Measure and control IT security

AKS-Labs has released some metrics that are very useful for estimation of security risks. These metrics are:

- Identity Theft Risks;
- Security and Privacy;
- IT Security;

Check homepage for details.

In a recent article published on SearchSecurity.com, Ed Skoudis pointed out some useful tips for adapting security strategy of organizations going through a merger or acquisition.

Organizations involved in an M&A should consider the following security measures:

- Adapting IT security policies of both organizations involved in M&A
- Analyzing existing network architecture
- Eliminating LAN architecture differences (for instance, strengthening security of existing WiFi architecture)
- Creating security policy for laptops and portable devices
- Updating current security software solutions
- Implementing employee training on data security
- Monitoring user behavior (ongoing FTP or HTTP transfer scans, etc.)

So, in the end, to avoid information security threats during a merger, companies should have two main goals:
- A long-term alignment of policies, procedures and technology
- An augmented policy supported by a series of quick-hit technical defenses.

Successful execution of this two-pronged strategy can help merging companies significantly lower their risk exposure.

This blog is run by the authors of FindProtected.
FindProtected is a security program that allows you to search for password protected files. With FindProtected, you can effectively identify protected files containing sensitive data on your network.

IDC research finds that enterprise companies rank insider sources as their top security threat.

In addition, research from Carnegie Mellon University for the Department of Defense (DoD) finds that when it comes to insider attacks, 86 percent of perpetrators held technical positions. Of these, 57 percent performed the attack after termination.

Both reports found that insider attacks result in costly outages, lost business, legal liability and, inevitably, failed audits. In one case study, it took 115 employees 1,800 hours to restore data deleted by a disgruntled insider. At the time of the attack, the perpetrator was an ex-employee of the IT department who was able to remotely access key systems. According to these reports, IT insiders commonly acquire and maintain powerful system access using privileged accounts and passwords even after termination.

Here are six of the best practices recommended by Calum MacLeod (European director, Cyber-Ark Software) to battle insider menace:

1: Create an inventory of privileged (non-personal) passwords

2: Define the role of identity and access management (IAM)

3: Apply change policies to privileged passwords

4. Make sure privileged passwords are stored securely

5. Create a staged approach to deployment

6: Remember computers are people, too

See full story.

This blog is run by the authors of FindProtected.
FindProtected is a security program that allows you to search for password protected files. With FindProtected, you can effectively identify protected files containing sensitive data on your network.

Here are a few simple reminders to help prevent crooks and identity thieves from stealing your holiday spirit:

- Don’t carry your Social Security card with you: Identity thieves can use it to set up new accounts at different addresses without your approval, or your knowledge.

- Take care to remove your bank deposit slips from your purse or wallet as soon as you return home - they often contain important personal information that needs to be closely guarded.

- Carry only one (or at the most two) credit cards with you when you’re out shopping.

- Write the words “see picture ID” on all of your credit cards. While many clerks are trained to check photo identification, it doesn’t hurt to remind them.

- Guard against “shoulder surfers” - thieves hovering around you at the ATM or check-out scanner.

- Carefully shred your bank and credit card statements.

See full story.

We also recommend you to safeguard all sensitive information stored on your PC or PDA. Sensitive data stored on your computer should be protected with specific software tools and kept in a “safe place” on your hard drive or removable devices.

This blog is run by the authors of FindProtected.
FindProtected is a security program that allows you to search for password protected files. With FindProtected, you can effectively identify protected files containing sensitive data on your network.

According to the annual RSA Security Password Management Survey, 39 percent of business users in the Asia-Pacific region are required to change their passwords monthly, compared to 34 percent in Europe and 23 percent in the United States.

Over 1,340 respondents participated in the survey conducted last month, which for the first time polled respondents outside the United States. Participants from the United States and Canada made up about half of the respondents, while Europeans and Asians each accounted for 21 percent of the total surveyed.

John Worrall, the security vendor’s senior vice president of marketing, noted in the statement that “business passwords remain one of the weakest links in the security chain”, due partly to the number of passwords that end users are required to manage.

Respondents from Asia reported the highest levels of awareness of breaches relating to the use of passwords–35 percent said they know of a corporate security breach that occurred as a result of a compromised password. About 33 percent of participants in Europe, and 14 percent in the United States, gave the same response.

The high number of passwords that users globally have to manage is apparently a source of annoyance. Some 12 percent of respondents from the Asia-Pacific region and 15 percent of users in the United States, indicated that they were extremely frustrated over having to manage too many passwords at work.

See full article.

This blog is run by the authors of FindProtected.
FindProtected is a security program that allows you to search for password protected files. With FindProtected, you can effectively identify protected files containing sensitive data on your network.

The survey of nearly 200 IT security professionals, conducted at Europe’s largest information security event, Infosecurity, revealed:

Only 40 per cent of survey participants change administrative passwords monthly or more frequently; 30 per cent change them quarterly and a staggering 15 per cent never change IT administrative passwords.

A quarter also admit that their IT staff can access the administrative passwords without permission, which is a serious oversight considering it is these very passwords that are the most powerful and critical of all passwords, overriding all the others and enabling the “administrator” to access the network, systems and the very applications which provide the backbone of enterprises worldwide.

Twenty eight per cent keep their administrative passwords in their heads - while 38 per cent still resort to writing down their passwords and storing them on paper.

