"The Unified Move"- Embracing a unified approach with UTM

Below is an excerpt from the article " The Unified Move - The security market is increasingly embracing an integrated approach with UTM" by Shanteri Mallaya appearing in the Security Feature section of ChannelWorld.

Enterprises in India are showing willingness to leverage technology at their disposal to protect their most vital corporate assets from external and internal trouble. As a result, IT security has become and will continue to remain de facto. The challenge lies in using the right security component in warding off threats, filtering content, and keeping organizations safe. As companies are in pursuit of the panacea to their security requirements, there is a tilt towards looking at a holistic, cost-effective, durable solution instead of a makeshift approach.

Agrees Venkata Ramana Murthy, prime Mover at 22by7, "the individual, niche component of UtM functionality — say a component filtering mechanism may not necessarily be superior in performance to that of a niche vendor." Nevertheless, the channels are fairly receptive to the UtM idea. This is an emerging technology that throws up new business opportunities for them at a time when conventional technologies are not getting them sufficient margins or giving cross-selling opportunities anymore.

Mr. Murthy of 22by7 adds, "UtM is a successful single point alternative that i can pro-pose to customers."

Venkata Ramana Murthy of 22by7 concludes, “Globally, there is a trend towards the virtual machine, so all security standards have to evolve towards this. Businesses providing security solutions have to look at this seriously and evolve best of breed solutions."

For the full article, please read the issue of ChannelWorld dated Feb 15 2009.

Identify ME!! Securing Your Future with Two- Three Factor Authentication

What is Authentication?

Authentication (from Greek αυθεντικός; real or genuine, from authentes; author) is the act of establishing or confirming something (or someone) as authentic, that is, that claims made by or about the thing are true. This might involve confirming the identity of a person or assuring that a computer program is a trusted one.

What is an Authentication Factor?
An authentication factor is a piece of information and process used to authenticate or verify a person's identity for security purposes.

What is Transactional Authentication?
Transaction authentication generally refers to the Internet-based security method of securely identifying a user through two or three factor authentication at a transaction level, rather than at the traditional Session or Logon level.

Types of Factor Authentications:

1. Two Factor Authentication: Two-factor authentication is a security process in which the user provides two means of identification, one of which is typically a physical token, such as a card, and the other of which is typically something memorized, such as a security code. In this context, the two factors involved are sometimes spoken of as something you have and something you know. A common example of two-factor authentication is a bank card: the card itself is the physical item and the personal identification number (PIN) is the data that goes with it.

2. Three Factor Authentication: is a security process in which
the user has to provide the following three means of identification:
• Something the user has (e.g., ID card, security token, software token)
• Something the user knows (e.g., a password, pass phrase, or personal identification number (PIN))
• Something the user is or does (e.g., fingerprint or retinal pattern, DNA sequence, signature or voice recognition, unique bio-electric signals, or any other biometric identifier)

A few examples of the factors that could be used as SOMETHING THE USER HAS:

Tokens: The most common forms of the 'something you have' are smart cards and USB tokens. Differences between the smart card and USB token are diminishing; both technologies include a microcontroller, an OS, a security application, and a secured storage area.
Biometrics: Vendors are beginning to add biometric readers on the devices, thereby providing multi-factor authentication. Users biometrically authenticate via their fingerprint to the smart card or token and then enter a PIN or password in order to open the credential vault.
Phones: A new category of T-FA tools transforms the PC user's mobile phone into a token device using SMS messaging or an interactive telephone call. Since the user now communicates over two channels, the mobile phone becomes a two-factor, two-channel authentication mechanism.
Smart cards
Smart cards are about the same size as a credit card and perform both the function of a proximity card and network authentication. Users can authenticate into the building via proximity detection and then insert the card into their PC to produce network logon credentials. They can also serve as ID badges.
Universal Serial Bus
A USB token has different form factor; it can't fit in a wallet, but can easily be attached to a key ring. A USB port is standard equipment on today's computers, and USB tokens generally have a much larger storage capacity for logon credentials than smart cards.
OTP Token: Some manufacturers also offer a One Time Password (OTP) token. These have an LCD screen which displays a pseudo-random number consisting of 6 or more alphanumeric characters (sometimes numbers, sometimes combinations of letters and numbers, depending upon vendor and model). This pseudo-random number changes at pre-determined intervals, usually every 60 seconds, but they can also change at other time intervals or after a user event, such as the user pushing a button on the token. Tokens that change after a pre-determined time are called time-based, and tokens that require a user event are referred to as sequence-based (since the interval value is the current sequence number of the user events, i.e. 1, 2, 3, 4, etc.). When this pseudo-random number is combined with a PIN or password, the resulting pass code is considered two factors of authentication (something you know with the PIN/password, and something you have from the OTP token). There are also hybrid-tokens that provide a combination of the capabilities of smartcards, USB tokens, and OTP tokens.

