Skip to content

Healthcare Provider Moves from Aruba ClearPass to Portnox CLEAR

AbsoluteCare is a fast-growing regional integrated healthcare provider headquartered in Baltimore, Maryland, with facilities up and down the East Coast, including Atlanta, Philadelphia, and Washington, DC. Since 2000, AbsoluteCare has provided medical assessment and treatment to tens of thousands of people through its “wrap-around” care model.

“Several years ago, as the company continued to grow, many of our customers, including companies like Anthem and BlueCross BlueShield said we needed to be HITRUST certified in order to work with them,” said Chris Becker, AbsoluteCare’s National IT Director. As part of that journey towards HITRUST certification, Becker and his team discovered that they would need to implement a network access control (NAC) solution.

“At that time, we looked at HP Aruba ClearPass and Cisco ISE, and decided to go with Aruba,” Becker continued. “We spent quite a bit of money to get it implemented – relying on outside consultants to get it up and running and conduct training – it’s a rather large application. We ultimately used it minimally because much of the functionally was overly complex.”

In general, the company utilizes managed corporate devices across its workforce, specifically Dell laptops running Windows X, as well as a number of iPads and iPhones. “We have a small population of BYOD, but we don’t encourage it – it’s just more work to manage the compliance of those devices with the limited internal IT resources we have,” Becker stated.

Migration Challenges

In the summer of 2020, AbsoluteCare found itself in a bind during a datacenter migration. “We decided to move our Aruba servers from one datacenter to another, and we found out – oh my gosh – this is going to cost us like $30,000 just to move it,” continued Becker. The hidden costs didn’t end with just the migration, however. Becker and his team realized they would have to incur more fees to upgrade ClearPass because the version was nearly three years old.

“We saw dollar signs. Lots of dollar signs. Not only that, but ClearPass really didn’t grow with us – you almost have to be an HP Aruba expert to really make the solution work for you the way you need it to,” Becker recalled.

clearpass nac quote

Headed in a Different Direction

To avoid paying staggering professional services fees for the expertise needed to execute the ClearPass server transfer, Becker and his team opted to go out in search for a new NAC solution that would eliminate these hidden costs and provide a lightweight, flexible option for network access control.

“We definitely wanted cloud. We’re fans of cloud – both private and public,” Becker indicated. “Portnox CLEAR definitely fit the core requirement to act as our NAC solution, but it also offered other benefits through its optional agent that made it the clear winner for us.”

Out With the Old, In With the New

AbsoluteCare was able to swiftly roll out Portnox CLEAR with its AgentP add-on, allowing Becker and his team to leverage the platform’s on-or-off network endpoint risk posture assessment and automatic device remediation capabilities for users on its wired and wireless networks.

“This is one of the things I really liked about Portnox,” said Becker. “When we initially got access to the environment to conduct our proof of concept, we set up our account and then set a meeting for a week out to assess where we were and what we still needed to do. Well, my systems admin basically got everything configured in a few days all on his own.”

portnox clear v. aruba clearpass

For AbsoluteCare, Portnox CLEAR’s ease of use was a major selling point. “I mean, coming off of something like ClearPass, where you basically need to be a systems engineer to figure it out – Portnox CLEAR was just a piece of cake,” Becker reveled…

Want to read the full case study? Download it today.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Portnox
Portnox provides simple-to-deploy, operate and maintain network access control, security and visibility solutions. Portnox software can be deployed on-premises, as a cloud-delivered service, or in hybrid mode. It is agentless and vendor-agnostic, allowing organizations to maximize their existing network and cybersecurity investments. Hundreds of enterprises around the world rely on Portnox for network visibility, cybersecurity policy enforcement and regulatory compliance. The company has been recognized for its innovations by Info Security Products Guide, Cyber Security Excellence Awards, IoT Innovator Awards, Computing Security Awards, Best of Interop ITX and Cyber Defense Magazine. Portnox has offices in the U.S., Europe and Asia. For information visit http://www.portnox.com, and follow us on Twitter and LinkedIn.。

5 easy ways to improve data security

Did you know that in 2018, Singapore suffered its largest-ever data breach in history when 1.5 million patients of SingHealth’s specialist outpatient clinics had their personal information stolen? This included names, NRIC numbers, dates of birth, and even addresses. However, a couple of years after this event, cyber attacks have not gone away. In fact, not long since its occurrence, the Cyber Security Agency of Singapore (CSA) reported a 51.7% increase in cyber attacks.

With more frequent data breaches expected in the near future, CSA has underscored the need for consumers to exercise constant vigilance and improve data security to keep increasingly sophisticated threats at bay. Here are five ways you can enhance data security at home.

1. Encrypt Your Data

The safest way to secure your private data is to utilise encryption to make it indecipherable for people other than those that are authorised to access it. Encryption takes your data and then converts it into an unreadable form, thus maintaining the privacy of your records.

