Our CEO and Security Evangelist, Brent Huston, shares tips and strategies for keeping your data safe in this downloadable PDF.
Data Security Offers Peace of Mind for Credit Unions
Reply
Author Archives: Mary Rose Maguire
Twitter Annoys Me #marketing #security
I just deleted 172 twitter users who I was following but for varied reasons, were not following me back. Here is the irony: 90% of them followed me first.
I have initiated “the follow” with only a handful of people. Most of the people on my follow list happened because they followed me first and I reciprocated. (Emulating the Twitter powerhouse @GuyKawasaki, and all…) However, as I went down my list of those who were not following me, I laughed as I saw @YourBoyfriend, @CharlotteWeather, and others who I remember specifically following me first.
Those who join Twitter realize eventually that those they originally follow may not be as interesting as they thought they’d be. Or maybe they’re not “tweeting” as often. For me, tweeting is part of my job and I do enjoy letting others know about our innovative products and services. So I follow a lot of tech news sites. But for those of us using Twitter for business, we understand the point of Twitter is to start conversations. So it wasn’t painful to let go of @JohnCleese, who most likely won’t be purchasing a vulnerability assessment from us anytime soon but yet was slightly so with @RobertScoble, who I specifically remembered following me back because I mentioned it to my boss. But I kept @THErealDVORAK because I adore the “Cranky Geek” for his technological, humourous insights, even though he most likely will never respond to me.
It’s tempting to use Twitter as a bullhorn. It’s so simple to tap out those 140 characters and hit send. But if I try to start a conversation with you three times and you never respond, then it doesn’t seem to be beneficial for either of us. I admit I get annoyed when people don’t respond to a tweet directed to them when, say, they only have 4,572 followers. They way I look at it is this: If Guy Kawasaki (who has 234,732 followers) and Seth Godin (who isn’t on Twitter but yeah, he’s a big deal) can both respond to me personally, they guess what? So can you.
I admit I can do better with Twitter. I usually respond to everyone who sends me a tweet, whether it’s public or private. I enjoy helping others connect with someone who can help them. However, starting conversations around information security is sometimes tricky because I’m not a techie but yet an evangelist for our incredibly helpful products (like our HoneyPoint family, which is crazy-helpful for organizations). So although I may not be able to discuss in depth the pros and cons of cloud computing, I can point you to those in our organization who can.
The point is that Twitter is a powerful tool, but only when used by two people. It’s a tennis game, not a triathlon. Because when you drill down to the take-away for business, it’s all about the conversation and how you can help someone reach their goal. I still like the “win-win” phrase and hope that in 2010, I’ll have more of those types of conversations on Twitter.
How To Create a Social Media #Security Policy
Facebook now claims 300 million active users. And Twitter, has 6 million monthly unique visitors. As more employees use mobile devices and their desktops to access social media sites, it poses an increasing security risk both for user and organizations.
And according to a survey recently conducted by IANS, a Boston-based research company that focuses on information security issues, more companies are starting to address concerns by creating a social media policy.
Because social media will not likely disappear (In fact, more are more likely to develop.), an organization needs to create guidelines to help protect their confidential data. Here are a few things to consider when crafting your own policy:
- Communicate with employees and emphasize current policy. If it’s not acceptable to discuss new business at a live networking event, then it’s not acceptable to post it on Twitter or Facebook. The social media platform may change, but the principle remains the same. “Loose lips sink ships” isn’t just a quote for the military. You may already have a policy in place regarding sharing information. Include it in a social media policy.
- Use social media policies as an additional tool for your employee awareness program. When you develop a policy, and emphasize it with training classes, email reminders, or media – employees remember how important it is to protect the company’s intellectual property. As you explain to employees that social media just gave them a megaphone to broadcast; and with that comes responsibility, more of them will think twice before sharing something that they’ll know is inappropriate.