Advantages Of using 2/3 Factor Authentication:
1. Drastically reduce the incidence of online Identity Thefts, phishing expeditions and other online frauds.
2. Ensures that you have a very strong authentication method in place.
3. Increases the confidence and trust levels of the users interacting with your network.
4. Adheres to the compliance rules of various standards especially if you are in the financial domain.
5. Ensures that you have sufficient levels of security to thwart any attacks on your network.
6. It allows you to provide secure remote access to your network.

Reference: Wikipedia.
Image Source: www.koshatech.com/images/solutions_img.jpg
www.info.gov.hk/.../images/2_factors.jpg

Say Good Bye to Data Leakage--

A recent survey of top security professionals carried out by a leading Consultancy firm revealed some scary but realistic statistics:

1 in 3 companies investigated a breach of confidential data last year.

1 in 4 companies experienced an “embarrassing” leak of confidential information.

1 in 5 emails contains a legal, financial or regulatory risk.

If you are like most corporations, you are finding yourself in the midst of an information explosion. Sensitive data is no longer controlled under lock and key in data centres or file cabinets. Sensitive data is everywhere. This data is an easy prey to leakage which will hamper the competitive advantage that you may have in the market.

This is where Data Leak Prevention (DLP) technology/products come to your rescue.

What is DLP?

DLP is nothing but the use of various techniques to prevent critical data from unnecessarily leaving the organization. DLP products can be defined as:

“Products that, based on central policies, identify, monitor, and protect data at rest, in motion, and in use, through deep content analysis.”

Some of the most common techniques used in these products to detect and prevent unauthorized extrusion of data are:

1. Rule bases/ Regular expressions

2. Database fingerprinting

3. Exact File Matching

4. Partial Document Matching

5. Statistical Analysis

6. Conceptual/Lexicon

7. Predefined Categorization.

What are the main features to look out for in a DLP solution?

In this day and age, it is impossible to expect your employees to be fully cognizant and ready to comply with all data protection compliance rules. Hence look for a DLP technology that can:

1. Protect sensitive data without slowing down your business or frustrating employees trying to do their job.

2. Meet data protection compliance guidelines through the ability to encrypt, redact, block or quarantine sensitive data before it damages your business.

3. Real time performance

4. Virtually zero false-positive rates.

Top Security Breaches - 2007

David Hakala on January 22, 2008

Every year sees a fresh crop of security breaches. Most go unreported, unless they involve consumers' personal data, at which point companies are required to give timely public notice of security breaches. The following list of 2007's worst security breaches consists mainly of such reportable incidents. The incidents are sorted in descending order of severity based on how many individuals were potentially affected.

Note that remote hackers played a role in a small minority of cases. Most data losses occurred because laptops, tapes or disks were not properly secured. It is a never-ending struggle to get users to adhere to physical security protocols.

Jan 17, 2007: The TJX Companies Inc. (which operates T.J. Maxx, Marshalls and other stores) announced that it suffered an “unauthorized intrusion” into its computer systems that process customer transactions. The company subsequently revealed that the hackers had access to between 46 million and 215 million customer records for 17 months. The costs of this breach have reportedly reached $216 million, and the lawsuits are still flying.

July 3, 2007: Some 8.5 million customer records were stolen by a database analyst employed by Certegy Check Services Inc., a subsidiary of Fidelity National Information Services. The theft included credit card and bank account data, as well as other personal information. In November 2007, the employee pled guilty to conspiracy and fraud charges. A California class-action lawsuit against the company and its parent alleging negligence remains pending.

