Wedge Networks Announces Strategic Distribution Agreement with Ingram Micro Cloud

Author Avatar Posted on May 25, 2020 by PR and Media

Wedge’s Absolute Real-time Protection (WedgeARP™) Available on Ingram Micro Cloud Market Place to Secure the Cloud Connected World

CALGARY & TORONTO, Canada – May 25th, 2020 – Wedge Networks, a global leader in Orchestrated Real-time Threat Prevention, today announced a strategic agreement with Ingram Micro Cloud to offer Wedge Absolute Real-time Protection™ (WedgeARP™) on Ingram Micro Cloud Marketplace that enables effective, real-time threat prevention solutions for any Cloud-connected computing devices from the Microsoft Azure Cloud.

WedgeARP™ provides network-based, real-time threat protection for all types of endpoints in different types of networks (mobile data, 5G, SD-WAN, SASE, and smart-city/IIoT). WedgeARP™ has the deepest visibility of network data in the industry, possessing an unmatched ability to defend against malicious attacks that are undetectable with shallow inspection techniques. With an embedded deep learning AI engine, WedgeARP™ can detect never-before-seen malware in milliseconds. Running on an orchestrated threat management platform, it is a novel approach that provides real-time large-scale security implementations with effective threat management services.

“Ingram Micro Cloud is an important go-to-market partner for Wedge Networks in our pursuit to implement real-time threat prevention for the cloud connected world,” remarked Dr. Hongwen Zhang, Wedge Networks, CEO & CTO. “With a world quickly moving towards working from home, the old methods of ‘Detect and Remediate’ are failing to meet security challenges. ‘Real-time threat prevention’ is becoming the rallying cry for the cyber security industry that has been long struggling to keep up with the expanding security gap. WedgeARP™ is a purposely built solution to address this need. We are impressed with the edge networking and virtual WAN architectures of the Microsoft Azure. This agreement will allow WedgeARP™ to be accessible from Azure Cloud to partners and customers worldwide.”

Wedge will offer three packaged solutions in the Ingram Micro Cloud Marketplace to allow governments and businesses to achieve secure computing and compliance for work-from-home workers and branch offices. Based on the WedgeARP™ platform, these solutions are: WedgeARP™ Secure Home Office; WedgeARP™ Secure Remote Office, and WedgeARP™ Secure Azure Virtual WAN. With Wedge’s patented Deep Content Inspection algorithms for real-time threat prevention, and the integrated deep learning artificial neural networks for new malware detection, these solutions allow customers to enforce real-time threat prevention from the ever-expanding edge of their IT infrastructure to their software defined cloud networks in Microsoft Azure. These solutions provide a set of comprehensive tools for Wedge’s MSSP and reseller partners in the Secure Access Service Edge (SASE) market, and further demonstrate Wedge’s commitment to its mission of Securing the Cloud Connected World.

The WedgeARP™ Secure Home Office is available for early access on Ingram Micro Cloud Marketplace for selected reseller partners and their customers on June 2nd, 2020, with GA in July 2020. Both WedgeARP™ Secure Remote Office, and WedgeARP™ Secure Azure Virtual WAN will be available for early access in July 2020.

“Wedge Networks is a front runner in our Comet Competition for Canadian ISVs. Their Absolute Real-time Protection™ platform and their disruptive real-time advanced threat prevention approach to cyber security is very impressive,” said Tim Fitzgerald, Vice President, Cloud Channel Sales North America at Ingram Micro Cloud. “With more than 200,000 customers in over 160 countries around the world, Ingram Micro Cloud is excited that the WedgeARP™-based solutions will offer an easy-to-implement cyber security platform.”

“The SASE market is emerging as a key segment in network security. The ability to rapidly roll out security services and deliver them as and when needed while maintaining performance is key challenge for this nascent market segment. Solutions like Wedge Networks’ that can combine deep content inspection with advanced machine learning for real-time threat prevention represents how many security services will be delivered from the cloud core to the network edge,” states Roy Chua, Founder and Principal at AvidThink and co-founder of SDxCentral. “This partnership with Ingram Micro represents the combination of market-leading product distribution, service SLA, and effective real-time threat prevention. It will benefit customers of SASE solutions.”

About Ingram Micro Cloud 
Ingram Micro Cloud brings together innovators and problems solvers to help the world accomplish more. It facilitates and manages the cloud’s complex digital value chain—all powered by CloudBlue technology. Ingram Micro Cloud operates in 64 countries with over 55,000 reseller partners, and its Cloud Marketplace serves 6.5 million seats, offering more than 120 cloud solutions. With unmatched global reach, easy access to automated go-to-market and integration tools, deep technical expertise, and a curated selection of scalable SaaS and IaaS solutions, Ingram Micro Cloud helps vendors, resellers and managed service providers by offering More as a Service. Detailed information is available at www.IngramMicroCloud.com.

About Wedge Networks
Wedge Networks Inc. is a Real-Time Threat Prevention solutions company. Its innovative technology platform, Wedge Absolute Real-time Protection (WedgeARP™), is a software defined orchestrated network security system. Deployed in data centers by enterprises, governments, and managed security service providers, WedgeARP™ inspects, detects, and blocks in real-time, malware and cyber threats (known, unknown and customized). Wedge does this through its patented Deep Content Inspection (DCI) technologies, combined with artificial intelligence and best-of-breed security functions.

Awarded a Gartner Cool Vendor designation, and twice bestowed with Build-In-Canada Innovation awards, Wedge Networks is headquartered in Calgary, Canada with international teams in the North America, Asia Pacific, and the Middle East and North Africa regions.

