The 2010 Verizon Data Breach Report was released recently and like previous iterations, it was well worth the time to read it. For those who have not seen it, this report looks analyzes corporate level data breaches to show us what happened, how it happened and makes recommendations on how to stop them in the future. I also saw a shorter yet equally interesting article on Last Watchdog that discussed the challenges the banking industry has in keeping our personal banking accounts safe.
Read more…
Matt
application control, firewall
As the Antenna-gate controversy raged and finally subsided, the team here was busy enhancing our App-ID technology to identify Apple’s new video calling feature – FaceTime. It is essentially the audio-video chat functionality of Apple’s iChat for desktops, but tied to the iPhone4 device. From our analysis of the network traffic of FaceTime, we discovered that it uses SIP, the industry standard protocol for VoIP telephony, STUN for NAT traversal, and XMPP over SSL for authentication with Apple.
Since it relies on Wi-Fi connectivity, corporate networks will have to carry this traffic as employees begin to use it inside the Enterprise. For enterprises that do not want to install and manage their own SIP network, it serves as an out-of-the-box mobile video calling solution.
However, some security admins are wary about the numerous ports that must be opened in their firewalls to allow FaceTime calling. Read more…
Srinivas Avasarala
App-ID, Apple, Application, FaceTime, Jabber, NAT, SIP, STUN, XMPP
We have just recently added the latest in our ongoing series of videos where we put the spotlight on a particular application and dig deeper into specifically how companies are using the application, the risks that it introduces to an enterprise and how to mitigate them. This week Twitter goes on the hot seat and you may surprised what you learn.
For instance, we will cover that the “teenage” perception of Twitter is largely unfounded and why Twitter is a new favorite technology for businesses. We’ll also cover a brief history of the security challenges Twitter has experienced over the years including public battles with hackers, public battles with the FTC and all the nasty things that can happen when the President’s Twitter account gets hacked. Then of course we will dive into specifically how to mitigate these and future Twitter risks, and how security teams can safely enable Twitter for your enterprise users. Take a look, and as always, let us know what you think.
Twitter Application Spotlight
Wade
