MY PROFILE | PRIVACY 
Vol. 16, #16 - Apr 25, 2011 - Issue #825
IT Cloud Resistance Starts To Annoy Businesses

  1. Editor's Corner
    • IT Cloud Resistance Starts To Annoy Businesses
    • Tablet Revenge Redux
    • UNDO DEPT: Firewall Article
    • Quotes of the Week
  2. Admin Toolbox
    • Admin Tools We Think You Shouldn't Be Without
  3. Webinars & Seminars
    • VIPRE Antivirus Business Product Demonstration - 4/26
    • Intelligent Defense for Intelligent Scammers: How to Protect Against Today's Malware - 4/27
    • BriForum 2011: Register today!
  4. Tech Briefing
    • Six Windows 7 Nightmares (And How To Fix Them)
    • Free Pizza Can Help Raise Security Awareness
    • Server Headers 101 InfoGraphic
    • Son Of Kaspersky Lab Founder Released After Ransom Was Paid
  5. Windows Server News
    • IT Certifications For The Well-Rounded Virtualization Admin
    • Tools To Unlock Private Cloud's Potential
    • How To Sell Desktop Virtualization To Your Management
    • VMware vShield Security Overview
  6. Third Party News
    • What Are Your Peers Doing With Cloud, Virtualization and HA?
    • NEW VIPRE Enterprise and VIPRE Enterprise Premium Betas
  7. WServerNews FAVE Links
    • This Week's Links We Like. Tips, Hints And Fun Stuff
  8. WServerNews - Product of the Week
    • Frustrated With Gullible End-users Causing Malware Infections?
Get The Fast And Easy Antivirus Protection You Deserve

You need an antivirus solution that makes your world simpler and your employees safer. VIPRE Antivirus Business provides exactly that. Fast installation and system performance. Easy management and updates. But don't take our word for it. Try VIPRE today and see for yourself. For a limited time, get VIPRE Business for just $10 per seat:
http://www.wservernews.com/110425-VIPRE-Business-Offer


Editor's Corner

IT Cloud Resistance Starts To Annoy Businesses

A recent survey done by Accenture and the London School of Economics and Political Science's Outsourcing Unit shows that IT people see issues like security and privacy as a barrier to cloud adoption.

"One of the very interesting findings was there was a clear gap between business people and IT people," said Andrew Greenway, global cloud program leader for Accenture. "Business people said they didn't see security and privacy as an issue around the cloud. IT people conversely saw data privacy, lock-in and security as much more of a problem.

Greenway said that it was the extent of the gap that was shocking, and that the gap needed to be narrowed. Otherwise, business people, armed with a credit card, can and will bypass IT to order the services they want. "That's going to shock the IT into delivering services with much more speed and agility," he said.

Well, let me tell you about my own cloud experience. June last year I was in the privileged position to start a whole new company from scratch. Did a whole bunch of research and decided to go 100% cloud. Our servers live in the Amazon cloud and Google hosts our email. Then there are a bunch of 'cloud building blocks' like Salesforce for CRM, Genius for marketing automation, the 'cloud flavor' of Quickbooks that flawlessly integrates with Salesforce, and a series of cloud-based services that I can simply sign up for and plug in. And within each category there are several tools to choose from. Man, this was so much easier than 15 years ago, I have spent many millions of dollars at Dell, building out whole data centers with dozens of servers. No more.

What I have now is a powerful double-screen Dell workstation for everyone, a fast LAN and two Internet connections feeding into a router that fails over when one dies. It has been a smooth, fast, process at a fraction of the cost compared to last time. It scales infinitely, and can shrink just as easily. No wonder that the businessman in me loves this. But the system admin in me sees life somewhat threatened. Time to get ready for the future. I suggest you grab 'Programming Amazon EC2' from o'Reilly. I have a copy here and it's worth it:
http://www.wservernews.com/110425-Programming-Amazon-EC2

However, There is a downside to all this. Cloud computing is all very well until someone trips over a wire and the whole thing goes dark. You are now 100% depending on someone else's technology stack, and when they go down, they take you with them. As I am writing this on Thursday April 21, at 2pm, I got this email: "Just a heads up, but a big chunk of Amazon Web Services is down this morning, in both East and West coast, and it is taking Reddit, Foursquare and Quora with it. Amazon has raised their alert levels to Red, and they are trying to recover as quick as possible." OUCH. My site was spared but that could have been me. Here is the TechCrunch article:
http://www.wservernews.com/110425-Amazon-EC2-Down

And here is a link to the original article at the UK PCAdvisor site that talks about the survey that was done:
http://www.wservernews.com/110425-Cloud-Survey


Tablet Revenge Redux

I guess I struck a nerve with that item. Quite a few of you responded, and here is one of the emails that pretty much sums it up, IT caught between existing architecture and new devices with insufficient security:

"Stu, My greatest concern is the massive amounts of energy & enthusiasm about tablets yet nary a thought to what can (or should) be done with them. My company just ordered a couple dozen iPad 2 tablets for our board members and some other key personnel. What they'll be using the devices for? We're an overwhelmingly Microsoft enterprise (even our "web-based" apps are IE-specific) - are there apps even available to integrate these vastly different worlds? Are the key apps that these people need to use even geared for touchscreen UI? Quite often, the answers to these kinds of tough questions yield little more than hype and shrugs.

