19 December 2007 - Danger – USB Flash Drives
USB flash drives are practical and very easy to use, and as prices continue to drop, storage capacity is increasing (currently 4GB is typical) – all of which makes them particularly useful and compelling accessories for consumers and business users. The other side of the coin, however, is that (...)
19 December 2007 - Danger – USB Flash Drives
USB flash drives are practical and very easy to use, and as prices continue to drop, storage capacity is increasing (currently 4GB is typical) – all of which makes them particularly useful and compelling accessories for consumers and business users.The other side of the coin, however, is that they represent a considerable threat for enterprise information systems. Viruses and other malware can sneak in on flash drives, and they are easily lost or stolen, making enterprise information resources extremely vulnerable. Confidential data stored on a USB flash drive, no longer protected by the corporate IT security infrastructure, is vulnerable as the device is easily copied, lent, lost or stolen. In other words sensitive information can easily find its way into the hands of people who may not hesitate to use the information against the company's interests.
A Digital Vault guarantees the confidentiality of sensitive information
Security BOX SmartDISK software allows you to create and manage digital vaults for data storage on USB flash drives. Only the authenticated user can unlock the vault, using their password to access protected data. The digital vault can be accessed on any PC – it doesn't require SmartDISK to be installed on the PC, the necessary software modules are installed on the flash drive.
From the user point of view, information is encrypted and decrypted automatically, transparently, and on the fly, using industry-standard strong encryption (AES 256). A SmartDISK digital vault can be configured to occupy the entire USB drive, or just a part of the drive.
How is sensitive enterprise data threatened by careless use of USB flash drives?
The CEO is getting ready to present key long-term corporate development strategies to a shareholder meeting. The strategy is documented in an extensive report, including confidential information and data on marketing plans and new products to support corporate expansion.
On the day of the meeting in one of Paris's leading hotels the CEO saves the report to a USB flash drive, slipping the drive into his pocket before taking a taxi to meet his CFO, to finalise details of the report before the shareholder meeting.
When he gets to the hotel for the shareholder meeting, as he gets the projector ready for the presentation, he realises he can't find his flash drive. Fortunately the CFO also has a copy of the presentation on his own flash drive and the meeting goes ahead... However, the person who has found the missing flash drive now has potentially extremely valuable information, especially for competitors of our CEO and his corporation.
The loss or theft of sensitive data on USB flash drives is a genuine risk. It is not possible, and may be counter productive, to ban flash drives in the enterprise. It is therefore essential to deploy tools that ensure sensitive corporate data is fully protected when it is being carried around by authorized users on removable memory devices.
4 June 2007 - Is Instant Messaging “Secure”?
Users within a company are usually the cause of security breakdowns, even if they are aware of the risks posed by the Internet. They trust the network protection put in place by the IT department and believe they are immune to danger. Nowadays, there is considerable infatuation with instant (...)
4 June 2007 - Is Instant Messaging “Secure”?
Users within a company are usually the cause of security breakdowns, even if they are aware of the risks posed by the Internet. They trust the network protection put in place by the IT department and believe they are immune to danger.
Nowadays, there is considerable infatuation with instant messaging software (the best known are Skype, MSN Messenger, Yahoo! Messenger, Google Talk) within companies. This type of software enables several people to communicate simultaneously via linked computers. These tools can usually be downloaded free of charge; it only takes a few minutes and they are flexible and easy to use. They enable rapid communication, but also file and image sharing. They are therefore very attractive and, above all, they are available to all users whether aware or unaware of the dangers. It is imperative that they are taken into account when setting the safety rules imposed on users.
Opening dubious attached files sent directly via an instant messaging interface without considering potential dangers may allow all types of threats to propagate in the company’s IT system: Trojan horse, spam, phishing, spyware, etc. So many attacks could seriously affect the IT network, with possible repercussions on the CEO and the IT director as it is their responsibility to ensure the security of the IT system and to guarantee the confidentiality of the data in the system.
Skype, a free IP telephony software, has become one of the most popular communication tools, even though it is paradoxically proprietary (by definition, the source code is inaccessible and the encryption algorithms are not published, therefore it is not possible to study it), opaque and posing obvious security problems because it uses the SSL channel and allows everything and anything through. A serious security warning announced by Websense on 18 December 2006 on one of its blogs “a worm capable of self-propagation was using Skype” illustrates the necessity of blocking this type of software.
Arkoon definitively controls Instant Messaging.
The new 4.1 version of UTM FAST360® appliances brings a new level of additional security to fight effectively against these new threats.
These tools, which usually use the HTTP stream in order to communicate, are currently trying to circumvent the vigilance of firewalls by encapsulating itself in SSL (on the 443 port frequently authorized for https connections).
The FAST SSL module is capable of finely controlling SSL connections, filtering and blocking the IM connections that only partially respect the standards.
The IDPS security service uses a database of over 1000 signatures developed by ARKOON’s security monitoring teams, strengthened by the integration of new IDPS signatureson the instant messaging tools (Skype, MSN Messenger, Yahoo!Messenger, Google!Talk, Jabber, AIM, ICQ) to fight effectively against the threats connected with this type of software.
You are not convinced of the dangers posed by Instant Messaging ?....Please read the text below:
Imagine that you are the CEO of an SMB on the point of launching a completely new product that required months of intense work by all your employees. It is a major project for the future of your company and all information is strictly confidential (R+D, business plan, marketing agenda, etc.)
You have entrusted the security of your IT system to the head of the IT department who has installed a firewall and anti-virus software. Hence, your security policy enables you to prevent potential threats. You protect your data.
You have trained your staff to be aware of the risks connected with the use of the Internet and you have enough confidence in them to allow them to use a public IM tool (Skype, MSN Messenger, etc.).
One of your colleagues using Skype receives an infected file via the software bearing the name “confidential.exe”.
The employee gives in to curiosity and clicks on the file to open it. Since you have a good level of security, the file is not recognised and a pop-up asks the user whether he really wishes to open it.
Confidently he clicks on “yes”; he has just allowed in a Trojan horse capable of stealing passwords and copying sensitive data from your information system.
In such a case, a cyber criminal has exploited human weakness (compassion, curiosity, etc.) by assigning an attractive name to the sent file. This technique, called “social engineering”, allows the criminal to enter your system and to steal information pertaining to the project that you have so carefully kept secret. Your competitors can then acquire these data, reducing months of preparation to nothing, but that is not the most serious result…
This Trojan horse is capable of generating a breach in your security to authorise access to the protected parts of the network to people connecting from outside. The workstation of your employee then becomes a “botnet” (or “zombie”), an infected computer controlled by one or several pirate(s), which will become a member of a network of “zombies” for future attacks. It therefore obtains a considerable nuisance capacity: blocking data traffic (service denial), massive spam distribution and theft of bank and personal identity details on a massive scale.
Stealing information pertaining to your project endangers the long-term future of your company but the theft of the confidential data of your customers, your suppliers and even your employees will expose you personally to severe consequences.
You have an obligation to ensure the security of this information. If the data are divulged, and the victims decide to sue, it is the responsibility of the company that will be pursued through the courts. Therefore, it is you as CEO who will be the first to be accused and will have to pay substantial resulting damages and fines.
That is how an innocent click can turn into a catastrophe.
Does this scenario sound exaggerated? The security of your IT network must be considered to be one of the mainstays of your company.
Arkoon’s strength lies in imagining the worst and anticipating new types of attack.
That is why the FAST360® appliances control Instant Messaging software – an important source of threat.
