The regulations require any business that handles sensitive personal information of state residents to encrypt the data while it’s being transmitted over public networks or stored on mobile devices such as laptops, handhelds and memory sticks.

While some businesses have already implemented the requirements of earlier phases of the regulations, many companies, stressed by the recent economic environment, have ignored or delayed a thorough a review of their IT responsibilities under the new law.

At Welsh Consulting, we conduct customized audits that evaluate password policies, user access controls, data storage methods and monitoring abilities.

If your firm has not yet evaluated its current practices relative to 201 CMR 17.00, we recommend that you call us to arrange for a customized audit and recommendations for compliance.

Please contact us to learn more about how Welsh Consulting can help you protect your data to comply with the new regulations.

However, as an in-depth article by McAfee article points out, this could be bad news for authorities looking to redirect traffic destined for sites with illicit content, such as pirated software and movies.  The level of trust and authority that would need to be granted to agencies looking to protect such copyrighted material would have to be extended across geo-political borders.  This higher level of oversight could put agencies at odds with foreign governments and free speech advocates who may view this attempt to suppress the exchange of certain material as an infringement on their sovereignty or on the freedom of citizens.

It will be interesting to see if 2012 finds Comcast in the vanguard as other ISPs begin adopting this new layer of security, or standing alone as others take a different approach.

We became a Welsh client in 2007. We have about 70 people, split between offices in Cambridge, MA, London, and Manila. Welsh provides direct support to the Cambridge office and provides oversight to the small IT consulting firm we use in London.  They have also given us a blueprint for upgrading our Manila back office, something we will be doing in 2012.

Since we started working with Welsh, we went through a major upgrade of our back office in the US and a smaller series of changes in London, along with shifts to upgraded back office and desktop software.  We also added the Manila office.  Welsh has been consistently excellent both at the network support and desktop support levels.  In the past, I was used to getting occasional complaints from people about our IT support along with a rare unsolicited positive comment.  Since Welsh took over support, I get people spontaneously telling me that they have had some very helpful interaction with one of Welsh’s staff, and it’s the complaints that have become an endangered species.

 

As the explosion in mobile devices hits enterprise networks in force, the IT security community will need to reinvent the way it addresses malicious behavior within software if it is going to stay apace with the risks. The fact is that even though many of today’s mobile devices are essentially little computers, the traditional host-based approach the industry has taken with these PC counterparts might not apply. Aside from the form-factor difference, the way malware writers approach mobile information theft is shifting, and– besides all that — the line between good applications and bad applications is quickly blurring, experts warn.

Read full article here.

Dec 05, 2011 | 11:48 AM | 0 Comments

IT personnel managing a mobile environment face many challenges.  They need to maintain a consistent inventory of devices, they need to ensure that these devices meet security requirements such as password policy compliance, and they need a means of disabling a device and removing sensitive data in the event of loss or theft.  Though the industry of mobile management solutions is still in its infancy, several vendors have emerged to provide tools for addressing these challenges.

Mobile Active Defense is a robust solution that runs on several mobile platforms (iPhone, Windows Mobile, Droid and Symbian).  It allows for very granular policy management, detection of compromised (jailbroken) operating systems, content filtering and remote deletion, just to name a few features.  It also meets several compliance requirements including HIPAA and SOX. Airwatch is another vendor that supports a similar feature set across multiple platforms.  They offer an appliance, on premise or cloud based deployment solution.  Their policy enforcement is fairly robust, though they don’t have the same “software firewall” design as Mobile Active Defense. For environments currently using Kaseya as a management platform, the vendor has recently released a Mobile Device Management add-in.  This solution allows administrators to create device profiles that can enforce security requirements, maintain device inventory, track the device and erase the device should it be lost or stolen.  Of course, if you don’t use Kaseya in your environment, this will not be an ideal solution.

As the industry evolves, it will be interesting to see how large companies such as Cisco, Symantec and Microsoft, whose System Center Mobile Device manager only allows for provisioning Windows Mobile devices, address the challenges facing IT staff as they balance security and management versus user expectations in the changing mobile environment.