Sept. 15, 2007: Online stockbroker TD AMERITRADE’s computer system was infiltrated by hackers, who stole up to 6.3 million customer contact records including names, addresses and phone numbers. The hackers were able to install a backdoor program on the company's server, which gave them access.

April 10, 2007: A CD containing the personal information of 2.9 million Medicaid and child health care insurance recipients was lost in shipping. Officials would not reveal whether the data was encrypted. The data was being shipped from an Atlanta office of Affiliated Computer Services Inc., which manages claims for the state, to another contractor in Maryland.

Aug. 23, 2007: Monster revealed that intruders using legitimate usernames and passwords entered its system and made off with 1.3 million jobs seekers' records, including email addresses, names, home addresses and phone numbers.

Sept. 28, 2007: A laptop containing the personal information — including Social Security numbers — of 800,000 employment applicants was stolen from the offices of a third-party vendor that manages application data for fashion retailer Gap Inc.

July 20, 2007: SAIC, a Pentagon contractor, failed to encrypt data on 580,000 military households before transmitting it over the Internet. The data included names, addresses, birth dates, Social Security numbers and health information. The data was stored on an unsecured server.

June 15, 2007: In Ohio, a backup tape stolen from a 22 year-old intern’s car contained the names and Social Security numbers of all 500,000 state employees, plus 225,000 similar records of taxpayers.

Oct. 4, 2007: The Massachusetts Division of Professional Licensure, responding to public-records requests from marketers, mailed out disks containing the names and addresses of 450,000 licensed professionals in the state. Then, the division hurriedly mailed letters to all 450,000 professionals saying that their Social Security numbers had been included inadvertently. All but two of the disks were recovered.

May 19, 2007: Hackers broke into the network of the Illinois Department of Financial and Professional Regulation in January 2007 and accessed nearly 300,000 records regarding licensed professionals and applicants for licenses. The breach was discovered on May 3, 2007.

Aug. 23, 2007: A laptop containing 280,000 records about city retirees was stolen from a consultant to the City of New York Financial Information Services Agency as he sat in a restaurant.

Dec. 5, 2007: The names and Social Security numbers of 268,000 blood donors were on a laptop stolen from Memorial Blood Centers in Duluth, Minn.

March 30, 2007: Three laptops were stolen from the offices of the Los Angeles County Child Support Services. The data included 130,500 Social Security numbers — most without names — 12,000 individuals’ names and addresses, and more than 101,000 child-support case numbers.

May 19, 2007: A computer was stolen from the Texas Commission on Law Enforcement Standards and Education. It contained the names, home addresses, driver-license numbers, birth dates and Social Security numbers of every licensed law enforcement officer in the state — some 230,000 individuals.

Oct. 30, 2007: Three backup tapes containing 230,000 records of The Hartford Financial Services Group Inc.'s customers were misplaced.

Oct. 23, 2007: West Virginia Public Employees Insurance Agency notified 200,000 current and past members of its insurance programs that a computer tape containing names, addresses, phone numbers and Social Security numbers was lost while being shipped via United Parcel Service of America Inc.

May 14, 2007: A virus that could have allowed a hacker access to 197,000 records about students at College of Southern Nevada attacked a server, but the school is not sure whether any data was actually taken.

Jan. 26, 2007: Tapes containing names, Social Security numbers and other data regarding 196,000 Wellpoint Anthem Blue Cross Blue Shield customers were stolen from a lockbox held by one of the company’s contractors.

Nov. 16, 2007: Tae Kim, a former auditor for the U.S. Department of Veterans Affairs, was arrested after being caught using fraudulent credit cards. His home computer contained 1.8 million records on Veterans Affairs medical patients pertaining to 185,000 unique individuals.

Source

Back up your Data!

PC and Data Safety Tips
To quote a friend of mine, "There are only two kinds of hard drives: the  ones that have already crashed
and the ones that will eventually crash."
This is a very true statement. If this hasn't happened to you yet, don't  worry - it will.
To be prepared for a disaster like that, you should back  up your data - ALL your data.
To make this process easier, you should have  your data well organized on your hard drive.
That My Documents folder in  Windows is there for a purpose. You should keep all your files in that  folder,
no matter if they are Word documents, Excel spreadsheets, pictures, whatever.
That way you can simply backup just that folder instead of having  to go hunt on your hard drive trying to
remember where you put all your  files.
You can actually set up almost every decent program to save its  files into a folder you specify.
Take a few minutes to do that, you will be  grateful later. 

