COVID-19: BlackBerry, Citrix among firms seeing leap in remote access solution sales

With Canada’s Chief Public Health Officer urging Canadians to avoid gatherings of 50 people or more to limit the spread of COVID-19, IT leaders without pandemic business continuity plans — or who have discovered their plans are out of date — are rushing to put together remote access capability so employees not already doing so can work from home.

One sign: On Monday service at Microsoft’s Teams was briefly sporadic, perhaps reflecting increased use from remote workers.

Another: Over the weekend, the staff at remote desktop service provider Citrix had to work long hours to meet customer demand.

“Demand is absolutely through the roof,” Ed Rodriguez, vice-president and general manager of Citrix Canada, said in an interview Monday. He didn’t cite specific numbers.

Also:

COVID-19

“About 10 days ago worldwide Citrix saw a very significant uptake in queries [about products and services], followed by customers asking for quotes. Then seven days ago that accelerated into lots of demand by customers. Many are taking initiatives [now] to make sure work from home is capable on the infrastructure side and then rolled out.

“I think a lot of the go-live for work from home projects is actually today [Monday]. Quite a number of organizations across Canada have gone full-fledged work from home [now].”

That doesn’t mean it’s too late for organizations that have not already prepared for remote work. But they may find it harder to get time with consultants to help ensure they have secure and effective connectivity. Often software-as-a-service offerings for remote desktop access and collaboration tools will be the fastest option.

Some firms “are scurrying now to figure it out and are leaning on subject matter experts to help them get through this as soon as possible,” said Rodriguez. That includes assessing what needs to be done, any changes to the technology stack that may be needed and processes that may have to be altered or invented to make remote work as productive as office work was before.

“We probably went from 20 per cent of organizations in Canada two weeks ago thinking and starting to really prepare,” Rodriguez estimates, “to 50 per cent last week. Now, 75 to 80 per cent are starting to make those plans a reality. The last 20 ought to start making those plans now.”

The longer those firms wait the harder it will be for them, he added.

Like Citrix, BlackBerry is among the vendors reporting a sudden leap in demand for remote solutions. Alex Willis, the company’s vice-president of global sales, said in an interview this morning there’s been a big spike in sales recently for BlackBerry Digital Workplace. It’s a $99 a user a year managed bundle that includes BlackBerry Desktop (extends corporate data to remote PCs for email, calendar and secure browsing), an antimalware from its recent acquisition of Cylance and integration with a product Awingu, a web-based front end to a virtual desktop infrastructure. No VPN is needed, he added.

Digital Workplace was launched early last month to meet the general demand for remote desktop solutions, Willis said. But shortly afterwards when COVID-19 turned into a pandemic sales lept. He didn’t give specific numbers.

All IT needs to do is provide a link to home users to download Digital Workplace. Willis said download, install and activation can take five minutes.

Related

Cisco offers free WebX licences

Last week Gartner analysts told IT World Canada that organizations heavily using cloud applications will find it easier to have staff shift to work from home, as long as enterprise security isn’t put at risk from home computers with vulnerabilities.

For CIOs/CISOs who are only starting to think of what to do, Tony Anscombe, chief security evangelist for antivirus provider ESET offers this advice. Broadly speaking there are three categories of office workers, he said in an interview:

• Staff who regularly work remotely (presumably with company-owned or controlled laptops whose devices have to be secure. They’re no problem because these devices live outside the network already. They may already have full-time data encryption, a VPN and multi-factor authentication, and no IT work is needed;
• Staff who are “semi-mobile,” meaning they use laptops in several locations within the office. IT may need to take extra precautions now that those devices will connect from outside the corporate network;
• Those who only use a desktop or laptop computer at one location in the office. These people will be the most risk to the organization because their home computers — or office PCs they are allowed to take home — have to be protected.

IT may have to install a VPN if access back to a data centre is needed, and mandatory full-disk protection — if possible — may also be needed to protect corporate data, in case it’s stolen. In addition, a solution for scanning and auditing new devices for vulnerabilities if they have to connect back to a data centre would also be useful.

If a VPN is needed, the CISO will have to ensure it is capable of multi-factor authentication through an app (like Google Authenticator or Authy) and not a text message, which can be intercepted.

Related:

How IT leaders can prepare

Other suggestions are turning off Windows remote desktop protocol if possible and the ability to plug in USB keys, which could transmit infections to the corporate network, and remind employees to log off when their computers aren’t in use to prevent family members from using them to download something that could infect the network.

Remind employees who will work remotely of the need to work as safely from home as they do in the office. That means being aware of malicious email and text messages — particularly those offering COVID-19 “information.”

Finally, Anscombe says that because the crisis may last weeks remote employees may slowly forget the discipline of working from the office, so he suggests managers be told to start with a team call every morning. “Understand what everybody’s going to be doing that day, because once you lose social action it may be challenging to self-motivate.”

Making sure home computers that will be used for remote connectivity are safe — meaning they have been patched and scanned for viruses is crucial. In some cases, CIOs/CISOs will have to add scanning capability through software-as-a-service mobile/enterprise device management solutions such as SOTI, IBM MAAS360, MobileIron, BlackBerry and others.

Ken Ammon, chief strategy officer of OPAQ, a security-as-a-service provider, said recently his firm blocked a PC of a new user who worked for a European software developer. The customer had sent staff to work from home due to the pandemic, but when this user tried to connect to the corporate network for the first time OPAQ discovered the computer was “completely infected.” The user couldn’t go further until the machine was cleansed.

He worries that the computers of many home users also have many vulnerabilities that CISOs aren’t prepared to detect. He also wonders if new VPN users working from home will understand the need to turn it off when not accessing the corporate network or corporate cloud services. “I find it unlikely that the average user in this short time frame is going to grab that level of training and knowledge to navigate a VPN.”

The other problem, Ammon said, is that for compliance purposes some organizations need applications that constantly monitor user devices. That’s fine when the device is corporately-owned. However, if IT has users install an application on a home computer for remote workers for the same purpose some users may balk at, in effect, being monitored all the time. Those users need to be trained in turning off the application when the computer is used for personal surfing and turned back on when it’s used for accessing corporate assets.

Maple launches free online screening and consultation solution in response to COVID-19

While health officials do their best to provide answers to the public about COVID-19, virtual healthcare solutions provider Maple is doing what it can to quell those concerns by launching a free online screening tool and access to a live doctor for residents of Ontario.

Starting March 17, Ontario residents with a valid health card will be able to access these consultations from getmaple.ca and speak to a doctor through either an audio or video channel to discuss their symptoms and whether or not they should go for further testing or treatment. The solution is covered by OHIP

Following the appointment, people can have their results faxed over to their family physician or a local screening centre for next steps.

“Connecting concerned patients, who are receiving conflicting information from every angle, with licensed Canadian doctors from the safety of their homes is simply the right thing to do,” said Dr. Brett Belchetz, the chief executive officer and co-founder of Maple, in a press release. “We’re already seeing a strong increase in the need for virtual health services across the country. We hope that in the coming weeks, other provincial governments will follow Ontario’s example and open billing codes to allow video or telephone programs to expand across the country. It’s the best way to ensure safe access to healthcare in this time of self-isolation and social distancing.”

This is not yet available in other provinces due to healthcare plan laws and regulations not allowing for physicians to bill for online appointments, the company noted.

