Network Endpoint Security News - Watch Your End

New research announced this week revealed that 88 percent of IT Administrators would have no problems stealing confidential information from their employer’s network if they were fired. And with these employees privy to all areas of the network, one can only imagine the kinds of data they could easily lay their hands on…

While the company that sponsored the research believes this is a good reason to change passwords on a regular basis, WatchYourEnd also strongly recommends organizations invest in technologies that can be used to stop the unauthorized copying of data from the network to portable storage devices such as USB sticks, MP3 players and even CDs or DVDs.

Of the 300 IT Administrators surveyed, only 12 percent claimed they wouldn’t dream of helping themselves to company data.

CSOOnline.com has released its top ten security breaches of 2007, which makes for slightly funny, hugely scary reading:

10. Monster.com and its 1.3 million customers

9. Commerce Bank of Wichita and the alleged security breach PR scam

8. Indianapolis Power and Light and 3,000 customer names, social security numbers etc

7. TSA and the case of the missing laptops

6. Shaw’s Supermarket and the social security passwords

5. Swedish Urology Group and the hard drives containing personal information (excuse the pun)

4. The Nature Conservancy and the polluted websites

3. TSA (part II), another 100,000 records lost

2. HM Revenue and Customs, 25 million records ‘in the mail’

1. TJX Maxx. No need to say more…

Get the full low-down on csoonline.com

A cross-party group of UK politicians has called for an identity theft ‘czar’ to take a central role in liaising between the Government, police and private sector organizations.

The committee also want to see an increased focus from the police as well as a Government-backed campaign on raising awareness of the risks of identity theft. Despite recent concerns over the role social networking sites have in facilitating ID theft, the UK Members of Parliament (MPs) suggested that sites like Facebook might be a good medium to help get the message across to target groups such as young adults.

According to a report from the BBC, identity theft is believed to have caused the UK economy £1.7bn ($3.4bn) last year.

However, WatchYourEnd believes that there is still not enough focus on organizations to protect the personal information held on their networks. It is vitally important that consumers learn to properly destroy credit card receipts, statements etc - but also critical that organizations which hold our data do not leave gaping holes in the network security.

According to a series of reports issued this year by analyst firm, Gartner, there is a new civil war erupting between IT departments and end users. And the signs are that the IT departments are losing.

Thanks to technological ‘advances’ such as cheap portable memory, more and more end users are feeling inclined to disregard the way IT wants them to work and instead create their own rules for acceptable behavior and security practices. The result, in many cases, is not only a loss of control for the IT team, but a greater risk of security breaches both on and off the network.

According to Gartner, USB sticks were the top-ranked (of six) technologies that are creating a headache for IT departments. The challenge to the IT department is to find a way to both accept their presence on the network but also ensure they do not represent a unncessary security risk. As such, the analyst firm recommends that organizations investigate a combination of endpoint security software to manage which users can and cannot use such devices - as well as investing in ’secured’ devices which offer some level of protection if the device is lost or stolen.

More on Tech Republic

On the same day we reported the theft of a National Health Service (NHS) laptop resulting in the possible ID theft of 30,000 employees, one WatchYourEnd contributor found himself on an evening train home from London sat opposite what appeared to be a senior NHS manager (it said “Property of NHS” on his laptop, anyway).

Imagine our man’s surprise then, when said manager got up and left his PC unattended on the table for 10 minutes while he visited the buffet car, took a stroll, or whatever takes 10 minutes on a commuter train! Let’s just think about that again; on the same day the media critizes the organization for losing 30,000 records, a staff member leaves his computer open for anyone to steal or otherwise tamper with on a train…

Let’s just say the temptation for our man to insert a USB drive loaded with “slurpaudit.exe” into the guy’s computer was tough to resist. Maybe we would have found another 30,000 records for the NHS to worry about.