For more information on Wedge Networks, visit http://www.wedgenetworks.com/

Media Contacts:

Wedge Networks: 
Please forward any media or PR inquiries to: PR@wedgenetworks.com

Ingram Micro Cloud and CloudBlue:
David Yang
714-382-3357
david.yang@ingrammicro.com

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , , , , , | Leave a comment

Why We Agree That the Largest Cyberattack in History Will Happen Within Six Months and How You Can Be the Action Hero That Stops It In the Last Critical Seconds…

Author Avatar Posted on May 21, 2020 by Wedge Chief Scientist

This Forbes article sparked my interest as it crossed my desk today.  For one, not many people are willing to stick out their neck to make such bold predictions as Mr. McBride did in his article.  At the same time, the logic behind his prediction and his reasoning appear quite sound.  The analogy of trying to break into two different types of buildings was also quite apt for describing how the best way to defend against an attack and hackers is by reducing the “attack surface”.

As we’ve written previously, COVID-19 has caused many organizations’ “attack surfaces” to be greatly increased as they grapple with the issue of enabling their employees to work from home (WFH).  Although these organizations probably spent a boatload of money fortifying their corporate networks in the workplace with EDR / MDR / Sandbox / NGFW, etc., with COVID-19 forcing workers to work from home, these corporate fortifications are no longer protecting them.
 
From what we’ve seen we wholeheartedly agree that WFH is going to continue, even after the pandemic eases up.  This is clearly evidenced by recent news where tech giants Facebook and Google asked their employees to continue WFH for the rest of the year.  Canadian Universities are also preparing for and advising their students that for the 2020/2021 year, classes will be online with only labs being carried out in person.  This is echoed in the corporate world with Gartner analysts forecasting, from over 74% of CFOs polled, that there is a plan to shift at least 5% of previously on-site employees to permanently remote positions post-COVID-19.
 
Unfortunately, organizations have been struggling to cobble systems together in order to enable WFH resources; usually starting by activating VPN features on their firewalls.  Workers who were previously on secure corporate computers and laptops in their offices, now find themselves trying to make-do with their home computing devices accessing their corporate networks through unsecured home internet connections. Again, based on today’s cybersecurity practises, the key for security has always been to keep the threat landscape as small as possible.  There was already and explosion of IOT and IIOT endpoints happening (to the tune of over 75 Bn devices being connected over the past couple of years and more being connected daily). Adding the effects of the current WFH trend is overwhelming security teams and is quickly exposing the fact that the Detect, Quarantine and Remediate mode of operations does not work.

As we’ve mentioned before, companies that are relying solely on an overwhelmed VPN infrastructure is a recipe for disaster.  Home traffic from devices that the companies do not control is leaving them wide open for a breach.  Even if they are utilizing legacy VPNs to access work networks, without security that can detect and block malware and hackers, their non-VPN traffic is left wide open to security breaches.  Those companies who are trying to avoid overloading their VPNs by electing to use split-tunnelling to offload users’ internet browsing traffic are also leaving themselves wide open for hackers to get into their corporate networks.  Instead of hacking the corporate network directly, hackers are compromising in a roundabout method by gaining access to WFH devices first, with the ultimate goal of accessing corporate networks through these unprotected devices.

So, why do we feel that this prediction has a good possibility of coming true?  Well, current available security  is not sufficient.  Although some VPN solutions enforce “security checks” on devices, this enforcement is static; they can discover vulnerabilities on the system while scanning but do not actually prevent traffic-borne malware at the endpoint.  On the more stringent end of the spectrum, although some organizations are mandating that their WFH employees install sophisticated endpoint detection and response (EDR) solutions, which would enable IT staff to treat home assets similar to business assets, this is defeated again by the fact that the home network security setup is typically far from the level of the fortified corporate fortress; and often times non-existent.  Although we may see Mobile Device Management (MDM) approaches trickle down to WFH devices, where they may be partitioned to support business usage, when it all boils down, the issue really becomes traffic malware detection.
 
As the Forbes article mentions, the alignment of all of the issues that COVID-19 has opened up is a “dream come true for cyber criminals”.  Hackers have stepped up their games and quickly started crafting COVID-related malware that would prey on individuals’ fears, tricking them into clicking on links that purported to provide information on how they could protect themselves during the pandemic.  With targeted phishing attacks on employees who are WFH, and who are prone to distractions from having to WFH, hackers are finding it easier find cracks in corporate security armour.  They only need to “gain access through one entry point to seize control of a whole network.  Once they’re in they can steal data, secrets, and even lock you out of the network.”

To make matters worse, hackers have been targeting those organizations whose resources are already stretched thin trying to battle the pandemic on the front lines.  As of this past week, it was reported that healthcare insurance giant Magellan Health was the victim of a ransomware attack and data breach.  The attack resulted in temporary system outages and exfiltration of confidential company and personal information.  With the company under “immense strain as it attempted to meet the demands onset by the COVID-19 pandemic”, hackers were just waiting for the optimum time to strike and cause most harm.

Back to the Forbes article, it was noted that over the past couple months, hackers have targeted the US Department of Health and cyberattacks against the World Health Organization (WHO) have more than doubled.  Intelligence reports also revealed that coronavirus-related cyberthreats have increase by 600% between the months of February and March with no abatement in sight.  

Hence, based on current trends, and current approaches to security, the prediction looks very likely to come to fruition.  So, if it is no longer a case of “if” but “when”, how do organizations try to protect themselves from being part of that largest cyberattack in history?  How can they try to minimize their “attack surfaces”, even though WFH requirements have basically left them wide open and vulnerable?  Well, if you don’t want your organization to become part of the statistics, you should look into the Wedge Absolute Real-time Protection (WedgeARP) Secure Home Office and Secure Remote Office solutions that are helping organizations greatly reduce their attacks surfaces during this time of growing WFH requirements.  