Maple will also provide its virtual clinic software to all Ontario and B.C. physicians at no charge.

from IT World CanadaIT World Canada https://ift.tt/38UWlv1

The bad guys are arming themselves with AI, but so are we, says Darktrace’s country manager for Canada

David Masson is confident that the use of sophisticated artificial intelligence by hackers is not a matter of if, but a matter of when.

The Canadian country manager for security firm Darktrace, who has been involved in cybersecurity since the Cold War, is adamant that the same algorithms that helped Darktrace develop intelligent defence capabilities that mimic the human immune system will be used by hackers to deliver massive blows to enterprises and public infrastructure.

“Now, we as a company use AI to protect organizations and networks. But what we have to consider is that the bad guys, the threat actors, they too, are going to start using artificial intelligence,” said Masson, who is also the company’s director of enterprise security. “And this has major implications for the cybersecurity industry right around the world and for all of us. But it’s once the threat actors start using AI…they’re going to be able to carry out very complicated and sophisticated attacks at machine speed, and human beings will not be able to counter them themselves. Human beings will need to use AI to fight AI now.”

David Masson, country manager for Darktrace in Canada.

It’s this thought process that has helped Darktrace elevate itself to new heights in Canada. The company entered the country in 2016, with an office in Toronto, and now has offices in Vancouver and Ottawa as well. It currently stands at an employee base of 30 in Canada, and a client base of 250, having attracted 110 clients in the last year alone.

The cybersecurity firm launched out of the University of Cambridge in 2013, and today has a second headquarters in San Francisco and more than 30 other locations and 600 employees worldwide.

Masson’s extensive experience working for Public Safety Canada, the U.K. Ministry of Defence and Royal Auxiliary Air Force uniquely positioned him to lead Darktrace’s impressive growth in Canada, seeing the company sign two new customers per week. Having spent most of his career working in the national security both in the U.K. and in Canada, Masson describes himself as a risk manager.

“I’ve seen cyber go from analogue to digital…and cyberattacks have been going on for a long, long time, long before the internet ever came along, but the internet is going to make them so much easier. And basically, I spent most of my career being a risk manager. That’s one way to look at managing risk,” he said.

Now in the private sector, Masson manages cyber risk. And when it comes to risk, Masson said it’s important to remember that risk is made up of two issues. One is the cyber threat that individuals and organizations face, and the other is their vulnerability to that threat. In the government, he says, both vulnerability and the threat can be tackled. So, for instance, nations can arrest people and lock them up, take sanctions against those nations who carry out cyberattacks. But in the private sector, he says, that can’t be done. And what really needs to be done in the private sector is concentrate vulnerability to this threat.

“That’s basically what I do now with Darktrace. And with Darktrace we focus on our vulnerability to the threat. Using AI, we’re much better protected than we would otherwise be,” Masson explained.

Ransomware hasn’t reached its peak in Canada

Talking about cyber trends in Canada for 2020, Masson mentioned that the Canadian market hasn’t seen ransomware reach its peak yet. Ransomware has been an issue for many years, and it gets an awful lot of publicity. Curiously, over the last couple of years, he said the number of ransomware attacks has dropped, but their impact has become much more intense.

“The attacks are becoming increasingly sophisticated and will be turbo-charged by AI in the near future,” he said.

Although the number of new ransomware families declined, there was a rapid increase in the overall number of ransomware detections among municipal organizations in 2018 and 2019, according to Trend Micro’s 2019 midyear security roundup. High profile threats, such as LockerGoga ransomware, RobbinHood ransomware and Ryuk ransomware, still remained and continue to cause havoc today.

“I don’t think it’s finished yet. I think we’re going to see a bigger increase in ransomware attacks this year,” Masson said.

Related:

Think you’re using AI effectively in security? You’re probably not, says security expert

 

Added focus on protecting operational technology (OT) will be critical this year as well.

“The problem with OT networks is that they were never designed with security in mind, they used to be completely air-gapped and separated from the internet. But that is no longer the case. Because they’re now connected to the internet, they’re very, very vulnerable to cyberattack. And I think we’ll see more focus on that in this year,” Masson explained.

To improve stealth attacks, for example, hackers can use AI to create malware capable of mimicking trusted system components. Subsequently, as they blend with the security environment of an organization, they can execute undetectable attacks. For example, San Francisco-based online and mobile marketplace TaskRabbit – now owned by Ikea – was hacked in 2018, affecting 3.75 million contractors and app users, yet the attack could not be traced by investigators. More such sophisticated cyberattacks can be facilitated by AI, explained Masson.

“Sony Pictures was hacked a few years ago. To carry out that kind of attack, you need the resources, budget, and the manpower of a nation-state to do that kind of attack…very complicated, very sophisticated attack. But with AI, it will not be possible for anybody to carry one of those kinds of attacks. It will basically lower the barrier of entry to that kind of attack to criminal gangs and individuals will be able to buy the attack of the dark web and carry them out,” Masson explained. “And what you’ll actually see is highly sophisticated attacks, rather than just happening against one organization will be carried out against 10-20 organizations all at the same time.

from IT World CanadaIT World Canada https://ift.tt/2wUhp7f

Canada can learn from U.S. cyber report, says expert

Canadian political and cyber leaders can learn lessons from a new U.S. congressional report on how the U.S. federal government should defend against internet-based threats, says a security expert.

The report by the bipartisan Cyberspace Solarium Commission issued Wednesday is “pretty cutting edge,” said Christian Leuprecht a security and defence expert at Royal Military College and Queen’s University in Kingston, Ont.

“What the commission does is validate many of the moves Canada has already made, but it also shows that there’s a lot of ground left to cover. The government’s going to have to have a much more honest and open conversation with Canadians about this space so they understand it a human behaviour and is not a technical problem. Technology plays a role, but you can invest all the money in the world and you’re not going to get ahead.”

The report notes that about 95 per cent of successful cyber attacks are the fault of what he called “rookie mistakes that people making in configuring technology, or [poor] digital hygiene — not patching, retaining default passwords.”

Named after President Dwight Eisenhower’s 1953 Project Solarium on strategic challenges, the 182-page report makes 75 recommendations across the public and private sector, while presenting several draft bills and proposing changes to government departments and the creation of a National Cyber Director.

(There was a cybersecurity co-ordinator within the U.S. National Security Council, but it was eliminated in 2018).

“The reality is that we are dangerously insecure in cyber,” the executive summary says. “Our country has lost hundreds of billions of dollars to nation-state-sponsored intellectual property theft using cyber espionage. A major cyberattack on the nation’s critical infrastructure and economic system would create chaos and lasting damage exceeding that wreaked by fires in California, floods in the Midwest, and hurricanes in the Southeast.”

The 14 commissioners — four legislators from Congress, four senior Trump administration executive agency leaders, and six experts from outside of government — admit they didn’t agree on everything.

For example, they couldn’t make a firm recommendation on the controversial issue of whether the government should order tech companies to give law enforcement and intelligence agencies lawful access to encrypted devices. All they could do is provide a common statement of principles.

The report’s recommendations are group into six pillars:

• Reform the U.S. government’s structure and organization for cyberspace so decisions can be made quicker;
• Strengthen international cyber norms, or accepted rules of cyber behaviour, through enforceable agreements;
• Promote national resilience in critical infrastructure, which is the capacity to quickly recover from cyber-attacks;
• Reshape the cyber ecosystem by partnering with the private sector to encourage the baseline of security to rise;
• Improve collaboration with the private sector to not only help the government counter cyber threats but also help business understand them;
• Allow the cyber capabilities of the military to “defend forward” against threats and impose costs on attackers.

