IAVA Support – For our Federal customers we have extended our IAVA coverage into our Shavlik Patch offering making it much easier to automatically cross-reference DOD IAVAs.
Republish and resigning of packages – The manual steps for doing this are long and painful and going down that rabbit hole is not recommended. It is also no longer necessary! We are going to do all the heavy lifting on this one.
Shavlik is proud to announce the launch of Shavlik Protect 9.2 Beta and introduce the Empower platform. This simultaneous launch is a significant leap into a rapidly changing world. Shavlik Protect will continue to be the Data Center solution for patching critical systems and ensuring vulnerabilities are being plugged. Shavlik Empower is the platform that Shavlik will use to launch us into the future.
Empower is purpose built to manage your users, the devices they use and follow those users wherever they go. Empower will aggregate data from Protect, from other parts of your network and off network using the
Our own Rob Juncker, V.P. of research and development for Shavlik, has predicted that Healthcare breaches will rapidly increase in 2015. Now that hackers are getting smarter about attacking endpoints to glean credit card data from retailers, they are looking for more creative ways to make money. In the hacker’s community, credit card data is worth about $1 per card, whereas protected health information (PHI) is currently worth about $10 per record and rising.
Why the discrepancy in price? Because hackers can do more nefarious activities by submitting fraudulent healthcare claims or by buying and selling drugs and medical equipment for financial gain. Credit card companies are just plain better than insurance companies at detecting and shutting down fraudulent activity. Credit card companies also have the option to change your credit card number, whereas your patient data cannot change. Medical fraud could last for years before it is detected and corrected.
Now that Mr. Juncker has made the prediction, 2015 brings us our first major health record breach with Anthem, whose brands include Anthem Blue Cross/Blue Shield and others. The potential theft could be as big as 80 million records and include names, social security numbers, birth dates, policy numbers, diagnosis codes and billing information. The overall security problem is exacerbated by outdated equipment, demands from doctors to use mobile devices, and the loss or theft of devices used by multiple health workers.
So what can healthcare and IT organizations do? The first step is to simply keep up with the latest updates and patches. Once a software vendor such as Adobe releases a patch, hackers now know there is a security hole. Shavlik is seeing an increase of vulnerabilities coming from third-party applications outside of the OS. Patching both the OS and third-party applications is critical to keeping them secure and the data safe.
Vulnerabilities exist on the end-point because they are often unpatched and neglected. IT has enough on its plate to try and keep all the software on every system up-to-date. But in the wave of the latest breaches, it becomes imperative to do so.
As we see healthcare staff requesting more mobile devices such as tablets, we will see more loss and theft of devices that will contain PHI data. Having methods to encrypt the critical data such as email and attachments will greatly decrease the risk.
As a healthcare provider, what does it mean to you? As in retail, security is more and more of an issue that needs to be addressed. Healthcare organizations are now under scrutiny to comply with HIPAA regulations. Anchorage Community Mental Health Services (ACMHS) was fined $150,000 after 2,700 health records were stolen in an attack. They were attacked simply because they were not patching software!
Beware healthcare. 2014 was the year of retail breaches. 2015 is the year of healthcare breaches!
Shavlik is happy to announce that we have added a new product, Secure Mobile Email by LetMobile, to our product line. LetMobile is a secure email solution that brings the same effectiveness and ease of management that you have come to expect from Shavlik to the challenge of protecting corporate information on mobile devices.
Today, I sat down with product manager Eran Livne to learn more about Secure Mobile Email by LetMobile. Eran has led this product from its inception and has spent years studying the mobile device management space.
Anne: Why LetMobile? What problem does it solve for our friends in IT?
Eran: There’s a new challenge with all of these smart devices. Users buy devices and want to use them for work; however, they don’t want IT to control them and have less concern about security. IT is used to managing and controlling, owns security, and is held responsible if a data breach occurs. There is a huge gap between the interests of these two sides.
Anne: How do we bridge this gap?
Eran: LetMobile was built to find this balance and to bridge this gap. We provide the best of both worlds; IT gets security compliance management and data protection, and users get a native email experience on the device of their choosing. They don’t have to use subpar email clients to consume corporate emails or separate the process of reading work email from reading personal email.
With LetMobile security policies apply only to corporate data, so the solution has no knowledge or control over personal data or app’s. This means users are free to use their devices how they wish, do not need to fear corporate “big brother,” and don’t have to comply with annoying policies like being forced to lock their devices or granting the company access to wipe their devices.
Anne: Wow, that sounds almost too good to be true. How does LetMobile work?
