As the evolution of the lowly hard drive goes with the increase of storage capacity into the terabyte range and hardware based-encryption it seems that data cannot be more secure once it is stored within the said hard disk. Well, according to WindowsIt Pro, not totally for based on their testing of several hard drives that come as wireless removable storage devices you connect to your USB 2.0 ports, it ain’t that secure after all. The device/s tested was even secured by a wireless security key that used rfid technology to unlock the drive for use by authorized users only (which in the real world is anyone who has the keychain key).
The name and brand which we would not name for obvious reasons have indeed admitted the weakness and that the advertised capability of the drive was wrong. As it turns out, the true 128-bit AES security system was used only by the RF chip and the controller on the drive which was easily defeated by removing the drive from the case and connecting to a now standard SATA drive connector. The drive was encrypted, but not at the ‘military grade’ levels that were advertised for the encryption chip used only a basic encryption level which was not up to par with accepted high-encryption standards.
Both the manufacturers of the controller boards, casing and key, have acknowledged the flaw and promise a more robust system (which is to use a more secure encryption chip that is said to come out this year but is still only in development) by the end of the year. So we guess the false advertising with regards to the encryption standard of the drives should be changed from ‘Strong 128-bit AES encryption’ to ’standard encryption’, which would only be fair for people do make choices based on the products qualities and capabilities.
Tags: data-security, Encrypted Hard Drives, encryption
Categories: Backups, Cryptography, General, IT Security Basics, News, Physical Security, Real-World Issues, Security Policies, Storage
Security cameras in its many shapes and forms have evolved into more of a necessity rather than a luxury usually available to those firms who could afford it. Developments in CCD technology and miniaturization of electronics components have allowed the price to fall steady making them widely available and easy to deploy. Similar to webcams, IP based security systems like the one from LPM, are now more and more becoming well accepted for like VoIP, it allows the video feed from a site hundreds of miles away to be sent over the internet to a security center in the company’s security center allowing centralized monitoring of warehouses and other facilities that would otherwise need security personnel saving in manpower costs.
The technology has evolved to a point that all one needs for IP-based security surveillance monitoring is a peripheral card one installs into the standard PC and the necessary cameras that are desired. Another deterrent of security systems of past was the requirement for extensive cabling which can be quite costly if one wishes to monitor a large area which needs to have all supporting cabling installed (power, video feed cables, audio cables, etc.). The advent of the many wireless radio communication technologies have also contributed to ease of implementation allowing wireless communication between a site’s central console and it’s subordinate cameras, who then send the information through the internet to it’s security base which can be a few blocs to hundreds of miles away.
[tags]Security Systems, Video Surveillance, Remote Security Systems, Asset Protection [/tags]
Tags: Asset-Protection, IP-Based-Surveillance, Remote-Security-Systems, Security-Systems, Video-Surveillance
Categories: Backups, General, IT Security Basics, Network Security, News, Physical Security, Privacy & Anonymity, Real-World Issues, Security Policies, Storage
USB has been around for quite sometime and was designed to replace the interface capabilities of the old legacy standard. Today, most PC’s, Laptops and other peripherals have USB ports or have the capability of connecting to one such as keyboards, mice, digitizing pads, digital camera’s, video camera’s, flash disks and the device types goes on and on. They have become so common that many security experts warnings on their danger have gone unheeded, till now that is. Recent security holes and other problems associated with malware and viruses that have been transmitted through the USB port have risen to the point security people had to listen. These interface ports are quite convenient and easy to use that even the most beginner can plug an infected device such as a flash disk loaded with malware or viruses that they easily get through standard security. They are so small that physically banning them can be next to impossible and I’m sure you’ve read the several articles regarding the iPod which was connected to the corporate network…etc. Expert’s advice that to minimize their use for no good, disable them on-board or do not bother connecting them at all at the hardware level. This would render them truly unusable for some people however innocent of the workings of a PC or other computer type can enable them in the control panel easily. Unbeknownst to many, most devices that have flash memory can be used to store files other than video or pictures for they can be formatted using the operating system’s format utility or the propriety software such as iPod’s iTunes which can have even the most basic iPod Shuffle function as a flash disk allowing transport of say documents and other such files.
Tags: Flash-Drives, USB-devices, USB-Dongles
Categories: Backups, General, IT Security Basics, Malware, Network Security, Operating Systems, Physical Security, Security Policies, Storage, Tips
LG, one of Korea’s leading industry giants has announced the release of its Vaccine Flash Disk which will come in 512 to 8 Gigabyte models. The said hardware based protection is the company’s bet at getting it’s fair share of the Consumer Electronics market mainly in the computing industry. The said flash disk is pre-loaded with an anti-virus, malware protection which scans the system it is connected to removing and preventing further infection. The concept of hardware based malware protection has been in the works for quite sometime with motherboards that have anti-virus protection and hard disks that do the same. Flash disks have replaced the good old floppy in being the most prolific means of spreading of malware on earth. Being discreet and having ever larger capacities, they have been involved in infecting innocent computers and networks to corporate espionage and identity theft for their portability and small footprint being their worst trait.
