Blog

Archive for the ‘Data Storage Security’ Category

« Older Entries
Newer Entries »

Protecting Your Data Is Easier with Zlock 3.0

Tuesday, July 26th, 2011

With Zlock 3.0, Zecurion has added a variety of features that make it easier to deploy on remote machines. Zlock 3.0 lets IT admins monitor the installation process on remote PCs, and enables the installation process to be halted and resumed–even picking up where it left off in the event of a power outage. Zecurion has also added separate authentication for Zecurion Users for authentication in environments where the Active Directory is not available.

Zlock is an endpoint security DLP solution that provides IT admins the ability to secure, monitor, and control computer ports and external devices to enforce data security policies and prevent exposure of sensitive data. Zlock guards against internal data leaks that occur when confidential data is printed, or copied onto unauthorized portable storage devices through unmanaged USB, LPT, Serial, Firewire, or other ports.

Zecurion recognizes that there are legitimate reasons to print and copy data, though, and those solutions that simply disable or block ports impact productivity and the ability of workers to get the job done. Zlock gives IT admins the flexibility to implement policies at a group, user, or device level, or even to limit data activity to designated times or specific devices. Visitors can be granted one-time usage rights that expire when the device is disconnected from the PC.

“The main target of the new Zlock version was increasing of scalability and ease of use across the enterprise,” says Alexey Raevsky, founder and CEO of Zecurion. “That’s why we implemented not only Zlock Enterprise Management Server, but also added support of Oracle Database as an archive for logs and shadow copies and many other features that will make Zlock deployment and management easy and pleasant.”

Click here to learn more about the latest release of Zlock.

Tags: , , , , ,
Posted in Data Storage Security | No Comments »

Prevent Network Data Leaks with Zgate

Sunday, July 10th, 2011

Your private and confidential data faces a real and growing danger of being leaked and exposed to the general public. Email, webmail, social networking, instant messaging, and other online channels provide ample opportunity for sensitive information to be compromised–whether intentionally or through honest error.

You need a gatekeeper–a tool that can monitor all of the various outbound network traffic and online communications to identify sensitive information and prevent it from leaving the network. Zgate is the tool you need, and an important part of Zecurion’s DLP (data loss prevention) solution.

With Zgate, data leaks are almost impossible. Zgate uses hybrid content analysis–combining digital fingerprints, Bayesian methods, and heuristic detection–to filter outbound traffic and detect confidential data with unmatched precision. Emails, social network posts, and other network communications with Social Security numbers, birth dates, and other sensitive information are detected to prevent it from leaving the network and being exposed.

Zgate also archives outbound data, providing you an opportunity for retrospective or forensic analysis. Zgate archives can help you understand which users are sending out sensitive data, what sensitive information is being shared or exposed, and where that data is heading. The Zgate archives can help you fine tune your data protection policies to prevent exposure of sensitive data.

The best part about Zgate is that it is the most cost-effective DLP solution when it comes to initial investment and deployment costs. Zgate offers a DLP solution that is easy to administer and maintain, at a price point that is within reach of even small and medium businesses that typically consider it too complex and expensive. For less than one percent of the costs incurred from an average data breach , your data can be automatically and completely protected.

Zgate is more than just a DLP product–it is cost-effective peace of mind enabling you to sleep soundly knowing that your sensitive data is safe.

Tags: , , , , ,
Posted in Data Storage Security | 1 Comment »

Texas Making Data Breach Headlines Once Again

Wednesday, June 15th, 2011

Just a couple months after the Texas State Comptroller’s office disclosed that it had exposed sensitive data on some 3.5 million residents, Texas is making data breach headlines again–albeit on a much smaller scale. A blog post from Austin’s KUTNews site explains, “As many as 4,900 current and former employees of the Texas Department of Assistive and Rehabilitative Services (DARS) may have had their personal information exposed in the latest data security breach involving state workers.”

Citing concern over interfering with the ongoing investigation by law enforcement, and not wanting to further compromise any data, the Texas agency is not yet sharing any details about how the breach may hve occurred, or–more importantly–what data has been exposed. From the perspective of the affected individual, there is a big difference between exposing only a name and address, or exposing more sensitive details like drivers license, Social Security, credit card data and such.

Given the relative ease with which hacking collectives like Anonymous and LulzSec are breaching networks and taking down Web servers, organizations of all sizes need to take a close look at their network security and data protection, and make sure it is locked down as tight as it can be. Employing tools to prevent sensitive data from being saved or transported on portable storage devices, or monitoring outbound network communications to ensure sensitive data doesn’t leave the network are crucial elements that organizations should employ to protect data.

