IBRS analyst James Turner have revealed that managing and securing mobile devices in the enterprise - particularly the iPhone was one of their top security concerns.

"Executives are getting them, bringing them into the workplace and asking to have them set up as though it was an enterprise-issued device," said Turner.

These were the preliminary results of 70 plus interviews between Chief information security officers and senior IT security executives in Australia and New Zealand.

"There are a stack of issues around this, not least of which is the understanding that it's a consumer device and not built with enterprise utility in mind." Turner said the penetration testers HackLabs, Securus Global and StratSec, with whom he has discussed the issue, were "scathing" of iPhone security, claiming it was "laughable".

"All they needed was physical access to the device and a laptop with some specific software on it. "This is pretty serious for security professionals who are trying to protect their organisation's sensitive corporate data. Mobile phones are always being lost and the brand doesn't matter," he said.

The top issues for CISOs in Australia and New Zealand in no particular order were:
1. Managing mobile users & mobile devices
2. Communicating risk to the rest of the organisation
3. DLP 4. Cybercrime & cyber-terrorism
5. Managing complexity
6. Managing the perimeter
7. Virtualisation and security
8. Managing information
9. Identity management
10. Managing vendors
11. Firewalls and architecture
12. Cloud and SaaS

Read full article.

Network Assurance quantifies risk from a network perspective, based on a comprehensive set of network facts. A complement to system and data-level security solutions, Network Assurance enhances the risk management lifecycle by measuring the impact of network change on security, availability and compliance.

Global Network Visibility powered by Lumenta IPsonar is the industry’s only product that: 
~ Provides visibility into everything on the network 
~ Reports on network leaks that represent policy violations 
~ Measures risk from a network perspective 
~ Finds wireless access points connected to the network; tests

Lumeta Network Assurance Assessment addresess a range of IT business and challenges such as: 
~ Policy Compliance & Audit 
~ Meger & Aquisition and Network Consolidation
~ IPv6 and FISMA mandates 
~ Network Change
~ Asset Management 
~ Gaps in security architecture 
~ Network Optimization 
~ Network Risk Management

Network Assurance Assessment deliverables with results within a week: 
~ Scan network 
~ Results of the IPsonar scan in a key findings report 
~ Presentation of Findings 
~ Executive summary of the Lumeta Network Index (LNI) risk scorecard

***LNI provides clients with an overall risk score based on analysis of four key network risk factors measured by IPSonar:
1. Network Topology
2. Network Address Space
3. Network Leaks
4. Device Fingerprints

Email us at marketing@quantiqint.com to enjoy 30% off* your Network Assurance Assessment now!

Singapore - May 27 2010 - Quantiq International, Lumeta Corporation, the leading provider of network discovery and mapping solutions for enterprises and government agencies, has announced that IPsonar® is currently undergoing a Federal Information Processing Standard (FIPS) compliance review.

The FIPS standard is an IT technology security accreditation program established for organizations seeking to have their products certified for use by federal government agencies and regulated industries that work with sensitive information.

Upon successful completion of the review, IPsonar will be certified as using cryptography meeting the standards set forth by the FIPS 140-2 Security Level One Compliance Review for the protection of sensitive data residing on government IT networks.

The Science Applications International Corporation (SAIC), headquartered in McLean, Virginia, is performing the compliance review to ensure that IPsonar uses the FIPS 140-2 validated OpenSSL correctly in the FIPS mode of operation. Upon achieving certification, IPsonar will be among the approved products for use by those government organizations requiring that sensitive information be cryptographically protected.

Cryptography is essential for the protection of information as it traverses IT networks. Independent testing by scientific laboratories such as SAIC ensures that the federal government agencies or regulated industries use only cryptography that has met this high standard.

“FIPS has become the worldwide gold standard for cryptographic security,” said Lumeta’s Chief Operating Officer, Michael Markulec. “At Lumeta, we are committed to providing our customers with tools and technology that meet or exceed the security standards set by the federal government to ensure that they protect the sensitive information that resides on our customers’ IT systems.”

IPsonar, Lumeta's flagship product, provides real-time global network visibility and risk measurement. IPsonar maps every asset on a network with unparalleled clarity – including unauthorized assets – providing a detailed visual representation of the connectivity between assets and networks.

IPsonar highlights risks and policy violations arising from unauthorized inbound and outbound connectivity, improperly configured security devices, and network anomalies. This enables IT operations and security personnel to take timely action to ensure that network security measures accurately reflect the current state of the IT network.