Viruses and malware have long wreaked havoc on the computing industry since they were created in the 80’s and today’s viruses have gotten so sophisticated that even the FBI, CIA and other security and law enforcement agencies have become involved setting up their respective IT crimes divisions. The law has also caught up with steeper penalties and fines to offenders who do intentionally infect and create these malicious code that have caused millions of dollars in lost business revenue all over the globe. We should expect more of these hardware based-protection systems in the coming future for they might be the only way to protect media and other vulnerable Information Technology resources from attack.
Tags: Flash-disks, Vaccine-Flash-from-LG
Categories: General, IT Security Basics, Malware, Network Security, News, Real-World Issues, Security Policies, Storage
Wireless networks and ways of protecting them will top most of the IT Security issues for the coming year. Predictions place wireless networks to slowly take over the now existing networks and development into WiMax which has more coverage area in terms of distance compared to WiFi is making this a fast reality. Players in the WiMax development include the biggest names in the wireless network area such as Intel, Samsung, Motorola and many more. Innovations will continue to push the technology to better and improved performance like never before.
Studies also show that more and more workers are turning to wireless computing for their network and office needs doing what they do in the most unlikely places such as coffee shops and anywhere else they can get a stable and sustainable connection. It also raises ethics issues for people will no longer be out of reach of networks and equally their jobs. Family time and other more casual needs for privacy and quiet time will be secondary for your boss can always reach you anywhere on the planet there is coverage of a network.
The death of satellite based communications has spurred rapid development of Voip allowing anybody connected to the internet instant access to telephone-like services without the use of dedicated telephone lines. This saves on telephone bills and has been in use heavily initially with call centers and has now shifted to mainstream use so more is to be expected of the technology in the years to come which may ultimately result in the death of the standard telephone service many opting for high-speed internet access instead.
The release of the Quad-core processors and planned development of more multi-core microprocessors fuels the future of laptop supercomputers which may come in following years. This and all of the better and improved technology will allow computing to soar into new heights making them a mainstay in our everyday lives for the future.
[tags]Multi-core Processors, Mobile Computing, Mobile Workforce[/tags]
Tags: Security-Outlook-for-2008, Wireless Security
Categories: General, IT Security Basics, Network Security, Physical Security, Privacy & Anonymity, Real-World Issues, Security Policies, Storage, Wireless Security
The threat of IT security has reached such a level that even Interpol has gotten involved in the action. Many crime syndicates operate beyond the normal bounds of borders and business organizations that the Policing Agency has information for all concerned regarding the security and intrusion prevention of computer systems.
The said Interpol IT Security document aimed for investigators of crimes related to IT security, highlights the need for an established set of rules that should be enforced for all people in business or other locations such as the home and elsewhere. In the said document, there is an extensive article that deals with information interception which is now becoming the most prevalent form of attack on networked computers. Firewalls are also not that effective if not configured properly and the addition of an internal and other security is needed to increase the level of protection that is needed. File deletion as may of us in the IT community knows deletes only the directory entry of the said file and not the file itself. It can be compared to deletion of a filing cabinet label without actual removal of the folder that contains the document itself. Utilities like Wiperaser Ultra for clearing deleted data are available on the market which routinely scans all tagged free-space on a hard drive and erases all the data contained within. There are also utilities available for the recovery of deleted files like software from Handy Recovery, a data recovery software which can prove valuable in security breach investigations checking for unauthorized files in an employee’s workstation. There are even recovery companies who specialize in recovery of data from tragically destroyed hardware such as those that have suffered fire damage and many more such as SalvageData whose specialty is to recover information from damaged hardware.
Tags: Cyber-Crime, Interpol-It-Security, IT Security Basics
Categories: General, IT Security Basics, Malware, Network Security, Operating Systems, Real-World Issues, Security Policies, Storage, Tips
Flash drives have become commonplace in just about anyplace where we use computers. These compact digital storage devices have replaced floppy disks, cd’s and other bulkier forms of storage that used to be the easiest way to transport data from point A to B. It also has the convenience of being as small as a keychain or an eraser so it fits just about anywhere like your coat pocket.
Enough of the good sides and to the bad sides of this technology for they are truly a security risk for they can become a propagation media for many problems such as viruses, worms and even be used to sneak information in and out of the workplace. Tis’ true that many a security programs such as programs that check for viruses and other problematic stuff contained within them but it is still very hard to determine if it does indeed pose a threat to the company or others who might be using the systems they are connected to.
