The Boston Herald has details on a bank executive who resigned and then left with thousands of documents belonging to his former employer, Boston Private Bank & Trust Co.

In a suit filed in U.S. District Court on Monday, Boston Private Bank & Trust accuses former lending executive Todd Rassiger of stealing proprietary information that benefits his new employer, First Republic Bank.

The 24-page lawsuit alleges that before his resignation from Boston Private Bank & Trust Co., Rassiger attached personal USB flash drives to his bank-issued computer and downloaded more than 1,500 documents, many of which included highly confidential and proprietary information.

These days, companies need to be concerned with both external cyberattacks as well as the threat posed by insiders who have access to sensitive data.  Our recent post highlights the need for endpoint security, which can block personal flash drives and keep an audit log of which files are downloaded. 

We also highly recommend remote management capabilities for all portable devices like smartphones and storage devices.  Kanguru’s Remote Management Console can be used to instantly revoke device access from employees who are leaving the organization.  Their company-issued USB drive will be remotely disabled or deleted the next time it’s plugged in.

Data Security, Financial, Portable Storage

Here at Kanguru we frequently talk about encrypting and securing your mobile data, but sometimes don’t stress enough the importance of tracking and monitoring data usage.  As important as it is to secure your data, it is equally important to know where it is going. 

When an employee leaves the office for the day, taking his work with him on a flash drive, where is that data going?  A quick stop by the local coffee shop and opened up on one of their unsecure wireless networks?  To an unsecure home computer? 

These possibilities along with the risks associated with them are why Kanguru emphasizes a total security solution.  This can be especially advantageous to organizations that are required to meet security regulations like HIPAA, the Hitech Act or any one of the many state-level data breach laws. 

Tracking and monitoring can be done via Kanguru’s Remote Management Console and USB Device Control, a tandem of products designed specifically to allow organizations to keep tabs on and secure their portable data. 

It’s time to look beyond encryption and recognize the importance of end point security as a key element to the overall big picture of securing your data.  Some options to look for in endpoint security and remote management:

1.) Device Control - Control what, when and how USB devices are allowed to access your computers

2.) IP and Domain Control - Manage which IP addresses and/or domains are allowable for devices to access via whitelist and blacklist methodology.

3.) Auditing and Reporting - Get a full audit trail with detailed graphical reporting and the ability to export both customizable audit logs and graphs for external analysis to ensure proper compliance.

4.) Remote Provisioning - Remotely manage security policy changes from a single location. Control password complexity, password expiration, software updates, patches, A/V definitions, online and offline access, and more.

Data Security

Don’t let an unsecure flash drive cause business disruption, productivity loss, revenue loss, and fines.

Recent events in the news have demonstrated the ease with which portable devices can be used to steal confidential data.

Avoid your own personal Wikileaks by securing your USB flash drives.  Kanguru’s secure flash drives and remote management capabilities provide excellent protection against data leaks.

The Kanguru Defender Elite coupled with Kanguru Remote Management Console (KRMC) give CIO’s and CISO’s an unprecedented level of control over their flash drives.  Data breaches can be prevented with features such as:

Remote Disable/Delete - Remotely disable or delete devices compromised by rogue employees to protect sensitive information and prevent data breaches.

Domain/IP Control - Restrict drive usage to approved domains & IP ranges and prevent unauthorized use in external networks.

Offline Restrictions - Control whether devices can be used offline. Prevent unauthorized use in external networks.

Auditing and Reporting - KRMC enforces a full audit trail with detailed graphical reporting and the ability to export both customizable audit logs and graphs for external analysis to ensure proper compliance.

Data Security, Financial, Government, Portable Storage

Many organizations are looking for new ways to increase the productivity of offsite users.  This no longer includes just the field team, but is now including more general employees who can be enabled to work from home.  The US Government is extending its Telework policy with this sort of flexible arrangement in mind.

Security and managability are key issues to consider in a Telework policy.  Kanguru and Absolute ID have designed the RocIT Defender virtual platform with these priorities in mind.