Canada’s strategy has a number of elements: An updated 2018 National Cybersecurity Strategy, which for years has included working with 10 critical infrastructure sectors (such as energy, transportation, healthcare, manufacturing and finance) to guide them on improving their cybersecurity and response, backed with a 2019 implementation plan; the merging of several federal cyber units in 2018 to create the Canadian Centre for Cyber Security for better advising the public and private sectors; the creation with the RCMP of a National Cyber Crime Coordination Unit (NC3) for handling complaints; and federal support for the Canadian Cyber Threat Exchange (CCTX), a threat information sharing service largely for the private sector.

However, the Centre for Cyber Security isn’t fully up to steam. A program to certify businesses as meeting minimum security standards has been launched, but won’t be really running until next year, and the RCMP’s NC3 won’t be until 2023.

Related:

Canada among countries promising to fight extremist content

 

All this is praised by Leuprecht. “There are some areas where we are exemplary, and the CCTX is a good example.” And so is the Canadian Centre for Cyber Security, once it’s fully operational, he added. “That is something lacking in the U.S.”

However, he complains “there’s lots of talk in Ottawa about resilience, but no one knows how to do it.”

When it comes to Canada’s critical infrastructure, there’s a lot of heavy lifting to be done, especially around the National Cybersecurity Strategy. “We’ve really left much of the private sector up to themselves to try and figure it out.”

He believes a cyber attack against the healthcare sector now during a serious outbreak of a flu-like virus would cause “chaos.”

Rather than act at the speed of cyber, he complained “we have a government structure set up to move at analog speeds. We need much more rapid decision processes, we need a more agile and flatter government” to respond to online threats.

from IT World CanadaIT World Canada https://ift.tt/2W32670

Huawei Mate 30 Pro set to debut in Canada without Google Services

The elusive Huawei Mate 30 Pro will finally be coming to Canada in May, as confirmed by Huawei in an interview with IT World Canada.

As Huawei’s best offer in the high-end smartphones market, the Mate 30 Pro packs a HiSilicon Kirin 990 processor, 8GB of RAM, and up to 256 GB of storage behind a 6.53-inch OLED display. The display rolls off on the edge, a design Huawei calls the waterfall display. Since there’s no room for a volume rocker, users need to double-tap the edge to summon it on-screen.

Notice how the screen curves around the edge, hence called the waterfall display. Photos by Tom Li.

The Mate 30 Pro carries a center-aligned square camera module with major improvements over the last-gen. It has a 40MP wide-angle camera, a 40MP ultra-wide camera, an 8MP telephoto camera, and a time-of-flight (ToF) sensor. For sports and wildlife shooting the main camera can record at a mind-boggling 7,680 fps for a fraction of a second.

The center-aligned circular camera module adds variety to the otherwise blocky body.

Since Google is still banned from doing business with Huawei, the Mate 30 Pro will ship without Google Play Services. Instead, the phone will come with Huawei’s AppGallery.

No volume rocker on the edges; just a simple power button.

First launched on Feb 24, the Canadian version of Huawei’s AppGallery is still in beta, but Huawei told IT World Canada that it already has over 19,000 apps. Speaking from a global scale, Huawei said that its AppGallery has been gaining 5,000 new apps per month. In addition, the company touts that there are now 26 million monthly active App Gallery users in Europe.

Despite the ban, Huawei’s EMUI 10 operating system is still built on Android 10, albeit built with the Android Open Source Project (AOSP).

While 5G is slowly being rolled out in Canada, Huawei has decided against releasing a 5G-equipped Mate 30 Pro in Canada.

Huawei has yet to announce an exact release date or official Canadian pricing.

from IT World CanadaIT World Canada https://ift.tt/3aHPhDg

Koodo admits February data breach, data already being sold on dark web

One of Canada’s three big wireless carriers was hacked last month, with the attacker making off with customer names and phone numbers for two months during the summer of 2017. The stolen data is already on sale online.

According to Bleeping Computer, Telus has begun notifying customers by email that a database of subscribers to its low-cost Koodo service about the violation of security controls.

The email says that on Feb. 13 an unauthorized third party using compromised credentials accessed the Koodo system and copied data for the months of August and September 2017. This data included customer mobility account number and telephone number. If that information changed since then, it wasn’t compromised.

However, account and phone numbers could be used by a criminal to switch a customer’s mobile to other numbers. That would enable the attacker to receive a two-factor authentication code if that safety capability has been enabled. As a result, Koodo said it has enabled the “Port Protection” feature on the affected accounts, which prevents attackers from porting a Koodo Mobile number to another carrier unless the account holder first calls and requests it to be done.

“We have found evidence that the unauthorized third party is offering the information for sale on the dark web,” the email to affected customers says. “With port protection in place, we do not believe that your information could be used for any fraudulent purposes. Nevertheless, we have reported this incident to law enforcement and the Office of the Privacy Commissioner of Canada and we are working closely with them on this matter.”

However, the news story also says the notice to customers advises them to stop using their mobile number as the second factor in a 2FA setup.

from IT World CanadaIT World Canada https://ift.tt/2vKo3gk

Security in Canadian financial services: Explore all the changes in a single day

Financial services is at a crossroads right now. One of the main challenges facing professionals in this industry is around moving to the future from the legacy they have today. But doing so is easier said than done, and with only 30 per cent of finance transformations delivering on the forecasted benefits to the business,…

from IT World CanadaIT World Canada https://ift.tt/39qDoBg

A new Google Cloud platform region to come to Toronto

Google Cloud is building a new platform region in Toronto to support its expanding customer base in Canada, the company announced in a blog post today. 

It will launch with the company’s core portfolio of Google Cloud Platform products, which includes Google Kubernetes Engine, Compute Engine, BigQuery, Bigtable, App Engine, and Spanner. 

Complementing Google Cloud’s existing Montréal region, which was opened in 2018 – marking the company’s official arrival in Canada – the new Google Cloud platform region in Toronto (with its three zones, similar to those in Montréal) will enable organizations across all industries and of all sizes to distribute storage and apps, safeguarding them against service disruptions. 

Google Cloud platform – Montréal

“Having already collaborated closely with the Google Cloud team in Montréal, where we’re headquartered, we look forward to their Toronto expansion. Google Cloud services are allowing us to bring a lower-latency travel planning and booking service to our customers. The second Canada region will allow us to extend that experience to more people around the world,” said Ken Pickering, chief technical officer of the travel-booking app, Hopper, in the blog post.

Google Canada also says that the Toronto region will provide distributed, secure infrastructure to help organizations meet disaster recovery and compliance requirements, which is something that its customers have been asking for, especially e-commerce providers, financial institutions, public sector organizations, and other organizations operating in highly regulated industries.

“System performance and security are critical for us…an organization that clears and settles hundreds of billions of dollars every day. Google’s new Toronto cloud region will help us continue to modernize our infrastructure, strengthen our resilience, and create a digital platform for innovation,” said Andrew McCormack, chief information officer at Payments Canada, a national payment clearing and settlement system. It leverages Google Cloud solutions like Apigee for digitization and management of its hybrid cloud environment.

