Neovera Launches Secure Performance Hub Solution in Collaboration with Equinix

Securely Accelerates Cloud, Network & Application Performance for the Enterprise

RESTON, Va.–(BUSINESS WIRE)–Neovera, Inc., a leading provider of cyber security services and enterprise cloud solutions, today announced the launch of its Secure Performance Hub solution in collaboration with Equinix, the leading data center and interconnection company. The solution provides secure high-speed, high-capacity direct connections to any public cloud provider. With Neovera Secure Performance Hub, enterprises can easily create hybrid environments between their internal data center(s) and public cloud environments to ensure optimal application and workload performance across global network environments.
“Enterprises looking for a secure, end-to-end fully managed Performance Hub solution can take advantage of the numerous benefits Neovera offers without deployment hurdles or incurring a CAPEX burden on their budget,” said Ryan Child, President at Neovera. “We’ve bundled co-location, power, cross connects and servers into one simple offering, and deliver it with 24×7 continuous support provided by Neovera’s Joint Security Operations Center (JSOC) located in the LEED & SSAE16 SOC-1 Type II Equinix Data Center in Ashburn, VA.”

Neovera’s Secure Performance Hub empowers enterprises to deploy business critical applications in multiple public cloud infrastructures, with industry-leading security, availability, and performance that today’s businesses demand. As a result, Secure Performance Hub provides globally consistent network security and quality of experience to users—all while potentially lowering Total Cost of Ownership.

“As more and more enterprise customers look to incorporate cloud deployments in their overall IT infrastructure, it’s crucial that they have a secure and high-performance solution with direct access to multiple cloud providers,” said Greg Adgate, vice president of global technology partners and alliances. “Equinix is pleased to be working with Neovera to provide solutions that enable enterprises to solve real-world challenges and advance their IT initiatives in a cost-effective manner.”

About Neovera

Neovera is a trusted provider of complex hosting solutions, leveraging over 15 years of unmatched technical expertise in enterprise cloud solutions, cyber security, and infrastructure management services. Headquartered in Reston, Virginia, Neovera’s clients range from start-up and non-profit organizations, to global media, healthcare, education, and financial institutions. Our goal? To help our clients achieve the highest return on their IT investment, ensuring convenience, superior support, and security of their mission critical systems and data. Learn more at www.neovera.com.

Read full press release here.

Neovera Joins F5 Networks UNITY Partner Program

Neovera’s Secure Performance Hub solution creates strong foundation for F5 partnership, empowering enterprises to deploy business critical applications in multiple public cloud infrastructures.

RESTON, Va. – Neovera, Inc., a leading provider of cyber security services and enterprise cloud solutions, today announced it has joined the F5 Networks UNITY™ Partner Program. In joining F5’s Partner Program, Neovera has gained access to the sales and marketing tools—as well as the training and services—necessary to provide the best possible service and support to its customers.

“Through the Neovera Secure Performance Hub solution, customers are able to meet the ever-increasing bandwidth and implementation demands expected in today’s enterprise market,” said Ryan Child, President at Neovera. “Our customers value our commitment to providing best-of-breed solutions, so we view the addition of the F5 product line as a wise investment of our time and resources.”

In partnership with F5, Neovera’s Secure Performance Hub empowers enterprises to deploy business critical applications in multiple public cloud infrastructures, with industry-leading security, availability, and performance that today’s businesses demand. As the only managed services and cyber security provider that can assemble, design, deliver and manage Equinix Performance Hub and F5 application delivery and security products as one simple, highly secure, and affordable solution, Neovera is able to lower costs for their users by pushing applications, data and processing closer to the edge of their enterprise network.

“F5 is pleased that Neovera has joined our UNITY Partner Program,” said Aldo Dossola, VP, North America Channels at F5 Networks. “Neovera’s innovative solutions create new experiences that enable customers to achieve maximum return on their investment. This new partnership is equally beneficial for both F5 and Neovera as it allows for mutual expansion of our markets.”

About Neovera

Neovera is a trusted provider of complex hosting solutions, leveraging over 15 years of unmatched technical expertise in enterprise cloud solutions, cyber security, and infrastructure management services. Headquartered in Reston, Virginia, Neovera’s clients range from start-up and non-profit organizations, to global media, healthcare, education, and financial institutions. Our goal? To help our clients achieve the highest return on their IT investment, ensuring convenience, superior support, and security of their mission critical systems. Learn more at www.neovera.com.

F5 and UNITY are trademarks or service marks of F5 Networks, Inc., in the U.S. and other countries. All other product and company names herein may be trademarks of their respective owners. The use of the words “partner,” “partnership,” or “joint” does not imply a legal partnership relationship between F5 Networks and any other company.

Read the full press release here.

