|
Zero Day Attacks
The problem
Electronic information crime turns
professionalBefore 2000, most viruses were
created by young programmers as a hobby,
maliciously, for acceptance among other virus
creators, or to promote their own political
agenda. However, in 2005 it became clear that
more virus writers and hackers were motivated by
the lucrative gains to be made by information
theft, spam, and blackmail.
Information theft
Information theft can take the form of stealing
personal information, such as credit card
details. The US Secret Service and their
international counterparts recently conducted an
operation that led to the arrest of twenty-eight
suspects who were later convicted of having
stolen approximately 1.7 million credit card
numbers. According to the US Federal Trade
Commission, 52 million account records were
stolen in 2005, and nine million Americans were
victims of identity theft, with losses adding up
to $54 billion. In 2006, there were 30 million
records compromised by security breaches.
Industrial secrets are also being targeted. In
2004, telecommunications equipment supplier
Cisco was the victim of the theft of the
operating source code for its internet routers.
In 2005 the TJX breach resulted in at least 45.7
million compromised debit and credit cards
Workstation
vulnerability
In the world of electronic information security,
the client workstation is the weak link.
Employee mobility takes the PC beyond the
protection of the company network. Even
computers behind the firewall are vulnerable to
threats induced by Internet access, electronic
mail or employee's behavior. More than 88
million Americans have been put at risk of
identity theft from data breaches since early
2005, according to the Privacy Rights
Clearinghouse, a nonprofit advocacy group. (http://online.wsj.com/article/SB115145402822192505.html)
The solution
SAASEMS offers solutions that extend the safety
of your information systems to all your
computers, even if these are used outside the
company.
Empirum Security Suite technology makes it
possible to locate the tiniest signs of an
illicit intrusion. It can also block suspect
actions without disturbing the user’s normal
work or application operations. You can create
network access policies, prevent the
installation of spyware, and control the use of
removable data storage devices such as USB keys,
or the installation of unauthorized software.
To sum it up, Empirum Security Suite offers each
network endpoint complete self-protection
against computer intrusions and information
theft.
Empirum Security Suite features to protect
against information theft
• Detection and prevention of computer intrusion
• Protection against spyware and keyloggers
• Control the use of removable data storage
devices
• Control the installation of software
applications
• Control file download and access operations
• Limit network access rights
Unsecured Mobility
The problem
Anytime, anywhere access to information has
become a critical business requirement for
today’s organizations. Executive management,
sales teams, engineers and technicians need to
use their corporate information systems in order
to do their job. However, ubiquitous access to
the information needed is also a headache for IT
administrators in charge of the security of
those systems.
Greater perimeter protection needed
Most corporate networks use multiple security
devices such as anti-virus software, network
firewalls and proxy systems; however, when a
laptop computer is used at home, in a hotel or
at the airport, most of that security
disappears.
Dangers of
mobile usage
The dangers of mobile computer usage are
two-fold. First, the laptop is outside of the
corporate network and its defenses, thus more
vulnerable to attacks. If it gets corrupted, the
whole corporate information system is at risk
when the laptop reconnects to the company
network.
Second, the employee, user or partner outside
the constraints of the professional environment
is more inclined to see the laptop as a
"personal" computer in the literal sense. This
person, with no malicious intent, may put
security at risk by using the computer for
non-corporate operations.
Data breaches cost companies an average of $5
million per incident in direct costs such as
notifying victims, according to a study by the
Ponemon Institute, an independent research
group. Corporate reputations also can suffer,
and Ponemon found that 20% of data-breach
victims cut ties with institutions that
compromised their privacy. (http://online.wsj.com/article/SB115145402822192505.html)
The solution
SAAS EMS offers solutions that extend the safety
of your information systems to network
endpoints, both inside and outside the company
network.
Empirum Security Suite technology makes it
possible to protect all aspects of a mobile
workstation, by monitoring, controlling and
protecting communications, applications,
pluggable devices and the operating system.
Empirum Security Suite features to protect
against the dangers of mobility
• Contextual security policies
• Stateful firewall
• Protection of computer network parameters
• Policy enforcement before accessing the
network
• Embedded protection against endpoint intrusion
• Control removable media and wireless
connections
• Control installation of software applications
Unenforceable Usage Policies
The problem
While information system infrastructure is
managed and controlled by IT professionals,
endpoint security cannot be disassociated from
the behavior of its user, who can unwittingly
make the network vulnerable to attacks. This is
why securing network endpoints require a
specific security approach.
Social engineering
Cyber criminals know how to exploit human nature
to get access to information systems. The term
"social engineering" refers to the practice of
deceiving a person in order to obtain important
information, such as network access codes.
One typical example of this is associating a
malicious payload to an email or an instant
messaging communication. There is always a way
to trick users in order to make them perform an
operation, which in turn will open the door to
the criminal.
Computer usage unrelated to work
Another problem is the employee who adapts the
workstation for personal use. The computer may
be used by friends or family members, as well as
the employee for games, chats, downloading
pirated software, or to watch films and listen
to music.
This creates problems in the form of increased
communications costs, as well as liability
issues involving violation of intellectual
property rights or the use of unlicensed or
pirated software.
The solution
SAAS EMS technology makes it possible to
implement security policies that cover any user
interaction with the workstation. It enables the
IT administrator to prohibit unwanted operations
such as listening MP3 audio files, or
downloading software from the Web.
With Empirum Security Suite technology, it is
also possible to apply white list policies,
meaning that only applications specifically
authorized by the IT department can run on the
endpoint.
Empirum Security Suite features to enforce usage
policies
• Preventing the user to install new
applications (even as an admin of the PC)
• Controlling communication tools (P2P, IM...)
• Controlling multimedia files
• Controlling downloading operations
• Controlling private ISP connectivity
• Controlling files received by email or instant
messaging
Removable Media
The problem
Data leaks
According to New York based AMI Partners,
studies show that 40% of all critical company
data is stored on workstations. This data, as
well as data accessible from the corporate
network, is extremely vulnerable to theft by
employees.
Companies today are investing heavily in
security infrastructures to address this
vulnerability. Ironically, all their efforts can
be destroyed with a removable storage device
such as a USB key or iPod, which are small,
light weight and easily concealable.
Data transfers can be made quickly and
secretively with these devices. Worse still,
workstations lack the means of controlling or
blocking the use of these storage devices.
Infrastructure disruption
Removable storage devices can lead to a
disruption of the communication infrastructure
by enabling employees to download massive
volumes of pirated music or films, and then
transfer them outside the organization using a
CD, removable DVD or hard disks. This behavior
is connected to theft and misuse of goods
belonging to the company, and can also expose
the company to litigation.
The solution
SAAS EMS provides the technology to centrally
control how removable media are used on
endpoints. Empirum Security Suite enables
administrators to define who can use removable
media or wireless connections to handheld
devices. Secure devices such as USB keys with
encryption or biometrics capabilities can be
authorized, while all other devices are
prevented from connecting.
Empirum Security Suite features to protect
against the dangers of removable media
• Control of USB devices
• Control of FireWire devices
• Control of CD burning
• Control of floppy drives
• Control of Bluetooth connectivity
• Control of WiFi ad hoc connectivity
• Flexible policies with white-list and
black-list approaches
In a nutshell:
|
