• 		Enterprise Infrastructure
  Data Centre Servers and Mainframes Storage and Storage Sub-Systems Operating Systems Systems Management Peripherals Virtualization

• 		Communications Infrastructure
  Network and Management Planning Performance Management and Monitoring Network Devices Unified messaging Carriers and Cellular Wireless LAN

• 		Information Architecture
  Service Oriented Architectures Messaging and Collaboration Databases Data Warehousing Identity Management

• 		Integrating IT
  Development Environments Tools and Languages Project Management Middleware / Utilities Outsourcing and Application Service Providers (ASP)

• 		Departmental and End User Computing
  Personal Systems and Peripherals Personal and Portable Devices Personal and Office Productivity Applications Small-Area Networking (SAN) Help Desk and End-User Support Mobile Applications Future Technology

• 		Enterprise Business Applications
  Enterprise Resource Planning (ERP) Business Intelligence and Data Mining Enterprise Portals Open Source and Linux Online Retailing and Ecommerce Customer Relationship Management (CRM) and Customer Self-Service Supply Chain Management (SCM)

• 		Security
  Security Products, Practices and Infrastructure Disaster Recovery / Business Continuity Hacking and Viruses Alerts, Patches and Fixes Privacy Issues

• 		Voice Data and IP
  Carriers and Service Providers Protocols and Standards Hardware, Software and Emerging Applications Regulatory Issues

• 		IT Workplace
  Human Resources Issues Hiring and Retention Careers and the Job Market Salaries and Benefits Education and Training Consulting and Contracting Knowledge Management Knowledge Worker Tools

• 		Leadership
  Issues for CIOs Budgeting / IT Alignment Value Management and ROI Human Capital Management Best Practices Industry News IT Executive Development

• 		E-Government
  Case Studies and Best Practices From Canada and Internationally Legal and Government Policy Issues Management Issues Privacy and Security

• 		The good the bad and the ugly
  The good The bad and the ugly Useful and fun tips

• 		Green IT
  E-Waste and Recycling Hardware lifecycle management Power and cooling Paper and printers Green thinking

• 		News Briefs
  Breaking News

• Blogs

• Salary Calculator

• IT Executive Development Series

• Video Library

• IT World Canada Technology News Daily ITwire Global Newswatch

• Slide Show Library

• White Papers

• Product Reviews

• Careers

• ITWorld Canada RSS Feeds

End the endpoint security breaches

Advertisement

Many companies do a good job of protecting their perimeter. They install firewalls to keep the bad guys out of their corporate network. They use anti-virus software and intrusion detection. But with the proliferation of mobile devices — from smartphones to USB keys — it’s becoming easy to bypass that perimeter security and go straight to the endpoints. And that’s why endpoint security is becoming such a critical part of an overall security strategy.

But most companies aren’t even focused on protecting laptops, let alone mobile and mass storage devices. “They consider them nothing more than desktop computers,” said Claudiu Popa, president of Informatica Security Corp. “It’s just another category in their technology inventory — they don’t realize those systems need to be differently secured than desktops because they spend time in cars and left on the kitchen counter at home.” There’s a tremendous increase in the number of break-ins that result in data theft, he added, but they take place at the employee’s home rather than the workplace.

With mobile devices, it’s possible to bypass most of a company’s gateway security and get right down to the endpoints. And that highlights the need for endpoint security, said Derek Manky, security research engineer with Fortinet.

1. Smart phones have dumb security Viruses are going to become more prevalent on smart phones, when we start seeing more interactivity between mobile devices and desktop PCs. “We haven’t got to that point where it’s a high-level threat, but it is definitely overlooked,” Manky said. “As far as administrative access, it’s not treated as a threat.”

We haven’t seen crossover viruses yet, where a virus on a smartphone crosses over to a Windows desktop, but we’ll see it in the future (a proof-of-concept crossover virus has been written for Windows Mobile). The iPhone, and the possibility of a Google phone, means there will be more new and interactive platforms. Malware can also be launched on thumb drives that can easily make their way into an organization without being noticed.

You can have good gateway security, but all it takes is one virus to infiltrate and gain access to the network, said Manky. The virus can be engineered to dial back to the hackers and open up a Trojan, so they can then gain access to corporate information. “Everything’s becoming more financially motivated and targeted attacks are a very real scenario,” he said. “If you have someone who premeditates this, it’s very possible to open up a wealth of information.”

One solution is on the mobile device itself, where it’s able to detect attacks before the user transfers them. Proper anti-virus scanning on the desktop PC eliminates anything further.

2. Data is let loose The real risk, at this point, is in terms of the data these devices can hold, said James Quin, senior research analyst with Info-Tech Research Group. When it comes to controls that can be pushed out to these units, though, there’s not a lot out there, so it’s difficult for companies to ensure these devices can stay protected. The best thing they can do is not put data on them in the first place, both through policy and the use of blocking filters.

Advertisement

There’s a range of software solutions out there that typically fall under the banner of USB blockers. Rather than just completely lopping off the USB ports, they can be used to control what type of USB devices can be attached — down to a specific brand or even a specific serial number.

Any data on the device should be encrypted, but there’s still limited deployment of encryption solutions, partly due to the perception that it’s expensive and difficult to manage. Microsoft’s Encrypting File System (EFS) is part of the operating system, so it’s free, but there will be management time and costs associated with it. Other solutions on the market will cost more, but could be easier to manage. “To focus on just one area of protection opens yourself up to risks,” said Quin. “If you just focus on protecting the data on the laptop, then you’re ignoring some of the network-based security risks that can occur.”

3. Networks are wide open The network plays a key role in endpoint security. One component is authentication, being able to validate the device as it tries to gain access to the corporate network, said Darren Hamilton, category business manager for ProCurve Networking with HP Canada. The second component is continuing to check on your status and behaviour on the network — because even if you authenticate, you can still plug in that USB key in your pocket.