Snapchat Spectacles: A Brewing Security Storm

Snapchat Spectacles have been making waves recently, and it’s not just due to their unique delivery system. With any innovative device there comes a series of questions and concerns from the purchasing community at large. Now, Snapchat Spectacles have turned the wearables model on its head and, while receiving praise for the product’s design and overall vision, the company is dealing with a number of potential security issues affecting consumers and unsuspecting passers-by.

Snapchat Spectacles work as follows: the glasses capture 10-second video that transfers wirelessly to your Snapchat account. Simple enough, but while early adopters across the country shoot and post their live action videos, many fail to realize that a major security issue is in play. When these videos are filmed and posted to the Snapchat account, Snapchat Spectacles capture metadata that includes location tracking and facial and voice recognition. Now it should be stated that the same privacy regulations for the Snapchat application apply to the Spectacles. However, using an application isn’t inherently the same as wearing a pair of video-taking glasses; sooner or later there will have to be additional and different security measures. Until that happens, a lot of protected user data could be at risk.

Now this isn’t the industry’s first foray into “wearables” – an easy comparison can be made between Snapchat Spectacles and now-defunct Google Glass. In theory, the idea was simple – a pair of glasses that could capture images and video, while allowing the user to view media on the glass themselves. While they were meant to revolutionize, they fell flat in a big way. One significant difference in their model is that Snapchat has an audience willing to be early adopters – in the US alone around 41% of 18-34 year olds use Snapchat. Another is the price point – while Google Glass stood at a whopping $1,500, Snapchat Spectacles are marked at a much more reasonable $130.

Snapchat Spectacles are very much in their infancy but already are posing a number of pressing security questions for the company and users alike. Until those questions are answered, understanding the security implications that come along with new and innovative products is a major step toward cyber security awareness on a user and business level.

Financial Services Sector: Defend Your Cyber Security

As an entity in the financial services sector, are you doing enough to protect your data and hard-earned money from cyber crime? Whichever your role may be in the financial services sector – small bank, credit union, money manager, investment adviser – the status of your cyber security protection plan is paramount to sustaining continued growth while still adhering to regulatory compliance standards. As it stands currently, the SEC is the governing body of the financial industry, but their cyber security measures are limited. Congress eventually joined the fight, passing The Cyber Security Information Sharing Act that outlines the government’s communication avenues about cyber security, and the Cyber Security National Action Plan, allocating more money toward fighting cyber crime.

So, what can be done in order to decrease the cyber attack risk for financial services firms? Below are key points from PwC’s article “Turnaround and transformation in cybersecurity: Financial services”:

  • Being aware of security protocols/standards of third-party vendors and holding them accountable: Whether they handle your HVAC or security system, connectivity to IoT and having proper cyber protocols in place is the difference between continued growth and stopping short due to a surprise hack.
  • Keeping up with the rapidly evolving, sophisticated, & complex technologies: Cyber security protection cannot just be one firewall, or anti-virus program; a multi-step, internal and external facing managed and monitored system is the answer – for now.
  • Understanding that an increase in mobile device usage means a larger, more inclusive cyber security plan: Over 30% of users have been attacked because of their mobile device usage. The assumption that cyber attacks only occur on desktops is a thing of the past.
  • Tracking, understanding and protecting from security threats outside the country: State-sponsored attacks and hackers from outside US jurisdiction use their location to their advantage. Be vigilant in your cyber security protection protocols and stop them before they even start.

This isn’t rocket science – the financial services sector has an obligation to their clients to provide every available security measure when it comes to protecting the assets that have been entrusted unto them. Now, the points above speak to ideas like employee education, pre-planned disaster recover options; it’s a lot for any company to take on in-house, especially if they don’t know where to start. Having a cyber security management and monitoring firm such as Neovera provide 24x7x365 support and protection for your vulnerable data is the difference between proactive and reactive organizations. Be proactive when it comes to cyber security protection – your clients will thank you.

The Trouble Behind a Secured User Experience

User experience and security – not the most harmonious of relationships. Few companies have been able to truly marry the two; meanwhile, the majority of organizations battle it out, sacrificing security for look and feel, or new products are pushed to the wayside because there isn’t a compatible security plan. News continues to break in the wake of the recent Yahoo! data breach – most notably, Marisa Mayer’s conscious decision to sacrifice security for streamlined looks and new product development. This is an extreme case in which millions of accounts were stolen in an egregious online attack, but it points to the constant battle between two factions. At what point do you risk user experience for a more robust security protocol, or threaten the accounts under your protection to give those same users an unforgettable online experience?