Even the portable media players have the capability to be formatted to not only carry music but information as well. Products like the Apple’s Ipod series can be configured to carry video, audio and data in the form of files and documents. The only sure way to screen these products for stolen information is to scan them individually for any suspicious data/information. Their ability to connect to just about anything that has a USB port tends to raise the risks further.
Responsible use and strict control in their use and bringing into the workplace might sound a bit too paranoid but when conducted in the proper manner might provide some protection. Entry into restricted areas such as data centers and other server areas must also be looked into due to the potential for information leakage and the introduction of viruses and other dangerous programs.
Tags: data-security, Flash-disks, Mp3-Players, portable-digital-data-storage
Categories: Backups, General, IT Security Basics, Malware, Network Security, Real-World Issues, Storage
Information is knowledge so information is power. Much so that data that is used, stored and shared within a business environment as all of us know is the subject of too much security that has data centers locked up away from the actual site. Some companies even have armored or secure clean rooms where if something was to happen in the actual office or work site the data center can survive anything under a nuclear blast. But most it professionals still forget the importance of integrity of data that is stored within these data centers.
Yes they have been secure for all the years the several servers have been sending and retrieving data to and from the data center but is the information that we work so hard to keep intact accurate? What if some malicious code somewhat managed to sneak past the thousand dollar anti-virus and other protective software? And has been wreaking havoc within the data center walls? I mean, they do not have to destroy or corrupt the data for as simple alteration of making 1’s into 0’s could be enough to reduce all the information stored within useless.
That is where redundancy comes in which many people now consider to be an old fashioned approach and a waste of important resources. Say a back-up tape/s of all the initial data that is updated with current data say yearly and processed with the same information that entered the data center in a parallel run to see if all was well. It might seem to be a lot of work and investment of manpower but it is assured to keep the integrity of all the information within, going in and out of all data centers. Say a 1,000,000.00 pension suddenly turned into a 1,100,000.00 pension, wouldn’t that ruin your day?
That’s why companies like RSA’s Enterprise Data Security offer in Data security and control systems to prevent such problems from arising in the first place. In any system, the weakest link is till the human operator who can easily misplace a file or other data that can make or break a company. So instead of having to develop their own systems for the same purpose, most opt to hire someone to do that job for them which allows the business to do what it was put up to do, earn a profit.
Tags: Data-integrity, Real-World-threats, security
Categories: Backups, General, IT Security Basics, Network Security, Privacy & Anonymity, Real-World Issues, Security Policies, Storage
It would only be normal to find shared folders in the default setup of Windows operating systems. This can be easily seen once a person would go to the explorer option of his computer where shared folders are waiting to be accessed. This is automatically made for access if people connect to a network and would not set the security policies and accessibility on a restricted basis which only allows administrators to access them.
The importance of setting security levels to avoid such access to folders is important. Not al people are aware of the harmful things an unauthorized user may do once he gets the chance to intrude in another person’s workstation. Aside from probable back-ups, a person may lose the files contained in such folders if he is not careful. Hence it is best to do the precautionary measures before hand to avoid unwanted avoidable circumstances would ensue.
[tags]shared folders, security policy, network security[/tags]
Tags: Network Security, security-policy, shared-folders
Categories: Backups, Cryptography, IM, IT Security Basics, Instant Messaging, Network Security, Physical Security, Privacy & Anonymity, Security Policies, Storage, Tips
Information gathered by a company will always be important and they should not be shared, disclosed or disregarded in any way, since they are the life stream that a company or organization thrives on. Normally, information would be stored in databases and only authorized personnel would have access to them for reference and study on current and probable studies for overall organizational performance.
The security of information is usually left to the jurisdiction of the database administrator and information technology section of companies. While some would consider this department as all computers and no importance, the position they actually hold is important and should be given notice.
Many would consider IT people as expendable, but the truth of the matter is, they bring the secret and the backbone of a company’s information gathering background, and should breaches be experienced, they would be the first ones to know how to do it.
[tags]information security, database administration, servers, network administration[/tags]
Tags: database-administration, information-security, network-administration, servers
Categories: Backups, IT Security Basics, Network Security, Privacy & Anonymity, Storage, Tips
As the evolution of the lowly hard drive goes with the increase of storage capacity into the terabyte range and hardware based-encryption it seems that data cannot be more secure once it is stored within the said hard disk. Well, according to WindowsIt Pro, not totally for based on their testing of several hard drives that come as wireless removable storage devices you connect to your USB 2.0 ports, it ain’t that secure after all. The device/s tested was even secured by a wireless security key that used rfid technology to unlock the drive for use by authorized users only (which in the real world is anyone who has the keychain key).
