Invent Novacoast Style Guide

Blog

Novacoast brought big news to Symantec Vision 2012

We’ll admit it.

We were really looking forward to Symantec Vision 2012 – and not just because the conference was in Vegas this year. What’s more, this year our excitement didn’t simply come from the fact that we are among the most trusted and relied upon services partners for Symantec. Don’t get us wrong, we love connecting with like minded, security-focused businesses and solutions providers, but this year’s Vision had us impatient to get to the desert for brand new reasons (about which we were eager to start bragging).

Novacoast went Vision 2012 armed not only with the bragging rights that come with out recent Symantec Partner Award for project management excellence (no, we don’t mind bringing it up), but with a couple of exciting announcements for new security services.

 

We still have a lot to be excited about.

Symantec Partner Award:
Incident Response

First thing’s first. We are immensely proud to have been recognized by Symantec for project management excellence in responding to Quakbot outbreak suffered by an Enterprise Business Customer.

Novacoast salvaged the reputation of the installed Symantec solutions and also saved jobs for those internal employees who were responsible for Information Security.

— Symantec Branch Manager Hal Lindstrom.


 

Mobile Data Access Management

Looming over the attractive potential of enterprise mobility for increasing productivity is the uncertainty of how to securely manage mobile devices. After all, adopting the use of mobile devices in your network can’t help but feel a bit like throwing all your carefully created security strategy out the window and putting the safety of your data in the hands of the user.
Learn more about our solution >


 

Symantec Managed Services

The Novacoast Remote Managed Services team leverages industry-leading tools, a close partnership with Symantec, and engineering experience to ensure a scalable, reliable and secure ongoing service. The deep experience with Symantec products and with overall enterprise security solutions commanded by Novacoast Security Engineers empowers the RMS environment, which delivers comprehensive security management and control.

All solutions are based in the Verizon cloud.

 

A Continued Expansion of our Assessment Practice

In response to internal and external network security threats, inadequate policies and overlooked vulnerabilities that face every network, the Novacoast Security Team offers comprehensive assessments employing the skills and tactics used by malicious agents to penetrate enterprise networks. A proactive plan is needed to reduce the risk of compromise that organizations face today. Understanding where weaknesses are and defending them in a controlled manner is critical.

Specialties are: Internal Assessments, External Assessments, Penetration Testing, Security Policy Review, Compliance Policy Review, IT Forensics, Incident Response, and now Comprehensive Wireless Assessments.
Read more about our Security Assessments >


 

Unsurpassed Collaboration with the new Symantec TRMG Group

The deep Symantec experience commanded by the Novacoast Team allows us to sync efforts and experience seamlessly with the newly formed TRMG group. Novacoast is a leader in the core products of this newly formed group. As a QSA Novacoast is a go to strategic partner for the Critical System protection product, as well as the Control Compliance Suite.

Novacoast has been a leader in the SIEM space for many years, and this strength continues with the SSIM/MSS offerings. We are actively brought into deals at a very large scale.

We had a great time connecting with so many professionals and business at Symantec Vision 2012, and we look forward to carrying the momentum from the conference moving ahead!


 


 


 


 

Read more...

It’s Time to Change the Mobile Conversation

Mobile Security is not about the Device.

Novacoast Mobile Data Access Management – Looming over the attractive potential of enterprise mobility for increasing productivity is the uncertainty of how to securely manage mobile devices. After all, adopting the use of mobile devices in your network can’t help but feel a bit like throwing all your carefully created security strategy out the window and putting the safety of your data in the hands of the user. Learn more about our solution >


And this is exactly the kind of thing Novacoast Labs’ developers spend their time thinking about.

To deliver on the growing necessity of enterprise mobility, Novacoast has developed a ready-to-implement mobile data infrastructure that enables secure and transparent data management, allowing any organization to go mobile. Novacoast Labs’ Mobile Architecture effectively changes the conversation from worry over device management to control over mobile data, effectively negating the risk of the device as a point of possible data breach. The Device becomes nothing more than a way to view secure data.

Through management of data access and encryption, mobility can be employed without worry over data breaches or user carelessness. Novacoast Labs mobile architecture moves all mobile data through a proxy server that enables total visibility and data protection for network administrators.

