Forget endpoint security for a moment, how about endpoint fire hazards. Take a look at what group in Japan “cooked up,” they modified a computer to make their own USB powered BBQ, using 30 USB ports spread out across five PCI cards.
Make sure your IT staff are fed, or you just might find one of these suckers cooking steaks in your data center.
A new “security” application has popped up that when installed on your computer will copy files from any USB flash drive installed to it silently in the background. I don’t think you need to think too deeply on the security threat this can pose. This application doesn’t just copy the files from a USB drive, but actually makes an image of the USB drive, this becomes a larger problem as someone with malicious intent can use undeletion tools to recover files that were deleted from the drive.
Now in addition to dealing with data theft we have to start being careful where we stick our drives. Encrypting your USB drives is becoming more and more important as these internal hacking techniques become more and more predominant.
Network administrators need to begin taking these risks seriously, Windows does not provide any sort of security out of the box to these endpoint security threats. DeviceWall from Centennial Software is a product that will help manage the risk these threats pose, as it has built in encryption for USB drives as well as allowing administrators to decide who is allowed to plugin what devices to their USB ports, Firewire ports and even who can read/write to CD-ROMs and other removable media devices such as iPods, USB Flash drives and smart phones.
According to the latest figures from the FBI, organizations with annual sales of over $1bn invest just $218 per employee on IT security. In stark contrast, smaller companies are being forced to invest as much as $1664 per employee to combat internal and external threats.
As with previous years, the predominant risks continues to be internal security breaches - accounting for 68% of incidents overall. A majority 52% of organizations said their systems had been accessed by unauthorized parties.
According to the survey, the key causes of financial loss to an organization are:
1. Virus infections
2. Unauthorized access
3. Laptop / PDA theft
4. Theft of proprietary information
UK recruiter, Office Angels, has hailed the arrival of the GOSSIP - Gadget Obsessed Status Symbol Infatuated Professional - in the workplace. According to their recent study, 67% of office workers see IT gadgets as the ultimate status symbols with the most coveted items including an iPod Nano, Blackberry and USB memory stick.
And it seems that one mobile phone just isn’t enough, with 45% of respondents regularly briging at least two devices into the workplace.
Unsurprisingly, what the study fails to focus on is the wider impact this infatuation with IT gadgets has on the employer. With more and more personally-owned devices finding their way into the workplace - and more often than not, being connected to a company PC - organizations are increasingly at risk of malicious and accidental data leakage.
Putting aside questions of whether belief in such status symbols is good for the soul, the rise of the GOSSIP is something every IT security professional should be worried about.
The greatest risk to your IT systems comes from outside the organization, right? Wrong. Author of “Defeating the Hacker”, Robert Schifreen, has teamed up with Centennial Software to offer free webinars on September 13th and 26th at 1:30PM (UK time), to help you understand and combat the internal security risks facing your network:
