Problem Solved

We're continually using our technology expertise to solve challenging new business problems. Here are some examples of the innovative solutions we've delivered for clients along with tangible results. You'll find new solutions posted here regularly, so please check back often.

 

  • Phishing Identified As Most Concerning Security Threat In Two Local Reports

    Two recently released reports have highlighted that Phishing attacks continue to be a major threat and problem for organisations in New Zealand and Australia.

     <more>
  • Handling Incidents

    The hyper connected digital world presents some unique challenges for any organisation that needs to investigate issues concerning data breaches, malware outbreaks e.g. ransomware, or the misuse of organisational systems and data, that potentially could lead to legal and employment action. The use of mobile technology, Cloud services, increased levels of virtualised systems, combined with the ongoing use of traditional or legacy computer platforms, means investigations are becoming more complex.

     <more>
  • 300% Increase In Microsoft Cloud-based Attacks

    Early in August Microsoft released the latest version of their Security Intelligence Report (SIR) covering their findings for Q1 2017 period.

     <more>
  • Digital Transformation

    The term Digital Transformation (DT) represents different things to different organisations and business sectors. One definition of DT, courtesy of Cap Gemini, states Digital Transformation is the use of new digital technologies to enable major business improvements such as enhancing customer experience, streamlining operations, or creating new business models.

     <more>
  • Balancing IT Security and Productivity

    A recent US survey by Dimensional Research found that 72% of employees are willing to share “sensitive, confidential, or regulated company information”. Regulated information being classed as customer records in financial services and Patient Health Information (PHI) in healthcare.

     <more>
  • Securing Blurred Boundaries

    The uptake to date of Mobile and Cloud computing in New Zealand has been strong. On a global basis Gartner have predicted that by 2020, 80% of digital access will be shaped by non-PC architectures. IT spending, to the tune of $1 trillion, will be directly or indirectly affected by the shift to cloud over the next four years. In their view cloud computing is now one of the most disruptive forces of IT spending since the formation of the digital age.

     <more>
  • Taking a Different Approach to Endpoint Security

    In our last Problem Solved newsletter, We wrote about Endpoint Detection and Response technologies and highlighted that the vendors playing in this market segment omit to tell you in their literature that..

     

     <more>
  • Addressing Endpoint Security Challenges

    If you have oversight on cybersecurity controls such as signature based technology and antivirus you will be very aware that they are readily bypassed by targeted attacks using polymorphic malware payloads, file-less cyberattacks, malware toolkits and advanced persistent attackers.  Many organisations recognise and concede that the traditional anti-malware defences they have in place are failing and they need to evaluate new approaches and options.

     <more>
  • HTTPS – Uptake Set to Accelerate in 2017

    A recent Mozilla telemetry and Google transparency report shows that after 20 years, HTTPS is now being used more than HTTP. Growth in HTTPS usage has come from the large push to move to Always-On SSL or HTTPS Everywhere. Also helping drive this change are the browser players who require that only HTTPS be used for HTTP/2 deployments, and browser privileged services such as geolocation.

     <more>
  • Internet of Things

    In 2016 concerns about securing the Internet of Things for the future saw plenty of airtime and column centimetres devoted to it by industry commentators.  As 2016 ends IoT security appears to be featuring prominently for all the wrong reasons courtesy of some malicious code called Mirai.

     <more>
  • It's The 21st Century And You're Still Not Using 2FA?

    Sony has finally added two-factor authentication to secure its 100+ million users’ Sony PlayStation Network accounts—a long awaited move that PSN users have been yearning for, especially since the 2011 hack that shut down the gaming service for a whole month and put at risk users’ credit card details email addresses and other sensitive information.

     <more>
  • Red Flags and Violations: 5 Ways Security Impacts Website Engagement

    Top notch marketing efforts are no match for the red flags security-conscious visitors might encounter when approaching a website.  Website owners dot their i’s and cross their t’s when it comes to selecting imagery and keywords, and brainstorming ways to drive sales.  What about assuring visitors that your website is secure?

     <more>
  • Beyond a Nuisance: Data Breaches Threaten the C-Level

    Today, shareholders, the press, the public, and federal regulators have little patience for organisational leaders when a data breach occurs on their watch, particularly when personally identifiable information (PII) of employees or customers is compromised.