Eran: LetMobile is a gateway solution. We offer on-premise and SaaS offerings that act as an intermediary between Exchange (or your email service) and user devices. The LetMobile gateway streams email to the device, so email and email attachments are never stored on the device. Additionally, corporate credentials are never stored on the mobile device, so if the device is lost, the user’s corporate creds cannot be compromised.
Anne: Beyond basic email security what are some of the other cool capabilities of LetMobile?
Eran: LetMobile includes data loss prevention (DLP) capabilities that look into the “body” of emails and attachments and can take action based on the presence of keywords or regular expressions. This coupled with LetMobile’s geo-fencing capabilities means say a financial institution could enforce a policy where customer account numbers are masked in emails unless the device is in a trusted location. LetMobile can keep confidential information from leaving the four walls of your corporate headquarters and even your country’s borders.
Anne: If readers want to learn more about LetMobile or see a demo, what should they do?
Eran: We have a wealth of information out there on our website. Check out…
Two months ago, Shavlik released a security advisory alerting our customer community to the availability of off-the-shelf, exploit kits that enable less sophisticated hackers to mimic a Target-like attack.
In that advisory, Rob Juncker, Vice President of R&D for Shavlik, accurately predicted the availability of these exploit kits would lead to the following.
More companies will be coming forward to report breaches.
The scope of these breaches will go beyond retailers to impact all types of business that have valuable and private information.
Earlier this month, the game changed again, but this time the threat doesn’t come from hackers alone; it’s coming from the court room, the halls of government, and maybe even from your own employees. For the first time we are seeing companies being held legally and financially responsible for security breaches that occurred due to insufficient and/or negligent security practices.
Today, Shavlik is issuing another security advisory to draw your attention to three landmark cases that made headlines earlier this month.
Anchorage Community Health Services was fined $150,000 by the U.S. Department of Health and Human Services’ Office of Civil Rights (OCR) for “failure to apply software patches [that] contributed to a 2012 malware-related breach affecting more than 2,700 individuals,” according to GovInfoSecurity.
This incident is the first where a company has been held liable by OCR for failing to patch software, and now a precedent has been set, making disciplined patch management a critical part of HIPAA compliance.
“Successful HIPAA compliance requires a common sense approach to assessing and addressing the risks to ePHI on a regular basis. This includes reviewing systems for unpatched vulnerabilities,” OCR Director Jocelyn Samuels said to GovInfoSecurity.
U.S. District Court in Minnesota denied Target Corporation’s motion to have litigation dismissed that has been filed by financial institutions who suffered losses as a result of Target’s 2013 data breach.
According to Reuters, Judge Paul Magnuson found “…banks were foreseeable victims of Target’s allegedly negligent conduct.”The report went on to say, “Importantly, Judge Magnuson said that imposing a duty of care on Target ‘will aid Minnesota’s policy of punishing companies that do not secure consumers’ credit- and debit-card information.’”
This case may set a precedent for companies to be financially liable to both consumers and financial institutions for breaches that compromise customer data.
Two employees filed a class action lawsuit against Sony for allegedly not taking adequate precautions to secure employee data.
According to an article posted on TechCrunch, “The complaint references a tech blog reporting to note that Sony was aware of the insecurity on its network and took the risk.”
It has been confirmed that employee emails, website viewing activities, credit card website credentials, and social security numbers were among the data made public as a result of the Sony breach, and now after having already lost an estimated $100 million, Sony could be in for more expense at the hands of its own employees.
As we continue in our “Beyond Patch” video blog series, let’s examine Shavlik Protect’s ITScripts capabilities.
Protect’s ITScripts allow you to run PowerShell scripts on targeted machines at a scheduled time.
Why is this important?
You can automate the performance of mundane maintenance tasks like Check Disk or defrags. Tasks that often get left undone due to time constraints can now be done automatically at a time of your choosing.
You can acquire information about the machines in your environment. For example, you can run scripts to report on disk space or when the machine was last rebooted.
Shavlik Protect provides a library of scripts you can use OOTB or…
You can create your own PowerShell scripts and use Protect to schedule and to deploy them. This means that nearly any operation can be automated.
Check out this video where Shavlik Product Evangelist John Rush walks you through the ITScripts capabilities within Shavlik Protect. For more information, please contact us at firstname.lastname@example.org.
Having effective patch management and anti-virus practices are two of the most basic building blocks of network security.
However, this often requires separate software solutions that come with separate agents and most importantly, separate costs. With Shavlik Protect’s antivirus, you can bring together what all too often is separate: patch and A/V.
Shavlik’s anti-virus solution provides:
Access to patch and antivirus capabilities as well as reporting from a single console
A single-agent for managing patch, anti-virus, and anti-spyware policies
The ThreatTrack Security VIPRE engine
Check out this video where Shavlik Product Evangelist John Rush walks you through the anti-virus capabilities within Shavlik Protect. For more information, please contact us at email@example.com.
