Global Investigators & Security Consultants
0333 6000 300

Computer Security

Controlling and Protecting Company Data in a Mobile World

  • 3:15 pm
  • 0. comments
  • In this increasingly data-driven world, corporate security is more important than ever before. This concept is even more prevalent with the rise of the modern smartphone. Although these devices are quite convenient, the chances of proprietary information becoming lost, corrupted or stolen have dramatically increased. An employee could leave a company and no longer be authorised to view private data or a phone may be lost and fall into the hands of criminals and similar fraudsters. Intellectual property theft is therefore a very real concern. When we combine these threats with ever-advancing mobile phone hacks, it becomes clear that powerful solutions need to be put in place. What are some of the latest systems designed to mitigate the risks of this data loss?

    XenMobile

    Like many other systems, XenMobile addresses the issue of mobile device management (MDM). Secure email, document sharing, cloud-based solutions and the ability to effectively wipe all data should a device be lost are some of the techniques that this software employs.

    Symantec Mobility

    This mobility suite offers protection at important data access points such as the device, the application and the data layers themselves. Proprietary systems help to ensure that threats such as malware, unauthorised viewing and leakage are adequately addressed. Another key benefit here is that company-centred applications can be located alongside personal apps; neither of which will interfere with the other.

    Druva

    Enterprise-grade security is a defining feature of the enterprise mobility systems provided by Drupa. Cloud-based storage is shielded from third-party eyes through the use of two-factor encryption. This will prevent any unauthorised individuals from viewing important data. Remote deletion capabilities as well as location monitoring can effectively deal with any threat as soon as it becomes known. All of these features are backed up with centralised monitoring; offering management and the end user superior levels of transparency.

    IBM MobileFirst

    IBM MobileFirst offers a number of security solutions which are based around the needs of the business. These include device security and content security. Furthermore, both applications and communications can be hidden from prying eyes thanks to robust levels of encryption alongside systems such as multi-factor authentication (amongst other methods).

    ManageEngine

    This company offers a framework known as Mobile Device Manager Plus. Permissions based upon the role of the employee, the ability to immediately wide remote data, geolocation tracking and the blocking of commercial applications while on company premises are a few mobile security solutions offered by ManageEngine.

    The Critical Concept of Encryption

    All of these systems share one thing in common. Each employs a proprietary encryption system to dissuade and prevent intellectual property theft from a mobile device. This is important, for many employees may use passwords that are considered to be rather weak. Should an employee copy data onto his or her phone and their PIN number be similarly vulnerable, fraud and theft are an even greater possibility. Whether accidentally or to view this data from the convenience of home with no bad intentions, the threat is just as real.

    In these and other cases, encryption will always play an important role. Not only should peer-to-peer (P2P) encryption systems be used, but there can also be times when the data itself is encrypted. This will require another password in order to be viewed. Such a concept is an excellent redundant security feature and many systems will make use of multiple levels of encryption.

    Increased Threats

    Ultimately, mobile security and intellectual property theft are both growing concerns. Due to the sheer number of these devices and the presumption that their presence within the corporate world will continue to grow, companies should take these possibilities very seriously. What also should be mentioned is the rise of 4G connectivity. As this allows massive amounts of data to be downloaded, the potential of such information to be compromised obviously increases. Whether from the loss of a device or an intentional breach of traditional firewalls, more innovative solutions need to be put into place. The examples that we have seen are only a handful of the solutions that now exist. Still, their methods will continue to evolve alongside the threats that will likewise advance.

    Mobile device management is an area that must be taken quite seriously by any company. Theft, fraud and data corruption can cost an enterprise untold amounts of money while placing their proprietary information in jeopardy. These solutions are effective ways to address and nullify such threats within real-world scenarios.
    Surelock Global Investigators and Security Consultants are also well qualified (with a wealth of experience and knowledge) to provide advice in matters of corporate and personal security.

    read more
    by Alex

The Device that Can Help Block Wireless Surveillance

  • 8:27 am
  • 0. comments
  • A team of artists, technologists and designers in Germany have created a device which they believe can block wireless surveillance.

    The gadget, no bigger than a laptop charger that plugs into a wall and patrols the local Wi-Fi network for connected Google Glass devices, along with other potential surveillance gadgets like Google Dropcams, Wi-Fi-enabled drone copters, and certain wireless microphones. When it detects one of those devices, it can be programmed to flash an alert with an LED light, play a sound through connected speakers, and even ping the Cyborg Unplug owner’s smartphone through an Android app, as well as silently booting those potential spy devices from the network.

    unplug-glass-inlineThe Cyborg Unplug will be offered in two versions: A cheaper version called “Little Snipper” equipped with only an LED blinker alert and higher-end version, dubbed “the Axe,” will also include the Android app, an audio connection to any nearby speakers for an audible beeping alert, and a 5G Wi-Fi connection often used by businesses as well as the more common 2.4G connection.

    Cutting the Wi-Fi uplink of surveillance gadgets will not prevent snooping if the data are stored locally on the device. In fact, Cyborg Unplug wouldn’t even detect any Glass user who doesn’t attempt to connect to Wi-Fi. However, it would at least make it more difficult to surreptitiously stream video or images to a remote location without leaving evidence on the snoop’s local device. “A casino owner, for instance, might catch someone with some device and take it off them, but could never prove they were recording because they were streaming to somewhere else,” Oliver says.

    http://www.bbc.co.uk/news/technology-29801921

     

     

     

     

     

     

     

     

     

    read more
    by dave

The Dangers of USB Devices Exposed

  • 7:33 am
  • 0. comments
  • USB Stick#001USB devices are attached to computers every day and most users will be unaware of the risks involved.  However, security researchers, Adam Caudill and Brandon Wilson, have written computer code that can be used to exploit a flaw in the software that helps devices connect to computers via USB.   The biggest problem they discovered lurks in the onboard software, known as firmware, found on these devices.

    The two computer researchers have publicised their findings at the DerbyCon hacker conference last week and have made their attack software freely available via code-sharing site Github.  “We’re releasing everything we’ve done here, nothing is being held back,” said Mr Wilson in a presentation at DerbyCon. “We believe that this information should not be limited to a select few as others have treated it,” he added. “It needs to be available to the public.”

    The first public disclosure of the USB flaw or BadUSB was made at the Black Hat computer security conference in August by Karsten Nohl and Jakob Lell.  Responding to the release of the attack tools Mr Nohl told the BBC that such “full disclosure” can motivate companies to act and make products more secure. “In the case of BadUSB, however, the problem is structural,” he said. “The standard itself is what enables the attack and no single vendor is in a position to change that.”  “It is unclear who would feel pressured to improve their products by the recent release,” he added. “The release is a stark reminder to defenders, though, that BadUSB is – and always has been – in reach of attackers.”

    Full story at http://www.bbc.co.uk/news/technology-29475566

     

     

    read more
    by Ron