     <more>
  • Traditional Security Mindsets Must Transform To Protecting Consumer Data

    HOUSTON, we have a problem. One of the most important bonds of trust between consumers and businesses has been broken. According to a recent survey more than 75 percent of consumers do not believe organisations care about keeping customers’ private data safe and secure. What is even more alarming, 64% of consumers say they are unlikely to do business with a company where their financial or sensitive data was stolen. This should set off an immediate red flag not just for corporate IT security professionals, but also for every executive that has a stake in the reputation of their company, from the CFO and CIO all the way up to the CEO.

     <more>
  • DROWN Attack - Using SSL Best Practices to Stay Afloat in an Uncertain Environment

    Researchers recently discovered that SSL 2.0 is vulnerable to a cross-protocol attack known as DROWN.  Attacks like these keep IT professionals alert to the fact that their IT environments must be optimized and checked regularly to assure that their servers are configured according to recommended Best Practices to provide the best possible defense against known SSL threats.

     <more>
  • Mitigating the Risk of an Inevitable Data Breach

    Data breaches are increasing at an alarming rate, both in frequency and sophistication. Think you’re immune? Guess again. Data breaches aren’t a question of “if,” but rather “when.” If you’re concerned about your organization’s operations, financial health, customer loyalty or brand, then you need to be proactive in defending against a data breach. There are a number of best practices organizations can adopt to ensure their data and content do not fall into the wrong hands.

     <more>
  • 2015 Roundtable Review

    Having concluded the MPA Roundtable Series in September we thought it would be beneficial for our readers to be able to review a summary of the topics discussed at each event by making available the speaker presentation content.

     <more>
  • The Popularity of Native Apps Ups the Ante for Mobile Security

    Mobile users prefer by a wide margin native apps written to run specifically on mobile operating systems such as Android or iOS, to browser-based apps, according to a recent survey by mobile analytics firm, Flurry. 

     <more>
  • Gemalto’s Three Step Approach

    Every company has a Plan A for how to stop cyber criminals from getting into the network and stealing data. Build a wall around the data with next generation super-duper firewalls, throw in some AV and IDS, and sprinkle it all with some SIEM. It is a plan that has not changed much in the past 10 years.

     <more>
  • Are you changing your passwords as often as the weather changes?

    While the weather may not change as frequently where you are, there is one thing that should change more frequently: Your privileged passwords. Why? If you’re like more than 25% of companies out there, then your current IT environment contains unmanaged accounts putting you at risk of data breaches and compliance violations.

     <more>
  • Can't All of Your Enterprise Content Just Get Along?

    In how many different places does your enterprise data reside? Think about what’s stored on-premise versus in the cloud. Are you using SharePoint and other ECM systems? What about Google Drive and Microsoft OneDrive? Have you lost count?

     <more>
  • SHA-1 Deprecation

    Website administrators need a plan to move their SSL certificates from SHA-1 to SHA-2.

    SHA-1 is a hashing algorithm used when a certification authority (CA) signs an SSL certificate. The information in the certificate is cryptographically hashed to a common size for signing. With SHA-1, the information is hashed to 160 bits.

     <more>
  • Privileged Password Management - Pitfalls to consider

    Maintaining a complex, frequently updated password process is a basic security best practice for protecting privileged accounts in your organization. But if passwords are such a no-brainer, why do statistics show that two out of three data breaches tie back to poor password management?

     <more>
  • SIEM matures, however landscape changes.

    Organizations must provide access to the information that today's diverse and increasingly mobile work force needs while protecting it from cybersecurity risks and meeting regulatory compliance requirements. 

     <more>
  • What Does It Take To Lower Your Mobile Cost Of Ownership?

    People think a lot about mobility these days.  They evaluate at length what devices they should buy, what apps they should deploy, what security policies they should adopt and how they can prevent the risk of data leakage.  All of these things are important, of course.  However, no one is really thinking about what mobility actually costs.

     <more>
  • The key to a secure BYOD-enabled enterprise

    Implementing a BYOD program poses a number of security concerns, because if left unmanaged, it can impact your network availability and cause data loss. According to Gartner, more than half of all global employees participated in a BYOD program in 2013; those companies that have opened up their doors to allow corporate data access on any device will need the right network access strategies and data policies in place to secure their environment and proprietary content.

