Saturday, February 10, 2018

UserCenter battle continues as Check Point account services are still failing to do their job properly

In my previous post I have already mentioned that my old account came back online. I have also received several notifications from CP account services.

The first one was hilarious. They have asked me to update my email with Pearson VUE before transferring my certifications that are already granted. After asking them if this is a joke, they reported that they have transferred certification history. Well, I had to check. Guess what...

Two out of 14 certificates were lost in the process. Every time account services answer, they are also closing the open case. I have had to reopen it twice already.

So far nobody picked up a challenge about email address change. Too bad, as all this hustle would be avoided completely, would I be able to change that bloody email myself.

However, I would like to ask one more question. What is wrong with account services and Check Point? Why are they failing to perform a simple task?

Update: The issue is finally resolved. 6 days and two escalations. For a simple email change. Fantastic job, Check Point, really well done

Thursday, February 8, 2018

Changing jobs? Brace yourself for impact of losing your UserCenter access

Probably the most annoying part of having and account with Check Point UserCenter is that you cannot change your email address.

Which is, please allow me to say it plainly, utterly stupid.

8 years ago the company I was working for, Dimension Data, had gone through a re-branding phase. All emails where changed from 'name'@'region' to 'name' Considering hundreds of accounts for all company employees around the globe, the impact was huge.
Old email accounts were discontinued, so to fix this, we have approached Check Point with a request to re-assign logins to new new email domain. Guess what was the answer?

- No can do.

So hundreds of DD engineers, sales and accounting guys have had to re-create email alliances to continue working with Partners' portal and UserCenter. They are still using this method now, after those 8 years. It was easier to keep all email addresses afloat than redefine manually tons of dependencies and details.

That was about business. On a personal level there is also lots of pain. If you are changing jobs, be ready that Check Point will sever your access even if you ask them not to do that.

In my case, I have left Dimension Data at the beginning of 2018. One month before that I have opened a case with account services to move my certification details, CheckMates account and UserCenter access to another email address. Once more, the answer is:

- We cannot do that. Please open a new UserCenter account and ask to move your certificates there. 

They have also assured me that my old account will not be closed automatically. Guess what... It is no longer working.

The main implication with changing your email with UserCenter this was is that you lose your history and your CheckMates access. You will appear as a new user everywhere. You will have to wait till they figure out how to move your certification. And I suspect recovering expert access to UserCenter resources will also be a story.

I do not even want to speculate why an established security company cannot figure our how to change an account ID without killing it altogether in the process.

However, this is the reality we are facing today. If you are planning to change your job, make sure you download all your valid certificates and bookmark your CheckMates threads. Because you will not be able to keep all that intact after moving to another email address. Bugger...

I dare Check Point admins to name me a single reason why I cannot change my email address on my account.

Anybody out there up for the challenge?

Update: My old account is operational again. Whoever is responsible, thanks a lot. The issue of transferring the access level and certification history to a new account is not yet resolved. So the challenge stands.

Thursday, February 1, 2018

The main cyber security questions of 2017 and the way to answer them

At the end of 2017 I was talking to some US based business analytics firm, and the main questions they asked was why.

- Why security budgets are not growing rapidly, after all that scare with WannaCry and NotPetya? 
- Why businesses are not spending more to protect themselves, aren't they scared now? 
- Why the impact was so hard, even for the customers with high end perimeter security systems?
- Why is it happening?

Well, let's start with the easy one. Businesses are scared.

They were scared long before 2017 malware rampage. In 2017 they suddenly realised it does not matter how scared you are. They reached the limit of fear. They have realised it does not matter how much you spend on perimeter security. It does not matter how well-known your vendor is, which part of the Gartner it occupies and how great is his marketing campaign. None if it matters. By the end of the day, a weak link will be found and you will be owned.

So business is doing what it's doing best - counting money. They have switched to a risk management mode. For what it worth, backup tech budgets were raised, not firewalls. Additional insurances and legal protection fees are on the rise, not perimeter security budgets.

The second why is also simple but not that obvious. Perimeter security solutions today are top-notch, but they are still failing the customers. You can have all the jazz: FW, IPS, Anti-Virus, sandboxing, and you will still miss something eventually. Or even better, business will not wait for your security cycle and will deploy something completely exposed, with, god forbid, SMB services open to the Internet.

Hello, WannaCry, here is your free lunch,  come and get it.

In the eternal struggle between security professionals and business the latter always wins. Why? Because, think about it. It is just the matter of money. Business makes money, security spends some of it. If from the business perspective cost to effect ratio is not getting better, additional spendings are at best questionable.

Yet, the major security vendors are still beating the dead horse. Every conference, every vendor event includes some scare presentation about malware on a loose, hackers success stories and slides with names and sums of damages in big red letters.

Well, good luck with that.

In Guardicore we take an alternative route. We protect your East-West traffic, securing later movements in your infrastructure. We enable business and speed up DevOps actions by applying dynamic labelling as part of micro segmentation security policies, we provide unprecedented visibility of your assets traffic and detect intrusion attempts and anomalies in real time. On top of all that, we provide dynamic deception to lure an attacker into a honeypot to make sure his tools and tactics are registered and blocked everywhere across the ecosystem.

The new age of security is here. You do not have to be scared anymore.