Expected to be completed in 2021, the Toronto region – along with three additional cloud regions that Google announced today in Melbourne, Delhi, and Doha – will add to the company’s existing 22 cloud regions and 67 zones, all becoming part of its worldwide network of secure and reliable infrastructure. 

from IT World CanadaIT World Canada https://ift.tt/2PQT74T

Canada has highest wireless value among G7 nations: U.S. study

A new U.S. study commissioned by the U.S. Industry Association and the Cellular Telecommunications Industry Association (CTIA) says that Canada offers leading mobile propositions for consumers among G7 nations and Australia.

Out of 1,554 mobile plans offered by 213 mobile operators in 36 countries, Canadian mobile plans cost 4.7 per cent lower than other G7 countries and Australia for the same quality of service. Its value proposition bested all other G7 nations.

Source: U.S. Industry Association and the Cellular Telecommunications Industry Association (CTIA) – A Comparison of the Mobile Wireless Value Proposition.

When compared to 15 European Union countries and the U.S., Canada ranked 6th in mobile service value proposition. The model for this comparison used some estimated data for the EU countries and assumed they all share important commonalities.

In its abstract, the report stated that its goal is to offer a more complete comparison between U.S. mobile services and other countries. It factored multiple variables into consideration instead of relying solely on price.

“The [previous] studies’ simplistic analytical techniques assume a world where consumers are indifferent to all other competitive differentiators (i.e., monthly service allowance and quality differences) beyond price,” wrote the study abstract. “The price rankings also fail to consider the vast differences between the study countries that affect the building of networks.”

In order to offer this complete picture, the new U.S. study included plan attributes, network attributes, and country attributes along with pricing, which encompassed monthly recurring charges, net of taxes, and installation fees. Pricings were gathered from consumer-facing websites of 1,554 facility-based and MVNOs. The detailed methodologies and data selection process can be found in the full report.

Opensignal’s bi-annual report, published in February, concluded that Canada’s mobile performance is world-class, beaten only by South Korea. Measurements were sampled from devices in major cities including Toronto, Edmonton, Calgary, and others.

OpenSignal calculated Canada’s average wireless download speeds to be between 51.2Mbps (Rogers) to 75.0 Mbps (Telus), far ahead of the 41.6Mbps average stated in the U.S. report. Its 4G availability was 2.7 to 4.2 per cent short of the 95.4 per cent global average, however.

Last week, the Canadian Radio and Telecommunication Commission (CRTC) concluded a major hearing with Canadian telcos to evaluate the merits of enforcing MVNOs and the state of wireless competition.

from IT World CanadaIT World Canada https://ift.tt/2TyEWCH

‘Being a cloud-enabled government is a very positive thing for BC’: Insightful chat with CJ Ritchie, CIO at the Government of British Columbia

CJ Ritchie, the chief information officer at the Government of British Columbia, is a visionary leader taking a pragmatic view of what the future may hold for British Columbia.

from IT World CanadaIT World Canada https://ift.tt/2PIuIOG

Coronavirus ‘decimated’ device manufacturing in February, says IDC

With files from Alex Coop

 

The spreading of Coronavirus has curtailed production in the tech industry, a new IDC study finds.

Most affected sectors include factory, logistics, and transportation, many of them located in China, but the effects can be felt worldwide.

“As is stands, device manufacturing will be decimated in February with uncertainty for March and beyond until the epidemic stabilizes at the very least,” the report says.

In an effort to quarantine the virus, the Chinese government imposed travel and work suspensions across the country between Lunar new year to Feb. 16th.

Areas where production is affected in China. The Hubei province is ground zero for the current outbreak.

And while the outbreak in China has slowed, the number of reported cases has spiked in other areas. Cases have been reported in all continents of the world.

According to IDC, the global smartphone and PC markets will likely be substantially affected by the virus. Its effects may persist throughout the year depending on the developing situation.

IDC predicts that the system manufacturing ecosystem will not return to full health until the middle or end of Q2 2020.

The fear of infection is just as potent as the virus’s contagiousness. The 2019 coronavirus, formally known as COVID-19, has eviscerated the technology trade show business. This morning, Shopify told IT World Canada in an email that it was cancelling the in-person element of Shopify Unite this year. 

GSMA cancelled Mobile World Congress, its annual Barcelona event, in February after a number of exhibitors decided to pull out. Facebook has just recently cancelled its F8 developer event under the same pretext, and IDC scrapped its Santa Clara Directions technology conference. These are just a handful of affected trade shows among a list of many.

“It’s a really tricky thing to navigate,” said Lars Goransson general manager and group vice-president, IDC Canada, adding there are currently no plans to cancel its Directions event in Toronto April 7. “We’re going to continue to monitor the situation for the next week or two, but it’s a challenging environment.”

These cancellations paint a gloomy picture for coming events like Apple’s WWDC 2020 and the Tokyo Summer Olympics.

Stocks feel the pinch

The global stock market reflected virus’ outreach. In a seven-day decline, the DOW faced the biggest weekly losses since 2008, plunging over 1,000 points. 

Both Apple and Microsoft warned that they may not be able to meet quarterly revenue guidance due to COVID-19.

“Although we see strong Windows demand in line with our expectations, the supply chain is returning to normal operations at a slower pace than anticipated at the time of our Q2 earnings call,” Microsoft said in a press release. “As a result, for the third quarter of fiscal year 2020, we do not expect to meet our More Personal Computing segment guidance as Windows OEM and Surface are more negatively impacted than previously anticipated.”

Despite the system component stock being “unusually healthy” due to high-production in December, their distribution is choked by the slowed supply logistics. In addition, COVID-19 presents a persistent threat to production. A poignant example occurred on Feb. 22nd when Samsung temporarily closed one of its smartphone factories in Korea after a factory worker was tested positive for the virus.

In an optimistic scenario, IDC’s report says the supply chain disruption to revive in the current quarter in a speedy V-shaped recovery. But at worst, IDC foresees the supply disruptions to last throughout the year and regress into a L-shaped recession if Chinese production continues to be impacted.

IDC said smartphones may be impacted the most due to their fragmented sources of and proprietary supply chain. PCs will be less affected since most component manufacturers are located in China. But as factories resumed business on Feb 17, Apple CEO Tim Cook said he trusts China’s ability to control the outbreak.

“iPhone is built everywhere in the world,” said Cook in an interview with Fox Business transcribed by the Verge. “When you look at the parts that are done in China, we have reopened factories, so the factories were able to work through the conditions to reopen. They’re reopening. They’re also en-ramp, and so I think of this as sort of the third phase of getting back to normal. And we’re in phase three of the ramp mode.”

So far, there have been 75,204 confirmed COVID-19 cases globally and 2,009 deaths. As of Feb. 28, Canada has 14 confirmed cases–seven in Ontario and seven in British Columbia. The Public Health Agency of Canada currently deems the virus’ public health risk to be low.

from IT World CanadaIT World Canada https://ift.tt/2POpscL

Movement starts to have Canada declare Sept. 1 as International Women in Cyber Day

In a bid to recognize the effort women play in strengthening online security in an overwhelmingly male profession, a group of women is making its second attempt to have Ottawa declare Sept. 1 International Women in Cyber Day, and have it recognized globally.

Lisa Kearney, CEO Women CyberSecurity Society

On Monday Lisa Kearney, CEO of the Vancouver-based Women CyberSecurity Society collected the five supporters needed for presenting an online petition for the declaration to her member of Parliament. That’s the initial step in the parliamentary process for public petitions.

With five supporters the e-petition can be sent to House of Commons’ Clerk of Petitions for certification, after which it can be officially put online for mass support. If it collects at least 500 signatures within 60 days, it can be tabled in the House of Commons for a vote.

That may not be a problem. The first version of the e-petition published last year pulled in 147 signatures before the federal election was called, which meant the process had to start all over again.

(Here’s a link to the international petition. The new Canadian petition for Parliament will have similar wording.)

Ultimately, Kearney said in an interview that supporters want the United Nations to recognize Sept. 1 as International Women In Cyber Day around the world. For that at least one country has to approve it.

Kearney and supporters across the country last year did some early groundwork, getting support from city councils in Vancouver, Ottawa and St. John’s, Nfld,

In addition to recognizing the day, the Canadian e-petition asks the federal government to provide grants and funding to help raise awareness and build solutions to remove barriers of entry to women in cybersecurity as well as increase retention.

Related:

How to get more women into cybersecurity

 

Asked why a day or recognition is essential, Kearney said, “women have a lot of barriers and roadblocks within the industry,” noting that in Canada women make up only 10 per cent of the cybersecurity workforce, and11 per cent globally.

Research has shown there is a 50 per cent drop out rate for women in information technology within the first four years, the petition notes. Studies also show women are paid less than men.

“Women need support; there’s a high drop-out rate, and we really want to bring awareness, so we bring solutions that retain women in this industry,” Kearney said.

“Second, we want to celebrate the achievements of women in the industry, and this has been key.

Doing both will help close the skills, and the gender gap experts say is causing a shortage in demand for cybersecurity workers.”

She added, “diversity increases profits for organizations,” noting how diversity is a business incentive as well.

 

from IT World CanadaIT World Canada https://ift.tt/2Vgo9qz

Another record year for online crime, says FBI

Online crime continues to reach new heights, according to the latest edition of the FBI’s annual Internet Crime Report.

Last year the agency’s Internet Crime Complaints Center (IC3) received 467,361 complaints — about 1,300 a day — with reported losses exceeding US$3.5 billion, the highest number of complaints and the highest dollar losses reported since the centre was established in May 2000.

One bright spot: The IC3’s Recovery Asset Team (RAT), which assists in recovering funds for victims of business email compromise schemes, helped recover over US$300 million lost through on-line scams. That’s a 79 per cent return rate of reported losses.

One of the most recent cases involving a gang that specialized in thefts related to swapping SIM cards in smartphones. led to an arrest of the alleged leader and the seizures of over US$18 million, five vehicles, a $900,000 home, and hundreds of thousands of dollars in jewelry. Overall the scheme compromised hundreds of cryptocurrency accounts and caused approximately US$40 million in losses.

Last year the FBI noted an increase in the number of complaints related to the diversion of payroll funds with a criminal emailing a company’s human resources or payroll department to change an employee’s direct deposit information. Usually, the money goes to a pre-paid card account.

The FBI urges organizations to never make any payment changes without verifying with the intended recipient. Meanwhile, individuals should verify email addresses are accurate when checking mail on a cell phone or other mobile device.

Still, the amount of online crime grows. Report highlights include:

• In 2019, the IC3 received 23,775 complaints with adjusted losses of over US$1.7 billion related to business email compromise (BEC) and email account compromise, which involve the takeover of email accounts to get victims to transfer money to bank accounts controlled by scammers.
• Tech support fraud continues to be a growing problem, says the report. In 2019, the IC3 received 13,633 complaints related to Tech Support Fraud from victims in 48 countries. The losses amounted to over US$54 million, which represents a 40 per cent increase in losses from 2018. The majority of victims reported being over 60 years of age.
• In 2019 the IC3 received 2,047 complaints identified as ransomware with adjusted losses of over US$8.9 million. The agency advises ransoms not be paid because that doesn’t guarantee an organization will regain access to its data. “Paying a ransom emboldens the adversary to target other organizations for profit, and provides a lucrative environment for other criminals,” the report says.

Still, the agency understands that if a business can’t function executives will evaluate all options to protect their shareholders, employees, and customers.

Excluding the United States, the largest number of complaints filed with the FBI came from the U.K. with over 93,000. Canada was second with over 3,700.

In terms of reported online crime, phishing/smishing/vishing/pharming related incidents accounted for the largest number, followed by non-payment/non-delivery of goods, extortion, personal data breach, spoofing, BEC, confidence/romance fraud and identity theft.

In terms of dollar losses, BEC led the list ($1.7 billion), followed by confidence/romance scams, spoofing, investment scams, and real estate/rental scams ($221 million).

Annual numbers like these in Canada will be hard to come by until the RCMP’s new National Cyber Crime Reporting Unit (NC3) is fully running in 2023.

In a statement, Donna Gregory, the chief of the FBI’s IC3, said that in 2019 the centre didn’t see an uptick in new types of fraud but rather saw criminals deploying new tactics and techniques to carry out existing scams.

“Criminals are getting so sophisticated,” Gregory said. “It is getting harder and harder for victims to spot the red flags and tell real from fake.”

While email is still a common entry point, frauds are also beginning on text messages—a crime called smishing — or even fake websites, a tactic called pharming.

from IT World CanadaIT World Canada https://ift.tt/320Iykz

Samsung launches Galaxy Z Flip foldable phone and Galaxy S20 series smartphones

Samsung announced four new smartphones at its Samsung Unpacked event held in San Francisco yesterday.

Model	Galaxy Z Flip	Galaxy S20 5G	Galaxy S20+ 5G	Galaxy S 20 Ultra 5G
Display	Main: 2636 x 1080 6.7-inch Dynamic AMOLED Infinity Flex Display Cover display: 300x 112 1.1-inch Super AMOLED display	6.2-inch 120Hz 3,200 x 1,440 Dynamic AMOLED  Infinity-O Display	6.7-inch 120Hz 3,200 x 1,440 Dynamic AMOLED  Infinity-O Display	6.9-inch 120Hz 3,200 x 1,440 Dynamic AMOLED  Infinity-O Display
SoC	Snapdragon 855	Snapdragon 865	Snapdragon 865	Snapdragon 865
RAM	8GB	Up to 12GB LPDDR5	Up to 12GB LPDDR5	Up to 16GB LPDDR5
Camera	Front: 10MP f/ 2.2 Rear: 12MP f/ 1.8 wide-angle camera 12MP f/ 2.2 ultra-wide camera	Front: 10MP f/ 2.2 Rear: 12MP f/ 2.2 ultra-wide camera 12MP  f/ 1.8 wide-angle camera 64MP f/ 2.0 telephoto camera	Front: 10MP f/ 2.2 Rear: 12MP f/ 2.2 ultra-wide camera 12MP  f/ 1.8 wide-angle camera 64MP f/ 2.0 telephoto camera	Front: 10MP f/ 2.2 Rear: 12MP f/ 2.2 Uutra-wide camera 108MP  f/ 1.8 wide-angle camera 48MP f/ 2.0 telephoto camera
Storage	256GB	128GB	Up to 512GB	Up to 512GB
Battery	3,300 mAh	4,000mAh	4,500mAh	5,000mAh
Durability	N/A	IP68	IP68	IP68
Dimensions and weight	Weight: 183g Unfolded: 73.6 x 167.3 x 7.2mm – 6.9mm Folded: 73.6 x 87.4 x 17.3mm	Weight: 163g Dimensions: 151.7 x 69.1 x 7.9mm	Weight: 186g Dimensions: 161.9 x 73.7 x 7.8mm	Weight: 220g Dimensions: 166.9 x 76.0 x 8.8mm
OS	Android 10	Android 10	Android 10	Android 10
Price	CA$1,819.99	Starting at CA$1,319.99	Starting at $1,579.99	Starting at $1,849.99

 

Samsung Galaxy Z Flip

Samsung has released a second foldable phone with a few drastic design changes. Unlike the Galaxy Fold released last year, the Galaxy Z Folds vertically, cutting its height by half when closed. There is still a slight gap in the middle when closed, but it now uses a more durable glass for its 6.7-inch 2,636 x 1,080 AMOLED display. 

To show notifications when the phone’s closed, Samsung installed a tiny 1.1-inch AMOLED display on the cover to display notification icons. Interestingly, it can also be used as a small viewfinder. Due to its size, however, its viability may be limited.

Its rear camera array features a conservative dual-sensor setup, coming with a 12MP f/ 1.8 Wide-angle camera and a 12MP f/ 2.2 Ultra-wide camera. On the front, There’s a single 10MP f/ 2.4 camera.

Because the phone folds vertically, it’s able to prop itself up. At the event, Samsung showcased several use cases for this mode, including taking video calls without a stand. Samsung also developed Flex mode that divides the display into two halves to show different content and controls.

Internally, the Samsung Z Flip forgoes Qualcomm’s latest Snapdragon 865 SoC and instead uses the last-gen Snapdragon 855. It’s still plenty powerful, but it won’t have an integrated 5G modem.

Other specs include 8GB of RAM and 256GB of storage. There’s a battery in both halves of the phone, totalling to 3,300 mAh. Like most recent flagship phones, the Galaxy Z flip supports wireless charging as well.

The Galaxy Z Flip can provision the top and bottom halves for different purposes.

The Samsung Galaxy Z Flip will be available in Canada in limited quantities for CA$1,819.99 starting Feb. 11. Colour options will include Mirror Black and Mirror Purple. Compared to the Galaxy Fold’s CA$2,599 price tag, the Galaxy Z Flip’s cost is much easier to swallow. Granted, it’s still costly, but it’s dropping closer to the mainstream flagship slab phones. All Galaxy Z Flips come with four free months of YouTube Premium.

Galaxy S20, S20+, and S20 Ultra

The Galaxy S20 series is the rigid slab phones familiar to everyone.

Samsung has dramatically improved the refresh rate on the display. When used in 1080p mode, the screen can operate at 120Hz to provide a more fluid experience in games. The caveat is that if you increase the resolution to 1440p, the display dials back to 60Hz.

With the Galaxy S20 series, Samsung dove fully into 5G. All three models come with 5G capabilities thanks to their Qualcomm Snapdragon 865 SoC and integrated 5G modem. In Canada, only the sub-6GHz frequencies will be supported.

With the new SoC comes LPDDR5 memory, a noteworthy upgrade to LPDDR4/X. Compared to the previous generation, Samsung’s LPDDR5 uses 30 per cent less power while boasting 50 per cent higher data rate. The Galaxy S20 5G and S20+ 5G can be configured with up to 12GB, while the Galaxy S20 Ultra 5G can house 16GB.

Storage-wise, the Galaxy S20 5G has 128GB of storage. The Galaxy S20+ 5G and Galaxy S20 Ultra 5G bump it up to 512GB.

Whereas the Galaxy S20 and S20+ both feature a 12MP f/ 2.2 ultra-wide camera and a 12MP f/ 1.8 wide-angle camera, the Galaxy S20 Ultra 5G has a 108MP f/ 1.8 primary camera. The tradeoff, however, is a slightly lower resolution zoom camera. Unlike the two smaller models that have 64MP telephoto cameras, the Galaxy S20 Ultra 5G has a 48MP camera telephoto camera. With that said, the Galaxy S20 Ultra has an L-shaped telephoto lens array for 10 times optical zoom. Combined with its 10 times digital zoom, the S20 Ultra can technically reach 100 times zoom, although image quality at such magnification can be blurry.

The Galaxy S20 Ultra has a colossal camera array.

All three models come with appreciable batteries. They’re rated at 4,000mAh, 4,500mAh, and 5,000 mAh, respectively, and feature wireless charging in both directions. The S20 5G and S20+ 5G come with a 25W charger. The Galaxy S20 Ultra comes with a 45W charger.

The Galaxy S20 series is available for pre-order now, starting at CA$1,320. All pre-orders made between Feb.11 and Mar. 5 will include a free pair of the new Galaxy Buds+.

from IT World CanadaIT World Canada https://ift.tt/39EKWAj

Hashtag Trending – IBM picks Slack, Samsung Unpacked, robotic workforce stops growing

IBM selects Slack over Teams as its official communications platform, Samsung Unpacked yields a few surprises, and Robots loosen their grip on the American workforce.

from IT World CanadaIT World Canada https://ift.tt/2ONVVPT

ventureLAB announces first cohort of its Hardware Catalyst Initiative companies

Markham, Ontario-based technology hub ventureLAB has announced the first cohort of companies in its Hardware Catalyst Initiative (HCI), Canada’s first hardware and silicon-focused incubator for tech companies building solutions for technologies like AI, IoT, wearable computing, 5G, and other transformative technologies that will enable the creation of products and solutions that scale globally.

The eight successful applicants, which have to be located in Southern Ontario (or be willing to establish a long-term presence), were founded within the five years preceding their applications, have had less than $5 million in revenue in the last 12 months, and have met criteria around their product plans, will receive a series of benefits including:

• 24/7 access to a 1500 square foot hardware lab with state-of-the-art specialized equipment, such as high-speed spectrum analyzer and high-speed oscilloscope, as well as prototyping, production services, and Electronic Design Automation (EDA) toolsets
• Access to highly experienced hardware and silicon development experts, as well as supply chain management, product environmental compliance, and electromagnetic compatibility (EMC) compliance experts
• Dedicated advisory team to work with the company to define business milestones and to support them with resource navigation, introductions, and putting a growth plan in place
• Specialized supports and guidance around: intellectual property (IP) protection, market development, purchase and supply contracts
• Support through the Capital Investment Program
• Access to Market Intelligence and premium reports from top-tier research firms
• Premium access to curated educational programming and exclusive partner 1-on-1s
• Free workspace (up to 2 spots per team) at ventureLAB

The initiative launched in June 2019 with $5 million in funding from Federal Economic Development Agency for Southern Ontario (FedDev Ontario). Since then, six founding industry partners – AMD, Synopsys, Microart Services Inc., ReMap, Bereskin & Parr, and MNP – have committed up to $8 million in resources, expertise, and mentorship for the cohort.

“In the U.S., every semiconductor job that’s created creates almost five new jobs across the economy. And it’s a $7 trillion global market,” said Melissa Chee, president and chief executive officer of ventureLAB. “So I think, for Canada, if I bring it back home, we have this immense amount of talent, and rigour and expertise and really historic pioneering examples in this country of really being able to deliver systems, but primarily we have a deep silicon and semiconductor base here. And so we’re very excited to see our partners reinvest in the sector.”

The eight companies in the inaugural cohort are:

The inaugural HCI cohort. Photo submitted.

• Bionic-i — A hardware biotechnology company focused on augmenting vision and combating blindness with a surgically implantable device that can treat and monitor an “orphan” genetic disease, as well as rejuvenate cataract surgical patients by eliminating their need for reading glasses
• BluMind.AI — Analog machine learning inferencing; engines for network Edge devices
• Cyberworks Robotics — AI-based technology for autonomous self-driving wheelchairs
• Ekidna Sensing — Will provide a rapid and critical testing solution for licensed producers in the global cannabis industry
• Humantec Inc. | Menopod — Manufactures the ‘Menopod’, a handheld electronic cooling device for women suffering from hot flashes during menopause
• Micromensio — A semiconductor company developing a unique biosensing technology to provide transformative solutions for healthcare, the environment, and industry
• TARTAN AI — A hardware company optimizing machine learning to offer processing elements and transparent memory compression technologies to reduce the computation, storage, and communication needed when executing machine learning models on silicon.
• Wind Shape Technology Inc. — Designs and manufactures proximity sensors for electronic faucets

Over the next five years, HCI plans to support up to 40 companies, create more than 200 jobs, and commercialize 15 new products and technologies.

“When this started three years ago, it was a big vision to really rebuild and put this ecosystem from a silicon and semiconductor and hardware perspective back on the map,” Chee noted. “And the bigger vision for this is that this becomes one of a select few global hubs around the world for semiconductor and semiconductor related products and companies, big, small, and in all in between.”

from IT World CanadaIT World Canada https://ift.tt/2S9weex

HPE wants to help make data centres greener, unveils new efficiency label

The increased use of cloud computing doesn’t mean workloads are literally moving to the clouds – unfortunately – and recent projections suggest the global data centre generator market can expect steady growth over the next several years.

To ensure that added infrastructure doesn’t further compromise the planet’s climate, server farm operators worldwide are being asked to cut carbon emissions and improve overall energy efficiency.

Climate change was at the top of the agenda in Davos during the World Economic Forum last week, and it’s where Hewlett Packard Enterprise, together with industry leaders and universities, unveiled the Swiss Data Center Efficiency Label.

The label’s initial goal to decarbonize data centres in Switzerland and significantly reduce their overall energy consumption has quickly expanded to encompass other countries.

Monica Gille, HPE Switzerland director of sales.

“We’re in discussions with the United Nations to see how we can promote it worldwide,” said Monica Gille, HPE Switzerland director of sales, who is directly involved with the project. She would be happy to introduce the label and its criteria guidelines to the Canadian market, she added.

The idea developed through conversations with the federal government, she said. The government was concerned about projections suggesting data centres were going to contribute massively to the country’s growing electricity consumption rates, some reports pointing to a 50 per cent increase. The conversation becomes more complicated, noted Gille, when trying to quantify the impact IoT and other edge devices have on that exponential growth.

The Swiss Datacentre Efficiency Association (SDEA) hopes to answer these questions and serve as a guide for any organization serious about reducing its own carbon footprint.

It’s yet to have a website, but the group is comprised of École Polytechnique Fédérale de Lausanne (EPFL), Green IT Switzerland, HPE, the Lucerne University of Applied Sciences and Arts (HSLU), the Swiss Data Centre Association (Vigiswiss) and the Swiss Telecommunications Association (ASUT).

Also:

Microsoft commits to carbon negative by 2030, among other environmental commitments

Depending on the compliance with the efficiency criteria, which includes energy flow and output measurements, recycling capabilities and other measurements, data centers can be awarded a gold, silver or bronze label.

A total of ten pilot users tested the criteria, indicated Gille. They ranged from public sector bodies to managed services providers, and after implementing these new technologies and procedures, saved up to 70 per cent of their energy. Five participants achieved the results with 100 per cent carbon-neutral energy sources, says HPE.

“It was an excellent achievement overall,” said Gille.

The new label comes shortly after the unveiling of Microsoft’s own goal to be carbon negative by 2030.

Modernizing today’s infrastructure while also building new sustainable infrastructure will be an extremely slow and expensive process, but it’s promising to see large technology manufacturers take the lead when it comes to managing their own growing footprint, Shuli Goodman, executive director at LF Energy, told the publication.

“It’s exactly what we need to see right now,” she said.

Introduced in 2018, LF Energy is a relatively new project that supports open source innovation in the energy and electricity sectors. LF Energy’s focus, according to its website, is to “accelerate the energy transition and the decarbonization of the world’s economies.”

Microsoft and HPE are tapping into a growing subset of businesses worldwide realizing the economic benefits of going green, explained Goodman.

“That’s when it actually becomes critical to the operations of a company. That’s how we begin to steer things in a different direction,
she said.

from IT World CanadaIT World Canada https://ift.tt/36uMACo

Data Privacy Day warning: Organizations that succeed take privacy seriously

Businesses should be worried that Canadians increasingly don’t trust them to handle their personal data and information generated through online buying, according to a senior federal privacy official.

In an interview to mark the 14th annual International Data Privacy Day, deputy privacy commissioner Gregory Smolynec noted that surveys show 90 per cent of Canadian respondents say they are very concerned about their inability to protect their privacy.

“Very high numbers of Canadians believe businesses do not respect their privacy right,” he added. “This should raise concerns.”

The few countries that began observing January 28 as Data Privacy Day to raise awareness of businesses, governments and consumers about data protection best practices have grown to 50. Yet judging by the regular reports of data breaches there hasn’t been much progress.

In November the Office of the Privacy Commissioner estimated the personal information of 28 million Canadians had been exposed in the first 12 months of mandatory federal data breach reporting.

In his annual report issued a month later, Privacy Commissioner Daniel Therrien repeated his plea for Ottawa to recognize privacy as a fundamental right in law.

The current law (the Personal Information Protection and Electronic Documents Act, also known as PIPEDA) and the Liberal government’s seeming unwillingness to consider giving his office much stronger enforcement power,  “create an excellent incentive for companies not to take privacy seriously, change their practices only if forced to after years of litigation, and generally proceed without much concern for compliance with privacy laws,” said Therrien.

A recent Novipro-Leger survey of 496 IT and other officials from Canadian companies released this week found that not quite half the companies (48 per cent) had reviewed their data practices in 2019. Fewer than half of respondents believed their organizations were very well protected against data loss (46 per cent), data breaches (44 per cent), and viruses (45 per cent).

“Canadian businesses have been slow to tighten up their practices and are struggling to respond to the growing threat,” concluded the report. (Registration required)

On the other side, a recent survey released by data management provider Tealium showed half of U.S. consumer respondents don’t feel well informed about how businesses are using their data.

Related:

Organizations don’t have to sacrifice privacy for security

Asked if businesses don’t take privacy seriously, Smolynec noted new communications technologies are having an impact on privacy and expose businesses to vulnerabilities.

“There are some businesses that are not compliant (with PIPEDA), there are other businesses that have to develop robust privacy programs and cybersecurity measures to protect themselves.”

To show Canadians they are tough about privacy businesses need to make sure they follow PIPEDA and get “meaningful consent” to the personally identifiable data they collect, he said. That includes explaining what personal information is being collected, the purpose of the collection, who it is being shared with, how it may be used and any potential risks. The OPC website has advice for businesses on consent here.

The OPC today also issued a package the public can use to spark discussion about privacy.