- Work with both the human resource and marketing department. To put a positive spin on usage, it’s good for employees to realize what they can post on their accounts. In fact, your employees can become an in-house public relations firm as they share with their followers the great things about their workplace. Allowing employees to have influence in an organization’s message will give them a sense of ownership in its success.
- Have a password vault available for each employee. One of the most common ways a hacker gains access to accounts is by discovering a password and then reusing that password to gain access to a person’s other social media accounts. KeePass is a great, open- source version to help secure passwords. Encourage employees to change passwords often.
Keep policies current to match new developments within the social media industry. Be as specific as possible and have ongoing awareness sessions to ensure everyone is on board. By planning ahead and communicating expectations clearly, a company can significantly decrease their level of vulnerability by an employee’s misuse of social media.
Social Media and Reputational Risk: 3 Ways to Keep It Real – And Safe
You have employees who are addicted to social media, updating their status, sharing everything from discovering a helpful business link to where they went for lunch. However, they also may be broadcasting information not intended for public consumption.
One of the most difficult tasks for an organization is conveying the importance of discretion for employees who use social media. Not only are organizations at risk from having their networks attacked, but they must protect their reputation and proprietary ideas. What makes these two areas difficult to protect is their mobile nature. Ideas are invisible and have a habit of popping into conversations – and not always with the people who should be hearing them. They can get lost or stolen without anyone knowing they’re even gone. Suddenly, you find your competitor releasing a great product to your market that you thought was yours alone.
If you want to decrease such liabilities, you have a few options. Initiate some guidelines for employees. Send friendly reminders from newsworthy “social-media-gone-bad” stories. The more employees know where an organization stands in regard to safe social media use, the more they can be smart about using it. Here are three basic rules to help them interact safely:
1. Don’t announce interviews, raises, new jobs, or new projects.
Talking about any of these sensitive topics on social networking sites can be damaging. If an employee suddenly announces to the world that they’re working on a new project with XYZ Company, there’s a good chance the news will be seen by a competitor. You may see them in the waiting room of your client on your next visit. One caveat: If you’re hiring, it’s a good thing. Your organization will be seen as successful and growing. However, those types of updates are usually best left to the HR department.
2. Don’t badmouth current or previous employers.
It’s good to remember what mom used to say, “If you don’t have anything positive to say, then say nothing at all.” The Internet never forgets. When an employee rants about either their past employer, or worse – their current one, it can poison a customer’s view of the organization. Nothing can kill the possibility of a new sale than hearing an employee broadcast sour grapes. If this is a common occurrence, it can give the image of a badly managed company. This isn’t the message to send to either customers or future employees.
3. Stay professional. Represent the organization’s values well.
Employees are often tempted to mix their personal and work information together when using social media. Although many times, such information can be benign, you don’t want to hear about an employee’s wild night at the local strip club. There are mixed opinions among experts whether an employee should establish a personal account, separate from their work life.
Emphasize your organization’s values and mission. Ask employees to TBP (Think Before Posting). Social media can be a good experience as long as its done responsibly.
We Have An iPhone App for Our Blog!
Our press release:
MSI RELEASES IPHONE APP FOR “STATE OF SECURITY” BLOG
MSI Offers Free Tool to Allow Access to Blog’s RSS Through iPhone App
COLUMBUS, Ohio January 26, 2010 — MicroSolved, Inc. (MSI) is pleased to introduce a fun free tool to add to a user’s iPhone app menu. Now readers of the “State of Security” blog can easily keep track of updates through a simple application that is available through Apple’s iTunes Store. The tool is designed to make it easier for security people to track emerging threats and stay up to date with security news.
MicroSolved’s “State of the Security” blog not only covers an array of security topics, but also is the launching pad for collaborative projects and quick online chats regarding “hot” threats of the day. The blog is very popular among security teams, CISOs and others with an interest in information security.
Those who would like to add the free application to their iPhone can download it here
Transcript From Aurora Vulnerability Chat
If you were unable to join us for the chat today, covering the Aurora Vulnerability, you can now view the transcript here.
