Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd Security IT Summit | Forum Events Ltd

Posts Tagged :


Warning for businesses still using Windows 7

960 640 Stuart O'Brien

There’s just one year to go until Microsoft ends support for its ten-year-old operating system Windows 7, but as many as 43% of enterprises are still running the outdated platform.

That’s according to a new ‘Death of Windows 7’ report from Kollective.

The report, which includes data from a survey of 260 US and UK IT professionals, examines the potential costs and security threats involved in staying on Windows 7 after Microsoft’s support deadline passes.

Kollective’s research found that nearly a fifth (17%) of IT departments don’t know when the end of support deadline is, while 6% are aware of the end of support but are yet to start planning for their migration away from Windows 7.

Those that remain on Windows 7 past January 14, 2020 will either have to pay Microsoft significant sums for extended support or will leave their systems open to cyberattack. In the case of those largest enterprises, with 10,000 or more terminals, the fee to Microsoft could be in excess of $1.4m a year.

Perhaps most worrying of all, 16% of IT professionals admit to still running Windows XP and Windows Vista on some of their machines – despite support for these operating systems having ended more than three years ago.

Dan Vetras, CEO of Kollective, said: “With only a year to go, these findings should be a major cause for concern among the business community. When it came to migrating away from Windows XP it took some large enterprises as long as three years to transfer their entire systems to the new operating system, now, many firms will have to make the transition in less than 12 months. Those that fail to do so will have to pay for extended support, with the largest organizations paying more than a million dollars a year in order to remain on Windows 7.”

“Most worrying of all is that this migration is just the first step. Once businesses are on Windows 10, they will need to continuously update their systems as part of Microsoft’s new ‘Windows as a Service’ model. This means distributing increasingly frequent updates across their systems – something many IT departments will find impossible due to outdated infrastructure. At Kollective, we’re committed to raising awareness for this issue and helping enterprises solve their network challenges before it’s too late.”

Barracuda integrates with Microsoft Azure Virtual WAN

960 640 Stuart O'Brien
Barracuda Networks has announced support for Microsoft Azure Virtual WAN service through its CloudGen Firewall, extending networking security to organisations looking to deploy software giant’s solution.
In public preview since July, Microsoft Azure Virtual WAN provides optimized, automated, and global-scale branch connectivity and brings the ability to connect customers’ branches to Azure with SD-WAN and VPN devices (i.e. Customer Premises Equipment or CPE), with built-in ease of use and automated connectivity and configuration management.
The Barracuda connection to Azure Virtual WAN is automated: Users need only fill out authentication information and click ‘connect’. Barracuda also utilises dynamic routing protocols in the background to make sure new routes to new locations are automatically picked up and made available.
“Customers want choice and flexibility in the cloud, but they can’t sacrifice security,” said Tim Jefferson, VP Public Cloud at Barracuda. “By using our integration with Azure Virtual WAN, customers can have the best of both worlds — large-scale branch connectivity over Azure Virtual WAN with enhanced network security via the Barracuda CloudGen Firewall.”
“We’re pleased that customers looking to simplify branch connectivity and extend application workloads on Microsoft Azure now have access to the Barracuda integrated Azure Virtual WAN solution,” said Ross Ortega, Partner PM Manager, Azure Networking, Microsoft. “The integration between Azure Virtual WAN and Barracuda provides ease of use and simplification of connectivity and configuration management, hence providing optimized and automated branch-to-branch connectivity through Azure.” 
The integration is available now and can be leveraged by organizations using Azure Virtual WAN in the Public Preview.

Microsoft launches identity bug program

960 640 Stuart O'Brien

Microsoft has unveiled a new bug program that rewards researchers for discovering vulnerabilities in Microsoft’s Identity services up to $100,000.

Rewards offered range from $500 to $100,000 for any flaws found that impact a range of services, including Microsoft and Azure Active Directory accounts, OpenID and OAuth 2.0 standards, Microsoft Authenticator applications for iOS and Android and identity services.

On a page dedicated to the new bug program, Microsoft invites security researchers who may have discovered a security vulnerability the opportunity to disclose of the problem privately to the company so they have the opportunity to fix the issue before publishing technical details, stating that “together we can bring assurance that digital identities are safe and secure.”

Microsoft goes on to say that “a high-quality report provides the information necessary for an engineer to quickly reproduce, understand, and fix the issue. This typically includes a concise write up containing any required background information, a description of the bug, and a proof of concept. We recognise that some issues are extremely difficult to reproduce and understand, and this will be considered when adjudicating the quality of a submission.”

A full description of the program can be found here.

NHS Digital signs cyber security contract with Microsoft

960 640 Stuart O'Brien

NHS Digital has signed a support contract with Microsoft, three months after the WannaCry ransomeware attacks that targeted Windows computers.

The attacks on the NHS highlighted the need for investment, lack of infrastructure and the need for training among NHS staff, along with the fact that the NHS relies on Windows XP, an obsolete operating system that raised questions about the resilience of the service’s IT systems.

The Government recently announced it would boost investment in NHS data and cyber security above the £50 million outlined in the Spending Review, addressing key structural weaknesses as part of its commitment to improve NHS cyber security, with an initial £21 million delivered to increase cyber security at major trauma sites as a priority, along with  improvement of NHS Digital’s national monitoring and response capabilities.

The support contract with Microsoft will cover all NHS organisations throughout the UK until June 2018 and provide a “centralised, managed and coordinated framework for the detection of malicious cyber activity through its enterprise threat detection software.”

A statement by the NHS added that the service “analyses intelligence and aims to reduce the likelihood and impact of security breaches or malware infection across the NHS.”

“One of NHS Digital’s key roles is to work closely with other national partners to explore and provide additional layers of cyber security support to NHS organisations when they need it – with the aim of minimising disruption to NHS services and patients,” the statement concluded.