Author Archives: Trend Micro

New Azure Marketplace Pay-As-You-Go Billing for Trend Micro Deep Security as a Service

Cloud adoption continues to rise as organizations reduce their data center footprint, look to cloud native technologies to improve their application design and output, and strive to improve scalability and management of resources and systems.

In a recent survey conducted by analyst firm ESG, 87% of respondents indicated that they currently run production applications and workloads on a public cloud infrastructure-as-a-service platform. However only 10% of respondents run more than half of their workloads in the cloud.  This means that while cloud adoption is on the rise, businesses are still heavily vested in on-premises and hybrid-cloud environments.

With all this change comes the task of understanding how best to secure new cloud technologies and environments, while maintaining protection for traditional server platforms against threats and risks which present both technical and cost challenges.

So, what options does your business have to tackle this?

Trend Micro is excited to announce pay-as-you-go billing with its leading cloud solution, Deep Security as a Service (DSaaS) on the Microsoft Azure Marketplace. As a launch partner for pay-as-you-go billing at Microsoft’s Inspire 2019 conference, Trend Micro’s offering enables organizations to combine the benefits of security software-as-a-service (SaaS) with the convenience of usage-based metered pricing and consolidated cloud billing.

“Providing Trend Micro’s Deep Security as a Service offering through Azure Marketplace gives customers more ways to enable, automate, and orchestrate cloud security,” said Jeana Jorgensen, GM, Cloud and AI for Microsoft. “Customers can pay for only what they use with Trend Micro’s flexible, metered pricing or negotiate more a more traditional enterprise agreement using private offers while enjoying a consolidated bill for software and cloud infrastructure.”

Trend Micro Deep Security as a Service is purpose built to deliver a multi-layered automated approach to protect hybrid cloud workloads and container environments against known and unknown threats. Deep Security’s capabilities include network controls such as a host firewall and Intrusion Prevention/Detection (IPS) to shield servers and web applications from vulnerabilities and exploits. Deep Security also has system security capabilities such as log inspection, application control to detect and lockdown unauthorized executables, and real-time integrity monitoring to alert the security team of any suspicious or unexpected changes to registry values, registry keys, services, processes, installed software, ports, or files.

Additionally, Deep Security provides this same complete protection for your containers, with real-time malware protection, container vulnerability shielding, full traffic inspection for both North-South and East-West traffic between containers, as well as network and system controls, extending protection to the container and Kubernetes platforms. This also helps to meet compliance obligations across major regulations and industry guidelines, like PCI DSS, HIPAA, NIST, GDPR and more from within one trusted security solution.

Microsoft’s new Azure Marketplace offerings and billing methods allow IT and developers a means to quickly identify what software-as-a-service offerings they need and pay only for what is consumed with no additional costs. This makes purchasing easy for customers, with one transaction and a single invoice helping to remove friction across budget planning, capacity, and scaling.

“Our priority is to make cloud security as effortless as possible, which starts by meeting IT users and developers where they are and then offering comfortable usage and pricing options,” said Sanjay Mehta, SVP, Business Development & Strategic Alliances at Trend Micro. “Trend Micro is proud to continue our close relationship with Microsoft Azure as one of its top global security partners. Being part of their consumption-based billing launch for SaaS offerings helps customers looking to secure workloads and containers through their Azure instances.”

Trend Micro’s Deep Security as a Service will provide Microsoft Azure customers a fully hosted security management experience, starting at only $0.01 per workload per hour.

Learn more visit https://www.trendmicro.com/azure/

 

 

The post New Azure Marketplace Pay-As-You-Go Billing for Trend Micro Deep Security as a Service appeared first on .

Migrating Network Protection to the Cloud with Confidence

For modern organizations, speed and agility is the key to success – built on enhanced IT efficiency and performance driven by the cloud. Anything less could see your business outpaced by the competition. As always, security must be a priority when migrating to the cloud, but network teams are being let down by existing tools. Overwhelmed by this challenge, our TippingPoint customers came to us asking for an equivalent product for their AWS environments. So we went away and built one.

Cloud Network Protection is the first transparent, in-line network security offering for AWS customers: simple to deploy and manage, cloud-ready and leveraging our industry leading expertise in network threat protection.

Let down by legacy

According to the cloud’s shared responsibility model, network security teams are increasingly being tasked with extending security into the cloud. But current offerings in the market simply aren’t capable of supporting their requirements. They’re complex, expensive and introduce extra friction.

Our TippingPoint customers came to us with a range of gripes. They felt existing network security solutions are simply not engineered with cloud environments in mind. In fact, some need to be rearchitected to function at all in the cloud. Often, these incompatibilities lead to business disruption: by causing app and network downtime while network security is deployed and/or slowing down the speed of DevOps on an ongoing basis. In many cases, customers complained of having to use multiple tools to manage security for different networks in the hybrid cloud – adding extra cost and complexity and creating potential security gaps through misconfigured solutions.

These challenges impair their ability to meet key compliance requirements like HIPAA and GDPR. Responding to internal and external audit requests also became more difficult. At the same time as these strategic challenges, network security teams wanted to meet day-to-day requirements such as blocking requests to specific domains.

