This month, AirTight Networks’ flagship product, SpectraGuard® Enterprise, achieved FIPS 140-2 validation from the National Institute of Standards and Technology (NIST) of the United States and the Communications Security Establishment of Canada (CSEC).

 These standards and guidelines are issued by NIST as Federal Information Processing Standards (FIPS) for use government-wide. NIST develops FIPS when there are compelling Federal government requirements such as for security and interoperability and there are no acceptable industry standards or solutions. See background information for more details.

Simultaneously, AirTight’s SpectraGuard Server passed TIC tests for inclusion on the DISA UC APL. The DISA UC APL is the single consolidate list of products that have completed interoperability (IO) and information assurance (IA) certification. Use of the DoD UC APL allows DoD Components to purchase and operate UC systems over all DoD network infrastructures.

AirTight’s products are deployed worldwide in many of the most security sensitive United States government and defense organizations to assure security and compliance with requirements such as DoD 8420.01, FISMA and guidelines from the National Institute of Standards and Technology (NIST). Because AirTight products are always kept up-to-date with certifications such as FIPS 140-2, Common Criteria and DISA; government and defense agencies can take advantage of the powerful wireless security technology provided by AirTight.

Della Lowe 802.11n, Compliance, DISA UC APL, Federal Government, FIPS 140-2, Wireless security, WLAN networks 802.11n, DISA, FIPS, WIPS, Wireless Intrusion Prevention, Wireless security

Join AirTight wireless and security experts to learn how deploying a cloud-based Wi-Fi solution can meet your  business objects with the fastest deployment, lowest cost and minimal management overhead, while maintaining the security of your network and meeting PCI wireless scanning requirements.

AirTight can show you how to be up and running with a Guest Wi-Fi network and captive portal in a matter of minutes.

Be sure to visit AirTight at booth 2227 at the NRF 101st Annual Convention & EXPO, January 15-18, 2012 at the Jacob K. Javits Convention Center in New York City. We will have experts and top executives on hand to answer your questions.

Monday, January 16, 2012: 9:00am – 6:30pm
Tuesday, January 17, 2012: 9:00am – 5:00pm 

Featured Product:

AirTight Cloud Services™ – AirTight Cloud Services for Wi-Fi Access and Security is the first and only VVi-Fi solution managed from the cloud that offers VVi-Fi access PLUS full time rogue detection and prevention for wireless security and PCI compliance in a single device.

If we have your interest, contact us at sales@airtightnetworks.com to set up a meeting with our wireless experts.

Della Lowe Cloud computing, PCI, WiFi Access, Wireless security, WLAN networks

We are really excited here at AirTight.  AirTight achieved a rating of “Strong Positive” in Gartner’s 2011 Marketscope Report for Wireless LAN Intrusion Prevention Systems. published this week.  “Strong Positive” is the highest possible rating in a Gartner Marketscope. The July 2011 report was authored by John Girard, VP, Distinguished Analyst, John Pescatore, VP, Distinguished Analyst and Tim Zimmerman, Research Director at Gartner.

2011 Gartner Marketscope On Wireless LAN IPS matrix

If you are concerned about wireless threats to your enterprise, including unapproved personal smart devices, this report outlines the key highlights and limitations of each solution as well as feedback from real customers of each vendor.

The 2011 MarketScope report evaluated vendors on five criteria – customer experience, offering (product) strategy, overall viability (business unit, financial strategy, organization), marketing execution, and product/service.

The report notes in part, “Wi-Fi support is a standard extension of corporate networks, and enterprises must ensure the vulnerability management and intrusion prevention processes be extended to cover wireless and wired networks. WLAN security monitoring in the form of wireless intrusion prevention systems (WIPS) is required to ensure that supported WLAN performance is not impeded by interference or denial-of- service attacks, WLAN traffic is kept private and secure, users are prevented from installing unauthorized WLANs, and unsupported/unauthorized WLAN technologies are barred from operation.”***

***MarketScope Disclaimer

The MarketScope is copyrighted 2011 by Gartner, Inc. and is reused with permission. The MarketScope is an evaluation of a marketplace at and for a specific time period. It depicts Gartner’s analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the MarketScope, and does not advise technology users to select only those vendors with the highest rating. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Della Lowe PCI, smartphones, WiFi Access, Wireless scanning, Wireless security, WLAN networks

This article in Information Week  by Mathew J. Schwartz is well worth reading. It is time that security came first and compliance second IMHO. Click on the link below and I would love your feedback on the article and my comments.

———————————————————————————————————————————————–

What Do IMF, Citigroup, And Sony Hacks Share?
Mathew J. Schwartz,

“Many organizations have been focusing on complying with regulations, rather than taking a top-down look at what most needs to be secured, security experts say.”

———————————————————————————————————————————————

I believe this article by Mathew  is right on the money.  Compliance does not equal security.  It is time for organizations to understand that security is not just some incessant fly they can swat away and then forget until the next time it comes back.  Many of these organizations are dealing with data so sensitive that release of it can bring down governments or ruin individual lives. 

Security is not a once and done.  It is an ongoing, layered process that must take into account all current and emerging threats, such as smartphones, iPhones, iPads and droids – all of which come Wi-Fi enabled – meaning they can create bridges into your network even if you have not rolled out wireless.

