Risk

10/25/2007
12:44 PM
Tom Smith
Tom Smith
Commentary
50%
50%

Interop Winners: Desktop Conferencing, Deep Security

It's a purely unscientific and anecdotal perspective, but here are my picks for most interesting and most needed technologies from Interop this week, plus the most startling stat I heard in my New York City travels.

It's a purely unscientific and anecdotal perspective, but here are my picks for most interesting and most needed technologies from Interop this week, plus the most startling stat I heard in my New York City travels.Most interesting technology: Desktop videoconferencing system from Avistar Communications that can be delivered on a hosted or licensed basis, and integrates with major desktop applications such as IM to include a critical presence element. Want to initiate a video call? Connect with your co-worker or partner in IM, and kick things off. The video quality is excellent, and the system integrates with room-based systems for those companies that have a huge investment in old-line VC technology that may be underutilized. Avistar's system makes videoconferences more accessible to a larger number of employees and desktops within a big company. Avistar touts major financial firms as multi-thousand-seat customers. Avistar President Simon Moss estimates Avistar's network and systems will carry 50 million minutes of usage this year and an expectation of 90 million minutes in 2008.

Most desperately needed technology: The list of data loss/data breach incidents grows every week. Now there are claims that the granddaddy of them all, TJX, is twice as large as the company has been reporting, with 94 million affected accounts. Stepping up to the plate with security technology that locks down laptops, mobile phones and more is a company called Mobile Armor that's making inroads into U.S. military and other government agencies. Its products range from a Policy Server to set and enforce security policies, to tools to encrypt files and folders on removable media devices, to software for pre-boot authentication and full disk encryption on laptops. The company has unique insights into the most intensive data protection requirements. Director of technical services Matt Brickey related the story of certain military applications in Iraq where three failed password attempts will result in a laptop's hard drive being erased. Which leads me to the...

Most startling stat I heard: One New York-based financial services firm loses one laptop per day and five smartphones per day in taxicabs, says John Pironti, chief information risk strategist for the consulting firm Getronics. A common outcome: The cab companies sell off the gear after 30 days. How that's for risky business?

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
5 Reasons the Cybersecurity Labor Shortfall Won't End Soon
Steve Morgan, Founder & CEO, Cybersecurity Ventures,  12/11/2017
BlueBorne Attack Highlights Flaws in Linux, IoT Security
Kelly Sheridan, Associate Editor, Dark Reading,  12/14/2017
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
The Year in Security: 2017
A look at the biggest news stories (so far) of 2017 that shaped the cybersecurity landscape -- from Russian hacking, ransomware's coming-out party, and voting machine vulnerabilities to the massive data breach of credit-monitoring firm Equifax.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2017-0290
Published: 2017-05-09
NScript in mpengine in Microsoft Malware Protection Engine with Engine Version before 1.1.13704.0, as used in Windows Defender and other products, allows remote attackers to execute arbitrary code or cause a denial of service (type confusion and application crash) via crafted JavaScript code within ...

CVE-2016-10369
Published: 2017-05-08
unixsocket.c in lxterminal through 0.3.0 insecurely uses /tmp for a socket file, allowing a local user to cause a denial of service (preventing terminal launch), or possibly have other impact (bypassing terminal access control).

CVE-2016-8202
Published: 2017-05-08
A privilege escalation vulnerability in Brocade Fibre Channel SAN products running Brocade Fabric OS (FOS) releases earlier than v7.4.1d and v8.0.1b could allow an authenticated attacker to elevate the privileges of user accounts accessing the system via command line interface. With affected version...

CVE-2016-8209
Published: 2017-05-08
Improper checks for unusual or exceptional conditions in Brocade NetIron 05.8.00 and later releases up to and including 06.1.00, when the Management Module is continuously scanned on port 22, may allow attackers to cause a denial of service (crash and reload) of the management module.

CVE-2017-0890
Published: 2017-05-08
Nextcloud Server before 11.0.3 is vulnerable to an inadequate escaping leading to a XSS vulnerability in the search module. To be exploitable a user has to write or paste malicious content into the search dialogue.