January 7, 2014 No Comments-
Arne Uppheim, Chief Technology Officer
Have a Safe New Year!
As we enter into the new year, let’s recap some of the important security issues and trends from 2013 and what this means for you and how you can stay safe in 2014. And how we can help you.
Privacy and data protection
One of the key happenings in 2013 is the focus on privacy and data protection, not at least brought on by the Snowden revelations. It has made a lot of Europeans and European businesses conscious of the need to protect and control their privacy and their data. Who has access, where is it stored, how is it secured.
There is also a growing concern among European businesses that many of their employees are using consumer level file sharing services that are not only US based, but highly insecure and completely outside company control — placing vital company data at risk.
We at Norman Safeground introduced new secure backup and secure filesharing services in 2013. They are unique in that they are built and delivered especially with security and data control in mind. Not only are the data protected by strong end-to-end encryption, and give companies control of their vital data again while offering same usability as consumer level services. But they are also being hosted in european datacenters, delivered by an European company, subject only to local laws. Norman Safeground is Norwegian company, and Norway has some of the strongest privacy and data protection laws in the world.
This is something we have seen a surge of interest in across Europe towards end of 2013 and expect to strongly continue in 2014 with even more users focusing on this.
– Press releases: Launching secure Norwegian cloud storage for companies
– Press releases: The backup solution companies have been waiting for
– Read more on our site: Norman Cloud Security Solutions
Cryptolocker and ransomware
2013 unfortunately also saw a surge in criminals going after your data, that we expect to continue in 2014. And multiple reports show that it isn’t just the big corporations that have something to fear anymore. Also small and medium sized businesses are actively being targeted for data theft and fraud. As SMBs often are more low hanging fruit for the criminals, with usually less complete protection layers in place than big enterprises have.
This is the #1 mission for us in Norman Safeground — to help SMBs with this challenge. Where many large security vendors focus mostly on enterprise customers, our core focus and priority is on delivering solutions for small and medium sized businesses. To really understand SMB’s needs and deliver easy to use SMB-tailored solutions and great local customer care to help secure them against the threats.
One particularly diabolic malware that hit a lot of users in second half of 2013 was called Cryptolocker. When your system is infected it silently goes after your data files and encrypts them. They are still on your machine, but you can’t read them anymore. Then it asks you to pay 300 USD to get the key that can unlock and recover your data again. This is called ransomware, and it is on the rise.
It is estimated that it in short time infected at least a quarter of a million PCs, and a small percentage of the infected opted to pay the ransom (many still didn’t get their data back). Based on tracking of Bitcoin transactions it is estimated that the criminals so far have earned at least 30 milllion USD on Cryptolocker, likely much more.
Unfortunately, due to the “success” of Cryptolocker we expect to see a lot more to this in 2014. And it highlights the need for multiple layers of security. PC protection can stop the infection before it happens. Additional Email and Web protection can stop the spreading before it reaches your network. But also, sometimes a new variant might still get through and the only thing that can save you then is good data protection — having automatic daily backup solution with file revisions, so you can get your vital documents and data back from before they became infected.
– Press release: Criminals hijacking your data files
Safe Internet practices no longer enough
2013 also changed the rules for how to stay safe on the Internet. It is no longer enough to practice safe Internet practices and follow all the good advice on what not to do.
Reports (http://arstechnica.com/security/2013/06/vast-majority-of-malware-attacks-spawned-from-legit-sites/) show that the majority of malware infections are now coming from perfectly legitimate sites and services which most users assume are safe to use. These sites spread malware to their users because their servers have been hacked in some way, or through the ad system.
Also phishing scams were not only on the rise, but becoming increasingly sophisticated and difficult to discover.
But how can you protect yourself against this? Again, the key is to have updated security solutions on your PC, your email and your web use.
Bundled security not good enough
In this landscape of increasing threats to your security and your data, it is also important to note that a number of independent tests in 2013 concluded that built in protection in Windows wasn’t good enough. You need premium dedicated AV-protection. The built in protection is also the biggest target for malware writers actively circumventing the protection.
Some of these tests include AV-Test (http://www.av-test.org/en/home/), AV- Comparatives (http://www.av-comparatives.org/wp-content/uploads/2013/12/avc_prot_2013b_en.pdf), Dennis Labs (http://dennistechnologylabs.com/reports/s/a-m/2013/)
Norman Safeground’s antimalware products have achieved certification by the major test labs consistently throughout 2013. And we are hard at work on our next generation products for 2014, that will offer even better protection and performance for our users. More to come on this soon.
Security is about layers of protection
But even more importantly, our security strategy is built on the concept of layered security. It is in our view the only way to protect against modern threats and trends we saw in 2013. And this is what we will continue to evolve and deliver in 2014.
You need premium protection on the PCs and other devices, but you also need to protect your email, your web surfing, your data, etc. And, importantly, it shouldn’t all use the same technology. Because if that technology doesn’t stop a particular threat, and no single solution will always stop 100%, then it doesn’t help to have that same protection in multiple places and layers – it will go through all places undetected and infect the company. As have happened in many cases.
This is an area where Norman Safeground solutions are unique. We have a strategy where our solutions are not only built on our own technology, in addition we also source and integrate best of breed technology available from specialist vendors. This not only ensures that we have best of breed solutions for each of our customers needs, but also that they use different technologies, greatly increasing the real world protection afforded by real layered security.
And this approach also makes us very agile, in adapting quickly to new threats and customer needs. As we did in 2013 by introducing new secure European backup and file sharing solutions. We will have more exciting news coming in 2014, and looking forward to working with all our existing and new customers on ensuring you have a safe new year!