Though there are two distinct camps in the user experience and security discussion, there is a telling real-life event that occurred involving Google and Yahoo! in 2010. According to the New York Times’ account, Chinese military hackers breached a number of computer systems and online accounts owned by US technology behemoths. Google dove headfirst into ensuring an attack of this magnitude would never occur again. Co-founder Sergey Brin sprang to action and immediately made cyber security his top priority by hiring hundreds of security engineers and investing in security infrastructure. It should be noted that both user experience and security are able to peacefully coexist. Yahoo!, however, was slower to adopt the needed changes, and Marisa Mayer’s entrance did little to help the situation. After she took over Yahoo! in 2012, new product development became a sole focus despite looming security threats that had yet to be fixed since the initial attack. Though Yahoo!’s internal security teams pushed for changes, their suggestions were met with extreme pushback and more often than not were completely overridden in favor of a streamlined user experience.

The types of responses and response times behind an online attack or breach are key to comprehending the backbone of any company. User experience is important, granted, but there is an argument to support security as a part of the user experience. With one in five small businesses experiencing an attack, and 60% of those going out of business because of the blow, the time is now to work on improving the relationship between the user experience and security for your company’s future. With 24x7x365 management and monitoring solutions that are customized to every business’s needs, Neovera will ensure the safety and security of your data without impeding on future business goals.

Yahoo! Data Breach Impacts Millions

Yahoo! has most recently been in the news for its $4.83 Billion purchase price upon a finalized agreement from Verizon. It would be a huge boon for the two tech giants, and frankly, considering the news of late about Yahoo!, they need all the help they can get. Unfortunately that help definitely didn’t come from hackers in 2014 – in the largest breach of its kind, at least 500 Million users’  account details were stolen over two years ago. Yahoo! never reported the breach until last week when the details were leaked on the web. Not only does this pose a major issue for the hundreds of millions of Yahoo! users affected by the breach, but it opens up questions about the purchase and frankly, whether it’s even going to happen.

When the breach happened a few years ago, Yahoo! never issued a statement of any kind to its users or the media. Claiming that a state-sponsored actor is to blame for this vulnerability in the system, the company has begun working with law enforcement to get to the bottom of the situation. Meanwhile, the information released ranges from usernames, emails, passwords, and security questions and answers. Yahoo! is maintaining that the passwords were all encrypted with bcrypt but there have been other reports stating that some may have been released in an unencrypted format.

Yahoo! is keeping a tight lid on most leak details – they haven’t released which state-sponsored actor is responsible or if there are even any leads. And while they have scrubbed the security questions from the affected accounts, they are only suggesting that people change their passwords. To be clear: changing your password should be a first step for any user who owns a Yahoo! account, or any other affected by a data breach. Even if it was encrypted, changing a password takes seconds out of your day and will save you a great deal of potential headaches in the future. Protecting your cyber security position should be at top-of-mind with each click of the mouse and every IoT interaction. But, mistakes happen – let Neovera take care of those missteps with 24x7x365 cyber security monitoring and management services based on your company’s unique needs and requirements.

Email Scam Targets the IRS & Healthcare

To reiterate from past coverage: the IRS will NEVER contact someone through means other than the US Post Office. Due to a new email scam, more and more users are falling victim to correspondence that seems to be coming from the IRS about an unpaid medical coverage fee. Delving further into this most recent farce reveals that many users are continuing to make the same choices over and over again that ultimately hurt their cyber security standing and vulnerable data.

Now, here are the red flags to watch out for in this IRS/healthcare email scam:

  • You received an email from the IRS: You will never receive communication from the IRS via electronic means. It will always be through the Post Office. Because they’re old.
  • You received an attachment called a “CP2000 notice”: Same thing as above – while a CP2000 is used to inform the tax filer that income numbers don’t match between what was reported by the filer and a third party, this communication will always be sent by the Post Office.
  • There is an address included in the email where the user should send the payment, along with a payment link: the IRS would not illicit payments from tax filers to a P.O. Box; more importantly, they wouldn’t include a direct payment link in an email because they don’t communicate via email to begin with!

All of these red flags have very obvious solutions so that potential email scam victims won’t fall prey to this most recent attack. User education, especially within a company, is paramount to the larger part of a cyber security protection solution. Not only will Neovera, as your chosen managed and monitored cyber security protection service, be able to provide 24x7x365 coverage of your vital networks and data, but you will have the extra security of arming your employee’s with the knowledge to stop a cyber attack in its tracks.

Data Breach Affects 68 Million Dropbox Users

Another day, another data breach – this time Dropbox, popular cloud storage behemoth, announced that over 68 Million user email addresses and passwords were dumped on the Internet. What’s interesting is that the information is from a previous attack in 2012 at which time Dropbox reported that only email addresses had been stolen. Whether they did not know the passwords had been compromised or just didn’t disclose remains to be seen.