“In our work designing and writing apps for enterprise businesses, we’ve seen organizations tie themselves in knots trying to keep track of security within their mobile environment,” says Novacoast VP of Development Eron Howard.

We set out to create a great jumping off point to get any organization ready to build a mobile side of their business.

“And this is largely because security efforts are too often concerned only with devices rather than the data those devices have access to.”

“By treating the mobile landscape like any other network of access points, we were able to design an architecture that keeps the data stored and processed safely on within the internal server network. In our solution, users can access encrypted data on their devices by entering credentials, but because both data flow and user access is controlled on the other side of the equation, there is no longer any worry surrounding the compromise of the device itself.”

Essentially, Novacoast Labs designed this architecture to deliver two things: peace of mind for the organization that already has an up and running mobile infrastructure, and an easy foothold into mobility for the organization that’s not sure how to get started.

Either way, control over secure mobility must be moved back from the jungle of device management policy, into a single stream of managed data and control of access.

Want to learn more? Let’s talk.





Read more...

The Biggest Threats to Your Security Network – #3

#3. “Low Hanging Fruit”

Easy Ins for Opportunistic Hacking

In dealing with security, and specifically in looking for points of entry within a network, we always look at breadth first, not depth. After all, most hackers are looking for the path of least resistance. If there is an easy way to break in, it will be exploited a hundred times before any real effort has to be put into compromising your network.

We refer to these vulnerabilities that can be very easily exploited with publicly available hacking tools as ‘low hanging fruit’ – easy targets for malicious entities; and most organizations are surprised at just how many of these weak points exist in their systems.

The Solution

To identify low hanging fruit, we adopt the most popular and prevalent contemporary hacking techniques to test a network. The truth is, we normally don’t have to go very deep into the repertoire of hacking expertise to find a way in.

All the tools our security assessment team uses in these tests are publicly available (free on the internet), and we act as a malicious user and attempt to gather as much info about the company we can to break in. We look for low hanging fruit in the form of unpatched programs or misconfigured systems that will be vulnerable to known exploits. These things can be compromised directly. The majority of the time, this kind of shallow attack produces an inlet into the network.

The quickest break-in we ever executed was three minutes after arriving on site. After three minutes, we had domain admin – control of all their networks and all their servers. 75% of the networks we are hired to test are compromised by our team in the first day or two.

Now really, this sounds like bragging, but it isn’t. And that’s the point. We get into most networks using a path of least resistance that could be found and followed by the majority of hackers.

It’s not that our team are made up of brilliantly creative hackers that operate a cut above most in the field; it’s that using software that is free to download anywhere, and techniques that nearly anyone could adopt, any determined hacker can find a way into 75% of networks out there within a day or two. This is because it doesn’t take a brilliant or unprecedented hacking mind to break into a network, since most have low hanging fruit that can be exploited by even the laziest malicious attacks.

So what could it mean to your network to identify and deal with this low hanging fruit? It means being among the 25% of companies that are difficult enough to break into to discourage the average hacker – who is more opportunistic than determined. Eliminating low hanging fruit will put you out of reach of the majority of malicious opportunists.

Need help?

Get Started today. And have a look at how we approach Security Assessments.

 

Read more...

The Biggest Threats to Your Security Network – #2

#2. The “One-Big-Wall” Security Structure

It is in no way defeatist to say, though it’s likely no fun to hear, that at some point, the big, bad outer wall of your security will be breached.

Sorry.

So the point of building your security must be centered on a belief that technology and staff are equally fallible. At some point, something is going to get through – no matter how much confidence is inspired by your slick new software. This assumption is where security work begins. A strong security solution is one that does not rely on one, unscalable wall; strong security is built will fallbacks and stops within each wall.

The problem is, most security networks are not built like a fortress. They’re more often built like an egg: an extremely hard layer of security and nothing beyond it to protect the soft inside.

Ideally, getting through the first wall of a security setup shouldn’t get a hacker much access. In our work as a security assessment service, we find that most networks, once breached, are wide open within. Once a malicious entity get a foothold inside, they’ll be able to get access to anything they need or want.

The Solution

In layman’s terms, security should be provisioned in layers. After gaining something like username/password access into your inside network, intruders should have to jump through hoops to get in deeper. Detection policies should be set up at each level to catch and eliminate malicious presences.