According to a March report released by IDC and Unisys, in 2011, 41% percent of workers used personal technology to access business applications, up from 31% in 2010. This trend, often referred to as the “consumerization of IT,” will only become more prevalent moving forward.

In the midst of this dramatic increase in worker-owned mobile devices, the correct strategy for companies is to take all advisable steps to secure their data. A few common problem areas include:

File syncing and cloud services: With employees catching up on company emails at a local Starbucks and using data sharing services such as DropBox, companies need to take steps to protect that data.

Mobile VPNs: With smartphones, tablets, and other consumer-owned devices, companies cannot attest to the security of the device, so connecting them via a virtual private network (VPN) to corporate network can be risky.

Patching: Vulnerabilities in smart phones can be challenging to patch given the many versions of multiple operating systems and the difficulty of relying on users to apply their own patches.

At Welsh Consulting, we specialize in helping area businesses keep their network secure. Our Network Security Assessment provides prior­i­tized recom­men­da­tions for improving the overall security of your firm’s computer systems. Intended as both as a planning and a diag­nostic tool, this review of your network security infra­structure, security system config­u­ration and network security policies is the logical first step toward improving your firm’s computer system security.

Serving Greater Boston businesses since 1984 with a full menu of IT management services, Welsh Consulting is staffed by the best and brightest network consul­tants in the Boston area. The Welsh culture ensures that they are also thoughtful and responsive. Independently owned and operated, Welsh is committed to sustainable business practices.

Please contact us for a complimentary consultation with a member of our senior team. We are happy to discuss approaches to network security as well as answer any other questions you may have regarding your firm’s approach to information technology.

We hope you will visit our website to learn more about the key operating principles that set Welsh Consulting apart. Please also follow us on Twitter and subscribe to our blog.

Published apps or “application virtualization” technology allows the application to appear as if it is running on a user’s workstation while it is, in reality, executing on a server.  This technology allows administrators to save time when deploying new workstations, and to save money by purchasing less powerful workstations.  It also greatly benefits users in remote offices, since they can seamlessly run remote applications on the same LAN as the data with which they are working, rather than having to load files or make database connections across a slow WAN link.

Prior to the release of Windows Server 2008, Citrix administrators and users enjoyed the luxury of published applications, albeit at a price.  When Windows Server 2008 was released, it eliminated the need for a third-party solution or the related additional costs since the functionality for published applications is built into the software as part of the Remote Desktop Services.  You can deploy published applications by using an MSI or RDP file, or you can integrate them into Windows 7 using the “RemoteApp and Desktop Connections” applet.  In addition, Windows Server 2008 provides the ability to access remote applications via a simple website.

A clever administrator can make it possible for these applications to run securely from either side of the company firewall without requiring a VPN or additional interaction from the user, enabling a more productive mobile workforce.  And, because the ability to copy data to the local machine can be restricted, this solution is compliance-friendly.

Has your business upgraded to Windows Server 2008 yet? If not, now’s the time to consider doing so.

According to the article, Attorney General Martha Coakley predicts the problem will get worse as more Americans store personal data on computer networks. “There is going to be more room for employee error, for intentional hacking,’’ the article quotes Coakley as saying. “This is going to be an increasing target.’’

Coakley said companies must do more to protect the personal data in their files. “They need to be able to have up-to-date systems that both prevent a breach and identify breaches when they occur,’’ she said.

At Welsh Consulting, our Network Security Assessment provides prioritized recommendations for improving the overall security of a firm’s computer systems.

Intended as both as a planning and a diagnostic tool, this review of network security infrastructure, security system configuration and network security policies is the logical first step toward improving a firm’s computer system security.

Every company is vulnerable to security breaches via random or targeted threats. A network security assessment will ensure that vulnerabilities are identified and that plans are implemented to strengthen a company’s network defenses. To discuss an approach that may be best for your company, please give us a call. We are happy to set up a complimentary, no-obligation first meeting