Kanguru’s Emmett Jorgensen was just featured in Government Security News (GSN) as a guest columnist with an article entitled “Flash Drive Security goes beyond Encryption“.
The article has an infosec focus on newer developments in flash drive security including remote management, on-board anti-virus and more. Here is a short excerpt: Read more…
A recent article in Network World outlines the potential security threats of smart phones. The article explains how, much like flash drives (or thumb drives, whichever term you prefer), mobile phones can be used to potentially spread malware when plugged into a USB port for syncing or charging.
Compromised phones will infect computers they may plug into for otherwise legitimate reasons, much the same way malware such as Stuxnet found its way onto laptops via thumb drives, according to the “Emerging Cyber Threats Report 2012″ released at the Georgia Tech Cyber Security Summit 2011″
The report warns that “mobile phones will be a new on-ramp to planting malware on more secure devices.”
The article goes on to outline several other infosec threats posed by mobile phones as well.
For the full story, click here.
Thousands of confidential medical records were loaded on a USB flash drive, which subsequently was stolen during a car break-in. Sound familiar? An increase in data breach notification laws throughout the US has brought to light hundreds of incidents that would have been glossed over in the past. In this case, the protected health information is covered under new regulations in HIPAA and the HiTECH Act of 2009.
According to the MetroWest Daily News, it’s unclear whether the incident will result in direct monetary damages but it certainly hasn’t been a public relations success:
Smith declined to say whether the loss of the records would be considered a violation of the Health Insurance Portability and Accountability Act - known as HIPAA - or whether the company could face penalties.
Under the Health Information Technology for Economic and Clinical Health Act of 2009, companies that experience a breach of health information covered by HIPAA for more than 500 patients are required to inform the patients and the media.
OHIO - News Talk Radio Whio.com reports that the Montgomery County Department of Job and Family Services has lost a flash drive containing the personal information of 1,200 people. The drive contained the names and social security numbers of people serviced at the Transition Center on Dryden Road in Moraine between 2005 and 2010.
It is not indicated whether the thumb drive, missing since August, was encrypted or not. The county, however, is offering one year of free identity protection for those whose information might have been compromised.
For the full story, click here.
Kanguru is pleased to announce that it’s Kanguru Defender family of secure USB flash drives is now available through local distributors and resellers throughout the Asia-Pacific region. Kanguru works with local partners to ensure that the security and manageability meet the requirements of a diverse user base. Both government and private sector organizations in this region are turning to Kanguru to protect their mobile data from unauthorized use.
In Australia, Sydney-based distributor Bellridge Pty Limited can provide the full range of Kanguru Defender flash drives and the Kanguru Remote Management Console for central provisioning and control of remote devices. Bellridge also has representatives in New Zealand.
Halodata International has launched the Kanguru product line in Singapore and Malaysia, as well as Indonesia through it’s PT Halodata Indonesia subsidiary. Halodata is a security specialist that supplies a full range of hardware and software products for protecting your network and portable devices.
A recent article posted in Information Week details some interesting trends related to USB Flash Drive usage and security. According to the story “In the past two years, 70% of businesses have traced the loss of sensitive or confidential information to USB flash memory sticks”
Flash drives are incredibly useful; however, as the Information Week article shows, their tiny size and massive storage capacity make them a security threat as well. Although encryption seems like it would be a requirement for organizations dealing with sensitive data, it seems that more often than not, flash drives aren’t encrypted.
With that in mind, here is a list of recent flash drive security snafu’s: Read more…
InformationWeek highlights a new study showing that malware on USB sticks is wreaking havoc on information security. The new survey by the Ponemon Institute found:
In the past two years, 70% of businesses have traced the loss of sensitive or confidential information to USB flash memory sticks. While such losses can obviously occur when the devices get lost or stolen, 55% of those incidents are likely related to malware-infected devices that introduced malicious code onto corporate networks.
Most of the respondents do not have any form of endpoint security in place, or don’t enforce their own USB security policies. Cost may be an important factor as “75% of respondents said they wouldn’t pay a premium to ensure that USB drives are safe and secure.”
Setting aside the fact that this is short-sighted given the cost of a data breach, you don’t need to break the bank to secure your USB drives. The Kanguru Defender Basic features automatically enforced military-grade encryption, plus an onboard anti-virus scanner to prevent malicious code from entering your network. Best of all, it’s available at a mainstream price.
For several years now flash drives have been used as a marketing/promotional tool, but this latest news takes the cake. It appears that rock band, The Flaming Lips, are currently distributing new music on flash drives which are encased in gummy frogs, gummy skulls and gummy fetuses. (Yes, you read that last part right.)
The promotion coincides with the newest Flaming Lips Tour, in which singer Wayne Coyne bounces around the audience inside a large bubble. If you’re a fan, you can catch The Flaming Lips live in Boston Wednesday, 7/27/11 for your chance to get a gummy covered flash drive with new Flaming Lips songs.
For more info, check out this article in the Boston Herald.
FYI - Kanguru can custom engrave flash drives for your organizational or promotional needs, however, we are currently back-ordered on our gummy skulls. 
Electronic medical records are the future, and the government is encouraging their adoption through the HITECH act. InfoSecurity.com has analysis of the first phase of HITECH:
Phase I implementation (2011–2014) provides a graduated series of financial incentives to physicians and hospitals. At the same time, certain information security measures must be implemented along with the expanded use of electronic health records and information exchanges.
For healthcare facilities, these security measures include implementation of access control; data integrity; emergency management; encryption of data at rest, in motion, and removable media; identity proofing; log analysis and management; and system timeout.
Healthcare organizations are advised to use an encryption algorithm that meets FIPS 197 standards or better. It’s important to ask your vendor about their encryption certifications, as not all password-protected devices are truly secure.
Kanguru is pleased to announce that the Defender Elite encrypted USB flash drive is now undergoing evaluation for Common Criteria EAL2+.
Common Criteria is an internationally recognized security evaluation program developed to ensure an information technology product or service meets a variety of robust government security standards. There are currently 36 nations, worldwide, which mutually recognize the merits of the Common Criteria Standard. Kanguru’s evaluation is being overseen by the German Federal Office for Information Security (Bundesamt fur Sicherheit in der Informationstechnik (BSI)).
“By undergoing the Common Criteria evaluation, we continue to position ourselves on top of the secure portable data storage industry.” said Don Brown, CEO of Kanguru. “Common Criteria, along with our fully manageable devices and current FIPS 140-2 Validations, distinguishes our products and services as the most secure, manageable and feature rich in the portable data storage industry.”
Read more.
Follow us on Twitter