Essentially, if you’re spending all of your resources on your outer wall, you’re making a dangerous gamble that will likely grant a free lunch to any hacker that makes it through.

Rather than expending 100% of your time and resources on keeping a hacker from getting in, steps should be taken to stop a hacker who has already gotten in.

Need help?

Get Started today. And have a look at how we approach Security Assessments.

 

Read more...

The Biggest Threats to Your Network Security – #1

#1. The User

It shouldn’t be too surprising to anyone following security trends to hear that the human user is nearly always the weakest link in a security strategy. In our work as a Security Assessment group, we’ve certainly found it to be true. And we’re not talking about disgruntled or malicious internal users who have decided to do some damage. It happens, but this isn’t the main concern.

No, the fact is that each user is a constant potential breach – not because of their intent, but because of their lack of education. More and more, users are relying on a growing trust of advancing security technology. And this is largely because their administrators do the same.

If security is only taken seriously on the software level, breaches are going to happen.

In working to gaining access into large networks, malicious outsiders will expect strong fortifications. Attacking head on is hit or miss, so hackers will try to weasel their way into getting someone to unwittingly open the door for them. Passwords can be guessed for user based on the information they have put up on social media sites. Malicious emails get by users every day, since they trust in the fact that the company spam filters are sure to weed out anything damaging.

In addition, as businesses become employ more mobile devices, a goldmine of information becomes potentially available to an attacker. Users have not yet learned to be paranoid or even cautious in regards to how they use their mobile devices. Joining a compromised network, viewing questionable emails and other easy mistakes can give outsiders a quick foothold in your network.

The Solution

You can’t just put the security responsibility on the IT administrator. Formidable security can only come from the top down, as established policy laid out clearly for all employees. No amount of fancy technology will do you any good without an internal foundation to support it. Informed security guidelines need to be set on the executive level and subsequently enforced at all lower levels.

Essentially, you should be relying on your IT staff and your technology to back up your powerful security culture.

Need help?

Get Started today. And have a look at how we approach Security Assessments.

 

Read more...

Our Part in the First Managed GroupWise Service

HostedEM: A Brief Overview

In 2010, Novell made the decision to go forward with a project that create the first fully managed, cloud-hosted option for its enterprise collaboration platform GroupWise. The venture has resulted in HostedEM – a fully functioning cloud based GroupWise management service.

This was great news for GroupWise users dreaming of the simplicity and reliability of hosted email without the hassle of uprooting their data and moving to another client. After all, these days the argument for the services model for business necessities like email is being made from every corner of the enterprise market, and more and more shops are seeing the benefits. (HostedEM has posted a comparison of advantages to both cloud and on-premises email here.)

The service is a joint venture leveraging the Verizon cloud platform, Kaspersky Security tools and Sonian cloud archiving. What customers of the service get is a working install of GroupWise indistinguishable from the in-house version, in which all upkeep and security is exported to an expert team of GroupWise engineers.

 

Our Part: Making Migration a Non-Issue

With what sounds like such a big change – moving something as expansive as email into the cloud – the first concern tends to be migration. Email isn’t something you can do without for long.

This is where we came in.

To do away with any migration worries or road blocks, Novacoast (the only services group with ground level involvement in HostedEM), helped write the sync engine that migrates any install of GroupWise into the Verizon cloud employed by HostedEM. Novacoast was able to design a migration that would primarily take place behind the day to day operations of the email system. The idea behind this ‘back-end only’ synchronization of email info was to entirely do away with worries or hesitations surrounding the mass migration of data and account information for potentially thousands of users from in-house servers into the managed GroupWise environment of HostedEM.

Novacoast’s role in HostedEM was first and foremost ensuring that end-users would be able to continue to use GroupWise during the migration without noticing a change in service. A service model falls flat in its appeal if it requires a new round of training, or a new interface.

The aim of cloud services is to make business easier, after all. Right?

Read more...

Novacoast to Illuminate GroupWise Security at GWAVACon 2012

GWAVACon 2012 is right around the corner.

As the GroupWise services shop that conceived, designed and wrote Novell Data Synchronizer and worked with Novell to bring the email client into the cloud for the first time with HostedEM, Novacoast is trusted with more intimate involvement in the future of GroupWise (among other Novell and NetIQ products) than any other services group.