A new approach

Taking all this on board, we set about designing a network-based solution to handle the scale and performance demands of the cloud, without introducing extra friction to operations. We did this by tapping the power of the AWS Transit Gateway, a service that enables customers to connect all their Virtual Private Clouds (VPCs) and on-premises networks via a single, centralized gateway.

The resulting Cloud Network Protection solution is deployed transparently into the network fabric, providing visibility and control where network security teams need it most whilst avoiding application disruption and the need to rearchitect. By extending our TippingPoint capabilities into the cloud, we offer organizations multiple benefits including:

Consistent network security: Allowing teams to use existing TippingPoint security profiles in the cloud and on-premises.

Centralized SMS management: Complete visibility and control using the familiar Security Management System (SMS).

Simplified deployment: Minimizes friction by sliding seamlessly into the cloud network fabric.

Industry leading security: Including network-based virtual patching, and zero-day protection backed by the Zero Day Initiative bug bounty program. All whilst avoiding business disruption.

Nearly three-quarters (73%) of organizations had at least one application in the cloud as of last year – with a further 17% planning to do so within the next 12 months, according to IDG. As they migrate these business-critical apps, network security teams are demanding effective, cloud-ready tools that offer maximum protection without impacting performance. Fortunately, now they have one.

The post Migrating Network Protection to the Cloud with Confidence appeared first on .

Trend Micro Named Best Company To Work For In Taiwan

Trend Micro prides itself on caring first about people – both in our external mission and internally with our employees. As this issue is close to the hearts of our executives, we are always very proud to be recognized by related awards.

The HR Asia Awards Taiwan recently named Trend Micro as one of their Best Companies to Work for in Asia in 2019.

Throughout nine countries, including Taiwan, China, Hong Kong, Philippines, Vietnam, Singapore, Malaysia, and Indonesia, HR Asia invited employees anonymously to assess their company based on corporate culture, personal experience and feelings to get a sense of corporate culture and identity.

As the results came in, Trend Micro averaged a higher score than any company and is awarded the Best Company to Work for in Taiwan. Winning this respectful award helps demonstrate Trend Micro as an open and adaptive corporate culture that works continuously to keep employees satisfied.

Stephy Ko, Director of Trend Micro Human Resources, reflects on the award saying, “establishing a cultural fit with new candidates is key to Trend Micro’s talent management.” When making the right selection for a new hire to come onboard, in addition to technical capabilities for the respective job, we focus heavily on their potential development within our corporate vision.

Winning Model

At Trend Micro, we focus on a formula for hiring and maintaining great people. The Performance = Potential – Interference Index is effectively carried out as Trend Micro believes that each individual has unlimited growth potential and self-governance.

To reflect this, it is important that management policies allow employees to “Be The Best Part of Yourself” by minimizing any obstacles that may be in the way of their development.

To ensure everyone’s voice is heard, Trend Micro has a check-in system that allows employees to share their own thoughts, called the World Café discussion model. The World Café discussion model generates various ideas and allows acceptance of the different opinions.

In addition, a separate Time Machine exercise lets employees reflect on difficult situations or doubts around the team’s direction directly to their management. This not only lets concerns be heard and discussed, but forces the management team to react immediately.

These exercises not only take place within the Taipei office management team, but stems from the very top with our CEO, Eva Chen. She is always passionate about new technical advancements and paying attention to customers’ feedback, but she also attends internal meetings to personally explain the company’s future and goals to increase understanding, cross department cooperation and resource integration.

What Employees Are Saying

Here are some statements about Trend Micro Taiwan based on employee feedback:

Open, diverse, and inclusive team spirit: Trend Micro encourages cross-department cooperation, along with supporting employees who desire to gain new skills or certifications. Questions from the survey related to hearing and responding to employee feedback also received higher than average scores.

Autonomous, active, and high recognition from employees: Trend Micro employees believe that they are working in a healthy corporate environment in which the company will lead them to achieve a greater future. Employees are confident that the company will provide any support they need for them to reach corporate goals, therefore they are willing to recommend Trend Micro as the Best Enterprise to others.

Mutual trust, assistance, and respect among teams: Trend Micro received high scores in each of the following sections, which lead to higher than the average scores, including encouraging employees to voice their opinions, trusting peers will provide assistance, fulfilling responsibilities, understanding teamwork, and respecting that everyone has their strengths and weaknesses.

We are proud to receive this award as it reflects how our employees talk about our company and how they feel about being a Trender.

Interested in joining the team? A full list of our global job postings can be found here: https://www.trendmicro.com/en_us/about/careers.html.

The post Trend Micro Named Best Company To Work For In Taiwan appeared first on .

Hackers Are After Your Personal Data – Here’s How to Stop Them

Our lives are increasingly digital. We shop, socialize, communicate, watch TV and play games — all from the comfort of our desktop, laptop, or mobile device. But to access most of these services we need to hand over some of our personal data. Whether it’s just our name and email address or more sensitive information like Social Security and credit card numbers, this sharing of what’s known as personally identifiable information (PII) exposes us to risk. Why? Because hackers are looking for ways to steal and monetize it.

