DataCenter Summit and Awards 2018 – By USB Forums

DataCenter Summit and Awards 2018

6th Edition DataCenter Summit and Awards 2018

When we talk about data centers, what is the one important thing that comes to our mind: “Security

Yes, where ever there is Data involved, it’s important to talk about security of data.

Data security is the practice of keeping data protected from corruption and unauthorized access.

DataCenter Summit and Awards 2018 is the 6th edition, held on 5th October 2018 at The St. Regis, Mumbai, organised & produced By USB Forums (http://datacentersummit.in/)

USB Forums aims to create and bring around a Transformational Leadership for Individuals and Industry. (http://ubsforums.com/)

DataCenter Summit and Awards is India’s largest, most influential gathering of industry expertise to discuss the evolving landscapes of datacenters and to keep them more relevant to the changing needs.

With 450+ Delegates, 93+ Speakers, 50+ partners & 45+ Keynote Sessions, it’s bound to be a big event.

Data Centre Summit is a great place to learn and share thoughts with the industry titans about: cloud computing services, data center management, cloud storage, data security & more

At Rediff.com we handle 300M+ mails daily that sums to 6+ PB of data storage.

With 24x7x365 data & network monitoring, it is crucial that we give our best to Security.

Venkata Satish Guttula, Director – Security, Rediff.com India Ltd having 12+ experience in the field of Cyber Security has incorporated & manages many tools to protect emails & data at Rediff.com; tools for: Encrypted email transmission, Vulnerability Detection System, Advanced Threat Protection (ATP) & Data Leak Protection (DLP) & more.

He has won an award under the category Data Security (Infrastructure Engagement) at the DataCenter Summit and Awards 2018.

Venkata Satish Guttula, Director IT Security Data Security Award 2018

 

Secure, Cloud based Enterprise Email Solution for Businesses and Professionals from the popular Rediffmail service

Demystifying Spear Phishing

Spear phishing is the new kid on the block which has been giving sleepless nights to email security folks. Spear Phishing is a specialized and more targeted type of phishing attack. Traditional phishing attacks are one-to-many types, which are usually conducted by sending malicious emails to as many people as possible. Such emails appear to come from trusted sources like your bank, or some other online utility service and they contain links to deceptive sites which make victims reveal their passwords, sensitive account information, confidential pins, etc. Sometimes the phishing message try to lure the victims into opening infected attachments which once opened can seize control over victim’s device and harvest sensitive information stored on the device.

The bait – malicious URL or attachment

The modus operandi of Phishing attacks is to cast a wide net. Phishers seem to spread their enticements all over and don’t care what kind of fish they catch – as long as the victims take the bait, they can infiltrate and cause the damage. In contrast to the mass email approach of Phishing, Spear Phishing is a targeted attack or rather one-on-one, where the Phisher creates a fake narrative or impersonates a trusted person and establishes a conversation with the victim. Only later does the Spear Phisher request confidential credentials or sends a malicious URL/attachment. Though the end goals of Phishing and Spear Phishing are the same, the tactics employed by the two vary.

Social Engineering & Research

Spear Phishers do a lot of research about the intended victim before crafting their first message. They study the social media profiles like Linkedin, Facebook, etc. of the victim and try to build a profile around the victims work and general life. The chosen victims are ones who have access to some sensitive information about their organization like intellectual property, bank passwords, etc. The Phisher sends an email to the victim which seems to come from a colleague or business associate. The first few interactions do not contain any link or attachments, hence are difficult to be detected by anti-spam and anti-virus filters. After a few interactions, the Phisher either sends a link to the victim that can infect his machine with a spyware or sometimes even drives the victim to share some IP or transfer money to his account, citing an extraordinary situation.

Real life examples

  • The business impact of Spear Phishing attacks can be devastating. In 2014, Sony Pictures faced a huge reputation damage when private email were exchanged between executives revealing embarrassing comments about famous people. The studio lost control of complete, unreleased movies, which fell into the hands of digital pirates. The company had to incur a cost of around $8 million to settle lawsuits with employees who were forced to protect their identities from the theft.
  • In 2015-16, the Russian cyber espionage group Fancy Bear allegedly committed one of the more famous spear phishing campaigns and infiltrated the Democratic National Convention in USA to steal emails. The Russians had gained access not only to email systems but also to backup servers, VOIP calls, and chats. Between repairing and replacing equipment and hiring experts to manage the fallout, the expense was over a million dollars.

Conventional Anti Spam filters derive signatures, recurring patterns & phishing URLs by using information from previously identified threats. This arrangement was successful in fighting mass spam emails – which threatened to make email unusable. However, email security based on signature and recurring patterns is completely ineffective in identifying the ‘one-off targeted Spear Phishing attacks’. The first few emails sent by Spear Phishers do not contain any attachments or links, thus go undetected by spam filters. The Spear Phishers intention is to build a trust with the victim. Phishers usually send emails from legitimate email addresses having good reputation and spoof the display name. Victims get deceived and take the received emails at face value. They do not bother to check the actual email address of the sender which may reveal the hoax. Since Spear Phishing emails spoof the display name and not the actual email address, they are not filtered by DMARC, which relies on policies enforced by senders with respect to their domain names.

