Login, change your address, subscribe to new or manage current magazines or e-newsletter subscriptions
IT World Events
Site Map - Affiliates
Computerworld Publication PageNetworkWorld Publication PageCIO Canada Publication PageITJobUniverse.ca - The Information, Communication and Technology (ICT) Job Board
Enter your  QUICKLINK number to go directly to that article.
Advanced Search
Knowledge Centres
Content Types
Featured White Papers
Gartner Research Note "Boost SharePoint Performance with an Application Delivery Network"Gartner Research Note "Boost SharePoint Performance with an Application Delivery Network"
Provided by: Citrix
read more
From fear to value: CIO strategies for propelling business through the economic crisisFrom fear to value: CIO strategies for propelling business through the economic crisis
Provided by: IBM
read more
Reaping the rewards of your service-oriented architecture infrastructureReaping the rewards of your service-oriented architecture infrastructure
Provided by: IBM
read more
Yuk it Up
Featured White Papers
Download the Network Barometer Report, which aggregates findings from secure network infrastructure assessments conducted for more than 150 organisations around the world. It provides some surprising stats on the state of network (un)readiness prevalent today; the reasons why organisations are failing at remediating known vulnerabilities; recommendations on assessing your own infrastructure, and on ways to improve your state of readiness to support the business; and more.
Early-generation server load-balancing technology has proven to be an invaluable asset, especially for organizations hosting widely utilized Web applications. But business requirements evolve, as do the processes and technologies used to fulfill them. The many changes and trends that have taken hold since SLBs were first introduced expose the need for enterprises to step up from a simple load-balancing solution to a more comprehensive application delivery solution . This paper is intended to serve as a guide for organizations looking to replace their early-generation SLBs, providing details on the top eight criteria to use during an evaluation process.
Featured Spotlight
Keep up on who's hiring, who's downsizing and how the government is helping. News, job opportunities, recruiters and employment lawyers are all available.
Sign-Up for
Security
eNewsletter Delivered Weekly
Click here
Page 1 of 2

Digg it Twitter

End the endpoint security breaches

By: Vawn Himmelsbach - ComputerWorld Canada  (07 Mar 2008)

Mobile devices and USB sticks offer portability, but also a lot of problems. Watch for these warning signs

Many companies do a good job of protecting their perimeter. They install firewalls to keep the bad guys out of their corporate network. They use anti-virus software and intrusion detection. But with the proliferation of mobile devices — from smartphones to USB keys — it’s becoming easy to bypass that perimeter security and go straight to the endpoints. And that’s why endpoint security is becoming such a critical part of an overall security strategy.

But most companies aren’t even focused on protecting laptops, let alone mobile and mass storage devices. “They consider them nothing more than desktop computers,” said Claudiu Popa, president of Informatica Security Corp. “It’s just another category in their technology inventory — they don’t realize those systems need to be differently secured than desktops because they spend time in cars and left on the kitchen counter at home.” There’s a tremendous increase in the number of break-ins that result in data theft, he added, but they take place at the employee’s home rather than the workplace.

With mobile devices, it’s possible to bypass most of a company’s gateway security and get right down to the endpoints. And that highlights the need for endpoint security, said Derek Manky, security research engineer with Fortinet.

1. Smart phones have dumb security Viruses are going to become more prevalent on smart phones, when we start seeing more interactivity between mobile devices and desktop PCs. “We haven’t got to that point where it’s a high-level threat, but it is definitely overlooked,” Manky said. “As far as administrative access, it’s not treated as a threat.”

We haven’t seen crossover viruses yet, where a virus on a smartphone crosses over to a Windows desktop, but we’ll see it in the future (a proof-of-concept crossover virus has been written for Windows Mobile). The iPhone, and the possibility of a Google phone, means there will be more new and interactive platforms. Malware can also be launched on thumb drives that can easily make their way into an organization without being noticed.

You can have good gateway security, but all it takes is one virus to infiltrate and gain access to the network, said Manky. The virus can be engineered to dial back to the hackers and open up a Trojan, so they can then gain access to corporate information. “Everything’s becoming more financially motivated and targeted attacks are a very real scenario,” he said. “If you have someone who premeditates this, it’s very possible to open up a wealth of information.”

One solution is on the mobile device itself, where it’s able to detect attacks before the user transfers them. Proper anti-virus scanning on the desktop PC eliminates anything further.

2. Data is let loose The real risk, at this point, is in terms of the data these devices can hold, said James Quin, senior research analyst with Info-Tech Research Group. When it comes to controls that can be pushed out to these units, though, there’s not a lot out there, so it’s difficult for companies to ensure these devices can stay protected. The best thing they can do is not put data on them in the first place, both through policy and the use of blocking filters.

There’s a range of software solutions out there that typically fall under the banner of USB blockers. Rather than just completely lopping off the USB ports, they can be used to control what type of USB devices can be attached — down to a specific brand or even a specific serial number.

Any data on the device should be encrypted, but there’s still limited deployment of encryption solutions, partly due to the perception that it’s expensive and difficult to manage. Microsoft’s Encrypting File System (EFS) is part of the operating system, so it’s free, but there will be management time and costs associated with it. Other solutions on the market will cost more, but could be easier to manage. “To focus on just one area of protection opens yourself up to risks,” said Quin. “If you just focus on protecting the data on the laptop, then you’re ignoring some of the network-based security risks that can occur.”

3. Networks are wide open The network plays a key role in endpoint security. One component is authentication, being able to validate the device as it tries to gain access to the corporate network, said Darren Hamilton, category business manager for ProCurve Networking with HP Canada. The second component is continuing to check on your status and behaviour on the network — because even if you authenticate, you can still plug in that USB key in your pocket.

Page 1 of 2
Send to a Friend  Rate This Page  Print This PageAdd a new comment
Bookmark this article on:
del.icio.us| Digg it| Furl| Google| Technorati| StumbleIt| Yahoo!

Have something to say about this article? Add a new comment

If you find a comment inappropriate, You can notify the moderator by clicking the Report an innapropriate comment icon.
ADD A COMMENT
Name:*Your email address will not appear online and will be used only in the event that the editor wishes to contact you personally for additional comment.
City:
Email:
Title:*
Comment:*
* required fields



Related Content
Articles

Events

White Papers
Improving business through smart energy and environment policy
Businesses and public entities today face increasing pressure to develop policies that are both good for the planet and good for business. A framework developed by IBM offers businesses and other organizations a comprehensive approach to energy and environmental issues. The framework helps identify and prioritize environmental efforts by breaking down problems and opportunities into seven distinct business areas, which can then be segmented into manageable projects.
Copyright InformationPrivacy Policy Site MapAbout UsMedia CentreReprint ServicesMobileFeedbackContact Us
ComputerWorld Canada | NetworkWorld Canada | CIO Canada | IT Business | CDN | Direction Informatique | PCWorld Canada | Macworld Canada | IT Job Universe | my IT Vendor
©2009 ITworldcanada.com All rights reserved.