GCN has the list of Top 10 “awfully bad” passwords.
Kanguru management tools, including the new KRMC Cloud, allow IT Managers to enforce strong passwords on USB Flash Drives. Prevent brute-force dictionary attacks and easy-to-guess passwords. Learn more about Kanguru password enforcement.
The Kanguru Remote Management Console (KRMC) for USB Flash Drives is now available as a Cloud-based subscription service.
KRMC is a powerful tool for managing Secure USB Drives throughout your organization. Lost drives can be remotely terminated, the help desk can remotely assist users, and all actions can be logged and audited for compliance. KRMC Enterprise Edition is currently being used by hospitals, banks, government agencies, and other large organizations to protect sensitive information. Now KRMC Cloud Edition is available for smaller organizations to get the same protection without investing in infrastructure.
Read the full announcement here.
A recent NY Times story on the Google – China confrontation mentions an increasingly common attack using USB flash drives to load malware.
Often, malware infections are a result of high-tech twists on old-fashioned cons. One scam, for example, involves small U.S.B. flash drives, left in a company parking lot, adorned with the company logo. Curious employees pick them up, put them in their computers and open what looks like an innocuous document. In fact, once run, it is software that collects passwords and other confidential information on a user’s computer and sends it to the attackers.
USB malware is a serious problem and Kanguru highly recommends using endpoint security to defend against these types of attacks. Portable flash drives may cause security concerns, but blocking them altogether can reduce worker productivity and cause major inconveniences. Endpoint security is an easy way to allow limited flash drive usage and still keep out unauthorized devices. That is why Kanguru has built USB Device Control directly into its Remote Management Console. Now organizations can remotely manage their secure devices and lockdown all others from one integrated console.
The latest issue of State Tech Magazine highlights a great feature of the Kanguru Defender and Defender Elite - the ability to track and manage USB drives in the field.
One feature of the Kanguru Defender drives that Conover appreciates is the ability to remotely set a password and wipe the drive clean if necessary. The agency has about 12 offices throughout the state, many of which are several hours away from headquarters in Albany.
For more info, view our Flash Presentation or contact your account manager at one of our authorized solution providers.
One of the lessons that can be drawn from last week’s massive flash drive recall is the importance of central management. Right now many organizations are scrambling to retrieve their formerly secure flash drives from all over the globe. Little thought has gone into things like patch management, because thumb drives have not been treated the same way as other information assurance products. That may change after this incident.
Kanguru Remote Management Console allows Kanguru’s Secure USB Drives to be updated remotely anywhere in the world. Not only can you modify the security settings and password requirements, but the device firmware itself can be updated without physical possesion of the drive. Audit logs keep track of which devices are up-to-date and which are out of compliance. Administrators can even create automated actions to disable drives that have not checked in for updates within a certain period of time.
Central management is key to lowering the overall cost of ownership when you factor in costly compliance issues and helpdesk support. Now we can add security updates to the list of cost savings.
Employees are willing to steal data from their employers and for the most part there is nothing being done to stop them. Two separate studies published this week show that insiders are walking off with customer lists, plans and proposals, and sensitive product information.
Dark Reading has more details -
Almost half of the respondents (48 percent) admitted if they were fired tomorrow they would take company information with them, Cyber-Ark says. Thirty-nine percent of people would download company/competitive information if they got wind that their job were at risk. A quarter of workers said the recession has made them feel less loyal toward their employers.
As we have noted before, much of the insider theft (42% in one survey) is committed with the help of USB flash drives. In response, Kanguru is developing management tools to give companies more control over their USB thumbdrive fleet. With KRMC, administrators currently have the power to remotely disable or delete employee flash drives when the individual is leaving the company. Next week Kanguru will be announcing a powerful new add-on module specifically designed to keep unauthorized flash drives out and prevent data leakage via USB devices.
Version 2.2 of the Kanguru Remote Management Console (KRMC) has a new feature that will make provisioning secure flash drives easier than ever. Administrators can now import directly from an Active Directory database and program Kanguru flash drives in an automated fashion. The drives will then be hard-coded with Employee data that can be tracked and logged including Name, Email and Phone Number.
While built-in encryption goes a long way towards securing your USB thumbdrives, KRMC goes a step further by providing control and accountability even after the drives have been distributed to employees. The logging and auditing features are extremely useful for showing compliance with HIPAA, GLBA, and a wide range of state laws that are popping up across the country.
The full press release is available at the Kanguru News website.
Today’s GCN Lab Review features a device that automatically cracks passwords on SD memory cards. The device, manufactured by ManTech, uses brute-force techniques to guess every word in the dictionary and then tries random combinations until it hits the password. Strong passwords can slow this process down, but unless there are brute-force protections built into the device, it is only a matter of time before the password is cracked.
This is a good opportunity to point out the brute-force protections that are standard on Kanguru secure USB flash drives. By default, Kanguru Defender and Defender Elite flash drives allow only 6 incorrect attempts before the drive is completely deleted and reformatted using a secure data wipe algorithm. Using Kanguru Administrator Tools, additional security measures can be configured, including:
These settings can also be remotely managed from anywhere in the world with Kanguru Remote Management Console.
Kanguru’s newly enhanced Administrator Tool is a stand-alone control panel that allows IT Administrators to customize the settings and policies on Kanguru Defender, Defender Elite and Bio AES encrypted flash drives. The Administrator tool can be used to configure and provision drives or program them to be remotely managed with KRMC.
Configurable options include:
The full press release is available here (PDF).
The proliferation of flash drives in today’s business environment is difficult for IT Administrators to get a handle on. Kanguru Administrator Tool is the first step in taking control of security policies for portable devices.
Kanguru is announcing that the next-generation Kanguru Defender Elite has begun the FIPS 140-2 testing process and is just months from being certified. Defender Elite is the newest member of the Defender product family and features:
Kanguru Defender Elite sets the standard for centrally managed secure drives.
Follow us on Twitter