Thursday, May 2, 2013

Secunia SmallBusiness


IT administrators in small businesses have a tough job keeping up with all the software updates for every single application installed on every computer in the organization. Software vendors either have their own patching schedule (Oracle CPU, Microsoft Patch Tuesday, Adobe updates, to name just a few) or don't release updates regularly. Administrators have to stay on top of all the update news, and push out updates or encourage users to not wait "for later" to install the security fixes. Enter Secunia SmallBusiness, a Web-based console wrapped around the company's Secunia Personal Software Inspector (PSI) 3.0 for small business networks.

Large enterprises can use patch management systems to scan local computers and monitor what software is running and push out updates as they become available. For the small business, however, many of these products are out of reach, either because they are either too complex or too expensive. This is where Secunia SmallBusiness comes in.

Intended for the small office/home office and small/medium-sized business setting, Secunia SmallBusiness is ideal for environments with between 2 to 50 users. SmallBusiness occupies the market right between Secunia PSI, which manages patches for a single user, and Secunia Corporate Software Inspector (CSI) for use in environments with more than 100 users. Secunia SmallBusiness takes advantage of Secunia PSI's robust scanning and patching console by installing the agent-based software on each computer that is being monitored. SmallBusiness collects all the scanning results into a centralized Web console so the administrator has an ongoing overview of the organization's security posture.

The platform is currently in beta but will be generally available by June. While in beta, Secunia SmallBusiness is free for up to 50 users. After the beta ends, the company plans to charge "a low monthly fee per additional host" that is less than $5 per host per month. Secunia will offer monthly or yearly plans, and organizations can add more seats as needed under a pay-as-you go plan.

Getting Started
The SmallBusiness console is a centralized location for the results generated by the agent-based scanner on each computer. This way, administrators have an at-a-glance view of the organization's overall security posture as well as which software each computer needs to update.

I signed up for an account on Secunia's Web site. Once I created a password, I was directed to the console, which is a simple page with a header containing links to the user manual, built-in help, and links to the PSI software agent. All the names of the systems being scanned and monitored are listed on the left side of the screen. When I click on the computer name, I see all the software installed, whether the application is insecure or not, and how many computers within the organization are running that same product. A "criticality" meter indicates the seriousness of the vulnerability in that software that needs to be patched.

Secunia SmallBusiness generates a unique link pointing to a version of Secunia PSI that is associated with the account. I clicked on the Download link at the top of the console to get my unique link. I could email it into an email or other forms of communication for users to download the PSI agent, or I could log in to the console from each employee device and manually download the agent. For a small organization, asking the administrator to go from computer to computer to manually download the agent, or relying on the user to install the agent is fine, but for even slightly larger environments or one with users who work remotely, this is not a very sustainable model. Qualys offers a similar scanning service where administrators can push an MSI file of the agent to each employee device. Something similar would be useful for Secunia SmallBusiness.

Once Secunia PSI is installed on the user's endpoint, the agent collects all the information about what is installed, compares the list against Secunia's extensive database of over 3,000 applications, and presents the user with information about what software needs to be updated. PSI under SmallBusiness acts exactly the same as the stand-alone counterpart and more details on how it works is available under its own review.

Despite all the applications I have installed on the test system, the scanning process was quick and did not impact my computer's performance. Once it had finished the scan, it displayed a list explaining which applications were current and which needed to be updated. This same information is visible from the Web console.?Next: Secunia SmallBusiness Web Console

Source: http://feedproxy.google.com/~r/ziffdavis/pcmag/~3/lRUAB0QRC9E/0,2817,2418308,00.asp

AMA BCS Standings 2012 American Music Awards 2012 oregon ducks oregon ducks rob gronkowski Coughing

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.