You probably noticed that I said earlier "most of your data".
Most people  forget that there is more than just your Word documents.
What about your  bookmarks that you accumulated over the years? Your e-mail addresses?
The  saved game of Quake that took you three months to get to that level?
Unfortunately, this type of data cannot be stored in the My Documents  folder.
So be sure that you don't forget to back up that information as  well.   

Backup Methods
If you don't have much on your PC, you might get away with copying a few  files to a few floppies.
Chances are though, that you need a lot more  space.
Thankfully there are several options that make it easy.
A very popular tool is the Iomega zip drive. It holds 100 MB of data per  cartridge and can
easily be transported.
Tape drives are relatively cheap, but slow, and the tapes are very  sensitive to heat etc.
Another possibility is to back up to another hard drive, either a second  drive in your PC or another
hard drive in another PC if your PC is  connected to a network.
A new and increasingly popular way is to back up to a CD burner.
You can  get a re-writeable CD burner that will let you reuse the same CD for your
backups over and over.
You can also use the CD burner to make your own  personalized music CDs.
My personal recommendation is the Hewlett Packard  8100i.   

Make an Emergency Disk  If your hard drive crashes or your PC won't boot anymore
for whatever  reason, you need a bootable floppy disk.
You can create this easily in  Windows 98 by going to
Start/Settings/Control Panel/Add Remove  Programs/Startup Disk/Create Disk.
This will create a bootable floppy with  CD ROM support that will be very valuable to you when
that moment comes.
In Windows 95, this process is a little more complicated as the floppy will  not automatically support the
CD ROM drive.
You need to manually copy the  drivers to your boot disk. 

Power Protection  A very important factor that is often neglected is the supply of power to  your PC.
If you live in an area with frequent power outages, regular  brownouts or in a house with bad wiring,
this could cause data loss on your  PC.
To prevent this, you should consider getting an uninterruptable power  supply, or UPS.
It will alert you when the power drops or completely  disappears, and provide you with 5 to 10 minutes
(depending on the model)  of battery power to give you time to save your data and shutdown your PC
properly.
My personal recommendation is APC.   

Cooling  There is a lot of heat produced inside your PC, mainly by the main  processor, but also by other
devices like CD drives, hard drives, video  cards, etc. If the temperature gets too high,
your PC will start behaving  very oddly including crashes.
Make sure that you have proper cooling inside  the case, preferably one fan that blows cool air
into the case and another fan that pushes the warm air out.
Your PC should have some room to breathe,  don't cram it into a tight corner.
Check that the fans are not cover by  dust. 

Virus Protection  Every time you download a file from the Internet, get a floppy from a  friend,
bring a file home from work, you expose your PC to the risk of  getting a virus.
Viruses can be very devastating on your PC, including  corrupted files, deleted files and erased hard drives.
To protect yourself,  you should install a professional virus checker, such as Norton Antivirus  from Symantec.

Stay Current  If you are running old programs that were designed for Windows 3.x you  should
see if there is a newer version available that was designed for  Windows 95/98.
Also, about once a year you should make a list of all the  hardware that you have installed on your PC,
such as video card, printer,  sound card, etc. and visit the manufacturer's web site to see if there are
newer drivers available.   

Keep it clean  The more programs you run, the higher your chances for crashes are.
Don't  install programs without doing some research first.
If you don't use a  program anymore, uninstall it.
If it is a beta version, it does not belong  on a PC that has important data on it.
Be especially careful with little  unknown or custom written programs that you download from the Internet.
It could contain a virus or could be written by a hobby programmer with good  intentions but bad QA skills.   

Third Party Utilities  Be careful with all those third party utilities out there, such as  uninstaller,
diagnostic, optimization and other programs.
A lot of them are  very intrusive on your system and cause more problems than they fix.
The  only party benefiting from them is the manufacturer who rakes in your cash.
Windows 98 already comes with many diagnostic tools that make most of the  third party utilities redundant.
The only two tools that don't come with  Windows and that have proven to be invaluable for me are
Symantec's Norton  Antivirus and Power Quest's Partition Magic 4.0. 

Source : PC911