With our “Detect and Block” approach that underpins the WedgeARP platform, we espouse a proactive instead of reactive way of dealing with malware.  Wedge’s solutions are cloud-managed, on-premises or cloud-enforced security services offerings that provide a vast array of optimized Security-as-a-Service (SECaaS) features to enterprises and those working from home; enabling effective security solutions for any cloud-connected computing devices.  WedgeARP provides real-time threat protection for all types of endpoints in different types of networks (mobile data, 5G, SD-WAN, SASE, and smart-city/IIoT).  It enables situational awareness for the entirety of managed networks, with security event tracing, rapid response, centralized policy management, reporting, and analytics; all of the things that the legacy VPNs are missing. To find out more about how this solution can help reduce your organization’s attack surface, contact us at: info@wedgenetworks.com

For those organizations who already have a VPN infrastructure in place, WedgeARP can be easily deployed into their VPN Cloud to protect all connected systems and devices.  For those organizations who have not yet implemented a VPN infrastructure, Wedge provides professional services to help quickly set up remote offices with Microsoft Azure vWAN, secured by WedgeARP.  
Although it seems that Mr. McBride’s dire prediction looks very likely to come true, we believe that by incorporating solutions such as WedgeARP Secure Remote Office and Secure Home Office into your organization’s WFH infrastructure it may give you the chance of stopping “The Largest Cyberattack in History”.  Don’t be a victim.  As Benjamin Franklin once wrote,”An Ounce of Prevention is Worth a Pound of Cure”.

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , , , , , , , , | Leave a comment

WFH: Security Implications and Considerations of VPN Split-Tunneling

Author Avatar Posted on May 1, 2020 by Wedge Co-founder, CEO & CTO

Cyber-security underpins many facets of our life.  The COVID-19 pandemic that has affected the world is forcing large enterprises and other organizations to quickly cobble together solutions that will enable their employees to keep working from home (WFH).  In many instances, there has been a rapid scale up of WFH employees from a “normal” average of VPN-ed users of around 5% / day, to now the opposite, where the number jumped to 95% users / day.  This surge of WFH network traffic has the pandemic revealing legacy VPNs’ stress points and limitations. As a result, many VPN infrastructures are overwhelmed; leaving many employees to enjoy “paid vacations” as they are unable to access the data and documents needed to carry out their jobs properly.

To ease the pressure on the VPN bottleneck,  many organizations are forced to use the approach of “split-tunneling”, to prevent service outages and performance degradations.  The concept of split-tunneling is simply this – the VPN client installed on the WFH employees’ devices will only direct traffic that is bound for internal business applications through the VPN tunnel while other traffic would always go directly out through the WFH’s home Internet connection.  The reasoning is simple – for example, if an organization’s egress bandwidth to the Internet is 100Mbps, were split tunneling not deployed, the same organization might require 200Mbps to support this new WFH model.  

The rationale is hence business-driven: “split-tunneling”, that many organizations are using, lightens the load on the infrastructure currently in place; without which, supporting this new WFH norm might not be possible.  However, doing so has introduced very severe cyber-security vulnerabilities.

Unlike in a corporate setting, where organizations have spent a lot of money implementing solutions like EDR / MDR/ Sandboxes, Network Traffic Analyzers, Firewalls, NGFW, etc., in a WFH environment, most home users do not have these security pieces in place.  Many do not even have a decent firewall protecting their home networks.  Thus, when split-tunneling is utilized, where the users’ normal, non-business traffic, such as web-browsing, access to external applications, etc. are NOT sent through the VPN tunnel, this traffic is left open and exposed to all of the security vulnerabilities that come with unsecured internet access .  The non-VPN traffic thus leaves these devices and endpoints open to whatever malware is out there.  

As observed by many industries and government agencies, there are lots of new threats ranging from COVID-19-themed ransomware attacks, weaponized URLs, and scam campaigns designed to steal employee credentials or compromise assets almost indiscriminately.  Any of these could quickly and easily lead to severe cybersecurity breaches.

Thus the dilemma we are facing is: Should organizations enable more workers to utilize the limited resources through split-tunneling even though it introduces severe cyber-security vulnerabilities?

Unfortunately, during this highly stressful time, most organizations are simply happy to accept whatever reliable connectivity that they can access, and in so doing, possibly compromising their corporate security posture in the process.  The upside is that they have connectivity for their growing numbers of WFH employees; the downside is that they are without proper security in place to protect those WFH employees who are working outside the protection of the corporate fortress.  To add to this, by using methods such as split-tunneling they may not actually be in compliance with regulations meant to protect their businesses.

We believe that enterprises and government agencies that are currently facing the challenges of increasing their remote and WFH users should reconsider this split-tunneling setup so as to avoid leaving WFH computing devices unprotected. 

There are several strategies to consider:

  • First, you may consider directing all internet traffic of your WFH devices through the corporate VPN tunnel;
  • Second, if it is not feasible to tunnel all traffic, you should at least identify those VIP computing devices, such as those containing or accessing highly confidential information, and have their traffic fully tunneled;
  • Third, deploy real-time threat prevention solutions at the cloud end of your VPN infrastructure. For example, you should consider installing a network-based anti-malware solution such as the Wedge Absolute Real-time Protection (WedgeARP) platform. With its built-in automated AI and Machine-learning, WedgeARP can detect and block all malware (even zero-day and never-before-seen malware) in real-time;
  • Fourth, consider using a public cloud facility, such as Microsoft Azure or Amazon AWS, as an overflow buffer for your VPN infrastructure.  For government agencies, healthcare, and financial institutions, you need to make sure such public cloud services are certified with all of the required GRC compliances.

To learn more about these strategies, feel free to contact us at: info@wedgenetworks.com

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , , , | Leave a comment

Law, Accounting and Consulting Firms Beware… COVID-19 Themed Attacks WILL Affect You As Well!!

Author Avatar Posted on April 16, 2020 by Wedge Chief Scientist

As organizations around the world quickly (and maybe haphazardly) retool their infrastructures to allow their employees to work from home (WFH) during this ongoing COVID-19 pandemic, hackers and bad actors have been relentless with their attacks on not only the key healthcare industry but other professional industries as well.  Because of the heightened fear that has been brought about by the COVID-19 virus, hackers are working in overdrive to leverage this fear; crafting COVID-19 themed spam, ransomware and malware.  These, new attacks, unfortunately, are having a greater success; taking advantage of workers who are no longer protected by the walled fortress security that their corporate environments offered as they work from home.

While many organizations look to increasing the amount of legacy VPN use in order to give their employees access to their corporate networks so they can do their jobs, as we’ve advised in previous blogs, there are huge security cracks showing.  Legacy VPNs were just not built for scaling so that they could support millions of users nationally or globally.  And that is the big issue.  In a recent threat post article, “New research found that almost HALF of companies had malware on their corporate-associated home networks – in comparison to malware being found on only 13 percent of corporate networks.”  Further, “home office networks are 3.5 times more likely than corporate networks to be infected by malware”.  This does not bode well as the coronavirus forces organizations to shift their workers to WFH.

Where does this leave professional organizations such as law, accounting and consulting firms as they too have their employees WFH?

Unfortunately, as we see by recent news articles, these organizations are not immune and, if anything, are more focused targets of hackers since their computer systems and networks are loaded with confidential client information, accounting, financial information and other digital files that could severely hamper any work if they were inaccessible.  One recent example of this came through CBC News, which reported that ransomware had locked two Manitoba law firms out of their computer systems.  This “left lawyers and staff at the firms without access to client lists, emails, accounting and financial information, photos and other digital files.  Cloud backups were also locked.”  In this instance it was suspected that someone had clicked on a link or an attachment that had been infected with a virus and this virus then went on to infect the firms’ entire systems.  Although paper records and court filings could be used to retrieve some of the locked data, since the lawyers usually work with a large amount of privileged and confidential information, it would be disastrous if this got into the wrong hands.  If the firms refuse to pay the ransoms, the hackers could turn around and warn that if they aren’t paid, they could just leak the data; this could be devastating to the law firm, both from a reputational standpoint but also from a financial standpoint if the clients who were affected chose to sue the firms.

The same result as above can be felt in literally all professional firms.  Accounting firms, should their data be breached and locked, could have their work ground to a halt if they are unable to access their clients’ accounting information in order to carry out client requests.  Consulting firms, with huge amounts of client data on their computers and systems, could face a barrage of lawsuits if valuable corporate data were leaked.  With employees from these firms in WFH mode, the networks and infrastructures of these organizations are at particular risk if they do not make sure that they have proper security solutions in place.  Although many firms may believe that the legacy VPNs that are enabling their employees to access corporate data from home would be safe; because the employees’ WFH networks are inherently unsafe, it is opening up their corporate networks to easier attacks by determined hackers.

That’s where Wedge Networks can help.  Using its years of experience providing orchestrated real-time security against all malware, Wedge has recently launched its Wedge Absolute Real-time Protection (WedgeARP) Secure Remote Office  and Secure Home Office solutions to bring bullet-proof security to legacy VPNs and other remote office solutions.  Utilizing the WedgeARP platform, it is a cloud-managed, on-premises or cloud-enforced security service offering that provides a vast array of optimized Security-as-a-Service features to organizations; enabling effective security solutions for any cloud-connected computing devices.  Wedge’s solution provides real-time threat protection for all types of endpoints in different types of networks used by WFH and more (mobile data, 5G, SD-WAN, SASE and smart-city / IIoT).  It further enables situational awareness for the entirety of managed networks, with security event tracing, rapid response, centralized policy management, reporting, and analytics; features that legacy VPNs just do not have.

With a proactive “Detect and Block” approach to security instead of the prevalent “Detect and Remediate” response approach, Wedge’s Secure Remote Office solution offers a preventative solution for these professional firms, and really ALL organizations, that are facing the need to ensure that their employees can be productive but SECURE in a WFH environment.  By bringing security, normally seen in just the corporate network environment, to the home office environment, organizations can feel more secure in allowing their employees to access corporate data from home without having to fear that their corporate networks will be compromised.

To find out more about how WedgeARP Secure Remote Office and Secure Home Office solutions could benefit your organization, contact us at: info@wedgenetworks.com.  For those organizations who already have a VPN infrastructure in place, WedgeARP can be easily deployed into their VPN Cloud to protect all connected systems and devices.  For those organizations who have not yet implemented a VPN infrastructure, Wedge provides professional services to help quickly set up remote offices with Microsoft Azure vWAN, secured by WedgeARP.  Don’t allow your organization to be at the mercy of the unrelenting hackers during this time.  We have the solution for you and we’re here to help!

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , , , , , | Leave a comment

Under the Cover of COVID-19, Hackers are Stepping Up Their Criminal Activities in a Big Way and Exposing Security Cracks in Legacy VPNs

Author Avatar Posted on April 13, 2020 by Wedge Chief Scientist

Since the COVID-19 pandemic started taking a firm grasp over the world it has forced companies to accelerate their efforts for enabling their employees to work from home (WFH).  As a result, cybercriminals have taken advantage; exploiting the emerging opportunities and vulnerabilities that have multiplied as workers do work from the less fortified confines of their home “offices”.
 
According to an article by helpnetsecurity, “The impact of the COVID-19 pandemic on cybercrime has been the most visible and striking compared to other criminal activities.  Criminals active in the domain of cybercrime have been able to adapt quickly and capitalize on the anxieties and fears of their victims.  Phishing and ransomware campaigns are being launched to exploit the current crises and are expected to continue to increase in scope and scale.”

More statistics on this are provided by i24news out of Israel, who have stated that in just the past two weeks, the number of daily attacks related to the Corona virus have increased from a few hundred to more than 5,000 with the average currently at more than 2,600 attacks per day.

How is this affecting security for the corporates and other organizations that have seen the number of their employees working from home skyrocket?  One major result is outlined by a a recent article on betanews.com which warns that with the skyrocketing VPN usage and issues of internet overload, security and scalability to handle this is greatly lagging.  With COVID-19 rapidly transforming the globe, forcing the largest number of people to work remotely in history, and with millions of people connecting to their corporate networks from their homes; it is no wonder network infrastructures around the world are being taxed at levels never seen before.

The big threat lies in the legacy Virtual Private Network (VPN) technology that has always provided the backbone to working remotely.  Over the past 30 years, legacy VPNs “have enabled secure, remote access to the internet through a point-to-point connection by creating an encrypted ’tunnel’ through which IP traffic flows.”  The downfall, however, is that because they provide access to the organizations entire network in order for them to access company resources, this makes all organizations using the legacy VPNs more vulnerable to attacks and data breaches.

With the massive numbers now using the legacy VPN technology, more than ever before, cracks are starting to emerge in the technology as the solutions “were not built to scale to support millions of users nationally or globally”.  In the US alone, there has been an upwards of 53% increase in the usage of VPNs due to the number of state governments mandating work-from-home policies; and this is creating an unprecedented stress test on the VPN technologies.  Combine that sudden spike in VPN usage and a resultant slowdown in internet access and reduced quality of service from the massive volume of users and there is a disaster just waiting to happen.

The big concern is the lack of security in legacy VPNs.  For example, NordVPN had a breach recently where an attacker gained access to the TLS key ‘which opened the door and exposed the unencrypted network to hackers”.  “In this case, the intrusion went undetected for over a month due to a lack of activity logs.”  In addition, users are typically not restricted to specific network resources, ‘making VPNs another singular point of failure with respect to identity access and credential management.  There is no segmentation, audit or control.’

Verbatim text from betanews.com: “Critical VPN limitations include a lack of network segmentation, traffic visibility, on-premises user security and straightforward network security.  VPNs are also not suited for dynamic networks because they require computer hardware, constant management and cannot easily adjust to network or server changes.”  “The new challenge for virtually any company I how to provide secure and reliable employee access without draining IT resources and budgets, especially remotely.  Organizations must look beyond traditional VPNs to alternatives that can be quickly deployed and configured via the cloud to provide device and application configurability, as well as accessibility, increased security, privacy and user-access control granularity and analytics.”

The article goes on to outline the new cloud-based network security model defined by research firm Gartner, Secure Access Service Edge (SASE), which combines multiple network technologies delivered as a service and which supports dynamic secure access to all organizational assets.

This is where Wedge Networks and its recently launched Wedge Absolute Real-time Protection (WedgeARP) Secure Remote Office Solution comes into play.  Based on the WedgeARP platform, it is a cloud-managed, on-premises or cloud-enforced security service offering that provides a vast array of optimized Security-as-a-Service features to enterprises; enabling effective security solutions for any cloud-connected computing devices.  The Wedge Secure Remote Office solution provides real-time threat protection for all types of endpoints in different types of networks (mobile data, 5G, SD-WAN, SASE, and smart-city/IIoT).  It enables situational awareness for the entirety of managed networks, with security event tracing, rapid response, centralized policy management, reporting, and analytics; all of the things that the legacy VPNs are missing.

As organizations face difficulties ramping up their WFH infrastructures, Wedge’s Secure Remote Office product provides the easy to deploy and enable solution.  It integrates Microsoft Azure Virtual Wan with WedgeARP, along with Microsoft’s high quality VPN connection; providing Wedge’s cutting-edge real-time cybersecurity services that legacy VPNs are missing.  To find out more about how WedgeARP Secure Remote Office solution could benefit your organization, contact us at: info@wedgenetworks.com.  For those organizations who already have a VPN infrastructure, WedgeARP can be easily deployed into their VPN Cloud to protect all connected systems.  For those organizations who have not yet implemented a VPN infrastructure, Wedge provides professional services to help quickly set up remote offices with Microsoft Azure vWAN, secured by WedgeARP.  During this current COVID-19 Pandemic, Wedge is doing its part to step up and battle the increased hacker activities by helping to close the cracks and security holes that legacy VPNs are showing.

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , , , , , , | Leave a comment

Accton Technology and Wedge Networks Partnership Launches Orchestrated Secure SD-WAN

Author Avatar Posted on April 8, 2020 by PR and Media

Powered by Accton uCPE Platforms, Wedge’s Absolute Real-time Protection Solution Is Successfully Deployed in Modern Beauty, Canada’s Best Managed Beauty Products Retailer

Calgary Canada, and Hsinchu Taiwan– April 8th, 2020 –Accton Technology and Wedge Networks have collaborated to port Wedge’s AI-based Absolute Real-time Protection (WedgeARP™) software system to Accton’s high-performance, open uCPE platforms. This joint solution enables MSSPs and business customers to deploy end-to-end secure SD-WAN across their entire organizations, thus achieving rapid growth and cost savings demanded by today’s real-time enterprises. The solution has been validated through a successful piloting with Modern Beauty Supplies, one of the best managed nation-wide retailers in Canada, which has storefronts from coast to coast.

With centrally managed policies, best-of-breed threat intelligence, and intuitive analytics, this solution orchestrates deep inspection-based security VNFs (Virtual Network Functions) either on small footprint uCPEs or in enterprise/service provider data centers to deliver high performance and high efficacy security services from the edge to the cloud. Specifically, the deep learning threat prevention engines in WedgeARP™ can autonomously block advanced threats in real-time and at the network edge, thus bring tremendous savings in both time and capital for the business owners.

Modern Beauty Supplies, Canada’s leading beauty supplies retailer, has been bucking retail trends since its establishment in 1986, growing to many locations across Canada. Modern Beauty needed a robust, secure operational network connecting its many showrooms and satellite offices to be an ultra-efficient real-time enterprise.

“Modern Beauty prides itself in its unmatched customer-first focus, providing quality, leading edge products, and at the most affordable pricing. We rely on automation and fiercely loyal and hardworking employees to deliver uncompromised customer services. Our growth requires us to continuously invest in an IT infrastructure that streamlines our flow of products from the supply chain all the way to the consumer and beauty services professionals. We needed a solution that can be effectively managed with integrated security functions situated close to where they are needed, that is cost effective and robust. The innovation from Wedge Networks and Accton allows us to address this need,” remarked Mike Jomaa, Founder & CEO of Modern Beauty Solutions.

“Like any other customer-facing business, we are targeted with cyberattacks – continued probing for vulnerabilities, ransomware, phishing, to name a few. After deploying WedgeARP™ to protect our HQ network we immediately reaped the benefit of stopping such attacks; providing the same level of security across our branch offices is the goal of this piloting. We leaned on Wedge and Accton and are very happy that they have delivered this solid solution. Before this innovation, the options available to us were to either deploy branch firewalls, which offer minimal security feature sets that are not a match to the level of cyberattacks we experience, or to tunnel back all branch office traffic to HQ where traffic can be services by our HQ network,” added Amer Jomaa, COO of Modern Beauty Solutions.

“The combination of Accton’s high performance and open uCPE platforms and the WedgeARP™ software delivers a best-of-breed secure SD-WAN solution that is demanded by distributed, cloud connected businesses world-wide,” explained Michael Lane, Vice President of Accton Technology. “This innovation is a testament of the shared vision of both partners and our abilities to design and develop high quality uCPE platforms with advanced security functions. It will allow both partners to better serve their respective customers.”

“Accton and Wedge have been working together to address the demands of distributed businesses to effectively manage their security, at the WAN, the new emerging security services edge in the cloud. Modern Beauty is a model of today’s visionary, successful businesses that uses information technologies and automation to focus on serving their customers’ needs anytime and anywhere,” said Dr. Husam Kinawi, Chief Scientist and President of Wedge Networks. “With their rapid growth, Modern Beauty challenged us to provide a robust solution to cost effectively manage and secure their ever-expanding network edge. We are proud of our work with Mike and the team at Modern Beauty which resulted in this world class innovation for securing SD-WANs, and more importantly, for securing the cloud connected world.”

About Modern Beauty Supplies
Established in 1986 by Mike and Fay Jomaa in Calgary, Alberta, Modern Beauty is one of the largest beauty suppliers in Canada and is the exclusive distributor of numerous professional hair and beauty brands. Today the company is still a family owned and operated business with a team of over 200 dedicated and committed individuals. The company is consistently looking for new ways to provide its clients with exceptional service by utilizing the latest technology and innovations. The company currently has 24 store locations across Canada.

About Accton Technology
Accton Technology Corporation is a global premier provider of networking and communication solutions for top-tier networking, computer, and telecommunications vendors. Leveraging its advanced hardware engineering, software application, and system design capability, Accton collaborates with its strategic partners to architect, develop and manufacture the innovative, leading-edge network products. Accton’s evolving core technology and its highly qualified global workforce enable it to deliver superior distributed virtual network solutions that are affordable and robust to variety market segment.

About Wedge Networks
Wedge Networks, Inc. is a leading orchestrated threat management (OTM) solution company. Its innovative technology platform, Wedge Absolute Real-time Protection (WedgeARP™), is a software defined orchestrated network security system. Deployed in data centers and network edges by enterprises and managed security service providers, WedgeARP™ inspects, detects, and blocks in real-time, malware and cyber threats (known, unknown and customized). Twice bestowed with Build-In-Canada Innovation awards, Wedge Networks is headquartered in Calgary, Canada with international teams in the North America, Asia Pacific, and the Middle East and North Africa regions.

For more information on Wedge Networks, visit http://www.wedgenetworks.com/

Media Contacts:
Please forward any media or PR inquiries to: PR@wedgenetworks.com

Posted in Industry News, Latest Security News, Product and Services Updates, Wedge News | Tagged , , , , , , | Leave a comment

Dispelling the Major Fallacy Surrounding WFH Security During This COVID-19 Pandemic

Author Avatar Posted on March 23, 2020 by Wedge Chief Scientist

WFH has now become the new norm across the globe as nations shut down borders, governments impose travel bans and group gathering restrictions, and organizations ask their employees to stay at home.  As we’ve written in earlier blogs, the impact that this has had, especially on organizations who had not incorporated capabilities into their networks to allow their workers to access their servers from home, has been devastating in some instances.  We’ve read that in some cases, workers are basically on paid vacations due to the fact that they are unable to access the work files they need while they are quarantined at home.  Productivity has taken a massive hit and this does not bode well for the global economy as we all try to weather this global storm.

Because of this new reality, we are seeing a proliferation of tech articles providing advice and hints to organizations who now find the majority of their workforce working remotely.  In a recent  HelpNetSecurity article, several other cybersecurity implications are outlined that result from the shift from people working at the office to working from home.  The biggest point brought up is that the shift to WFH greatly widens an organizations’ attack surface. Because many employees may use their own devices for work, it introduces new platforms and operating systems into the mix that require their own dedicated support and security; often which their companies are unable to adequately provide.  As such, according to the article, “With so many devices being used, it’s likely that at least some will fall through the security cracks.”  They, like other articles, also continue to bring up the thought that while workers are physically outside the walled fortress of their corporate networks while they work from home, they can no longer be protected.

To add to that, hackers and bad actors are relentless, utilizing the COVID-19 pandemic to step up their efforts to infect networks, sow chaos and line their pockets; stepping up attacks and hitting organizations when they’re down and unable to protect their workers in the growing WFH norm.  Showing that they really have no sense of morality, hackers have stepped up their attacks on organizations that are being hardest hit right now during this crisis and that are the most in need by the public.
 
As highlighted by a recent Wired article, hackers continue to wreak havoc.  For example, in the Czech Republic, Brno University Hospital was hit by ransomware and they have still not fully restored digital services.  Unfortunately, ransomware on hospitals is the norm, as hackers bank on the urgent need for these organizations to function, especially in crisis situations such as now, that will push administrators to simply pay the ransom.  These attacks can cause life and death situations in normal situations so in pandemic and crisis situations, it becomes orders in magnitude worse.
 
On top of that, the article goes on to say that it is not just monetary gain that hackers are looking for during this time.  Some of the attacks are being carried out by nefarious nation-states looking to implant spyware in order to carry out surveillance operations and are taking the COVID-19 opportunity to carry out these plans.  With the overall daily internet usage greatly increasing during this pandemic, more people are online and are thus seemingly at more risk.

So, what is the thought that both of the above articles seem to be getting at?  They, and other articles that we’ve seen as of late, tend to lean on the idea that it is “impossible to completely secure employees working from home”.  This is an unfortunately widespread fallacy that we would like to dispel.  Although we understand that many organizations are having a tough enough time just trying to put in place infrastructure that will allow their employees to work from home, they don’t have to let cybersecurity fall by the wayside.  With Wedge’s PlanV – Secure Remote Office Solution, organizations can be assured that their workers can actually be completely secured, even while working from home.  Based on the Wedge Absolute Real-time Protection (WedgeARP) platform, real-time detection and blocking of all malware can still be provided to those not protected by the fortified corporate castle within the organization’s physical office.

PlanV offers some key benefits to organizations, including:
1. Allowing workers to access their workplace systems to achieve the same productivity while working from home.
2. Providing real-time threat protection for both the home office and corporate infrastructure.
3. Improving the economics of the WFH environment, lowering worker commute times, reducing bandwidth and office space costs and allowing for centrally managed security – blocking malware before it can even enter your network.

PlanV is both platform and OS agnostic so can provide protection to any and all connected devices; preventing any from falling through the security cracks.  For those organizations who already have a VPN infrastructure, WedgeARP can be easily deployed into their VPN Cloud to protect all connected systems.  For those organizations who have not yet implemented a VPN infrastructure, Wedge provides professional services to help quickly set up remote offices with Microsoft Azure vWAN, secured by WedgeARP.  Contact us at: info@wedgenetworks.com to learn more.  We’re here to help all those organizations facing difficulties as they move forward in this exploding WFH paradigm.

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , , , , | Leave a comment

COVID-19 is Resulting in Greatly Increased WFH Situations. AND It’s Also Causing a Surge in COVID Themed Cyberattacks!

Author Avatar Posted on March 20, 2020 by Wedge Chief Scientist

The world is in full blown pandemic mode as a result of the COVID-19 virus.  We hear on a daily basis that more countries are closing their borders to foreign travellers and, on a more local level, provincial and civic governments continue to urge their citizens to stay at home so as to help prevent the spread of COVID-19.  This has thus resulted in a vast number of organizations having their employees work from home (WFH).  While many organizations had already started down the path with the WFH movement, this current pandemic has forced many organizations to greatly accelerate the timeline to update their infrastructure to allow their workers to VPN into their servers in order to access documents and files that they need to be able to do their jobs.

Unfortunately, with the accelerated timelines, many organizations and their network infrastructures are ill-equipped to handle the greatly increased load caused by having most or all of their employees VPN or access their networks remotely.  That, and more often than not, security concerns are an afterthought, leaving organizations’ servers, as well as the employees working from home, even more vulnerable to cyber security threats and attacks.

In an article from Forbes, they mention that “Even before people began working at home during the COVID-19 pandemic, enterprise level ransomware was up 12% in 2019 with total costs of as much as $11.5B.”  One can only imagine how lessened security for those working from home could even further increase these numbers.  The article continues by saying that “Being safe from malware requires some work on your part and coordination with your IT department, but planning ahead will give you more peace of mind and allow you to continue being productive, even while working away from your office.”  It also goes on to provide some good steps that employees can take to prevent, detect, mitigate and recover from malware, such as ransomware.
 
We won’t go into those here as they are laid out quite nicely by the aforementioned Forbes article.  Instead, we want to press further and bring up the fact that the COVID-19 pandemic is creating an almost perfect storm for hackers and bad actors to increase their attacks.  With millions of people now WFH, without adequate protections against cybersecurity attacks now that they are no longer protected behind their organizations firewalls and other expensive security defences, hackers are making a concerted push to attack these workers.
 
In an article from MSN, they bring up that COVID themed attacks are exploding.  Cleverly designed emails are being sent out to look like they are from work supervisors with malicious attachments on the new “work from home policy”.  When combined with diversions resulting from parents having to take care of their kids while at home, or other things that might provide distractions, workers are at greater risk of clicking on links that may be malicious.  On top of that, COVID-19 has people very scared and looking for answers.  Many hackers are using social engineering to prey on these fears, disguising malware within emails that look like Coronavirus Awareness information, or crowdfunding pages purported to help those fallen ill.  The wicked do not rest and COVID-19 has provided a new theme for hackers to use to try to get people infected.

Thankfully, there is a ray of hope that is shining out of COVID-19’s dark clouds.  Wedge Networks has been on the leading edge of providing real-time threat protection for both home office and corporate infrastructure.  We understand that when your employees are working outside of your well-fortified corporate castle, they are not protected by all of the expensive defences that your organization has installed over the years, including EDR/MDR/ Sandboxes, Network Traffic Analyzers, and Firewalls / NGFW / SWG / IDPS.  In order to help protect the increasing levels of WFH workers, Wedge offers PlanV – Wedge’s Secure Remote Office Solution, based on the Wedge Absolute Real-time Protection (WedgeARP) platform.  For those organizations who already have a VPN infrastructure, WedgeARP can be easily deployed into their VPN Cloud to protect all connected systems.  For those organizations who have not yet implemented a VPN infrastructure, Wedge provides professional services to help quickly set up remote offices with Microsoft Azure vWAN, secured by WedgeARP.

PlanV offers some key benefits to organizations, including:
1. Allowing workers to access their workplace systems to achieve the same productivity while working from home.
2. Providing real-time threat protection for both the home office and corporate infrastructure.
3. Improving the economics of the WFH environment, lowering worker commute times, reducing bandwidth and office space costs and allowing for centrally managed security – blocking malware before it can even enter your network.

To learn more about how Wedge’s PlanV – Secure Remote Office Solution can help your organization to secure its WFH population, contact us at: info@wedgenetworks.com.  Our team wants to do its part in helping to secure workers around the world who are working from home during this unprecedented time.

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , , , , | Leave a comment

COVID-19 Has Employees Working From Home: Is Your Organization’s Remote Access Secure?

Author Avatar Posted on March 17, 2020 by Wedge Chief Scientist

COVID-19’s effect on the global business community has now become far reaching.  WFH (Work From Home) is now a typical part of the lexicon as organizations around the world try to stem the spread of the virus amongst their workforce.  As such, a lot of more of the recent digital blogs that we’ve come across now offer a wide variety of tips to employees working from home, in an effort to ensure that they’re protected from hackers and scammers while they work outside the security walls of their organizations.  One such blog from Kim Komando, brings up a few good points to put those working from home on their guard so that they don’t get scammed.  Hackers and scammers are getting very adept at using easily gotten tools such as key loggers to obtain confidential information and even AI technology to spoof the voices of those you would normally trust in order to trick you into doing things that you shouldn’t.  Without the added protection of the organization’s internal network protections, many of those who WFH are left wide open potential threats as many are not adequately trained on, nor are they adept at enabling IT Security at home.

At least many of the better funded and more adept organizations out there can help protect their staff, even when they work from home, by providing them access to the company’s network through VPN.  Or, they can ensure that their company issued devices have built-in firewalls in order to offer at least some protection by allowing direct access to the company’s servers and data.  The only downfall is that if the company’s network does not have adequate security services, end-users could still be open to attack and potential threats.

The great news is that in this ever-growing WFH requirement, there is a solution available to organizations that provide 100% secure remote access to their employees.  Wedge now offers “PlanV”, a Secure Remote Office Solution that enables productivity and security for those working from home.  For those organizations who already have VPN infrastructures in place, Wedge’s Absolute Real-time Protection (WedgeARP) platform can be easily deployed in their VPN cloud to protect ALL connected systems.  Meanwhile, organizations who currently do not have a VPN infrastructure available, can work with Wedge’s professional services group to quickly set up remote offices with Microsoft Azure vWAN, secured by WedgeARP.

PlanV offers organizations several benefits, including:
1) providing workers access to workplace systems to achieve the same level of productivity as if they were in the office,
2) enabling real-time threat protection for both home offices as well as the corporate infrastructure, and
3) economically lowering commute, bandwidth and office space costs while still managing network access and security centrally; blocking any and all malware before it can enter into the network.

To find out more about how your organization can protect its workers as they are being forced to work from home during the COVID-19 crisis, contact the Wedge Team at: info@wedgenetworks.com.  Our team can ensure that your organization’s remote access is secure, giving your IT Staff one less thing to worry about during this unprecedented global pandemic.

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , , , , | Leave a comment

Critical Infrastructure: Another Key Target for Ransomware Attacks

Author Avatar Posted on February 25, 2020 by Wedge Co-founder, CEO & CTO

We’ve written about this in the past, especially after malware such as Stuxnet spread like wildfire a few years back in Critical Infrastructure organizations.  We also elaborated on the amount of damage that could be caused if control systems were compromised at things such as power and other critical plants.  With the type of damage that is possible, it is no wonder that Critical Infrastructure continues to have a big target on its back when it comes to hackers looking to do harm.  The good thing is that government agencies, like the U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), continue to monitor and provide warnings to all industries that operate critical infrastructure about new cyber threats such as ransomware that show up.

So, it wasn’t a big surprise when an article surfaced recently discussing about a recent advisory that CISA had issued in response to a cyberattack targeting and unnamed natural gas compression facility.  This attack used spear-phishing to deliver ransomware to the company’s internal network.  Critical data ended up becoming encrypted and operations at the facility were down for almost two days as the organization initiated a deliberate operational shutdown which resulted in lost productivity and revenues.

The surprising thing about this attack was that it was limited to Windows-based systems and did not impact any programmable logic controllers (PLCs), which would be typical in this case in order to shut down critical control systems.  The company was able to recover from the attack by retrieving and putting replacement equipment in with last-known-good configurations.
 
On the other hand, another article put out by the register, on this same incident, paints a less than rosy picture about how the attack was carried out.  In their article, it was brought up that the malware that did the damage to this natural gas plant was “a common or garden strain of file-scrambling Windows ransomware” and, although it didn’t result in any physical damage to equipment of any of the PLCs that directly control the gas flow, it was spread from an office computer through the plant’s IT network to the operational network.  According to the CISA, the plant’s operator fell short on separating its IT network from the operational systems of the plan, making it easier for the malware to move between the two networks when they really should have been isolated from one another, usually through some sort of air gap. 

While malware infections at critical infrastructure organizations, such as oil and gas plants, have always been seen as potentially catastrophic, usually, the attackers utilize purpose-built malware and spyware to inflict as much damage as possible to the infrastructure.  In this case, because of what could be seen as less than stellar security, “commodity” ransomware was able to do damage just by going through the network looking for Windows-based PCs to lock up.
 
So, in this sort of scenario, what can be done to help prevent attacks like these?  Well, for one, it is probably best to ensure that there are air gaps put in place between IT networks and OT networks.  At the same time, what can be done at the outset in order to prevent the spear-phishing attack from even entering the IT network in the first place?  Critical Infrastructure organizations should consider putting in place solutions such as Wedge’s Advanced Malware Blocker (WedgeAMB).  

Instead of relying on employees to be on the lookout and NOT click on potentially harmful links, as well as using a Detect and Remediate approach to security, WedgeAMB instead allows the organization to implement a DETECT and BLOCK approach.  By detecting the phishing attack and blocking it BEFORE it even gets to the employees’ computers, it eliminates the possibility of further allowing the ransomware payload from getting downloaded and causing whatever damage it is looking to do!  At Wedge, we’re trying to do our part to help secure Critical Infrastructure facilities by offering a FREE 90 day trial of our WedgeAMB product.  Contact us at: info@wedgenetworks.com to find out more!

Posted in Industry News, Latest Security News, Wedge News | Tagged , , , , , , , | Leave a comment