The latest FBI Internet Crime Complaint Center (IC3) report, recently released, paints an accurate picture of the scale of these online threats. Personal data breaches were among the top the reported cybercrimes in 2018, with 50,642 victims listed. They were linked to losses of over $148.8m. This is likely just the tip of the iceberg, as many incidents aren’t reported. Identity theft, which usually results from data theft, cost victims over $100m last year. And phishing attacks, which are commonly used to trick victims into handing over sensitive PII and passwords, accounted for over $48m in losses.

The message is clear: consumers need to take urgent steps to protect their most sensitive identity and financial data from online attackers. That’s why Trend Micro has produced this guide, to help you identify where your most sensitive data is stored, how attackers might try to steal it and how best to secure it.

What is at risk?

The bottom line is that hackers are out to make money. Although they can do this via online extortion and ransomware, it is most commonly done via data theft. Once they have your PII and financial details they sell it on dark web sites for fraudsters to use in follow-on identity fraud. They could use banking log-ins to hijack your bank account and drain it of funds. Or they could open new credit cards in your name and run up huge debts.

Identity fraud is a growing threat to US consumers. It affected 14.4m of us in 2018, leading to losses of $1.7bn — more than double the 2016 figure.

As we’ve mentioned, the hackers are after as much PII as they can get their hands on. The more they have, the easier it is for them to stitch together a convincing version of your identity to trick the organizations you interact with online. It could range from names, addresses and dates of birth at one end to more serious details like Social Security numbers, bank account details, card numbers, and health insurance details at the other.

Most of this information is stored in your online accounts, protected by a password, so they will often put a great deal of effort into guessing or stealing the all-important log-ins. Even accounts you might not think would be of interest to a hacker can be monetized. Access to your Uber account, for example, could be hijacked and sold online to offer free trips to the buyer. Or your Netflix account log-ins may be sold to provide free streaming services to whoever pays for them.

Now, hackers may go after the firms directly to steal your personal data. In the past we’ve seen mega breaches at the likes of Uber (affecting 57m global users) and Yahoo (affecting 3bn users). But they might also target you individually. Sometimes they may use information they already know about you to trick you via phishing into handing over more, as with tax fraud and sextortion blackmail attempts, and sometimes they might use already breached passwords to try and hack into your accounts, hoping you reuse the same log-ins across multiple sites.

While you’re most likely to get reimbursed by your bank eventually for financial losses stemming from identity fraud, there’s a major impact beyond this. Online data theft and the fraud that follows could lead to:

  • Out-of-pocket costs to recover your identity
  • Emotional distress: 75% of victims report suffering severe distress
  • Lower credit scores
  • Time and effort disputing charges/recouping money: it’s estimated to take an average of six months and 200 hours of work to recover your identity following an attack.

How do they steal it?

There are plenty techniques the bad guys have at their disposal to part you from your data and money. They’re supported in this by a vast underground cybercrime economy, facilitated by those dark web sites. This not only offers a readymade platform for them to sell their stolen data to fraudsters, but also provides them with hacking tools, advice and cybercrime services. This black market economy could be worth as much as $1.5tr per year.

The hackers may choose to:

  • Target you with a phishing scam, spoofing an email to appear as if sent from an official company (the IRS, your bank, insurer, ISP etc.)
  • Launch automated attacks, either using your log-ins from other sites that have been stolen, or else using online tools to try multiple combinations of easy-to-guess passwords like “passw0rd”
  • Exploit vulnerabilities on the websites you visit to gain access to your account
  • Infect legitimate-looking mobile apps with malware and wait until you unwittingly download
  • Intercept your private data sent over public Wi-Fi: for example, if you log-in to your online banking account on public Wi-Fi, a hacker may be able to monitor everything you do.

How can I secure it?

The good news is that there are plenty of simple things you can do to keep your data safe and secure — most of them free of charge. Consider the following:

  • Use a long, strong and unique password for each website and application. To help you do this, use an online password manager to store and recall these log-ins when needed.
  • Change your passwords immediately if a provider tells you your account may have been breached
  • Use two-factor or multi-factor authentication (2FA/MFA) MFA if available for added log-in security.
  • Only enter PII into sites which start with “HTTPS” in the address bar.
  • Don’t click on links or open attachments in unsolicited emails or texts.
  • Be careful about over-sharing personal and financial details on social media.
  • Only download apps from official app stores like the Apple App Store or Google Play.
  • Don’t access any sensitive accounts (banking, email etc) on public Wi-Fi without using a VPN.
  • Invest in good AV from a trusted provider for all your PCs and mobile devices. It should include anti-phishing and anti-spam.
  • Keep all operating systems and apps on the latest versions to minimize the number of vulnerabilities hackers could target.
  • Keep tabs on your financial transactions so you can quickly spot if an identity fraudster has been impersonating you.
  • In the advent of a breach involving your credit (aka Equifax), check your credit report and security status from Equifax, TransUnion, Experian, and Innovis and put a security freeze on it if necessary.

The post Hackers Are After Your Personal Data – Here’s How to Stop Them appeared first on .