With the proliferation of mobile devices, (tablets, smartphones, thumb drives, etc.) Bring Your Own Device (BYOD) has become a major concern for many organizations. Beyond accounting for company approved devices, Infosec Professionals also have to deal with many personal devices being connected to their networks.
A recent article posted on Dark Reading outlines these concerns, stating that “Organizations are concerned about the dangers posed by unauthorized mobile devices, according to a study published last week, but many aren’t sure what’s being done about it.”
This illustrates a disconnect between IT departments and management and, more importantly, a lack of strong policy in regard to BYOD. Read more…
Data Security
DLP and Endpoint Security applications are the backbone of many organizational IT security efforts, and rightfully so. Managing users, data and device access within your network is a key component of securing any sensitive or proprietary data. But what do you do when devices or data leaves the boundaries of your network?
Internal Security
Think of an organization’s network as a living, breathing organic entity. The more you ponder that concept, the more it seems about right. A firm’s network is constantly changing and evolving with new patches to operating systems, updates to the applications, addition of hardware devices, and lots of generated data.
Now add users with various personal devices that they plug into the network and the whole system is immediately compromised. This would include smart phones, flash drives, external hard drives, iPods or even DVD burners; as well as wireless devices. Read more…
Data Security
An excellent article was recently posted on Security Week regarding the use of encryption to prevent data breaches. As we’ve pointed out in the past, encryption should be mandatory in any instances where sensitive data is being handled. By requiring the use of encryption, IT and Infosec professionals can save their organizations time and money in the long term.
The Security Week article, entitled “The Encryption Advantage: Simple Steps to Protect your Valuable Information” does an excellent job of illustrating how using encryption can prevent costly fines.
Here is an excerpt: Read more…
Data Security
Free Cyber Security Webinar:
How to Minimize the Risks of a Data Breach/Cyber Attack
Kanguru Solutions has teamed up with Cyber Data Risk Managers LLC to host a FREE webinar on cyber security and infosec entitled “How to Minimize the Risks of a Data Breach/Cyber Attack.”
This free educational webinar will be presented on 10/25 to discuss data security, privacy and measures to take in the event of a data breach.
Details:
Date: Tuesday, October 25, 2011
Time: 10:00am to 11:00am Eastern Time
Presenters: Kevin Landt and Christine Marciano
Topics:
- Methods to protect your sensitive data.
- Why you need to protect your sensitive data.
- How to minimize the severity of security incidents.
- A look at recent security and data breach incidents.
- How to contain damage and minimize risks.
- Define an incident response plan.
- Q&A
To register for this event, click here.
Hope to see you there!
Data Security
As part of National Cyber Security Awareness Month (NCSAM), Kanguru has joined staysafeonline.org as a champion partner to help educate and extend awareness of cyber security and privacy issues. We encourage our partners and customers to join in to spread awareness of cyber security and help to educate the public on ways to stay safe online and with their personal data.
As part of our efforts, we will be doing a free educational webinar later this month and providing some promotions on our secure, encrypted flash drives.
Stay tuned for additional information.
Data Security
Our friends over at BitDefender have released a new Internet Security Suite. Checkout the review over on Infosec Island.
While you’re at it, also checkout Kanguru’s secure, encrypted flash drives featuring onboard BitDefender Anti-Virus for protecting your flash drives from malware.
Data Security, Malware
A recent article in Network World outlines the potential security threats of smart phones. The article explains how, much like flash drives (or thumb drives, whichever term you prefer), mobile phones can be used to potentially spread malware when plugged into a USB port for syncing or charging.
Compromised phones will infect computers they may plug into for otherwise legitimate reasons, much the same way malware such as Stuxnet found its way onto laptops via thumb drives, according to the “Emerging Cyber Threats Report 2012″ released at the Georgia Tech Cyber Security Summit 2011″
The report warns that “mobile phones will be a new on-ramp to planting malware on more secure devices.”
The article goes on to outline several other infosec threats posed by mobile phones as well.
For the full story, click here.
Data Security, Malware
Thousands of confidential medical records were loaded on a USB flash drive, which subsequently was stolen during a car break-in. Sound familiar? An increase in data breach notification laws throughout the US has brought to light hundreds of incidents that would have been glossed over in the past. In this case, the protected health information is covered under new regulations in HIPAA and the HiTECH Act of 2009.
According to the MetroWest Daily News, it’s unclear whether the incident will result in direct monetary damages but it certainly hasn’t been a public relations success:
Smith declined to say whether the loss of the records would be considered a violation of the Health Insurance Portability and Accountability Act - known as HIPAA - or whether the company could face penalties.
Under the Health Information Technology for Economic and Clinical Health Act of 2009, companies that experience a breach of health information covered by HIPAA for more than 500 patients are required to inform the patients and the media.
Data Security, Healthcare
Kanguru was featured in this months issue of “The Hacker News” with an article titled Insider Threats Vs. Hackers.
A short excerpt:
“Although the intent of a hacker is generally more insidious, the insider threat is more prevalent simply due to an employee’s access to company data. Insiders often have access to sensitive data without having to circumvent security measures designed to keep out external threats.”
To read the entire article, see this month’s PDF issue of “The Hacker News”.
Data Security
Co-authored by Nate Cote and Emmett Jorgensen
If you believe the media reports, IT threats are everywhere. Hackers, malware, trojans, social engineering attacks, botnets, stuxnet, zero day… It’s a wonder that any of us can safely navigate cyberspace.
Although the issue might be slightly overblown by the media, the risks are real. Case in point, a recent article posted on Information Week reports “Most Businesses Don’t Spot Hack Attacks“. If a hack or malware is present, but goes unnoticed, how can we be certain that there is nothing lurking on a machine that might be used to access our confidential data?
“Most people use their family computer for multiple purposes.” said Matthew Losanno, Senior Product Manager at Kanguru Solutions, a manufacturer of secure, encrypted storage devices. “Surfing Facebook, playing online games, managing the family finances, accessing retirement accounts, etc. It’s a scenario that carries a lot of potential risk. How will the user know if one of those pictures from a “friend” injected code onto the host machine? The list goes on and on.”
So what can be done to protect your sensitive data? Read more…
Data Security
Follow us on Twitter