"And there's no thought being put into the support infrastructure that's going to also going to significantly impacted. If a desktop PC dies, the support techs replace it with a like (usually much newer) machine, load apps, and the user is back in action relatively quickly. When an iPad 2 smashes to the ground and is rendered as useful as a doorstop, what then? How rapidly can we replace that unit? Who's going to field the myriad of questions from people who were barely up to speed on Windows PCs and are now trying to grasp the fingertip-driven world?

"This is an IT guy's nightmare - there's tremendous focus on tablet features and specs with surprisingly little concern about how or if these snazzy consumer-grade toys can be used productively in a business setting."
-- R.O. IT Systems Analyst

UNDO DEPT: Firewall Article

And again, a bunch of you responded to the article in the previous issue that stated that firewalls fell down on the job. Here is one response that quite clearly makes the point: "More appropriate headline would be "Pay-to-read reviewer with doubtful methodology asserts un-provable failings in Major Firewalls". And for $3500 you can read all about it..... That story and the lame links sucked. We expect better of you Stu!" Regards, -- G. L.

Sorry guys, you are right and that one slipped through. I will be a bit more vigilant next time!!

Quotes of the Week

"I sometimes suspect that half our difficulties are imaginary and that if we kept quiet about them they would disappear." -- Robert Lynd.

"A good plan violently executed now is better than a perfect plan executed next week." -- Gen. George S. Patton, Jr.

"Success is the sum of small efforts, repeated day in and day out." -- Robert Collier.

Warm regards, and thank you for being a WServerNews subscriber. No trees were killed in the sending of this message, but a large number of electrons were terribly inconvenienced. Please tell your friends about us. They can subscribe here:
http://www.wservernews.com/110425-Subscribe

PS: Did you know this newsletter has a sister publication for XP users called WXPnews? You can subscribe here, and tell your friends:
http://www.wservernews.com/110425-WXPnews

PPS: And now we have our new Win7News! You can subscribe here, and tell your friends:
http://www.wservernews.com/110425-Win7News

Hope you enjoy this issue of WServerNews! Warm regards, Stu Sjouwerman  |   Email me: [email protected]

Frustrated With Gullible End-users Causing Malware Infections?

Today, more than 60 percent of malware infections are caused by social engineering. The bad guys bypass your endpoint security and go after your users. Is it really going to take a serious security incident for your organization to start training those uneducated end-users? It only takes one naive user to click on a zero-day phishing link to cause enormous damage, up to bankruptcy. If you are frustrated with malware infections, it's time to do something about it. Need ammo to convince management? Get your Free Phishing Security Test now, and find out what percentage of your employees are Phish-prone™. That will shake loose some budget!:
http://www.wservernews.com/110425-Guillible-End-Users


Admin Toolbox

Admin Tools We Think You Shouldn't Be Without

Subscribe to the latest hot e-zine: CyberheistNews: 'Arming you with the facts'. Getting you ammo to defend your network against cybercrime twice a month:
http://www.wservernews.com/110425-CyberheistNews

Frustrated with gullible end-users causing malware infections? Find out who the culprits are in 10 minutes! Do the Free Phishing Security Test on 100 users!:
http://www.wservernews.com/110425-Phishing-Security-Test


Webinars & Seminars

VIPRE Antivirus Business Product Demonstration - 4/26

Join us for a look at VIPRE Antivirus Business, powerful, high-performance endpoint malware protection, which combines antivirus and antispyware into a single agent. Plus take a deep dive into other new features including scalable multi-site tiering and role-based access control:

2:00PM EDT / 11:00AM PT / 18:00 GMT
Date: Tue, Apr 26, 2011
Location: This is an Internet based event.
Register here:
http://www.wservernews.com/110425-VIPRE-Product-Demo


Intelligent Defense for Intelligent Scammers: How to Protect Against Today's Malware - 4/27

Bad news. Keeping your organization secure is only getting harder. Software flaws, zero-day attacks, data breaches, and new targeted attacks on social sites put your users and your company data at risk. The good news is that using a two-pronged approach to security can help to mitigate these risks substantially.