Tags: , , ,
Posted in Data Storage Security | No Comments »

The Hackers Are Making It Look Too Easy

Tuesday, June 14th, 2011

When Anonymous took on the forces opposing Wikileaks, it had a sort of “Robin Hood-esque”, fighting for the underdog feel to it.

When Epsilon, and RSA Security were breached it was easy to write the attacks off as random, standalone occurrences.

When Sony got attacked–repeatedly–it was again easy to dismiss it as hacktivism.

Things have gotten out of hand. Between LulzSec and Anonymous, sites are being breached on a virtually daily basis. These hacking collectives seem to operate with relative impunity and make breaking into networks and servers look like stealing candy from a baby.

While it easy to condemn the actions of these groups, the ease with which they are hacking networks begs the question of whether or not there is more that organizations can or should be doing to secure their networks and lock down their data. There is no such thing as an impenetrable network. Given enough time, skill, and resources, attackers can find a way into any network. But, these attacks don’t seem to be taking the kind of time, skill, or resources that should be required for networks and data that are properly protected.

I do not condone the actions of the hacking collectives, but I do think they deserve some credit for poignantly demonstrating on a daily basis just how frail most network defenses and data security measures are.

Tags: , , , , , , ,
Posted in Data Storage Security, Security Breaches & Data Loss Incidents | No Comments »

If Bad Guys Steal Your Key, It’s Time to Change the Lock

Tuesday, May 31st, 2011

Earlier this year the network at RSA Security was breached and information related to SecurID authentication tokens was compromised. Since then, security experts have been waiting to see what the fallout would be, and now we know.

Lockheed-Martin revealed that its networks were targeted by attackers. The defense contractor has not specifically stated that the compromised RSA SecurID tokens were a factor, but clues support that conclusion. Thankfully, Lockheed-Martin was able to very quickly detect and identify the attack, and take swift action to protect data so that no sensitive information was compromised.

The situation basically amounts to knowing that a thief stole the keys to your house, but then not bothering to change the locks and hoping nothing will happen. In this analogy, Lockheed-Martin apparently had some well-trained attack dogs on the other side of the door to prevent intrusion. But, many companies of all sizes rely on RSA SecurID tokens, and not all of them have the security skills or resources of Lockheed-Martin.

Don’t just sit with your fingers crossed hoping the bad guys won’t show up. Change the locks. Make sure that the compromised RSA SecurID tokens can not be used to gain access to your network, and make sure you have tools in place to detect suspicious activity and prevent sensitive information from leaving the network.

Tags: , , , , ,
Posted in Data Storage Security | 2 Comments »

Sony Still Under Seige from Hackers

Wednesday, May 25th, 2011

Wow. Sony really pissed somebody off. It seems like every day there is news of another Sony network falling victim to attack.

Just in the past couple days one attack yielded 2,000 customer records, while another exposed 8,500 customer accounts. Of course, those are pocket change compared with the estimated 77 million accounts exposed by the hack of the Sony Playstation Network.

What is the lesson here, though. Is it that Sony pissed off the wrong hackers and other companies should try to stay more low profile so they don’t invite a similar wrath? Or, is it that Sony should have better network and data security so that hackers can’t just waltz in and take sensitive data?

I am going to suggest it is somewhere in the middle. Obviously, it is best not to poke the proverbial hornets’ nest, but you can’t let the possibility of offending cyber criminals dictate how you conduct business. That said, it seems equally obvious that Sony’s network defense and data protection is trivial for hackers to circumvent.

I think there is some danger for other organizations in assuming that the problem stems purely from Sony making enemies of the hackers in question–as if, had Sony not done that the data would be safe. Don’t assume that just because your network is not under seige like Sony, that it is impervious, or that your data couldn’t suffer a similar fate.

On the contrary, use this as a learning expeirence. To the extent you can–given whatever details Sony might reveal–assume that your network or data were under a similar attack and try to predict what would happen. Perhaps you can gain some valuable knowledge from the experience and put it to good use before your data gets exposed as well.

Tags: , , , , ,
Posted in Data Storage Security, Security Breaches & Data Loss Incidents | 4 Comments »

Locking Down That Last 10 Percent

Friday, May 20th, 2011

A recent article in PCWorld proclaims that Avoiding Data Loss Is Easier Than You Think. Sadly, that is all too true. But, the article also misses the mark on a couple points.

Al-Abdulla reveals that “In a recent CDW report on threat prevention, data loss emerged as the No. 1 cybersecurity challenge faced by medium and large businesses.” However, he goes on to explain that only 37 percent chose data loss as the biggest threat–so it may be the number one concern in the survey, but nearly two-thirds of those surveyed are oblivious.

