Social Media Security Wave: Facebook’s Latest Partnership with Websense

Tags: security, facebook, websense

Facebook is making more of an effort to limit the social media maliciousness madness. To address this, Facebook and Websense teamed up recently to protect Facebook’s users from third-party malicious URLs spam. Websense is adding a layer of security to the social networking giant's existing protection measures in hopes of preventing users from clicking on links without understanding where those clicks may lead.

The solution is live now. Here is how it works: when a user clicks on any link in Facebook, Websense uses its ThreatSeeker Cloud Malware Identification platform to analyze each URL in real-time for potential malicious content. If Websense determines that the link is malicious, users will be warned and shown an intermediate page that offers them the following choices:

·         Continue at their own risk

·         Return to the previous screen

·         Get more information on why the page is flagged as suspicious

This development is not unexpected. The rapid spread of social media has put many organizations at risk. It is sure that users of various social networks cannot live without them and they will access them from anywhere. Further, social media is increasingly being exploited as the means for vulnerabilities and threats. Cybercriminals are focusing now in distributing malware through social networking sites and this will create new threats in any organization's network or to individual’s devices. Overall, IDC believes that over the coming years the number of cyber attacks will continue to increase.

Key Points:

1.    For a few organizations, social media tools are considered risky from a security standpoint. They are least valuable to organizations; however they bring great value among adopters or users. As social network applications gain acceptance and are allowed into enterprises, they also bring with them concerns over the potential of a security breach as a result of the increasingly complex forms of malicious attack vectors. Here is a business opportunity for security vendors who plan to create innovative new offerings that take advantage of the fast scalability of the social-media security. 

2.     Facebook is the world’s largest social network with more than 800 million users and is becoming more and more essential for companies of any size as well as for individual users. Most businesses recognize that Facebook has the potential to generate tremendous value for their business. As a result, they are able to respond in near real time, which can ultimately lead to actions that improve the business.

3.    Facebook has many future plans like integrating social into the media consumption of watching, listening to, and reading content and doing so using Facebook's platform. Facebook's innovations will also help accelerate the growth of the company's advertising business. However, with different types of social-engineering attacks, it is possible to persuade people to click on malicious links, allowing backdoors or other malware to be installed. Facebook or any other social network's site has a responsibility to protect their users. Protecting a site the size of Facebook is a major undertaking. The Facebook-Websense announcement is only a beginning. Many such measures are required as more and more people use Facebook for their everyday communication.

4.     Malware infections are increasing as a result of social media use. IDC's recent Asia/Pacific security survey results show that respondents believe their organizations suffered from an increase in malware activities. To mitigate the risks created by social media, certain technologies are preferred. Secure Web gateways with real-time content analysis and data-loss prevention can block advanced malware and data-theft attacks, many of which seek entry through social media.

There is no doubt that Facebook, like any well accepted social media platform, has become a breeding ground for malware and other malicious links. Thus, in recent times, Facebook has employed numerous security mechanisms to protect its sites and users. This year in May, Facebook partnered with Web of Trust for increased protection. Web of Trust will continue to provide its protection services to Facebook. Web of Trust mainly checks links which are marked as malware or spam. By adding Websense, a cloud-based solution, they further enhance the security offered to Facebook users. The partnership is yet to prove its effectiveness on the world's largest social-networking Web site, but giving the current attack rate, any form of additional protection is a good thing.

Collaboration and Security: A Critical Balance

Tags: asia/pacific, security, health

Singapore's Healthcare Revolution

Tags: asia/pacific, health, healthcare reforms

If you are living in Singapore it would be hard to avoid the buzz around healthcare reforms. The rising costs of healthcare due to a fast ageing population and the change in disease burden are issues being faced by many developed nations in the world.   The Singapore government seems to be tackling it through a many-pronged approach.

Singapore has clearly envisaged this as a business and clinical transformation project, and not merely an ICT project. If you wish to learn more about Singapore's healthcare revolution, please contact me on smukherjee@idc.com 

Intro Video to IDC Info On The Go app on YouTube

Tags: mobility, mobile apps

Marketing experts say video is a great way to promote anything. So we decided to put together a short intro video to the IDC Info On The Go app.

Watch the IDC Info On The Go app on YouTube, and tell us what you think.

By the way, the app is now available under IDC's own developer account. If you already have the app on your iPhone or iPad, we encourage you to delete it, search for the new version from the App store and download it. What happens if you do not install the new version? Well, the existing app will still work, but you will not be notified when IDC has a new udpated version. So don't wait, and download it today.