We all know and love Shavlik Protect for its patch management capabilities, but Protect’s value doesn’t stop when the calendar flips past Patch Tuesday.
Protect offers a wide array of features that simplify the complexity of IT, save time and money, and keep your network more secure. In this video blog series we will explore the capabilities of Shavlik Protect beyond patch.
Maximize your time during maintenance windows, find un-managed machines on your network, be green, and even save your company some money…did you know that Shavlik Protect’s Power Management can do all of this and more?
With Shavlik Protect’s Power Management you can…
Turn off power-hungry machines when not in use
Control power up, sleep, and power down
Wake up machines for maintenance windows
Perform quick scans to find un-managed machines on your network
Check out this video where Shavlik Product Evangelist John Rush walks you through the Power Management capabilities within Shavlik Protect. For more information, please contact us at firstname.lastname@example.org.
Shavlik is proud to announce today’s release of Shavlik Patch for Microsoft System Center 2.1.
This is the second Shavlik Patch release this year, and it represents yet another quantum leap towards making third-party application patching within SCCM easy.
Shavlik Patch 2.1 focuses on five core areas: setup and configuration, automation, core patching capabilities, ease of use and globalization.
Setup and Configuration – Our new configuration checker allows you to verify that your SCCM environment is ready to publish and deploy third-party patches. It’s easy for application versions, credentials, and certificates to get out of sync. No problem; the configuration checker will point you to discrepancies in your environment, so you don’t have to guess where the problem exists.
Automation – With Shavlik Patch 2.1, you can create and save filters that allow you to control which applications, which vendors, and which individual updates you publish for a timeframe of your choice. For example, say you want to publish all Adobe updates, Oracle Java and Chrome updates, within the last 30 days. You can now build that filter, view the updates that meet that criteria, and automatically publish them.
Core Patch Capabilities – With Shavlik Patch 2.1, we introduce a patch details view that tells you lots of great information about each update. Also, Shavlik Patch now handles superceded patches.
Ease of Use – You thought Shavlik Patch 2.0 was easy; well, it just got better. Shavlik Patch 2.1 introduces authenticating proxy support, the ability to run scheduled jobs as a different user, and the ability to choose, hide and reorder columns in the updates view.
Globalization – Shavlik Patch is now available in 11 languages. Additionally, you can also view translated versions of our User’s Guide. Hablas Espanol? Great, so does Shavlik Patch.
Now, being the seasoned SCCM admin that you are, you’re probably thinking, “Wow, that’s cool, but I won’t be able to use it for six months because it’ll take that long to get it working in my environment.”
Umm…no. Here’s the directions for upgrading Shavlik Patch from 2.0 to 2.1 (no kidding check out our User’s Guide).
Download the latest version of Shavlik Patch from www.shavlik.com/downloads
Install the Shavlik Patch exe
That’s it! All of your configuration settings, filters, and registration info will still be there. We don’t mess with anything in your SCCM database. You can be up and running on Shavlik Patch 2.1 in about five minutes.
With today’s release, Shavlik has also announced the end of life for Shavlik Patch 2.0 on December 1, 2015. We encourage all customers to upgrade to 2.1 at your earliest convenience. Pro tip – there’s lots of great stuff in 2.1.
For more information about today’s release, please join us for one of our Shavlik Patch 2.1 release webinars.
If you are using Shavlik Patch today, please join us for this webinar.
Patch Like a Pro! New Shavlik Patch for Microsoft System Center 2.1 | Wednesday, November 18, 2014 10:00 am CST | Register Now
If you are new to Shavlik Patch, please join us for this webinar.
Why Break SCCM? Get Third-Party Application Patching Without Additional Infrastructure | Wednesday, November 13, 2014 10:00 am CST | Register Now
Tune in later this week as I continue to share more insights on the latest release of Shavlik Patch and how this solution sets itself apart from other third-party patch add-on’s for SCCM.
The Shavlik team took some time out today for its annual Halloween celebration. The day started with breakfast treats and moved into a costume contest, pumpkin decorating contest, and finally a group lunch. A good time was had by all (well, except maybe our QA manager).
We hope you all have a wonderful Halloween and avoid being spooked by any security issues.
In the photos below, (top) the Renewals team gets into the Halloween spirit; (2nd) The costume contest finalists; (3rd) Two entries into the pumpkin decorating contest; (4th) The pumpkin carving contest winners (5th); The pumpkin carving contest runners-up; (6th) Two Shavlik team members enjoying lunch.