Information Week also has a great slide show of the ten largest breaches you might find useful:

10 Massive Security Breaches

Della Lowe Wireless security

When: Tuesday 26 April 2011, 11:00 AM – 12:00 PM
Time Zone: (GMT-08:00) Pacific Time (US and Canada); Tijuana

Description: Are iPhone, iPads, Smartphones and Droids outsmarting your network security perimeter? The consumerization of smart phones is now perceived as top threat to the enterprise network security. In a recent ComputerWorld article – “Security consultants have identified six holes that are often wide open in corporate IT systems,” and listed the number 1 threat to address NOW as, “smart phones attaching to your network”. AirTight CTO, Pravin Bhagwat, will describe the threat scenarios posed by the proliferation of smartphones and discuss strategies you can use today to keep tabs on their usage in your network. He will layout the threat scenarios posed by Wi-Fi enabled devices and discuss the three things you need to know to protect your network. Learn how to: 1. Monitor the smart phone usage 2. Define the smart phone usage policy 3. Enforce the smart phone usage policy Join AirTight for this interactive Webinar about this important and increasingly common threat to your network.

Host: Della Lowe

To register for this event, please go the following link:
http://airtightnetworks.acrobat.com/smartphones4-26/event/registration.html

If you’ve never used Connect Pro, get a quick overview:
http://www.adobe.com/go/connectpro_overview

Adobe, the Adobe logo, Acrobat and Acrobat Connect are either registered trademarks or trademarks of Adobe Systems Incorporated in the United States and/or other countries.

Della Lowe Wireless security

Last week AirTight presented the first Webinar designed to educate network administrators and security professionals about the wireless risk introduced with Windows 7. The response was so overwhelming that we are presenting it live again on March 10. I guess we hit a nerve since AirMagnet is bringing up the rear now and presenting a Webinar on the subject. But if you want an in depth look at this topic and solid advice on protecting your network, join AirTight experts for a live encore presentation of our webinar:
Windows 7 – a New Enterprise Wireless Risk

When: Wednesday 10 March 2010, 10:45 AM – 12:00 PM
Time Zone: (GMT-08:00) Pacific Time (US and Canada); Tijuana
Read more…

Della Lowe Windows 7, Wireless security AirMagnet, Rogue AP, WiFi access point, Windows 7 Webinar, Wireless security

I recently read a statement put out by Senator Kay Bailey Hutchison urging support for her bill, ” The Safe Prisons Communications Act creates a framework for the FCC to test and approve jamming equipment and to review applications from corrections facilities seeking to install cell phone jammers. Most importantly, to ensure the integrity of wireless networks for public safety and commercial wireless providers, and minimize any chance of interference, the legislation outlines the coordinated efforts from all stakeholders, including prisons and the telecommunication providers.”

http://ourtribune.com/article.php?id=7975

According to Hutchison cell phones are used within the prison walls to coordinate crimes outside the wall, including murders, intimidation and fraud. The idea struck me as one that could be a slippery slope but one could hardly argue that prisoners have a “right” to cell phones – or do they. I would love to hear comments on this one.

Della Lowe Wireless security cell phone jamming, cell phones in prison, cybercrime

Security experts warn of dangers of rogue Wi-Fi hotspots

Story Highlights from CNN International

• Security experts warn Wi-Fi users to be more vigilant against hackers
• Experts say it’s difficult to distinguish between legitimate and rogue networks
• Wi-Fi Alliance says spread of Wi-Fi hasn’t led to an ‘epidemic’ of hacking
• Users urged to protect their networks, use VPN for sensitive data

LONDON, England (CNN) — You’re sitting in an airport lounge and seize the chance to check your e-mails before your flight departs. You log on and are tempted by a wireless Internet provider offering free Internet access. So, do you take it?

Security experts warn that hackers may be masquerading as free public Wi-Fi providers to gain access to the laptops of unsuspecting travelers. Read more…

Della Lowe Best practices, Wireless scanning, Wireless security hacking, rogue access point, WiFi hotspot

AirTight is presenting a weekly series of Webinars, entitled, “How the PCI Wireless Guidelines Apply to You,” which are aimed at helping organizations understand the wireless scanning requirements of the PCI DSS release this month by the PCI SSC and provide practical information on how to address those requirements to prove compliance. The Webinars will be held each Thursday at 11 A.M. U.S. California time beginiing on July 23, 2009. Those wishing to register for the first of the series may do so by following the link above. After that there will be a document on AirTight’s website which will allow you to choose a convenient date for yourself.

Della Lowe Compliance, PCI, Wireless scanning, Wireless security PCI DSS, PCI SSC, wireless guideline

This story seems to come from the files of “I am ten feet tall and bulletproof.” Many of us have a mixed reaction to those who are able to manipulate computers and code to their advantage for criminal acts. We wonder why they do not use their talents to simply make money the old fashioned way but also are outraged at their actions which disrupt our lives, compromise our security and cost us money. But then you read a story such as the one Robert McMillen of IDG posted over the weekend about the security guard and ersatz hacker who allegedly videotaped his cyber exploits at the clinic he was supposed to be protecting and then posted them to YouTube. He claimed to be adding botnets which would allow him to do a denial of service attack on July 4 just for the fun of it. He did get caught. You really have to read this story which is both funny and sad at the same time.

Della Lowe Wireless security cyber crime, cyber security, hacking