FLASH Campfire Chat January 22 at 10 AM: The Aurora Vulnerability
Much media attention has been focused on the recent Internet Explorer vulnerabilities and the attacks and compromises of several large companies. Rumors are flying fast and furious around the Internet. Come learn about the technical exposures of these vulnerabilities, the suggest options for protection of your organization, and a discussion about what your peers are doing to manage this and other client-side attacks. Cut through the hype, ignore the hyperbole and let’s get down to the brass tacks. Attendees of this session will get an overview of the Aurora vulnerability, insights into client-side attack tactics and come away with suggestions for risk minimization.
Here are the details:
Date: Friday, January 22
Time: 10:00 AM EST
Location: Our Campfire Chat Room
Looking forward to seeing you there!
How Honeypots Can Help You
A honeypot is a trap set to detect or deflect attempts at unauthorized use of information systems. Generally it consists of a computer, data or a network site that appears to be part of a network but which is actually isolated and protected, and which seems to contain information that would be of value to attackers.
It is important to note that honeypots are not a solution in themselves. They are a tool. How much they can help you depends upon what you are trying to achieve.
There are two different types of honeypots: production and research. Production honeypots are typically used by companies and corporations. They’re easy to use and capture only limited information.
Research honeypots are more complex. They capture extensive information, and used primarily by research, military, or government organizations.
The purpose of a production honeypot is to mitigate risk to an organization. It’s part of the larger security strategy to detect threats. The purpose of a research honeypot is to collect data on the blackhat community. They are used to gather the general threats against an organization, enabling the organization to strategize their response and protect their data.
The value of honeypots lies in its simplicity. It’s technology that is intended to be compromised. There is little or no production traffic going to or from the device. This means that any time a connection is sent to the honeypot, it is most likely to be a probe, scan, or even attack. Any time a connection is initiated from the honeypot, this most likely means the honeypot was compromised. As we say about our HoneyPoint Security Server, any traffic going to or from the honeypot is, by definition, suspicious at best, malicious at worst. Now, this is not always the case. Mistakes do happen, such as an incorrect DNS entry or someone from accounting inputting the wrong IP address. But in general, most honeypot traffic represents unauthorized activity. What are the advantages to using honeypots?
- Honeypots collect very little data. What they do collect is normally of high value. This eliminates the noise, making it much easier to collect and archive data. One of the greatest problems in security is sifting through gigabytes of useless data to find something meaningful. Honeypots can give users the exact information they need in a quick and easy to understand format.
- Many security tools can drown in bandwidth usage or activity. NIDs (Network Intrusion Detection devices) may not be able to handle network activity, and important data can fall through the cracks. Centralized log servers may not be able to collect all the system logs, potentially dropping logs. The beauty of honeypots is that they only capture that which comes to them.
Many of our clients swear by our HoneyPoint family of products to help save resources. With its advantages, it’s easy to see why! Leveraging the power of honeypots is an excellent way to safeguard your data.
Project Honey Pot Finds Malware – And So Does MicroSolved’s HoneyPoint #Security Server
Project Honey Pot, a non-profit grassroots community of IT professionals founded in 2004 to capture and analyze malicious traffic, just captured its one billionth spam message. It is marking the opportunity by releasing its findings. They discovered that the number of computers co-opted as part of botnet operations has experienced a yearly average increase of 378%.
“Fortunately, Project Honey Pot’s coverage of active botnets has grown over time at an even faster rate. In 2006, we saw less than 20% of the active bots on any given day. Today we see more than 80%”, the Project said. Project Honey Pot is on a quest to find where spammers hide. They used the fact that botnet computers are primarily utilized for sending spam to do data analysis. It took the number of infected PCs in a country, divided by the number of Project Honey Pot members in the country, to create a ratio showing how friendly that country was to spam originating within its borders.