Considering the risks of opening and reacting to Spear Phishing emails it is important to educate your users to be vigilant. Here are some tips to that can help protect your users from Spear Phishing:

  1. Be judicious while posting your personal information on social media.
    Hackers use social engineering techniques as a first step to gather information about victims.
  2. Do not hesitate to check with the sender if you are not sure about the authenticity of an email.
    Impersonation by manipulating the display name of a sender is a common ploy used by hackers. To counter the familiarity exploit, your users should not hesitate to check the authenticity of the email with the sender. This is even more so decisive when the email seems to come from someone familiar and makes some request that seems out of the ordinary.
  3. Check before you click.
    Hackers hide malicious URLs in emails behind URLs that look genuine. Educate your users to hover over the hyperlink to see the destination URL first and if not familair then do not click.

The above behavior based approach is easier said than done.  Sooner or later, someone will click on something that will expose your systems to a breach. Using the right endpoint protection, one that assists in doing this behavior analysis helps. The Rediffmail Enterprise integrated Spear Guard filter uses artificial intelligence consisting of machine learning and predictive heuristic rules to identify and block Spear Phishing attacks even in their initial stages and also saves you from the inconvenience of dealing with multiple vendors to protect your email  infrastructure.

 

 

 

Secure, Cloud based Enterprise Email Solution for Businesses and Professionals from the popular Rediffmail service

Protect your domain’s reputation with DMARC

Cyber criminals are known to impersonate well known brands and use the brand’s trusted reputation to send emails to recipients and orchestrate an imposture.  The victims end up giving away sensitive information like credit card pins, passwords, or even end up making payments to the imposters.

Domain-based Message Authentication, Reporting & Conformance i.e. DMARC protects your organization against such email threats.

Therefore, for an organization who sends emails to its customers, DMARC ensures that legitimate email is authenticated and the sender’s identity is verified by the recipients’ email service provider. Fraudulent emails appearing to come from domains under the organization’s control is blocked. The organization can even include domains that do not send mails or even defensively registered domains in its DMARC policy.

Inbound emails that fail DMARC authentication do not reach the recipient’s Inbox, thus filtering out phishing mails. So, if you get an email from the Income Tax department with a “From” address having intimations@cpc.gov.in, did cpc.gov.in really authorize that message?

DMARC builds on two existing and widely deployed email authentication techniques, the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM).

Two key values of DMARC are domain alignment and reporting.

Phishing emails generally abuse the visible “From” header of emails by forging it. DMARC’s alignment feature prevents spoofing of the “From” header address by:

  1. Matching the “From” header domain name with the “envelope from” domain name (also know as the “return-path” address ) used during an SPF check, and
  2. Matching the “From” header domain name with the “d= domain name” in the email’s DKIM signature.

DMARC allows responsible organizations to instruct email providers who receive emails from the domains that they own, on how to handle unauthenticated emails via a DMARC policy, removing any guesswork on how to deal with messages that fail DMARC authentication.

What sets DMARC apart from other email authentication protocols is its reporting function. With DMARC, you can see who is sending email on behalf of your domain, your brand, and prevent spammers from using it to send fraudulent email.

The reporting feature of DMARC means that DMARC enabled receivers will tell you:

  1. How many messages they’ve received using your domains in the From: address
  2. Where these messages came from
  3. Whether these messages passed DKIM and SPF checks.

For Inbox providers, it is easier to determine that messages are not bad. Such emails are more likely to get delivered to the recipient’s mail quickly and without mistakes. Thus setting up a DMARC policy and choosing a right service provider to send your emails only helps in strengthening your brand’s reputation. 

Rediffmail Enterprise helps you defend your domains reputation by implementing DMARC for your organization’s domain names. The Rediffmail Enterprise Email Security team hand holds you through the entire life cycle of implementing DMARC – studying your outbound email traffic pattern (including marketing mails sent through 3rd party email campaign tools), configuring SPF and DKIM records in your DNS for all your domains (including domains that do not send mails or even defensively registered domains), configuring the DMARC record in your DNS with the right policies from the “monitoring” to “blocking” modes. The DMARC dashboard integrated in your administrators tools gives you visibility of your outbound email traffic pattern which include graphical stats of the source of outbound traffic and details of phishing attempts done using your domain names.

Secure, Cloud based Enterprise Email Solution for Businesses and Professionals from the popular Rediffmail service

Big Cyber Security Show & Awards – Mumbai, 2018

BIG Cyber Security Show & Awards organised by Trescon

This is the second edition of the cyber security show & awards, an event by Trescon on 20th September 2018 at The Leela Mumbai.

The show is designed for executives and industry experts from across business technology, in need of innovative technology & solutions to protect their company’s infrastructure & data from cyber attack.

Companies and organisations around the globe are facing different forms of cyber threats from many entities. To name some: Ransomware, Advanced Persistent Threats, and the leak of sensitive information are just the tip of the iceberg.

Protecting individual & company’s data would be the challenge many users in the industry are facing.

