Meeting the IT security needs of our customers, and providing overall customer satisfaction is the foundation of SSS's business. Our team work hard to ensure that we properly understand your needs, and that the products and services we sell are a good fit for you. We thrive on solving your IT security problems.
Our Mission: To provide enterprises with cutting edge and best fit security products, support and consulting services which combine our intellectual property, expert problem solvers and understanding of the customer's business to create
Digital Certificates – the Trust Chain
Our new engineer and Public Key Infrastructure (PKI) specialist Chris Post has written a brief overview for us of Digital Certificates and how the Trust Chain in them works.
So what are digital certificates, where would I find one, and why should I care?
Peoples normal day to day interaction with digital certificates is transparent, they are mostly unaware there is a whole bunch of digital certificate "work" going in their browsers all the time. People may have heard of "digital certificates", but most would still be blissfully unaware of what they actually are and what they are used for. This article intends to cover off people’s most common interaction with digital certificates, which is through a web browser.
A digital certificate is an electronic file that is designed to represent the authenticity and legitimacy of the subject of the certificate, such as a person or in the case of this article, a website. The digital certificate is also fundamental in the creation of a secure encrypted link between the web server and your web browser...
You can see the article here
Tripwire - Free Cloud-based Vulnerability Scanner
Tripwire® has released an online vulnerability scanner, SecureScan, which finds security vulnerabilities in the computers and applications on your network, and provides instructions on how to fix them - all free of charge for up to 100 IP’s.
Click here to get your free scan
Advanced Persistent Threat (APT) prevention – StripIT
Recently we have had several customers ask us what we can
do for advanced persistent threat prevention, particularly for files coming via email and webservers.
Many APT’s are targeted and/or zero day exploits that your Antivirus and other security measures may not pick up. SSS has a range of tools that protect from this type of malicious code - including StripIT.
StripIT is a gateway utility that scans for and removes active content that may be embedded within Office and PDF files that arrive in inbound email, and then transfers the “sanitised” files on to the intended recipients, thus allowing for the business to continue without the risk.
For more information on StripIT or our other APT prevention tools please contact us.
"When we need assistance with the large suite of products that SSS provides to the Ministry, a quick phone call will get us in direct contact with knowledgeable, dedicated, local technical support and the problem will be solved."
Mike Porter – Manager – Information Management – Ministry for the Environment
Establishing Identity: Today and Tomorrow
Establishing Identity: One of SSS’s focuses this year is to work with our customers to assist them with Identity Access Management, which Gartner describes as: "the security discipline that enables the right individuals to access the right resources at the right times for the right reasons."
Saad Humayun of SSS has written a brief overview of the current state of establishing identity, from a viewpoint of challenges and opportunities in the New Zealand context. Click here to view - we hope you enjoy the read.
[WHITE PAPER] FIVE STEPS TO ACHIEVING TRUST AFTER A BREACH
When an organization has been compromised, some of the first questions to ask are critical:
- "Which systems can I trust?"
- "What was done to compromise my systems or data?"
- "How quickly can I figure out where I stand?"
This white paper provides an overview of the five-step approach we take to restore trust after a breach for enterprises who had not previously implemented Tripwire solutions. Download your copy today.
Some useful Whitepapers from Sophos:
Customer Focus: Western Institute of Technology at Taranaki (WITT) chooses Sophos Complete Security Suite
In 2013 the IT department at WITT recognised a marked increase in the use of mobile devices on campus and identified the urgent need for a solution to accommodate this increased demand.
"We began looking at what was out there and we focussed our search on finding a solution that would not only meet our immediate needs, but would also future-proof us as an organisation," says Mr Attridge – IT Manager at WITT.
SOPHOS Complete Security Suite offered WITT a full security solution including endpoint anti-virus, web and email gateway appliances, and mobile device management - all in one easy to manage product license. This meant that WITT’s immediate and future IT security needs were met without the need for future add-ons.
"SOPHOS gives us greater control and monitoring capability, and because it is designed from the ground up to be easy to configure and manage, that means a significant improvement in ease of administration for our team," says Mr Attridge. "We’ve also achieved a much greater bang for our buck, as we get much more functionality with SOPHOS, right out of the box, than with other solutions," he adds.
You can read the full Case Study here
What you can expect to see from SSS in 2014
SSS has several key areas of focus for the coming year:
- New Security Consulting and PKI (Public-key infrastructure) division - we are significantly enhancing our capabilities in this area. We have new highly trained and qualified staff starting with us this month that specialise in PKI and security consulting, and we have secured access to best-of-breed PKI products so that we can provide complete PKI and security consulting services to the market.
- Customer Satisfaction Process Enhancements - we are absolutely committed to ensuring that our customers (you) are very satisfied with the products and services we provide. We aspire to being a company that you enjoy and value doing business with. This year we will be rolling out some new “work practices” to ensure that customer satisfaction stays at the heart of how we do business with you. We will be discussing these initiatives directly with you, and as always, we are keen to hear directly from you any suggestions you may have for us in this area.
- DLP (Data Loss Prevention) - we will be continuing our focus on helping organisations learn more about and implement effective DLP strategies and solutions.
- Managed Contracts - these help develop mutually beneficial partnerships between us and you (our customers) to save you time and money, and ensure you are getting the best possible value from your security products.
Sophos 2014 Security Threat Report
Each year Sophos publish a Security Threat Report. These are filled with great research, data, trends and analysis from the experts at SophosLabs, with links to whitepapers, videos and technical papers that you are sure to find interesting and informative.
You can see the 2014 report here
Sophos SafeGuard Enterprise Device Encryption receives EAL4 certification on the DSD’s Evaluated Products List
We have been advised that the Australian Government Defence Signals Directorate has certified Sophos SafeGuard Enterprise Device Encryption to certification level EAL4 on the Evaluated Product List including a Cryptographic Evaluation.
This is worth mentioning to any government / large corporate organisation discussing encryption as aside from Microsoft Bitlocker, Sophos is the only vendor to have a current product certified (a process which has taken around 18 months).
Australian Government Evaluated Product List: here
Application Whitelisting Best Practices: Lessons from the Field
You’ve heard analyst firms like Gartner and Forrester recommend adding application whitelisting to your layered endpoint defense strategy, rather than relying on AV alone. The latest generation of application whitelisting provides the flexibility needed to keep your end users productive, whilst protecting against modern, sophisticated malware and targeted attacks.
In this complimentary on-demand webcast from Lumension, there is in-depth, technical discussion on the latest whitelisting capabilities, including reflective memory protection, and reveal whitelisting best practices to help you develop your 2014 endpoint security strategy.
- Four best practice steps for a successful application whitelisting implementation
- How to apply lessons-learned by your peers to your application whitelisting implementation
- Understand how advancements in application whitelisting facilitate today’s best practices
Watch this on-demand webcast here
Customer Focus - Rob van Endt moves Hutt City Council to Accellion to provide, local, secure and easy transfer of files.
"The response to Accellion Secure File Sharing & Transfer so far has been extremely positive," says Mr van Endt. "Both our internal users, and more importantly our external rate payers, are enjoying using it and that means we are meeting our overall objective of better serving our customers," he adds.
"The cost of Accellion was very good, and that means it will continue to fit within our current and future budget requirements," says Mr van Endt. "We would be only too happy to recommend Accellion and SSS to others," he concludes.
Read the full case study here