The Project also found that different types of spam campaign used harvested messages with varying speed. Product-based spam campaigns would build up a collection of harvested addresses for as long as a month before mailing them. On the other hand, they found that ‘fraud’ spammers who commit phishing scams, tended to send to and discard harvested addresses almost immediately.
We’re aware of these issues and have a potent weapon against such threats. Our HoneyPoint Security Server has been praised by our clients in helping them by providing more direct, targeted information on threats than anything they’ve experienced. HoneyPoint Security Server was born out of a three year initiative to break the attacker cycle. Its power and flexibility come from the underlying realization that attackers have a need for confidentiality, integrity and availability too. HoneyPoint leverages these needs and turns the tables on attackers at every opportunity.
While HoneyPoints seek to remove the confidentiality of attackers, we wanted to go beyond that basic approach. To accomplish this, MSI invented HornetPoints and HoneyPoint Trojans. HornetPoints also emulate typical services, but when they are probed, they don’t just alert – they engage in a patent- pending technique called “defensive fuzzing” that actively tampers with the attack results. In many cases, this actually breaks attacker tools and confuses all but the most focused of cyber-criminals.
HoneyPoint Trojans also make assaults on attacker integrity. These common appearing documents and files look just like any other juicy bits of target data, except these files hold a special secret – a sting. HoneyPoint Trojans alert security teams when they are interacted with, allowing you to find the source of illicit behavior and even track who is doing what as the Trojan is passed through the attacker underground. Imagine the impact that HoneyPoint Trojans have when attackers are afraid to read captured documents, unable to sort out what is real and what is a trap.
HoneyPoint Security Server can even target attacker availability. Using the incredibly flexible plugin architecture, it can easily be integrated with existing defense-in-depth tools such as routers, switches, firewalls and SEIM products. It can alert administrators for human responses or be a part of a fully automated security solution. Many of our clients depend on HoneyPoints and HornetPoints to drastically reduce their risk levels. Wouldn’t you love to stop wasting time by chasing ghosts and instead chase the real thing? Why not contact us today and let us help you do the same? Hackers aren’t waiting. Neither should you.
5 Tips to Secure Mobile Devices #security
Security with mobile devices, starts before they are added to an organization’s assets. Although it may take extra time, it will pay off in the long run if an organization researches mobile devices before purchasing. Not all devices are equal. Some, such as MP3 players, are built for a general consumer base and won’t have such security safeguards as a “smart phone.”
Here are some tips that can help decrease the possibility of a security breach:
1. Use encryption and authentication features. Create policies that will ensure encryption features are accessed and launched. Many people do not use the password function but what would happen if a smartphone fell into a stranger’s hands? Why make it easy for someone to access private data? Set up a password.
2. Create remote wipe capabilities and set up a “lost item” process. If a mobile device is lost or stolen, the IT department could remotely remove any sensitive information. Not everyone turns in a lost cell phone. Remotely wiping it of sales forecasts or strategy diagrams will keep your organization’s plans safe. Having a quick hotline for lost items will help IT staff confront a problem quickly and efficiently.
3. Be careful about third-party applications. Although some seem to be harmless, they can possibly be a back-door for attackers to access your internal network. By limiting unsigned third-party applications, an organization can close one more opportunity for data theft.
4. Create unique firewall policies. Those who have smartphones do not need to have access to all the databases in the network. Only allow access to the data that would most commonly be used.
5. Start considering software. As smartphones become more common, hackers will start to target them more often. Adding precautions such as equipping devices with intrusion prevention software is another good way to provide security. And although anti-virus software for smartphones aren’t common, it’s a good idea to keep watching for it. This type of software is bound to develop and be plentiful as more organizations use highly sophisticated smartphones, which are really small computing platforms.
IT managers may be reluctant to tackle the issue of securing mobile devices, they realize mobile devices aren’t going anywhere. Supporting a limited number of mobile devices may be the answer. Creating and enforcing a consistent review process, together with awareness programs, will help keep your company’s business, your business.