This provides a big opportunity for:

    1. Solution Providers – to talk about their latest challenges in such situation and how did they overcome this hurdle.
    2. Security Analysts / Industry Experts – to discuss the new trends in cyber attack and what can be done to safeguard their data
    3. Policies – Industry & government policies inline with new security standards.

The strategy for the event is very clear,

“To explore new innovations for a greater cyber security.”

As India is gearing to be the centre of latest technologies and innovation in IoT, BigData & more; It’s crucial for solution providers to be take the centre stage and voice their opinion on the current state & what needs to be done.

The cyber security market is expected to grow from US$ 4 billion in 2018 to US$ 5 billion by 2025

Rediffmail Enterprise is proud to be the PLATINUM PARTNER of the BIG Cyber Security Show & Awards 2018.

We have speakers who would be talking about the latest technology & solution inline with email security and general practices to protect your data.

  • Venki Nishtala, Chief Technology Officer, Rediff.com India Ltd
  • Amol Mujumdar, Sr. Director -Technology, Rediff.com India Ltd
  • Venkata Satish Guttula, Director – Security, Rediff.com India Ltd

For more information on the awards, please visit:  Big Cyber Security Show & Awards »

 

How to control Business email data-leak?

emailleakprotection

For most of the companies, over 70% of your business critical information reside in your emails and there are many ways by which mail data can be leaked electronically from a company like inappropriately printed info, copying to pen drive, writing the data to a DVD/ CD or any other portable storage device.

BYOD Smart phones / devices with combination of high storage capacity, high speed data access and loads of apps to leak mail data – email, messaging and social network access are the most dangerous all-time device for stealing or leaking company mail data.

And last but not the least, email data theft also happens inadvertently with loss of company laptop or mobile devices.

Particularly data theft through email is on rise as any sensitive data can be emailed instantly to desired email address and can be accessed from anywhere in the world. Individual’s identity theft via suspicious e-mail or phishing is one such similar attempt made by fraudulent.

Allowing personal email pose a risk for data theft like sending data out via Freemail is difficult to monitor. As personal email account are beyond the control and scope of corporate investigations.

So it is essential to choose a secure business email hosting which provide all granular features like advanced security, administrative privileges, spam protection to manage and control the user accounts across your company.

Few more preventive ways for protecting data include regular restrictive use of storage and portable devices, scan of data stored on internal network, access of document based on confidentiality, educating the employee regarding data theft, encrypting corporate or business data and use of commercial data loss prevention solution.

Discover how Rediffmail Enterprise premium cloud email solutions can provide high security, custom anti-spam & anti-virus controls, data leak protection via restriction of mail & attachment access & flow, Mail monitoring, backup & restoration, Password policy, 2 Factor authentication and many other features.

Is your Business email Spoof-protected?

Email Spoofing complaints are on rise & common methods adopted by scamsters is to send an email to your users from an anonymous proxy using your own domain.

How Email Spoofing is Identified?

Rediff Entperise Mailing make best efforts to track and block such attempts of spoofing through DKIM. All mails sent using Rediff SMTP are signed using DKIM technique If the mail is intended for internal (same domain) users, then DKIM signature can be verified on receipt & delivered in inbox. Mail failing to verify will be considered as SPOOF

DKIM primarily is useful in identifying spoof of same domain mails as it verifies mails sent by Rediff SMTP However there is a possibility some mails are sent using SMTP of other Service provider. For instance, Your domain is used to send some mails using third party system(SMTP) like Payroll, CRM, Email Marketing, etc. Such emails may not be signed using DKIM.

This could create a problem as Legit Mails will be identified as SPOOF, to avoid same SPF record must be added in your DNS wherein if IP address of such systems will be mentioned. We will check the IP from which the mail is sent & once verified we can be sure that the mail is not spoofed.

What is SPF?

SPF (Sender Policy Framework) is a system to help domain owners specify the IP addresses of servers which are authorized to send mail from their domain. The objective is that your recipient’s mail systems can check to make sure that the server sending email from that domain is authorized to do so. This helps in reducing the chances of email spoofing. Mail servers that accept emails do a SPF check by looking up the SPF record of the sender.

How to add SPF record?

SPF record is a Domain Name Service (DNS) TXT record that specifies which mail servers are permitted to send email on behalf of your domain. SPF is added the same way as a regular A, MX, or CNAME record.

If you do not use any third party system to send emails from your domain, then your SPF record should be as follows:

“v=spf1 redirect=_spf.rediffmailpro.com”

If you use any 3rd party system to send emails from your domain, then SPF record should also include the IP or subnet of the machine sending those mails as follows:

“v=spf1 ip4: include:_spf.rediffmailpro.com -all”

The IP or subnet will be shared by your other service provider & same is to be included with our SPF records as explained above. This will help to identify legit mails & not categorize them as SPOOF

DMARC builds on two existing and widely deployed email authentication techniques, the Sender Policy Framework (SPF) and DomainKeys Identified Mail (DKIM).

We recommend implementing DMARC (Domain-based Message Authentication, Reporting & Conformance) that uses SPF and DKIM to determine the authenticity of an email message.

Your DMARC record is published alongside your DNS records including:

  • SPF
  • DKIM
  • A-record
  • CNAME
Button-KnowMore