You can begin by activating an encryption tool and enabling it across all your connected devices. This way, your data will be secure even in the event that the devices are stolen or lost. In addition, ensure that you only visit websites that have SSL encryption. SSL encrypted websites are visibly distinguished as their URL starts with “https://” and has a padlock icon that precedes the name of the domain in the address bar of your web browser.

2. Update Your Software

In today’s environment of hyperconnected and multi-platform devices, manufacturers go to great lengths to ensure connected devices are as user-friendly as possible. One adverse result of this is that software changes sometimes take place in the background, making it easy to lose track of their status.

An overwhelming bulk of hardware-related cyber attacks take place due to unpatched software vulnerabilities that cybercriminals use to obtain backdoor access to your system. If you ignore software updates, you are practically opening doors to hackers to infiltrate your system.

For this purpose, you should keep all software on your device as updated as possible. Alternatively, you can allow automatic updates to ensure your devices are protected at all times. These updates include fixes for newly found security vulnerabilities that could be exploited by malicious actors.

3. Backup Your Data Regularly

In light of persistent risks to your private information, it is likely that no protection will be 100% safe. This is particularly true in the face of the recent exponential increase in ransomware attacks in Singapore. They provide evidence that cybercriminals can pose just as much a challenge by refusing you access to your private data as they can by hacking and stealing it for themselves.

This is why it’s important to back up all your critical data regularly so that you can easily recover from data breaches should they happen. You can do this by backing up your local data to cloud-based backup services. In addition, you can also run an antivirus software on your PC to keep it infection-free. This will decrease the probability of experiencing a ransomware attack and also alert you to issues before they can be replicated in your backup data.

4. Create Strong Passwords and Change Them Often

Singaporeans are lax when it comes to password security, as reported in a study conducted by the CSA. The report stated that 33% of respondents store their passwords in their computer and use the same password for multiple accounts. Moreover, between 50-70% of respondents don’t change their passwords until prompted by their online service providers.

With cybercriminals getting smarter, it’s best to not leave internet security to chance and create strong passwords while ensuring you change them frequently. This allows you to sidestep brute-force attacks, where malicious actors use a number of password variations in the hope of guessing a combination correctly. If you feel password management is a hassle, you can use a password manager to store your passwords and access them with one master password whenever you want.

5. Invest in Antivirus Software

An antivirus software solution is a crucial component of your broader system security plan and is the best way to enhance data protection. It discovers hidden viruses, points you to possible risks in your system, and then deletes them before they can corrupt your data. This ensures that almost all threats are stopped before they can deal any damage to your systems.

A powerful antivirus software solution like ESET NOD32 Antivirus also protects you against malicious websites and ads, which are the most popular gateways through which viruses infect your systems. This eliminates the risk of a data breach due to a ransomware attack by restricting its immediate access to your computer network.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

Software update (ActiveVisor)

The Covid-19 pandemic has changed how we work, and that’s changing how we must protect our computing resources. With so many people working from home and from remote locations it is essential that any reliable backup and recovery solution provide the ability to protect and recover valuable data from virtually anywhere.

ActiveVisor is a centralized backup management console for ActiveImage Protector, providing a visual representation of statistical data, real-time monitoring of backup status, storage space availability, and helping you to deploy installations, agent-based and agentless backup tasks, as well as schedules. In the event of a backup failure, ActiveVisor displays where the failure occurred so you can address it as soon as possible. System administrators can substantially reduce workloads by monitoring and managing the backup status and configured backup settings for ActiveImage Protector from any location.

New features

  • – Enhanced integration with Active Directory includes selecting specific machines from the list of Active Directory search results and adding those machines to the list of managed ActiveImage Protector systems.
  • – Get notified when new ActiveImage Protector agent-based and agentless installations are added.
  • – ActiveImage Protector agents automatically find and connect to ActiveVisor consoles for ease of use.
  • – Push install ActiveImage Protector software patches and updates to save time by initiating deployments from a single location.
  • – Manage and monitor agentless backups of virtual machines remotely.

 

The updated build version 6.0.2.1507 was released in EMEA on 1st of March 2021.

Standard features

  • – Administrators can manage, monitor, and modify backup agents, and task schedules from any location using a browser-based console.
  • – Manage Azure Virtual Clients connected to local network domains.
  • – Auto-scroll option in the monitoring panel displays alerts of the latest changes occurring on protected systems: the system information automatically displays at the top of the panel any status changes.
  • – The dashboard window provides a graphical representation of computers on the network, ActiveImage protected machines, and visually draws attention to the status of task execution.
  • – Systems can be grouped for management purposes. Groups can be rearranged, if necessary, based on changes to a systems configuration.
  • – Schedules may be configured based on individual system requirements, or apply a predefined scheduled template to deploy a pattern-based backup schedule to batches of systems.