Less than a third (32 per cent) are storing administrative passwords digitally. The remainder continue to use labor-intensive, manual processes, including paper copies stored everywhere from locked cabinets to safes.

Twenty two per cent of respondents estimate that their colleagues are still keeping passwords on Post-It Notes, while 14 per cent use unsecured spreadsheet files - making it relatively easy for an infiltrator to access the administrative passwords.

According to tmcnet.com.

This blog is run by the authors of FindProtected.
FindProtected is a security program that allows you to search for password protected files. With FindProtected, you can effectively identify protected files containing sensitive data on your network.

An article by David Perry at IT-director.com describes the benefits and shortcomings of single sign-on authentication method:

“Fundamentally, Single Sign On (SSO) is a straightforward idea. You use a proxy device to authenticate a user, and the proxy then manages all the login idiosyncrasies of the applications they want to access”.

“The devil is, of course, in the detail. For example, how do you know how all of your enterprise applications manage their login? Does the proxy do this for you or do you have to write a login script for each one individually? If you deploy the solution and the application decides it wants a password refresh, is your helpdesk buried by calls from angry users who can’t get into the application and do their work?”

The other thing we need to realise is that SSO is not an authentication solution in itself; the connection to the proxy can be as open or tightly controlled as you like. An SSO proxy also needs to be 100% reliable, otherwise it will lock out all users from the system when it fails. Furthermore, security of the SSO solution itself is a big consideration as the proxy necessarily contains the login credentials and access rights of every user on the network.

However, if implemented appropriately, a well-executed SSO solution gives network and security managers a central point for implementing network policies, such as application access rights.

This blog is run by the authors of FindProtected.
FindProtected is an effective security program that allows you to search your network for password protected files. With FindProtected, you can properly identify protected files containing sensitive data on your network and relocate them if necessary.

Howard Schmidt, president and CEO of R&H Security Consulting LLC: “password management is a challenge for small firms”.

Hacking a small business doesn’t afford a hacker the same level of financial gain or infamy as a large target. However, “you can’t afford, as a small business, to take as many risks”.

Small businesses may need to rely more on automated security solutions than their larger counterparts, because they often don’t have enough personnel to manage security effectively.

As Dan Geer, vice-president and chief scientist at Verdasys, claimed, “it is better to implement what you have rather than be frozen by indecision… a good way to start is to keep a record of security procedures: Measure something, for heaven’s sake. Even if you don’t believe the number. There’s lots of things you can measure. I don’t think we can improve unless we can keep score.”

By keep tracking of the number of security incidents or the way patch management is handled between departments, a company can learn something about itself.

According to ITBusiness.ca.

This blog is run by the authors of FindProtected.
FindProtected is an effective security program that allows you to search your network for password protected files. With FindProtected, you can properly identify protected files containing sensitive data on your network and relocate them if necessary.

According to the article published recently at tmcnet.com, to prevent the information from being compromised from poorly protected servers, stolen laptops, or misplaced portable media, it is essential to encrypt all sensitive information stored on portable computers and media, including backup media.

“Although no federal laws or guidelines require encryption to protect confidential information, disk or data encryption is the easiest way to prevent unauthorized access.”

Here are some rules for protecting confidential data:

1. Create a data encryption information policy and educate employees.
2. Use a proven and secure software product.
3. Enable automatic encryption of data or the media it resides on.
4. Ensure that the password, passphrase, or secret key used to protect the data is nontrivial and stored securely.
5. Create and maintain a key escrow program so that encrypted data can be recovered if the main user loses the key.

“The hardest choices will be what to encrypt and what product to use. You can encrypt the entire media or just the data. Encrypting the entire media is a better choice because application software often leaves plain-text remnants of crypto-text in unprotected areas. An attacker using a bit-level analysis tool could extract the plain-text remnants.”

This blog is run by the authors of FindProtected.
FindProtected is an effective security program that allows you to search your network for password protected files. With FindProtected, you can properly identify protected files containing sensitive data on your network and relocate them if necessary.

A survey which has been conducted recently shows that most users are resorting to insecure methods to store passwords because they are being overwhelmed by the number of passwords needed to do their every day jobs.

According to the research, 25% of users keep passwords on a spreadsheet, 22% store them on a PDA while 15% simply write them down and keep them in a “safe place”.

People are forced to handle so many passwords that are not possible to remember. More than 25% of users handle over 13 different passwords, yet another 30% juggle with 6 to 12 passwords. What’s more, most employees in companies are recommended to change their passwords every 3 to 6 months. The passwords must be at least 8 characters wrong, include digits and letters and comply with all existing security standards. Besides, the newly changed password should by no means resemble the previous one.

In this relation, I found some interesting ideas in DMAC blog. From a security standpoint, all security measures continue to have the same flaw: “They are vulnerable to end user laziness”. In fact, a security solution is only as strong as its weakest link and “unfortunately it’s Bill the dad of 4 who doesn’t give two cents about your password policy”.

“Security and Laziness must combine”. We must transform the way we think as security professionals. We must put ourselves in Bill’s shoes. Security professionals and end users must reach a compromise.

This blog is run by the authors of FindProtected, an effective information security solution. With Find Protected, IT administrators can do a deep inspection into employees’ files aiming to enforce an intelligent data security policy across the organization.