1. Secure, Portable Operating System on a hardware encrypted flash drive.  (FIPS 140-2 version available)

2. Not vulnerable to infection by malware and viruses on untrusted machines. Device can bypass all of this!

3. Can be remotely managed: delete lost or stolen drives, update files on device, etc.

4. Lower total cost of ownership with stronger security than notebook and tablet computers.

Find out more about the RocIT Defender “PC on a Stick” at our website.

Data Security, Government

UPI is reporting on a story from South Korea’s Yonhap News Agency, which has all the ingredients of a great mystery plot:  Secret battle plans, a missing USB flash drive and a potential cover-up.

“The military unit, the DSC and ministry of defense were all informed of the case but never took action,” a source said in the Yonhap report. “It (the drive) contains confidential information on national security, but nobody knows where it is.”

The story lacks detail, but it’s not a stretch to believe that a large organization has know idea where it’s IT assets are.  This is a common problem.

Kanguru’s Remote Management Console solves this issue for USB flash drives.  Administrators can view exactly when and where each device is being used.  The moment that a drive is reported missing, an automatic delete or disable command can be issued from the console.

Data Security, Government, Portable Storage

The loss of portable devices is gaining more attention as companies strive to balance security concerns with user productivity.  Last week, a group of experts gathered to discuss laptops in particular.

Intel on Thursday brought together a panel of technology security experts to discuss the findings of a recent survey it sponsored, entitled, “The Billion Dollar Lost Laptop Problem.” Conducted by Ponemon Institute, the survey gathered data from 329 organizations that have lost a total of more than 86,000 laptops worth a combined $2.1 billion in the past year. Forty-six percent of these systems contained confidential data, but 70 percent lacked basic precautions including encryption, back-up and anti-theft technology.

The numbers are similarly scary for portable storage devices like USB flash drives.  While these drives are extremely convenient for employees, the data stored on the drives needs to be protected.

Members of the panel pointed out two key areas for improving security.  One was implementing security controls that don’t require user intervention.  When implementing encryption, it should be seamless and automatically enforced.  Another method of improving security is to include a remote kill or disable technology, so that lost devices can be locked down and secure from leaking data.  Making these features standard in portable devices will go a long way toward preventing future data breaches.

Data Security, Portable Storage

German IT distributor, OPTIMAL System-Beratung, was overwhelmed by visitors’ interest in the Kanguru Defender Elite at the it-sa security convention in Nuremberg, and the local press is beginning to take notice as well.

“The experts were particularly interested in the virtual operating system and enterprise-wide management of the sticks,” said Bert Rheinbach, managing director of OPTIMAL System-Beratung.

Read more:

Cartoon explains the most secure USB Stick in the world, Elektronik Praxis (german)

How the most secure USB flash drive in the world works, CRN.de (german)

Need translation tools?

Data Security, Portable Storage

Check out the new cartoon “Bad Luck, Good Luck” starring the Kanguru Defender Elite. No chance for data thieves!

Data Security

Kanguru is introducing the new RocIT Defender Elite platform to US Army technology experts at the 2010 LandWarNet Conference this week.  RocIT Defender Elite is a Secure Mobile Operating System designed to meet military security needs, including support for CAC, PIV and Smart Cards.  Instead of using an untrusted host computer, users boot directly to a secure virtual OS running on the encrypted USB flash drive.  The local hardware is completely bypassed.  RocIT Defender Elite leaves no footprint on the host computer - meaning your privacy and data are secure.

Data Security

11 Things You Can Do With Kanguru Defender Elite Encrypted Flash Drives

1. Communicate security policy changes and updates directly to the drive and enforce changes as necessary via remote management.
2. Audit drive usage to ensure policy updates.
3. Create lists (whitelist/blacklist) of approved IP ranges so that drives are only used in trusted locations.
4. Track device usage and location via IP addresses.
5. Set a master password for administrator access.
6. Immunize any PC or Laptop with Defender Elite’s onboard Anti-Virus.
7. Disable and/or delete devices that have been lost or stolen.
8. Meet regulatory requirements through the use of a verifiable security audit trail.
9. Track device activity on each workstation/computer using Kanguru USB Device Control.
10. Revoke drive access to former employees still in possession of their drives.  (Particularly useful if their drive contains proprietary company info.)
11. Sleep well knowing that 100% of your data is secure!

Data Security