In this must-attend event, you'll hear from top network security experts as they explain how reliable, high-performance antivirus (AV) solutions and user education can work in concert to help stop threats.

Join now to learn:
  • Current tactics used by scammers and how they are evolving to exploit social networks, social sites, and more
  • What you need to tell your employees (and when) to keep them safe online
  • An AV checklist with must-haves and nice-to-haves
A Chance to Win: Live attendees will be entered for a chance to win an iPod Nano.

Featured Speakers: Erik Goldoff, IT Systems & Security consultant for Goldoff Consulting.

1:00PM EDT / 10:00AM PDT
Date: Wed, Apr 27, 2011
Location: This is an Internet based event. Register/More Info:
http://www.wservernews.com/110425-Intelligent-Defense


BriForum 2011: Register today!

The most advanced, technical, hands-on desktop virtualization event is returning to Europe this May and Chicago this July. Independent industry experts, led by Brian Madden, share the latest tips and strategies around desktop virtualization, VDI, application virtualization, and Remote Desktop Services. Register today:
http://www.wservernews.com/110425-BriForum-2011


Tech Briefing

Six Windows 7 Nightmares (And How To Fix Them)

InfoWorld wrote: "Compared with its predecessors, Windows 7 is remarkably secure and dependable. It's far from perfect, though: An unbootable PC, a nasty piece of malware, or a single important file gone missing can make you lose days or even months of work. And you can't solve every nightmare by waking up. Here are ways out of six common Windows 7 disasters. I'll tell you how to fix a PC that won't boot, retrieve files from an inaccessible hard drive, stop frequent blue screens of death, restore a forgotten administrator password, remove malware, and find a missing file.
http://www.wservernews.com/110425-Windows-Nightmares


Free Pizza Can Help Raise Security Awareness

Free pizza can go a long way in helping to raise the awareness of security among employees, according to the chief information security officer (CISO) of Lehman Brothers Holdings. This article gives some fun hints and tips to get employees motivated:
http://www.wservernews.com/110425-Free-Pizza


Server Headers 101 InfoGraphic

For newbies in the business of crafting websites, the purpose and technicality behind server header responses can often be a little mind baffling to get to grips with. Although there are essentially so much to learn, only a few are common and essential to web professionals and the average user. So what is a server header response, anyway? Well, let's shed some light on them by delving deep into the most common server header responses. Good read:
http://www.wservernews.com/110425-Server-Headers


Son Of Kaspersky Lab Founder Released After Ransom Was Paid

Russian news reports that 20-year-old Ivan Kaspersky was kidnapped and his captors were demanding a ransom. It was paid and he was released. From the initial reports it looks like he had his full physical address on a Russian social media website. Not recommended:
http://www.wservernews.com/110425-Kaspersky-Kidnapping


Windows Server News

IT Certifications For The Well-Rounded Virtualization Admin

Increasingly, more IT professionals are earning virtualization certifications to augment and prove their technical skills. But as virtualization matures, administrators should also seek general IT certifications to enhance their expertise. Learn about the various certifications available to you in this expert tip:
http://www.wservernews.com/110425-IT-Certifications


Tools To Unlock Private Cloud's Potential

Private clouds offer a plethora of possible advantages, but certain tools are needed to unleash their full power. Our expert explains what these tools are and how to use them:
http://www.wservernews.com/110425-Cloud-Tools


How To Sell Desktop Virtualization To Your Management

Are you having trouble selling desktop virtualization to upper management? In this featured tip expert Brian Madden will help you map a successful virtual desktop environment and justify to management the reasons for abandoning traditional desktops in favor of virtualization:
http://www.wservernews.com/110425-Desktop-Virtualization


VMware vShield Security Overview

VMware's vShield security suite expands far beyond virtual firewalls to cover other aspects of VMware security. This popular article provides a vShield security overview that covers five main components: vShield Manage, vShield Zones, vShield App, vShield Edge and vShield Endpoint:
http://www.wservernews.com/110425-VMware-vShield-Security


Third Party News

What Are Your Peers Doing With Cloud, Virtualization and HA?

We'd like to invite you to participate in the latest joint ITIC/GFI Software survey on Virtualization, high availability and cloud deployment trends. We're sensitive to your time constraints. This survey should take only a few minutes to complete. It polls organizations on their current experiences with virtualization and the cloud as well as future deployment plans for both those crucial technologies. All responses will be kept confidential. As always, we thank you in advance for your participation. As an added incentive, ITIC and GFI are giving away a free iPad and a free iPod to the survey respondents who provides the most insightful response to the final essay question.