21st Century Education in the Emerging Markets

Tags: asia/pacific, government

Thoughts on the increase in cyber attacks

Tags:

In order to address the rising number and in some cases the sophistication of cyber attacks, IDC believes that organizations will need to approach security in a different way. The traditional methods of isolating systems through firewalls will not be sufficient as the systems become more complex. From a traditional IT perspective the introduction of both public and private clouds create significant challenges. Additionally, the consumerziation of IT and policies like bring your own device dramatically increase the number of threats that organizations will face in the coming years. IDC expects these threats will only grow as the number and variety of mobile devices continues to expand.

In the coming years, IDC recommends that organizations need to expand their approach to security. Security needs to become more advanced and organizations will need to take a more holistic approach to security. This will involve the deployment of a variety of products from different vendors and IT consulting and integration services required to make systems all work together. From a product perspective, the systems will need to become application device and location aware. For example, going forward it will no longer be sufficient to merely determine that I am allowed to access a certain system or data. The security system will need to know what type of device I am using, where I am, and what type of network I am using before granting access.

Finally, IDC believes that organizations will need to do a much better job of educating their employees. In many cases the employees may know that they employer has a security policy, but have no idea what that policy is. This can be a delicate process as most end users eyes tend to glaze over when IT begins to discuss the rising security threats and what steps are needed to prevent a breach. Further, most end users view security not as an essential part of their computing environment, but as a roadblock to productivity. To overcome these objections, IDC believes that IT will need to better speak the language of the end user. In many cases this is difficult for IT to do.

Note: Poon-Wei Ang Contributed to this entry

IDC Launches Mobile App for iPhone and iPad

Tags: mobile apps, mobility

The number of mobile apps downloaded annually is expected to increase from 38.2 billion in 2011 to nearly 182.7 billion in 2015, according to an IDC report published in June 2011. This is no surprise, considering that developers are creating apps for just about anything and everything.

After months of working on an app ourselves, IDC Asia/Pacific is pleased to announce that busy executives can now stay in touch with the latest industry trends via their iPhones and iPads. IDC Info On The Go provides top-line market insights and other nuggets of information to help you validate market trends and build a business case for your next IT initiative. Refer to our Glossary for quick explanations on industry terms and other emerging technology concepts. Receive updates on IDC's Asia/Pacific events calendar, and find out Who's Who among IDC's team of analysts and consultants.

Download IDC Info On The Go for iPhone and iPad today!

Regional Insurance Survey: What Strategies are Practitioners Championing?

Tags: insurance, survey, business strategy, congress

IDC Financial Insights holds an annual Asian Insurance Congress (AIC) every August on the premise of providing insurance executives from across Asia/Pacific a platform to discuss the core business, operational, risk and technology issues that they were championing. This year's event, our 4^th Congress, took place on 25^th August in Singapore and saw overwhelming success as usual.

Strategic Areas and Initiatives

With a catchment of more than 180 insurance executives in the room, we obviously seized the opportunity to poll the delegates on the strategic areas and technology initiatives they were advocating, emerging trends they were keeping a close watch on, and conversely, the core challenges they were tackling.

Herein, on a question on the areas strategically astute insurers across ASEAN were gravitating towards in the coming 12 months, it seems that - with a score of 4.03 out of the maximum possible 5 - they continue to drive efforts in customer-centric undertakings to cater to an increasingly mature and demanding pool of clientele with the preference for individualized attention, products, services, and pricing (See Figure 1).

Corresponding closely to this is a focus on 'data integration and analytics', illustrating the need to further bank on having sufficiently clean but consolidated customer data and the availability of analytical tools. These allow for insurers to refine customer experiences through more granular segmentation, differentiated customer service, and provide additional points of reference such as a better understanding of policyholders' life-cycle orientation and the impact of recent events on their insurance requirements. Insurers in more developed nations such as Singapore are finding it especially crucial to articulate and deliver successful customer-centric projects given that it is more cost effective to focus on existing policyholder retention and in increasing their wallet share of these than it is to capture brand-new customers.

Such a concerted focus on data, analytics and customer centricity has the insurers channeling monies into CRM software tools and applications, and employing external consultants and systems integrators to supplement internal resources. We anticipate technology and services for business or consumer analytics continuing to be adopted at a vigorous pace amongst insurers here in the region.

Meanwhile, 'compliance and risk management' also continues to hover at the top of the strategy list, despite – or perhaps because of – the current uncertain economic climate, coupled with the fact that our global markets have grown increasingly entwined and riskier by the year. A focus on regulatory compliance, risk assessment, and risk mitigation would be reflected in risk-savvy insurers demonstrating proactive risk stewardship, conducting internal risk trainings, and making selective investments in fraud management systems.