The article provides some really good guidance to help organizations determine which data needs to be protected and why, how to craft an effective data security policy, and how to educate users to be more aware of data security issues and their part in protecting data.

Al-Abdullah then states that following these steps to define a clear, concise policy, and educating users can reduce data loss incidents by 90 percent. In the very next sentence, though, he says “If process change, user education and real-time notification can reduce risk by 90 percent, technological enforcement can narrow the remaining 10 percent.”

Do you see the difference? Where did that real-time notification piece come in? I agree that real-time monitoring and notification are crucial elements of data loss prevention, but Al-Abdullah never discusses any real-time notification solutions in the article, and just stated in the prior sentence that a clear policy and educated users alone could achieve that 90 percent protection.

I would say that a clear policy and user education is closer to half the battle, and that the technology that delivers the real-time monitoring and notification, and that actively enforces that policy to ensure that data is not exposed or compromised is the other half. A great policy without effective monitoring and enforcement is useless.

Tags: , , , , ,
Posted in Data Storage Security | No Comments »

Mix It Up! Don’t Use the Same Password Everywhere

Monday, May 16th, 2011

Recent cyber attacks have compromised millions upon millions of email addresses, usernames, and passwords. From small organizations like Dunes Family Health Clinic, to massive businesses like Epsilon, data breaches are a virtually daily occurrence.

Companies should be doing more to proactively protect data and prevent it from being compromised, but individuals can also do more to help themselves by making sure they don’t use the same username and password at different sites across the Internet.

A local Fox News affiliate database was hacked, and the email addresses and passwords of Fox News employees. The exposed information has led to compromised Twitter and Facebook accounts and some embarrassing messages allegedly “from” the Fox News people.

Hopefully your personal data will never be compromised. But, with the rate and scope of data breaches that seems unlikely. Take matters into your own hands, though, by making sure you use different usernames and passwords (and security verification questions) at different sites. If an attacker gets account credentials for one site,  that shouldn’t grant them the keys to every site you interact with.

Using the same username and password everywhere is like having one key that unlocks the front door of your house, starts your car, opens your locker at the gym, and gets access to your desk drawer at the office. If you lose that one key, you lose everything. Mix it up and make sure that each of the sites you use has its own unique “key”.

Tags: , , ,
Posted in Data Storage Security | No Comments »

The Most Important Protection for Your Backup Data Is Encryption

Friday, May 13th, 2011

A health provider in Oregon is learning the hard way that it is more important to protect the data on the backup media than it is to protect the backup media itself. Measures to protect backup tapes or external drives from theft or natural disaster have little affect on protecting the data when it tapes or drive are lost or stolen.

Dunes Family Health Care has issued a notice to about 16,000 current and former patients to let them know their personal information–including name, date of birth, clinical patient data, and in some cases Social Security numbers–has been compromised.

According to the notice, Dunes Family Health Care relied on a third-party to store and protect the backup media. They knew enough to A) backup their data, B) store it at an offsite location, and C) ensure that the backup media was protected against theft or natural disaster. The statement says, “The hard drive was stored in a locked, fire-protected building with limited access.” But, the drive was apparently stolen anyway, and Dunes Family Health Care forgot the most important step–encrypt the backup data itself so that it is safe even if the backup media is lost or stolen.

Posted in Data Storage Security, Security Breaches & Data Loss Incidents | 1 Comment »

Don’t Let Your Company Join the Data Breach Epidemic

Thursday, May 12th, 2011

I know I sound like a broken record, but it’s not my fault. You can’t go online, turn on the TV, or pick up a newspaper without seeing news of some major data breach exposing sensitive data on millions of users. Why?

Don’t get me wrong. I understand that there is no security silver bullet. Given an attacker with enough time, skill, and dedication, there is no server or network fortified such that it can’t be hacked. In fact, I think security administrators should keep the mindset that it is a matter of when, not if, a server will be hacked. But, as I have pointed out previously in this blog, a server breach does not have to be a data breach.

I wrote a consumer-oriented article detailing how individual users can take steps to try and protect their own data and shield it from being exposed by the companies they have entrusted it to. But, IT admins and security administrators also need to take proactive steps to prevent data from being compromised, and keep their own organization out of the headlines.

Data breaches are expensive. Really expensive. Never mind the fact that a data breach on your watch could cost you your job. Do yourself a favor. Save your organization the hassle and the money, and help preserve your job security by contacting Zecurion and finding out just how easy it is to protect your data and prevent your company from becoming a data breach epidemic statistic. Wouldn’t you rather be a hero than a fall guy?

Tags: , , , ,
Posted in Data Storage Security | No Comments »

« Older Entries
Newer Entries »