The data breach experienced by Dropbox is connected to two previous attacks, one on their own site in 2012 and another on LinkedIn that was spoken about at length on this site. As mentioned previously, the 2012 attack was thought to have only contained email addresses – instead, this most recent attack shows that not only did it include stolen passwords, but that trove of information was the release that occurred this week. Now, the way that the attackers were able to get in is rather interesting. It didn’t involve a unique cyber attack, physical connection or anything of the sort. The only thing they needed was an employee’s password, which was the same they happened to use at Dropbox and LinkedIn. Remember the data breach that occurred at LinkedIn receently? Exactly – they were able to use the same password, enter the site under the employee’s information and take whatever they wanted at their leisure within the user database.

So, how is Dropbox handling the situation? Beside urging users to change passwords if they haven’t done so (use these stories as incentive), Dropbox is taking steps to ensure that a future data breach is less likely to occur. The company’s security standing was, and is, strong – passwords were encrypted and they were in the process of upgrading the encryption from SHA1 to a stronger standard called bcrypt. This data breach just goes to show that even the stronger of the technology companies are sensitive to cyber attacks. Stronger protection on the user and business end is key – that includes strong, unique passwords, and multi-factor authentication; unfortunately Dropbox failed to heed the everyman’s warning that passwords should never be reused.

US Voter Database Systems Hacked by Russian Government

A group of Russian cyber attackers seem keen on disrupting various facets of the American government. The most recent victims? State-level voter database systems being used in the upcoming November election and more pressing primaries that are taking place today and in the coming months. What’s interesting is that, despite the number of attacks supposedly linked to the Russian government, the two attacks against Illinois and Arizona allowed researchers to find the closest link to date. So what information were they able to attain, and how were they able to attain it? More importantly, is it going to truly hinder the upcoming elections?

Both Illinois and Arizona’s voter database systems were targeted, but the attack styles themselves were different. Illinois officials reported that over 200,000 unique voter information files were downloaded by hackers in July, prompting a complete shutdown of the system. Meanwhile, Arizona dealt with, luckily, an unsuccessful bout of malware that had been installed on a county election official’s computer. Just in case, the state’s voter registration system went dark for nine days in order to remedy the situation. Furthermore, both Illinois and Arizona are in contact with their Board of Elections to determine further similarities in the logs collected within the duration of the attacks.

There are a few reasons to consider why the Russians may be behind this particular slew of attacks. For one, they have been linked, more or less, to previous US government organizations. The IP, or Internet Protocol, address is the same in both attacks, proving that the threats to both voter database systems originated from the same location. Unfortunately, though independent research has proven time and again that state and local voter database systems are extremely vulnerable, the Department of Homeland Security has stopped short of calling it “critical infrastructure”, which would allow it to receive federal government protections.

National Security Agency Hacked

The National Security Agency is a little less secure these days – it was recently announced that they were victim to a significant hack attack from “Shadow Brokers”. However, they themselves are also connected to one of the most extensive hacks in recent history according to Kaspersky Lab. In a world where cyber attacks are far-reaching and constantly evolving, will our national security be able to stay one step ahead of these innovative government hackers?

When it was announced that the National Security Agency had experienced a significant hack and top-secret information was stolen, fingers started pointing at parties related to the Russian government. Eventually the group “Shadow Brokers” came out from the woodwork and began to boast of its treasure trove; specifically they mentioned what are known as cyberweapons used by the NSA to attack perceived enemies of the US government. This is where we have to go back a few years, because while the NSA is the overall body with the cyberweapons in its possession, it was a particular group that worked with them. Known as the “Equation Group”, they were the ones taking action by creating hundreds of backdoors to government networks in Russia, China, India, Britain, the list goes on.

Currently, the grandstanding continues online. The Shadow Brokers are taunting users online, saying that for one million bitcoins ($576 Million) they will release the rest of the information they have from the hack. Though they aren’t anywhere near reaching their goal it brings up a lot of questions that many of us have yet to even realize need answers. One would probably be, it’s the National Security Agency – how were they hacked to begin with? Unfortunately we probably won’t ever know, but most of the time these super sensitive data troves are stored within air-gapped systems and not connected to the Internet. So, with that, could it have been a disgruntled employee with a flash drive? Potentially, but again it’s all speculation.

As a whole, these findings speak to the uncomfortable truth of cyber espionage becoming a bigger part of the national and international narrative. A small silver lining is that cyber security is easily kept in our own smaller narratives. Whether your business has one location or ten, guaranteeing the continued protection of your network so that both you, your employees, and your clients are safe and secure is the top priority at Neovera, a managed and monitored security services provider. With 24x7x365 protection, detection, and remediation, Neovera can take cyber security worries off your hands and protect your sensitive network information.