ActiveVisor is provided at no additional cost to ActiveImage Protector users with a valid annual maintenance contract.

For more information about ActiveVisor, please visit:
https://www.actiphy.eu/en-eu/product/activevisor/

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Actiphy
Actiphy founded in 2007, focuses on developing and offering innovative backup and disaster recovery solutions for complete protection of all your systems and data. ActiveImage Protector backs up Windows, Linux machines on physical and virtual environments and restore systems and data fast for you to be up and running with minimal downtime and data loss. Today Actiphy hold 20% of the image backup market in Japan and are expanding our services in the Asia/Pacific and North American regions, as well as in Europe, the Middle East and Africa.

Risk associated with the lack of protection in Cloud access

The cloud concept is less and less a buzzword and more of a need. Everyone, from application developers, executives, and students, is benefiting from the flexibility and reliability of cloud-based solutions.

Although the cloud has evolved a lot in recent years, there are still risks involved. One of the main concerns of cybersecurity professionals is the protection of access in cloud environments.

The cloud hosts data for thousands and thousands of people – including third parties, employees, and customers – which increases the attack surface. A successful attack can be fatal for many companies, and directly affect business continuity.

In this article, we explore some of the main risks associated with the lack of protection in cloud access. Also, we explain how some basic actions can be strategic to mitigate the risks of lack of management and access protection in cloud environments.

With a little planning, you can effectively mitigate these risks and take advantage of all that the constantly evolving cloud has to offer. Keep reading on and find out what risks you are exposed to due to the lack of protection for cloud accesses.

Lack of Governance

Do you have control of the data in your cloud environment? Do you know what information your employees have access to? Do outsourced employees have limited and controlled access to your cloud? The answers to these questions indicate whether your organization has good governance in the cloud or not.

Cloud governance ensures that all actions, from the implementation of a new server to the interactions of systems and data security, are properly managed.

The move from local infrastructures in companies to cloud environments adds layers of complexity to the protection of systems. It also means that more people in your company have the potential to impact these systems. That is why it is essential to develop and maintain a cloud governance model for access management.

By designating who has access to each part of the asset, information, and system management, your governance plan will determine the necessary limits on who can access and impact your infrastructure.

As mentioned earlier, this is especially important considering how easy it is to deploy new servers and other assets in the cloud. The last thing you want is applications and IT initiatives that are not properly managed, impacting your systems architecture and negatively impacting customers and users.

 Controlling access to your cloud’s critical assets is essential for a more reliable environment, especially if you outsource software development to other companies.

Data Breaches

Data breaches are a major cybersecurity concern as the amount of data transmitted over the internet has been growing exponentially. This continuous transfer of information makes it possible for attackers anywhere to attempt to breach data in almost any company they choose.

What are the main ways in which a data breach can occur? The simplest way to view private data is to steal someone else’s login credentials to enter a system.

To that end, attackers apply a series of strategies to get their hands on the logins and passwords of a company’s employees. This is a big risk associated with the lack of access protection in your cloud because even less-skilled attackers can easily access your company’s data.

Internal threats are also a form of a data breach. These threats involve employees who have access to protected information, deliberately exposing that data, often for personal gain. In that sense, when there is no proper access control to manage what employees and outsourced people do in the cloud environment, this threat can become real.

Access control is a way to minimize risks associated with data breaches, ensuring that your employees have only the minimum access and permissions necessary to do their job.

Non-Compliance With Market Laws and Regulations

New laws such as the LGPD (General Data Protection Law) are increasingly demanding the development of a series of procedures for data protection from Brazilian companies. The law should be applied to any organization that performs operations with personal data, such as the collection, transmission, storage, or processing of data from Brazilians…

If your company fits into this segment, it is important to understand how access protection failures in your cloud environment can negatively affect business.

In cases where a breach of personal data occurs and if your company has not taken the required basic protection measures, you may suffer penalties, such as regulatory fines from the LGPD, which can reach 2% of revenues or R$ 50 million reais. Also, when it comes to cloud environments, you need to know where your cloud provider is located.

As an example, if your provider is located in any region of Europe, you should also seek compliance with the GDPR (General Data Protection Regulation) in order not to suffer penalties.

Meanwhile, in the payment methods market, certifications such as the PCI DSS (Payment Card Industry Data Security Standard) determine the importance of access control and management for cloud environments and define strong security policies for protecting customers.

Another example of regulation required by the payment methods market is Bacen’s Resolution 4658. The resolution is meant to guide procedures and controls to reduce cyber vulnerabilities and meet cybersecurity goals in cloud environments. Not complying is not an option for businesses.

Your Company and Your Customers at Risk

Cloud providers can guarantee compliance for their infrastructure and environment, but compliance with security and risk mitigation requirements is still entirely your responsibility.

