Archive for the ‘Endpoint Security’ Category

USB Drive Gotcha Again

Tuesday, August 5th, 2008


A financial analyst for Countrywide Home Financial, the troubled mortgage lender reportedly stole over 20,000 customer profiles per week for about two years.    The data was stolen on USB drives. Although Countrywide had technology in place to disable flash drives on employee computers, the analyst used a PC where the protection was not installed.

The moral of the story is that if you are going to install security software on every PC except one or two, you might has well not install it at all.  People talk. Someone will spill the beans and when one person knows, everyone knows.

One of the things we highly recommend is using USB policy management on ALL PC’s.  There are two general ways to approach this problem,.  The simplest is to disable all USB drives.  The second more flexible approach is to force high encryption on all USB drives that renders the USB drive unusable unless it is plugged into a company computer.  Both methods work well but if and only if they are applied uniformly across all PC’s including Laptops.

PromiSEC’s Spectator is an excellent solution for not only preventing this type of situation but also for enforcing and monitoring software compliance, and anti-virus updates.  It provides the facility to ensure there are no exceptions, without the local installation of agent software.

Posted in Endpoint Security, Security Matters, Threat Management | No Comments »

Watch Your Google Gadgets

Monday, August 4th, 2008


Ever use iGoogle? I do and I love it.  It’s as close as you can get to a personalized home page without having to know web code. However, the platform is about to be rocked by a presentation this week at Black Hat, the annual hacker conference.

According to Yahoo News, Cenzic senior security analyst Tom Stracener and security researcher Robert Hansen, better known as “RSnake,” plan to demonstrate a zero-day vulnerability that affects Google Gadgets. What this means is that they are going to announce that knowledgeable web coders will be able to inject malware into your PC, possibly beyond the realm of traditional detection with antivirus and malware protection.

So if you’re an “iGoogle-Google-Gadget-User” what do you do? 

  1. The first thing is to educate your users about the dangers of installing unknown software.  This is a good practice no matter what.
  2. Watch what comes out of BlackHat 2008.  Follow the mainstream IT Security bloggers as they summarize the presentations.  I’ll post more on this as it gets closer. 
  3. If in your opinion the risk of iGoogle malware outweights the benefits, use your webfilter to block it.  Or block the installation of Google Gadgets.   You can still get all the benefits of Google.

Tags: , ,
Posted in Endpoint Security, Malware News, Security Matters, Threat Management, Web Security | No Comments »

Supreme Court Justice Breach

Wednesday, July 9th, 2008


 The Washington Post reported that late 2007, an employee of a McLean investment firm decided to trade some music, or maybe a movie, with like-minded users of the online file-sharing network LimeWire while using a company computer. In doing so, he inadvertently opened the private files of his firm, Wagner Resource Group, to the public.

That exposed the names, dates of birth and Social Security numbers of about 2,000 of the firm’s clients, including a number of high-powered lawyers and Supreme Court Justice Stephen G. Breyer.

The breach was not discovered for nearly six months.This is another demonstration of how common applications can create invisible holes in your firewall and compromise your organization.  PromiSEC’s Spectator could have prevented this by it’s policy manager without even installing any software on the desktop.  After creating a policy of “approved” software programs, Spectator can scan and enforce for “rogue” software, effectively stopping it and even uninstalling it automatically.   It can do this and much much more, for less than $50 per workstation. 

 Learn more here or call us for more information on how to prevent this from happening at your company.

  

 

 

Posted in Endpoint Security, Security Matters | No Comments »

USB Embarrasment

Monday, July 7th, 2008


This is the strory of how a $10 USB device impacted the US Navy and embarrassed the Japanese Military. 

Japan’s military has confessed to losing a USB device that contained troop deployment maps for a joint Japan-US military exercise.

In February of last year, a 33-year-old captain of the Ground Self-Defense Force (GSDF) reportedly stole the memory stick along with 2,000 yen in cash and a 10,000 yen airline coupon.

The GSDF previously announced a one month suspension for the apprehended officer for stealing the cash and coupon, but never mentioned the USB drive to the public.

According to Defense Minister Shigeru Ishiba, the force withheld the information because they didn’t want people on the internet searching for the data.

But the story is not over.  Shortly after that , a lieutenant colonel borrowed the USB device and lent it to a sergeant first class. The sergeant left it on his desk, where it was accidentally tossed.

This is a classic example of how “fragile” USB devices are.  Our recommendation is NOT to use them at your place of business UNLESS you are using some form of Endpoint Security solution such as PromiSec’s Spectator. 

For less than the cost of most high capacity USB drives today, you can secure each endpoint in your company and prevent a repeat of this incident. 

 

Tags: , , ,
Posted in Endpoint Security, Security Matters | No Comments »