CISO

Enterprise Information Security

Data loss prevention

by 1 Comment

Businesses are driven by data. Global organizations need  more than network security to protect their confidential data and sensitive information.The protection of data itself is equally important. In any organization, data is being stored and transmitted across the systems, LAN, WAN and many times in the internet. This creates a major vulnerability within organizations and businesses are recognizing this vulnerability and the need to secure not just the network but also the data that is stored and transmitted across it.

Data Loss Prevention

Data Loss Prevention is the solution mostly sought after for data protection. Data loss prevention is a category of information security tools which helps organizations to prevent the unauthorized distribution or loss of sensitive information. A typical Data Loss Prevention solution should have three main components namely:

  • Endpoint Security: Provides the data loss prevention at the endpoint. Many implementations are focused on controlling the connectivity such as Bluetooth, wireless etc. Most implementations controls the USB and other removable media access
  • Gateway Security: Next avenue for data loss is through the network gateway.s typically, web gateway and email gateway. People tend to upload files to the internet; a Secure Web Gateway helps you in preventing file uploads, text upload and also could act as a content aware DLP solution. Secure Mail gateway.s allows you to setup what is allowed to sent and what is not. Secure Mail Gateway.s are also capable of acting as content aware DLP solutions
  • Storage Security: Protection of data at rest is the third component of a DLP solution.  For example, when an authorized user copies sensitive files to a USB, the storage security component kicks in and encrypts the data protecting the data while at rest

The DLP products alone will not provide complete protection, unless it is backed with strong policies and processes.

10 resolutions for New Year 2012

by 1 Comment

All of us take resolutions in the new year. What is followed and what will be left out are points of discussion beyond this post, however, most of us make resolutions. Here is a list of resolutions you can take this new year. If you hold on to it, better it is.

  1. I will use strong Passwords : Change all your passwords into a stronger one. Try this post on Securing your password, which will help you build better passwords
  2. I will not reuse passwords: Password reuse enables someone who hacked one of your account to hack another account of your on another service including the bank accounts. Try some of the password managers
  3. I will install an Antivirus: If you haven.t installed one, use an antivirus software. Configure it to automatically download the virus definitions and updates
  4. I will think thrice before posting anything on the internet. Internet is not a safe place at all and anything personal you post in the online social networks will be soon public
  5. I will keep my PC updated: Botnets are being built by the friends in the other side of the internet. If you want to be away from being part of the botnets, it is better to keep the systems patched and updated. This gives no guarantees as the hackers can hack into the systems using vulnerabilities which are not public
  6. I will not click on links in the email claiming to be from a bank: I understand that it could be a fake email trying to get my passwords or install some malware on my system. Reading How to avoid phishing scams and Tips for keeping your online accounts secure can give some insights
  7. I will protect my wireless connection: Protecting wireless network is your responsibility. If not protected, people may use it to leach your bandwidth and more importantly, the actions performed by them will be counted by the ISP and legal institutions as performed by you.
  8. I will not use USB drives obtained free: USB drives are a new type of threat agents, if you get it free, it often contain some add-ons. This is true especially when the giver is not known to you and has no visible benefit when given to you like monitory benefit. However, it can later become an issue as these devices could contain rootkits and malware
  9. I will use encryption: Using encryption helps you protecting confidential data from attackers. Most of us use laptop computers and often it get lost to the public. Once lost, it is lost along with your data. Protection of the confidential data is important and encryption is the best way to protect the data. Also, it is the case with mobile phone.
  10. I use secure erasing tools for file deletion: Deleting and emptying the files from recycle bin will not actually delete files from the computer hard disks. Using secure erase software’s will ensure that the files are actually erased from your hard disks ad ensure protection.

These are some of my thoughts for new year resolution on the security front. If you think there are better ones, do share with me.

Wish you all a Happy and Secure New Year

Disk Space attacks

by Leave a Comment

Disk space attacks are a form of resource utilization attacks resulting in denial of service. Disk space if a finite resource in the computers. If it is fully utilized, systems would fail in further processing the computing requests. The options available are to remove some of the existing data or add new disk space.

It is difficult to add new disk space if you do not have a enterprise class server with hot pluggable disk arrays. Removing files are not very easy if you do not know which are to be deleted and which files need to be kept

One of the countermeasure mechanism is to have some large files kept in a pre-planned folder in your computer. If it is your personal computer, keep some movies, music etc. so that the you have some utilization of the disk space at the same time it can used as the counter measure for the disk space attacks.

Reserving some considerable space for such attacks would help you delete this folder / file and release some space for computing. This gives a breathing space for you to do the analysis and mitigation for the real problems