So be sure to provide us with your Email address along with your comment within the Essay question response. Once the survey is finalized, we'll publish the Executive Summary and survey highlights in this newsletter. To further show our appreciation, anyone who completes the survey can get a complimentary copy of the Report once it's published by sending an Email to Laura DiDio at: [email protected] Here's the survey link.
http://www.wservernews.com/110425-ITIC-GFI-Survey

Thanks in advance for your feedback. We look forward to your participation!

NEW VIPRE Enterprise and VIPRE Enterprise Premium Betas

We are very pleased to announce our latest Beta releases for the VIPRE Enterprise family of products. These betas pertain to both the console (Update 3) and agent software (Update 2).

This is a very comprehensive update, with a number of enhancements and fixes designed to improve the overall functionality, performance, stability, and ease-of-use of the product.

The latest Beta versions are as follows:
  • VIPRE Enterprise (Server/Console): 4.0.4538 (Update 3, Beta 2)
  • VIPRE Enterprise (Agent): 4.0.4178 (Update 2, Beta 2)

  • VIPRE Enterprise Premium (Server/Console): 4.0.4538 (Update 3, Beta 1)
  • VIPRE Enterprise Premium (Agent): 4.0.4178 (Update 2, Beta 1)
The headline features for these updates include:

Foreign Languages
  • Introduces German and Italian language option for the VIPRE Site Service (VSS) and agents.
  • Agent languages can be defined on a per-policy basis, allowing administrators to take advantage of multi-language agents via a single console.
Hybrid Agent Support
  • Beta agents can now be easily installed via the console at a policy level, allowing administrators to easily install/upgrade agents to betas.
  • In VIPRE Enterprise Premium, an added convenience feature will allow administrators to deploy either a VIPRE Enterprise Premium or a VIPRE Enterprise (non-premium) agent by policy via a single console.
VSS Update Scheduling
  • Administrators can now specify exact times that the VIPRE Site Service will check for definition updates. This is beneficial for sites that are constrained by low-bandwidth connectivity, as well as regions where bandwidth metering may be a concern.
Improved Detection Technology
  • Enhancements to Active Protection allow for improved remediation of malware, including Conficker.
  • Improvements have been made to our rootkit engine technology.
  • Improvements have also been made to the boot-time cleaner.
Usability Improvements for New Installations
  • On brand new console installations, an informational dialog will be displayed when the console is opened if less than five agents are installed. This dialog contains references pertaining to agent installation prerequisites, firewall configuration prerequisites, information about our competitive antivirus product uninstallers, as well as additional resources.
Default Remediation Handling
  • On brand new installations only, the Default policy will no longer be completely passive, and will now quarantine threats out-of-the-box by default. The exceptions to this are the "cookies" and "commercial remote control tools" categories, as these are set to "allow" and "report-only" respectively. Upgrades are not affected.
Bug Fixes
  • A bug in the VIPRE Enterprise Premium agent that could cause Cisco VPN client connectivity issues has been fixed.
  • Corrected the NDIS problem where the VIPRE Enterprise Premium agent could cause systems to lose network connectivity after an unspecified interval.
  • Corrected the problem in the VIPRE Enterprise Premium agent where web filtering may incorrectly block websites that use HTTP keep-alive technology (i.e.: AOL webmail and other third-party sites.)
  • In addition, a number of bug fixes in both the console and agent are included.
For a complete list of changes, as well as instructions on how to download the betas, please visit the following pages on our Beta Forums:

VIPRE Enterprise (Console):
http://www.wservernews.com/110425-VPE-Console-Beta
VIPRE Enterprise (Agent):
http://www.wservernews.com/110425-VPE-Agent-Beta

VIPRE Enterprise Premium (Server/Console):
http://www.wservernews.com/110425-VEP-Console-Beta
VIPRE Enterprise (Agent):
http://www.wservernews.com/110425-VEP-Agent-Beta

Please report any problems or feedback to the Beta Forums under the respective product area via
http://www.wservernews.com/110425-Beta-Forums


WServerNews FAVE Links

This Week's Links We Like. Tips, Hints And Fun Stuff



WServerNews - Product of the Week

Frustrated With Gullible End-users Causing Malware Infections?

Today, more than 60 percent of malware infections are caused by social engineering. The bad guys bypass your endpoint security and go after your users. Is it really going to take a serious security incident for your organization to start training those uneducated end-users? It only takes one naive user to click on a zero-day phishing link to cause enormous damage, up to bankruptcy. If you are frustrated with malware infections, it's time to do something about it. Need ammo to convince management? Get your Free Phishing Security Test now, and find out what percentage of your employees are Phish-prone™. That will shake loose some budget!:
http://www.wservernews.com/110425-Naive-Users