     <more>
  • DNSSEC: Why it matters

    In Jan 2014, Ultra Electronics AEP warned that only around half (53 per cent) of global top level (TLD) domains are ‘secure’ – meaning they have been signed with domain name system security extensions (DNSSEC). Last year, Google stated that just seven per cent of queries from the client side are DNSSEC enabled, indicating a very low level of take up by website owners.

     <more>
  • The Source of Truth

    Active Directory is a well-known, highly used, highly reliable, and powerful directory service that is for most organisations now the primary source of truth for user and device identity. Since the introduction of Active Directory by Microsoft in 2000, organizations around the world have implemented it to be the standard for management of their Windows infrastructure.

     <more>
  • 2014: The Year Encryption Comes of Age

    Even a couple of years ago, the word “cloud” didn’t really mean much to people outside of the tech industry. Today, thanks to companies like Apple, Microsoft, Amazon and Google, everyone talks about the cloud as if it has been part of their vocabulary forever. I am going to go out on a limb here but don’t be surprised if encryption catches on the same way in the next year or two. Like the cloud, it will likely mean different things to different people, but it will become part of the vocabulary.

     <more>
  • Authentication Options Get Interesting

    Gartner predicts that by 2017, more than 50% of enterprises will choose Cloud based services as the delivery option for new or refreshed user authentication implementations, up from less than 10% today.

     <more>
  • Data Loss Prevention; Some Verification Helps

    Earlier this year our company conducted an exercise where we spoke with a selection of CIO’s and IT Managers of medium and large organisations to understand how they were placed to identify and validate if they had a data loss or leakage issue.

     <more>
  • Protecting Data In Transit

    The need for strong encryption and effective key management is becoming more relevant as each day passes for several reasons including, the fact that organisations are continuing to store increasing amounts of valuable data, the growth in the use of cloud based delivery models and the on-going challenge of stopping or minimising data breaches.

     <more>
  • Wins versus Losses

    During the last 18 months we have been asked by a range of organisations how they can protect data that resides on laptops or portable media, to allay concerns over sensitive data loss resulting from device theft or loss.

     <more>
  • Accessing Corporate Applications Securely From Mobile Devices

    The world we work in today is rapidly changing!

    We have highly knowledgeable mobile workforces, that wish to work from anywhere around the world. They need access to crucial business information and applications and from many different types of devices.

     <more>
  • The benefits of a Fully Trusted Authentication Environment

    To really understand the risks they are facing, organisations ideally need to build a risk model to analyse a range of factors relating to IT policy, regulations and compliance, employee behaviour, and data storage. Once the vulnerabilities are understood an organisation is in a better position to minimize the risk of a breach, and to develop an authentication strategy suited to their needs.

     <more>
  • Mobilise SharePoint Securely

    Keeping data files and content secure in an increasingly mobile world is proving to be very challenging for organisations. In getting the balance right an organization needs to meet acceptable IT security standards whilst assisting their staff to collaborate outside of secured company networks and systems.

     <more>
  • Digital Certificate Expiration

    Digital Certificates are in use by practically every organisation in New Zealand, whether authenticating users or securing web portals, they are an invaluable component of the business' critical systems.

    I wonder how many of these organisations are confident in their certificate management processes?

     <more>
  • Mobile Device Management

    2012 is being picked as the year that Mobile Computing will figure highly as a reality, likely project or hot discussion topic for many of New Zealand's enterprises. The adoption of mobile devices has introduced a whole set of new challenges for IT management.

     <more>
  • What is the relationship between Tablets and headaches?

    If your organisation has issued tablets or has signed off a BYOD policy for your staff  then the chances are that you will shortly need to address two trends that are starting to give CIO's a headache.

     <more>
  • Secure Mobility

    Smartphones and Tablets are becoming pervasive in all sectors of industry and government. Last year we saw the shipment figures for these devices increase significantly, indicating a major uplift in adoption rates for mobiles devices as a business tool

     <more>
  • Send and store critical documents securely

    Email is a critical business tool that most New Zealand business cannot operate without.

     <more>
Our Solutions
Security Solutions

We work with leaders in the fields of data protection, authentication and perimeter security to protect your organisation and manage any threats with the most effective security systems. More >

Technical Services

MPA New Zealand Ltd provides a range of technical services to compliment the vendor technology our company brings to the local market. More >