“It’s very critical for businesses to pay close attention to their processes related to [data] security and they have to make sure they have invested and structured themselves to address the risks of breaches,” said Smolynec. “That will help improve trust.”

Research firm Gartner also believes organizations need to pay more attention to the link between privacy and trust. Privacy is becoming a reason for consumers to purchase a product, in the same way that “organic,” “free trade” and “cruelty-free” labels have driven product sales, it said in a note earlier this month.

“Privacy-first products are likely to follow this trend,” said Bart Willemsen, a Gartner vice-president. “To increase customer trust, executive leaders need to build a holistic and adaptive privacy program across the organization, and be proactive instead of responding to each jurisdictional challenge.”

Related:

Supreme Court of Canada ruling on privacy

More than 60 jurisdictions around the world have enacted or proposed postmodern privacy and data protection laws, following the introduction of the EU’s General Data Protection Regulation (GDPR) in 2018.

“People are actively demanding privacy protection — and legislators are reacting,” said Willemsen. “If your organization operates globally, focus on standardizing operations in accordance with the GDPR, and then adjust as required for local requirements.”

He suggests using technology solutions that automate portions of a privacy management program. He also urged organizations to appoint a data privacy officer who reports to the board.

Dave Masson, Ottawa-based director of enterprise cybersecurity for Darktrace, said in an interview that Data Privacy Day should mean to an organization that — if it isn’t already doing so — it has to start protecting the personally identifiable information of customer and employees. The consequences of data theft could be “disastrous,” he said, including lawsuits and severe damage to the organization’s reputation.

“Organizations still struggle with visibility of what they have on their network,” he said, emphasizing the complexities introduced by cloud architectures. “That’s one of the problems — they can’t see what they’ve got.

“If I was an organization and confident in my security approach, I would be very proud to point out [on Data Privacy Day]  out what’s in place … as a way of assuring people you’re taking this seriously.”

Related:

Privacy Commissioners slam B.C. firm in Facebook scandal

Organizations need to take “trust-worthiness” more seriously, Eve Maler, interim CTO of digital identify provider ForgeRock, said in an interview.

Data regulations have been around for years, she argued, but they have focused on basic data protection. Newer regulations demand data transparency — telling consumers what the firm knows about them — and allowing customers more control over their data. So successful organizations need to go beyond compliance to establish trust.

Organizations have to think more carefully about the privacy implications of their products, she said. For example, one company has had to withdraw what it hoped was a promising child bedroom monitor after complaints it wasn’t secure.

“That’s an awfully expensive way to go to market,” Maler said.

To impress customers, firms should also look at the personal data they collect as a joint asset, she added.

In the run-up to Data Privacy Day, a number of firms in the security space released statements warning of the need to act.

“We currently see many companies paying catch-up with new regulations, working to implement the right security tools and practices after a breach,” said Darrell Long, vice-president of product management at One Identity. “Hopefully, Data Privacy Day becomes a good initiative to remind companies to think ahead and maintain a proactive stance on privacy before a cyber incident occurs.”

Data Privacy Day “is all about raising awareness of how organizations put the vast amount of sensitive data they store at risk and encouraging everyone to take action to better protect this data,” said Ray Overby, CTO and co-founder of Key Resources.

One major risk to data privacy is excessive access, which simply means that there are individuals, either internally or externally, who have unnecessary access to corporate information.

“The more people with access to information, the more likely your data will be compromised,” he said. “These issues can crop up inadvertently and go undetected for years, so organizations need to include excessive access checking in ongoing security processes.”

Another tip for organizations to improve data privacy practices, he said, is to accurately inventory, classify, and define data ownership.

Companies have to remember that consumers entrust them with their personal data, said Anis Uzzaman, CEO and General Partner of Pegasus Tech Ventures.

“On Data Privacy Day, it’s important to remember that sensitive information needs safeguarding more than ever before,” indicated Uzzaman. “Some information that particularly needs to be protected by companies includes personal health data as this is very sensitive information that most people don’t want to be shared or used against them for future decisions they may want to make.”

When companies make the move to new application systems, it is essential to ensure a smooth transition by implementing best practices such as conducting a thorough inventory to determine no personal data is being collected, adequately backing it up, and properly protecting it with appropriate security platforms, said  Steele Arbeeny, CTO of SNP Group.

This will be the first year Data Privacy Day will be celebrated with the new tough California Consumer Privacy Act (CCPA), which came into effect at the beginning of January.

from IT World CanadaIT World Canada https://ift.tt/2O5z1TA

Say hello to Microsoft’s new Chromium-based browser

Microsoft officially launched its new Edge Chromium browser across both Windows and macOS operating systems this week and is available for download now.

One of the biggest issues facing IT professionals is high costs and the complexity in managing enterprise companies that support two or more browsers for maximizing compatibility across legacy and modern websites. Microsoft is hoping to eliminate some of those frustrations by allowing enterprise users to access features like Internet Explorer mode, which lets businesses load legacy IE sites within Edge automatically. 

The new Edge browser also comes with Microsoft’s privacy promise and embraces new features such as tracking prevention in addition to offering three levels of control while employees are browsing. The tracking prevention feature will help businesses know who has access to their data and also give them the control to choose the information they share. Tracking prevention and SmartScreen features of the new Edge browser will also protect businesses from any type of malware, phishing scheme and malicious software. 

A study conducted by Ponemon Institute in 2019 says a data breach costs companies $3.2 million on average.

In addition, new features like Collections will let employees more easily collect and organize web content and research, and export that information into Word or Excel. 

Jimmy Tom, research director at Info-Tech, noted in a recent presentation shared with IT World that the Chromium-based browser opens up new opportunities for Microsoft.

“In effect, Microsoft can now compete in other races that it has never before considered,” he wrote, adding it could provide them with an advantage against AWS as the cloud race between the two tech giants intensifies.

Additional benefits for users giving the new browser a try, he added, include having a much more unified experience for end-users on a platform that IT can control, as well as having the ability to easily port existing Chrome apps into Edge.

The new Collections feature to allow employees more easily collect and organize web content and research.

Microsoft Search in Bing can be easily accessed on mobile phones, thereby enabling knowledge workers to search for corporate information on the go.  

Microsoft Search in Bing can be accessed on mobile phones.

Microsoft Search in Bing also offers new inPrivate mode so that online browsing and searches by employees are not attributed to them.

The new Microsoft Edge browser offers new inPrivate mode.

The new Microsoft Edge browser also comes with a new logo. 

The new Microsoft Edge browser has a new logo

In order to pilot the new Edge browser within the corporate environment, IT administrators will need to download an offline deployment package. The new Edge browser will not automatically deploy for enterprise or commercial customers, Microsoft says. Tools like Configuration Manager tools and Intune deployment, the company adds, can simplify deployment.

The new browser is supported by FastTrack and App Assure. FastTrack will allow businesses with an eligible subscription to Azure, Dynamics 365, and Microsoft 365 to deploy this new browser at no extra charge. Businesses having sites compatible with legacy Microsoft Edge, Google Chrome, or Internet Explorer 8 and above, will also work on the new Microsoft Edge the same way.

The new Microsoft Edge is available in more than 90 languages, ready to be downloaded on all supported versions of Windows and MacOS. It is also available to download on android and iOS. 

 

 

from IT World CanadaIT World Canada https://ift.tt/3ajko8K