This year at GWAVACon, Novacoast’s focus is on security. Be sure to stop by our booth, and join one of our sessions in which we will discuss strategies and best practices for enterprise collaboration security.

Enabling Services Security

In this session learn about enabling Cloud Services Security. Learn about the anatomy of an attack, common methods of compromise, cloud services, cloud tradeoffs and where we can go from here.

Surviving a Security Attack

Come learn about the types of security attacks affecting businesses today and to how to protect yourself and your organization from them. How paranoid do we have to be?

Sunday, 1:30pm-2:20pm – Enabling Cloud Services Security – Salon B

Monday, 1:30pm-2:20 pm - Surviving a security attack - Salon B

Tuesday, 10:10am-11:00am - Enabling Cloud Services Security - Salon B

Tuesday, 1:00pm-1:50pm - Surviving a security attack - Salon B

Read more...

Symantec Security DLP Webinar

Tuesday December 13, 2011 – Tuesday December 13, 2011

View MapMap and Directions | Register

Description:

Join Novacoast security engineer Peter Wadell for a discussion of options in network security.
www.novacoast.com
www.symantec.com

All times are EST

Register

Read more...

Novacoast Named to CRN’s VAR Fast Growth 100 for Third Consecutive Year




In 2011, Novacoast named one of the fastest growing 100 & top 500 VARs by CRN Magazine.

Following the placement of Novacoast for the first time on the CRN annual VAR Top 500 list, Novacoast appeared on the tech magazine’s list of fastest growing value added resellers for the third year in a row.

Placement on this list is dependent on significant and consistent growth, and an ability to thrive within the current economic climate. Companies added to the Fast Growth 100 average a two-year growth rate of 187.2 percent.

2010-2011 has been a breakout year for Novacosat, a year that has included an expansion into a greater managed services presence, and the launch a professional staffing service.

For Novacoast, placing on this list three years in a row is a source of pride. Thanks to all of our great partners and customer relationships that have supported our development.

Read more on the Fast Growth 100 here.

 

Read more...

BrainShare Wrap-up

Thanks to everyone who made Novell BrainShare this year a rousing success! Novacoast would also like to thank in particular everyone who participated in Novacoast sessions, giveaways and talks at Novell BrainShare, as well as all those whom we met at the Novacoast booth.

In order to help everyone take as much benefit as possible away from the IT conference, Novacoast will be posting media from the talks we gave at the conference over the next few days. If you attended or are interested in a particular session, feel free to contact us and we’ll be sure to post it for you.

It was great to see everyone in Salt Lake City! We’re all looking forward to BrainShare 2013.

Thanks, and feel free to download these presentations.



Downloadable Session Presentations:


Customizing Access Manager: SAML Authentication, Login/Logout Customization and More

Presenters:
Ed Barragan

Download presentation:
Customizing Access Manager


Moving Novell GroupWise to Linux

Presenters:
John Walls, Tyler Johnson

Download presentation:
Moving Novell GroupWise to Linux

 

Migrating from NetWare to Novell Open Enterprise Server 2

Presenters:
Tyler Johnson, John Walls

Download presentation:
Migrating from NetWare to Novell Open Enterprise Server 2

 

Identity Manager Basics: Deploying the Active Directory and eDirectory Drivers

Presenters:
Matt Ziegler, Forrest Evans

Download presentation:
Identity Manager Basics

 

How Verizon is Delivering Cloud Services Using Access Manager

Presenters:
John Vindiola

Download presentation:
Cloud Based Identity Management Secure Access Services

 

Data Synchronizer Vision and Roadmap

Presenters:
David Parker

Download presentation:
Data Synchronizer Update and Roadmap

 

Hosted Enterprise Mail (HostedEM) Powered by Novell GroupWise

Presenters:
Ryan Trauntvein, Nicole Keefe

Download presentation:
Hosted Enterprise Mail powered by Novell GroupWise

 

Advanced Session: Novell ZENworks Configuration Management

Presenters:
Larry Stein

Download presentation:
Novell ZENworks Configuration Management

 

Linux Clusters in the Enterprise: SUSE Linux Enterprise High Availability Ext.

Presenters:
Dan Elder

Download presentation:
SUSE Linux Enterprise High Availability Extension

Read more...

Twitter

Services

Contact us!

Use one of the methods below to contact Novacoast: