IBM has (finally) provisioned my Verse Basic account. How did Day One of Verse go for me?
Attempt One to log on to Verse resulted in this:
Hmm, refresh the browser.
Now, I see the login page. Again.
Attempt Two to log on to Verse resulted in this:
This appears in Chrome, version 41.0.2272.118 m, Firefox, version 37.0.1, and IE, version 9.0.36.
Now, I understand Tom’s post:
*sigh*
This isn’t as easy as I had hoped. Nor is it a “#NewWaytoWork.”
Nearly three months have passed since I signed up for the Verse program. Today was a milestone as I received an e-mail from IBM with a link to create my Verse Basic account.
Let the fun begin.
Interesting article from The Register.
. . . Around one in three (30 per cent) of end-users click through a malicious URL in an email even though they have been warned of the danger. “End users are increasingly desensitised from the warnings, don’t feel responsible and still lack enterprise-driven education,” according to Websense.
For all the work that enterprise Information Security performs, it certainly appears to me that training the end-users to NOT click on suspicious email is not very high on their list. In fact, I would venture to guess that hardly any of the “Ivory Tower” Info Sec people even think to train their users, let alone send out fake spearfishing mail to see who is actually clicking on those links. Who better to train than the miscreants that continue to blindly infect their own workstations and the network, and who open the enterprise up for attack?
“All” your questions about IBM Verse Basic have been answered in the FAQ about IBM Verse Basic.
There are some exceptions to this list, like the answer to Question 16:
Q16. How can my friends and family sign up for IBM Verse Basic?
Oh, it’s easy to sign up, but good luck with the acknowledgement, welcome e-mail, and a user name/password. I still haven’t received mine. And it’s been at least two months.
Thanks, Bruce, for the link.
Last week, IBM Security reported on an active cyberheist campaign using a variant of the Dyre Trojan that has successfully stolen more than $1 million at a time from targeted enterprise organizations.
This is not an issue with any IBM software, rather an interesting innovation from the once-simple Dyre malware by adding advanced social engineering tactics geared to circumvent two-factor authentication. In recent incidents, organizations have lost staggering amounts of $500,000 and $1.5 million to this sophisticated criminal cyber gang.
It’s the “social engineering” portion that shows organizations that no matter how sophisticated your defenses, your users are now, and probably always will be, the weakest link in your security efforts. I’m sure that training your users against social engineering is not a very high priority, but it should be at the top of your security efforts.
IBM is very clear as to what you need to do to combat spearfishing and social engineering:
Organizations will remain only as strong as their weakest link. Proactive end-user education and security awareness training continue to be critical in helping prevent incidents like the one described in this advisory. It is highly recommended to have periodic training for end-users on the types of threats they are likely to encounter and what actions they should or should not take, especially those users with access to corporate banking credentials. Users should be informed of the common techniques used by attackers, SPAM and phishing campaigns, as well as what actions the organization expects of them if and when they receive unusual emails, phone calls or other communications. Users should know how and who to contact to quickly report anomalies.
Consider doing periodic unannounced mock phishing exercises where the users receive emails or attachments that simulate malicious behavior. Metrics can be captured on how many potential incidents would have happened if it had been real.
You may read the full report here.
I was reminded this week that people have short attention spans.
IBM has released IBM Verse and one of the major features that IBM tours is muting threads or conversations in e-mail. That is, basically, if you are tired of being on an e-mail thread, you can “mute” it so that it does not appear.
This feature is not new.
From May 2010, I present to you how to mute threads and conversations in GMail and Outlook.
My fraternity mailing list is home to a great group of people, including some great entrepreneurs and some great investors. But when you get 400 opinionated MIT grads on a single mailing list, and the topic shifts to anything controversial, the discussion might explode. We’ve had well over 125 emails come through in the last three days after someone brought up the health care bill, and several folks have emailed to get off the discussion list list.
Don’t do that! Instead, use these super easy techniques to mute or filter the discussion out of your Inbox in less than 30 seconds. It’s faster than removing yourself from the mailing list, and better too, because when this discussion peters out, you’ll still be on the list in case something interesting comes up later.
Having some sort of parity with GMail and Outlook is good. Touting this as “new” is a bit disingenuous.
Thanks for the reminder, vowe.
Another one bites the dust. This time, in Australia.
Customer-owned financial institution, Beyond Bank, is dumping Lotus Notes and an ageing, legacy CRM app as its moves to the cloud.
Beyond Bank will soon start deploying Microsoft Office 365 to around 600 users at its head office in Adelaide and other branches across the ACT, NSW, South Australia, and Western Australia. The cloud solution will be used to access SharePoint Online, Lync Online, and Exchange Online
The reporter did not say whether IBM’s cloud services were ever considered, but they will be running a dual environment, Notes/Domino and Office365, for a while.
Mark your calendars.
Given all the security updates and Interim Fixes within the past year, we’ll present a short demo on the Notes/Domino JVM. Members of the IBM Notes and Domino teams will be on hand to answer questions via the meeting room chat as well as the phone.
- Topic: Ask us anything about Notes and Domino Install and Upgrade
- Date: Tuesday, April 07, 2015
- Time: 11:00 AM EDT (15:00 UTC/GMT, UTC-4 hours) for 60 minutes
Link (including iCal): Ask the Experts session: Ask us anything about Notes and Domino Install and Upgrade
Customer-owned financial institution, Beyond Bank, is dumping Lotus Notes and an ageing, legacy CRM app as its moves to the cloud.
Beyond Bank will soon start deploying Microsoft Office 365 to around 600 users at its head office in Adelaide and other branches across the ACT, NSW, South Australia, and Western Australia. The cloud solution will be used to access SharePoint Online, Lync Online, and Exchange Online
The reporter did not say whether IBM’s cloud services were ever considered, but they will be running a dual environment, Notes/Domino and Office365, for a while.
While I do not keep track of such things, it is interesting that IBM software had quite a few vulnerabilities, probably since there is a lot of shared code between applications.
Only two Microsoft programs made the Top 20 list of core programs, which was dominated by IBM, with eight entries. Tivoli Endpoint Manager was Big Blue’s worst performer, with 258 vulnerabilities earning it 8th place. It was followed by Tivoli Storage Productivity Center (231), IBM Websphere Application Server (210), IBM Domino (177), IBM Lotus Notes (174), IBM Tivoli Composite Application Manager For Transactions (136), IBM Tivoli Application Dependency Discovery Manager (136), IBM Tivoli Application Dependency Discovery Manager (122), and IBM Websphere Portal (107).
The full list, including a table, can be found at the link.
Link: ZDNet: The programs with the most security vulnerabilities in 2014 were not the ones you think
Gregg Eldred 