We have already discussed access risks in cloud environments, so it is important to remember what is at risk. A breach of your data or your customer’s data can be devastating, depending on the type of data and the breach extent.

The costs of investigating and resolving a breach, associated legal expenses, and losses to a company’s reputation can be enough to make its business unfeasible.

senhasegura can help your company control risks in the cloud:

  • Fully integrating and implementing two layers of privileged account security: for both the service provider and the customers.
  • Reinforcing administrative access to virtual machines.
  • Incorporating senhasegura into task automation tools to transparently provision new accounts via APIs.
  • Systematically resetting standard passwords as part of the provisioning process.
  • Providing individual responsibility for all privileged user activities.
  • Isolating, monitoring, and recording all sessions.
  • Replacing encrypted and visible application credentials with rotating credentials to improve security.

Request a demo now and discover the benefits of senhasegura for your business. Request it here.

Are the risks of lack of access protection in cloud environments worth it? It is up to you to decide.

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About Segura®
Segura® strive to ensure the sovereignty of companies over actions and privileged information. To this end, we work against data theft through traceability of administrator actions on networks, servers, databases and a multitude of devices. In addition, we pursue compliance with auditing requirements and the most demanding standards, including PCI DSS, Sarbanes-Oxley, ISO 27001 and HIPAA.

COVID-19 lockdowns or cybercrime – which is a greater threat to businesses?

The pandemic has dealt many a blow to businesses across the world. Regional and national lockdowns have forced businesses to rapidly adapt their operations, and in many cases, close entirely. In addition, the move to mass remote working can leave business’ systems and employees at greater risk, with remote workers more vulnerable to cybercrime. As part of its recent global research into financial technology, ESET examined the attitudes and perspectives of senior business leaders on what they saw as the bigger threat to the security of business’ finances in the next six months: another lockdown or cybercrime?

While on the surface it may seem like a lockdown poses the bigger threat, halting organizations’ ability to do their jobs and hindering access to workplaces, cybercrime may be just as worrisome, with 42% of respondents claiming that both a lockdown and cybercrime were equal in threat level. The sudden move to remote working brings with it a host of potential security issues, as employees are working from various locations, on a number of networks and devices, with a lack of access to IT departments and outside of a company’s on-site security controls.

In London alone, the first month of lockdown saw a 72% surge in financial losses from cybercrime as criminals took advantage of the shift to home working. It is likely that London was not the only financial capital faced with an increased threat of cybercrime. In times of crisis, cybercriminals will continue to exploit human behavior, and a disparate and potentially disconnected employee network is ripe for the picking.

Perhaps unsurprisingly, ESET’s research revealed a variation in responses depending on both company size and industry. Sectors such as retail and hospitality have been some of the hardest hit by physical lockdowns, but they are also attractive targets for cybercriminals due to their databases rich with customers’ sensitive details. Respondents that work in logistics or engineering roles were the most likely to select cybercrime as the bigger threat, while respondents in R&D and sales were the most likely to believe another lockdown to be the bigger threat.

There is also no denying that businesses with deeper pockets are more equipped to weather the COVID-19-related storm from a financial perspective. However, a potential data breach as a result of a cyber-attack could prove fatal to both reputation and recovery for businesses of all sizes. Companies with between 250 and 499 employees were most likely to view cybercrime as a bigger threat, compared to the businesses that saw a coronavirus lockdown as a larger threat, which was highest in businesses of 2 to 9 employees. This could likely reflect the toll that COVID-19 has had on small businesses, which have fewer resources at their disposal to deal with shutdowns and changing physical restrictions.   

We may not be there yet, but as the world attempts to move toward economic recovery, it is clear that lockdowns and the threat of cybercrime go hand in hand. As businesses navigate the ever-changing physical restrictions of COVID-19, they must also navigate an evolving threat landscape where financial cybercrime is increasing. Now, more than ever, businesses need to invest in solutions that keep their employees and operations safe and secured – no matter the industry, size, or location. 

About Version 2 Digital

Version 2 Digital is one of the most dynamic IT companies in Asia. The company distributes a wide range of IT products across various areas including cyber security, cloud, data protection, end points, infrastructures, system monitoring, storage, networking, business productivity and communication products.

Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which include Global 1000 enterprises, regional listed companies, different vertical industries, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

About ESET
For 30 years, ESET® has been developing industry-leading IT security software and services for businesses and consumers worldwide. With solutions ranging from endpoint security to encryption and two-factor authentication, ESET’s high-performing, easy-to-use products give individuals and businesses the peace of mind to enjoy the full potential of their technology. ESET unobtrusively protects and monitors 24/7, updating defenses in real time to keep users safe and businesses running without interruption. Evolving threats require an evolving IT security company. Backed by R&D facilities worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003.

×

Hello!

Click one of our contacts below to chat on WhatsApp

Social Chat is free, download and try it now here!

×