Tag: Disaster | Page 2

Cohesity beefs up ransomware and disaster recovery offer

October 27, 2021/in Internet Security

Data protection specialist Cohesity is to add further services to its Data Management as-a-service portfolio, with a heavy emphasis on security and in particular the threat from ransomware.

Generally available is Disaster Recovery as-a-service, which enables customers to failover to a pure cloud secondary site, although there are limitations.

In public preview is Data Govern, which uses artificial intelligence (AI)/machine learning to automate discovery of sensitive data and detect anomalous access and usage patterns that could indicate a cyber attack in play.

For release “sometime next year” is Fort Knox, aimed at combating ransomware threats, and in which a tertiary copy of customer snapshots are held in the Cohesity Helios cloud on AWS to allow for an isolated copy of data that can be recovered and upon which testing can be carried out.

The additions form part of Cohesity’s Data Management as-a-service set of offerings, which represent the company’s transition towards a software- and cloud-driven strategy for its data-protection products.

In targeting the threat from ransomware, it is addressing a huge current concern, alongside storage players such as Pure Storage and Vast Data that have also brought out snapshot-based methods of data protection via isolation and immutability.

Cohesity was among the pioneers of marrying backup functionality with scale-out hardware reminiscent of hyper-converged infrastructure to provide an integrated and tested backup and secondary data environment that can be grown in grid-like fashion by adding compute and storage nodes.

Cohesity already had SiteContinuity, which allowed for disaster recovery between two existing customer datacentres.

Disaster Recovery as-a-service allows customers to failover to the Cohesity cloud. Currently, this will be for VMware environments, which will failover to AWS EC2 instances. Kubernetes support is in the pipeline.

Obviously, customers will be limited in what they can failover to the cloud, but that is to be expected and it will allow for disaster recovery for important parts of an organisation’s workloads.

Chris Wiborg, marketing VP at Cohesity, said: “If companies have been around for…

Source…

Client-side content scanning as an unworkable, insecure disaster for democracy • The Register

October 15, 2021/in Computer Security

Fourteen of the world’s leading computer security and cryptography experts have released a paper arguing against the use of client-side scanning because it creates security and privacy risks.

Client-side scanning (CSS, not to be confused with Cascading Style Sheets) involves analyzing data on a mobile device or personal computer prior to the application of encryption for secure network transit or remote storage. CSS in theory provides a way to look for unlawful content while also allowing data to be protected off-device.

Apple in August proposed a CSS system by which it would analyze photos destined for iCloud backup on customers’ devices to look for child sexual abuse material (CSAM), only to backtrack in the face of objections from the security community and many advocacy organizations.

The paper [PDF], “Bugs in our Pockets: The Risks of Client-Side Scanning,” elaborates on the concerns raised immediately following Apple’s CSAM scanning announcement with an extensive analysis of the technology.

Penned by some of the most prominent computer science and cryptography professionals – Hal Abelson, Ross Anderson, Steven M. Bellovin, Josh Benaloh, Matt Blaze, Jon Callas, Whitfield Diffie, Susan Landau, Peter G. Neumann, Ronald L. Rivest, Jeffrey I. Schiller, Bruce Schneier, Vanessa Teague, and Carmela Troncoso – the paper contends that CSS represents bulk surveillance that threatens free speech, democracy, security, and privacy.

“In this report, we argue that CSS neither guarantees efficacious crime prevention nor prevents surveillance,” the paper says.

“Indeed, the effect is the opposite. CSS by its nature creates serious security and privacy risks for all society while the assistance it can provide for law enforcement is at best problematic. There are multiple ways in which client-side scanning can fail, can be evaded, and can be…

Source…

Google’s Chrome Is Under Heavy Attack—This Startup Thinks It Has A Rival To Save Businesses From Disaster

October 7, 2021/in Internet Security

Talon Cyber Security founders Ohad Bobrov and Ofer Ben-Noon. They’ve convinced big name investors … [+] they have the answer to the boom in browser-based cyberattacks.

Talon Cyber Security

Browsers are proving to be a potential Achilles’ heel in computer and smartphone security. This year has seen a record number of so called zero-day attacks in the wild, where unpatched weaknesses in software are exploited by hackers, and Google Chrome has seen at least 12 so far this year.

In Covid and post-pandemic times, as workers use their personal devices for work, or their work ones for personal use, the danger of being hacked via Chrome or whatever browser they use has become considerably more real. Enter Talon Cyber Security, an Israeli startup that’s already claimed the largest seed round in its country’s history with $26 million in April this year. Coming out of stealth with its first product on Wednesday, it has created a browser, TalonWork, based on the same Chromium base code that Chrome uses, but with a promise to do a better job than rivals at protecting the more distributed, often home-based workforce of the post-Covid era.

The company claims its browser, which can be deployed across a customer’s organization in less than an hour, is “hardened” from zero-day attacks as Talon’s servers detect attempted attacks. It also isolates work-related browsing activity from any malware on the device. And, via a management console, businesses can apply their own policies across their employees’ browsers and get data on what workers are doing on the web, though only when it’s linked to work, Talon cofounder and CEO Ofer Ben-Noon tells Forbes. “IT can see, monitor and control everything work related.” Companies can choose how they want to split personal and work use.

Talon claims ten customers and design partners are already using the browser, though it isn’t revealing any names.

The company claims its product is a first of its kind, though others have sold secure browsers into the enterprise market before. Google, for instance, has its own enterprise-focused version of Chrome that offers many of the same support and control features Talon is…

Source…