to the Help – Check for Updates screen in your product.

If you are at version 6.8.3.a or earlier, you can download the latest release by going to CyBlock Software Downloads or Cyfin Downloads. To upgrade CyBlock Appliance, please contact Technical Support at (321) 953-5351, Ext. 4 or support@wavecrest.net.