By Ken Lee
Quickly, name a gadget that didn’t even exist in the year 2000 but has since transformed our culture and the way we live today. 99% of you probably answered with MP3 player, tablet computer, GPS, e-Reader or smart phone. What do all of these devices have in common? For one thing, they are all super portable, and that feature is due to the unbridled success of Flash memory.
The development and maturation of NAND Flash as an affordable, non-volatile, solid-state data storage solution has helped usher in an era of mobile technology. It has allowed us to invent gadgets that simply would not have worked if incorporated with spinning platter drives.
However, after a decade of revolutionizing the technology industry, Flash is reaching its limits for further development. In order to increase Flash’s maximum capacity manufacturers have been shrinking the distance between transistors on flash chips over the years. Read more…
Portable Storage
Thousands of confidential medical records were loaded on a USB flash drive, which subsequently was stolen during a car break-in. Sound familiar? An increase in data breach notification laws throughout the US has brought to light hundreds of incidents that would have been glossed over in the past. In this case, the protected health information is covered under new regulations in HIPAA and the HiTECH Act of 2009.
According to the MetroWest Daily News, it’s unclear whether the incident will result in direct monetary damages but it certainly hasn’t been a public relations success:
Smith declined to say whether the loss of the records would be considered a violation of the Health Insurance Portability and Accountability Act - known as HIPAA - or whether the company could face penalties.
Under the Health Information Technology for Economic and Clinical Health Act of 2009, companies that experience a breach of health information covered by HIPAA for more than 500 patients are required to inform the patients and the media.
Data Security, Healthcare
Kanguru was featured in this months issue of “The Hacker News” with an article titled Insider Threats Vs. Hackers.
A short excerpt:
“Although the intent of a hacker is generally more insidious, the insider threat is more prevalent simply due to an employee’s access to company data. Insiders often have access to sensitive data without having to circumvent security measures designed to keep out external threats.”
To read the entire article, see this month’s PDF issue of “The Hacker News”.
Data Security
Co-authored by Nate Cote and Emmett Jorgensen
If you believe the media reports, IT threats are everywhere. Hackers, malware, trojans, social engineering attacks, botnets, stuxnet, zero day… It’s a wonder that any of us can safely navigate cyberspace.
Although the issue might be slightly overblown by the media, the risks are real. Case in point, a recent article posted on Information Week reports “Most Businesses Don’t Spot Hack Attacks“. If a hack or malware is present, but goes unnoticed, how can we be certain that there is nothing lurking on a machine that might be used to access our confidential data?
“Most people use their family computer for multiple purposes.” said Matthew Losanno, Senior Product Manager at Kanguru Solutions, a manufacturer of secure, encrypted storage devices. “Surfing Facebook, playing online games, managing the family finances, accessing retirement accounts, etc. It’s a scenario that carries a lot of potential risk. How will the user know if one of those pictures from a “friend” injected code onto the host machine? The list goes on and on.”
So what can be done to protect your sensitive data? Read more…
Data Security
If you’re a fan of the comic strip Dilbert and work in IT or Infosec, this comic is for you.
(Marketing note - Must find a way to introduce Dilbert to Kanguru’s secure flash drives with onboard anti-virus!)
Data Security
According to TechEye, another NHS Trust has exposed confidential patient information by storing it on an unencrypted USB drive, which promptly disappeared. This is a continuing issue for NHS.
The Surrey and Sussex Healthcare NHS Trust patient records were lost in September 2010. Shockingly, the details were on an unencrypted memory stick and worse, the 800 affected patients were never told. Leaked details include full name, date of birth and operation details.
Kanguru strongly recommends that all healthcare organizations protect patient data by using mandatory hardware encryption on all portable devices. The Kanguru Defender Elite secure flash drive is completing Common Criteria certification and is now available in the UK and throughout Europe. It’s an ideal solution for healthcare data protection.
Data Security, Healthcare
Bill Brenner at CSO Online recently posted an interesting Blog regarding a survey done on Social Media risks in the workplace.
A snapshot of the results:
•63 percent of respondents believe employees’ use of social media in the workplace represents a serious security threat to their organization.
•52 percent of organizations experienced an increase in malware attacks as a result of employees’ use of social media.
•Only 29 percent said that their organizations have necessary social media security controls.
To read the full blog, click here.
Data Security
Flash drives have revolutionized the business world with their convenience and portability; however, for infosec professionals, flash drives are a dual edged sword. Their tiny size often makes them easy to lose and their storage capacity allows massive amounts of potentially sensitive data to be stored and transported on them.
If lost or stolen, a single unencrypted flash drive has the potential to cause a massive data breach.
So how can infosec professionals deal with flash drives? Read more…
Data Security
German distributor OPTIMAL System-Beratung will be showcasing Kanguru’s secure, encrypted storage devices at the upcoming IT Security Expo, IT-SA in Nuremberg, Germany, October 11-13th.
On hand will be the Kanguru Defender Elite secure, encrypted flash drives, Kanguru Remote Management Console (KRMC), and RocIT Defender Virtual OS on an encrypted thumb drive as well as next generation storage products.
Kanguru’s encrypted flash drives are some of the world’s most secure; offering 256-bit hardware encryption, onboard anti-virus, tamper resistant designs, optional remote management and more.
The Kanguru Defender Elite is also currently undergoing Common Criteria testing. The Common Criteria testing level has been designated as Evaluation Assurance Level 2 Augmented (EAL2+); meeting level 2 assurances while being augmented with flaw remediation. The testing is being overseen by the German Federal Office for Information Security (Bundesamt fur Sicherheit in der Informationstechnik (BSI)).
OPTIMAL System-Beratung is a value added distributor with focus on client management and workflow, document management and IT security.
Register for the event here.
Data Security, Events
Businesses take note: Data breaches have a far greater impact than just potential fines.
With several high profile data breaches this year, federal regulators have been quick to propose data breach notification bills and heavy fines for organizations that fail to keep sensitive and confidential information safe.
The real concern for organizations that have experienced a data breach, however, should be customer confidence.
A recent article in the Tech Journal (techjournalsouth.com) delves into the effects of data breaches, using survey information to demonstrate how they affect customer loyalty and confidence. Read more…
Data Security
Follow us on Twitter