East of Eden

The latest in Windows 10, end user devices and services, cyber security, data center & cloud, and all things IT.

Blog Feature

End User Devices and Services | Windows 10

So You've Migrated to Windows 10. Now What?

By: Eden Technologies
April 28th, 2016

With the recent launch of Windows 10 comes a new era for keeping corporate desktop systems up-to-date. Instead of dealing with numerous complex and costly migration projects, the new process includes faster, more frequent updates that don't require an entire system refresh.

Read More

Share

Blog Feature

End User Devices and Services | Windows 10

Windows 10: What the New OS Holds in Store

By: Eden Technologies
March 17th, 2016

With Windows 10, Microsoft is providing a bridge to the past while, at the same time, offering a path to the future with the introduction of the singular OS designed to support a multitude of devices. This represents a course correction for the company as Windows 8 was largely shunned by corporate IT organizations. The problem was that Windows 8 was so different from Windows 7 that it required significant employee training and support. Also, many IT organizations were experiencing “upgrade fatigue” after their deployment in Windows 7. As a consequence, adoption of Windows 8 and Windows 8.1 at the enterprise level has been relatively weak. Estimates of Windows 8 market share in the enterprise market hover in the single digits, while Windows 8.1 is in the mid-teens.

Read More

Share

Planning for Windows 10 Starts Now

Planning for Windows 10 Starts Now

Develop a transition strategy for a successful Windows 10 upgrade, and make this migration your best.

Blog Feature

Data Center & Cloud | Cyber Security | Publications & Resources

Protect Your Security Infrastructure: Observe Proper Segregation of Duties

By: Andy Sherman
March 9th, 2016

The following excerpt has been taken from our ebook, The Ultimate Guide to Protecting Your Security Infrastructure in the Broader Data Center. Observe Proper Segregation of Duties System administration and security administration are not the same job, and those functions should be done by different people.

Read More

Share

Blog Feature

Data Center & Cloud | Cyber Security | Publications & Resources

Protect Your Security Infrastructure: Isolate Security Services

By: Andy Sherman
March 4th, 2016

The following excerpt has been taken from our ebook, The Ultimate Guide to Protecting Your Security Infrastructure in the Broader Data Center. Isolate Security Services on a Protected Network While the subject of proper network security design over the entire data center will be the subject of a future article, we still need to consider the special needs of security infrastructure here.

Read More

Share

Blog Feature

Cyber Security

Juniper Firewall / VPN Backdoor Vulnerabilities

By: Andy Sherman
December 21st, 2015

Juniper’s NetScreen series of firewall and VPN devices have not one but two backdoor vulnerabilities, Juniper disclosed. One of these vulnerabilities is an authentication bypass for telnet or SSH logins to the firewall. The other is an encryption weakness that allows for eavesdropping on VPN traffic. Needless to say there has been a lot of discussion in the technicalpress, especially in light of the current political climate around encryption and back doors. Patches are available to cover both vulnerabilities. Juniper notes that no other Juniper products, in particular JunOS based products, are affected by these vulnerabilities.

Read More

Share

Blog Feature

Data Center & Cloud | Cyber Security

Data Loss Prevention in 2016 and Beyond

By: Andy Sherman
December 21st, 2015

Digital Guardian asked a bunch of security experts (including me) for their predictions on where the Data Loss Prevention (DLP) market was going in 2016 and beyond.

Read More

Share

Blog Feature

Cyber Security

Wire Transfer Fraud, Up Close and Personal

By: Andy Sherman
September 8th, 2015

We recently posted about an uptick in wire transfer fraud through bogus email. Since then we and two of our clients have been the subject of such attacks. All were emails purporting to be from executive leadership (CEOs or Partners) to the people in their organization responsible for finance.

Read More

Share

Blog Feature

Cyber Security

How Can You Prevent Wire Transfer Fraud?

By: Andy Sherman
August 19th, 2015

In its most recent quarterly filing with the Securities and Exchange Commission (SEC), Ubiquity, Inc, a Silicon Valley networking equipment company, revealed that they had been the victim of a $46.7 million cyberheist. The swindle is an increasingly common one, known variously as CEO fraud, business email compromise (BEC) or man in the email (MITE) attacks, and it targets companies that make a lot of wire transfers, especially to overseas business partners.

Read More

Share

Blog Feature

Cyber Security

Extortion R Us - Ashley Madison, OPM and the Changing Face of Data Breaches

By: Andy Sherman
August 10th, 2015

On July 19th security blogger Brian Krebs broke a story on a security breach at adultery hookup site AshleyMadison.com. Actually AM is just the largest of three “adult” web properties owned by Avid Life Media (ALM), all having to do with hooking people up for sexual encounters. Credit was claimed by the “Impact Team” who have threatened to publish data on millions of users unless the Ashley Madison site is shut down. To date neither has happened, except for the identification of two hapless users, one in the US and one near Toronto (where ALM is based). While ALM’s websites remain online, their planned London IPO is said to be in trouble.

Read More

Share

Blog Feature

End User Devices and Services | Cyber Security

Stagefright Vulnerability Affects 95% of Phones

By: Andy Sherman
July 28th, 2015

Vulnerability On Monday, Zimperium Inc, a maker of mobile security solutions, announced that their security researcher Joshua J Drake (@jduck), had discovered a serious vulnerability in the Stagefright library in Android that allows for arbitrary remote code execution, which could be triggered just by sending a MMS message. (Related coverage here, and here.) Stagefright is Android’s library for handling certain types of media files.

Read More

Share