And finally, coming in at a close forth in terms of strategic areas of focus is the 'alternative distribution channels' which superseded the scores of traditional agency network and bancassurance. This is indeed in line with our prediction earlier this year on insurers' top 10 strategic initiatives where we mentioned that "The advent of electronic channels and the emergence of a technologically savvy consumer generation are radically changing the distribution strategies of insurers. Efforts around channel innovation and alternative distribution outreach, such as the Internet, mobile, and direct marketing, are extremely relevant in the context of reducing distribution costs and enabling insurers to provide affordable insurance to the masses."

For instance, using high-technology interactive touch-points including Web 2.0 applications such as social tools including social networking sites (Facebook and LinkedIn) and blogs to promote products to the Gen Y clientele appears to be the hottest flavor of the season, with the session on social media at AIC 2011 garnering one of the most positive feedback.

About Asian Insurance Congress (AIC) 2011

The agenda of this year's AIC revolves around the theme “Ascension of Asian Insurers up the Global Order” which we think is very apt, given that our regional peers are holding their own and no longer playing second fiddle to their international counterparts, and have been expanding aggressively in their home continents and abroad. This full day knowledge-centric and networking conference for insurers across this region witnessed in excess of over 200 managerial to C-level insurance executives and technology vendors in attendance. The presentation sessions were both informative and thought-provoking, featuring sessions such as: the ascendance of emerging Asia, return of an emphasis on customer centricity, the new risks but conversely additional opportunities being engendered by innovative technologies, and on the role of social media in insurance.

Presenters also spoke on themes revolving round alternative delivery models and new growth hotspots, technological innovation, and issues and concerns over regulations, risk management and security. I likewise took the opportunity to take to stage to share our in-house analysis of the insurance landscape in 2011 and beyond.

I personally enjoyed and learnt a great deal from the almost two dozen visionary practitioners who spoke at AIC 2011 and several of their pointers continued to resonate in my mind after the sessions. As with all IDC Financial Insights' events, feedback from the delegates have been overwhelmingly positive, as evident from the event feedback we have collated and post-event commentary I have received.

+++

Thank you once again for those who attended and I look forward to welcoming you back to AIC 2012 in August next year! For those of you who could not be at AIC 2011, have a peek at http://www.idc.com.sg/insurecongress/2011/ to see what you missed out on.

Note: Do look out for our forthcoming report entitled: "Business Strategy: Regional Insurance Survey - Taking Stock of ASEAN Trends at Mid-point". This survey document contains the full results and correlated implications around the 89 respondents' strategic areas of focus and technology initiatives, IT spending directions, emerging trends of interest, and pain-points specific to their roles and responsibilities.

Operational Risk Management: Have appropriate vendor management strategies

Tags: operational risk, vendor management, risk solution vendors

As incidences of operational risk intensify, their substantial cost and ramifications bring to light the undeniable correlation between operational risk management and sound business practice. There is thus an analogous need for Asian bankers to accelerate their implementation of operational risk management solutions.

As such, I analyzed the principal operational risk solution vendors participating in the Asian market and the solutions they provide in a recent report, with the intent to equip banks with useful information to assist them in narrowing down their search for the most appropriate operational risk solution vendor.

In that document, I suggested the following vendor management pointers:

• Investigate the vendors' current offerings and future expansion path: Examine the future plans of vendors to ensure that they offer tools that effectively cover an institution’s existing portfolio and also accommodate further updates. This is crucial to ensure that the organization does not inadvertently select a solution that caters to the current risk management situation, but fails to grow with the bank in the future.
• Explore vendors' footprint of reference clients; gravitate towards those dedicated to the market via continuous commitments in research and development (R&D): For instance, a substantial clientele list implies a risk management solution that is tried and tested and hence, less risky.
• Consider the size of the vendor, turnover, market share and financial stability: These factors serve as indicators of their ability to remain in operations, invest funds for innovation and research, and withstand financial catastrophes.
• Take note of rankings that demonstrate end-user confidence in their risk solutions: Industry accolades and awards won by the vendor could be a barometer for innovation. However, these need to be recognition given to vendors based on objective, unbiased end-user polls. On the contrary, rankings given in lieu of advertising space in publications are not necessarily objective and should not carry the same weightage.

'Broad Spectrum' Mobile Health

Tags: asia/pacific, ehr, health, mobility, patient centricity