IronKey

Mobile Data Security Blog

Home  »  Posts tagged "encryption"

by

Thwarting the Insider Threat

 

Autumn is returning, reluctantly we’re turning our back on summer, and we are looking forward to the Holiday season. Undoubtedly, this comes with increased people taking vacations, working remotely, and the unlucky few taking their laptops on holidays. For many organizations, this is pretty risky business because the sensitive corporate information is now travelling along with their employees. Although many organizations rarely expect their loyal employees to steal company data, many are prepared for security attacks.

Following the Edward Snowden revelations in 2013, IT departments are now tasked with monitoring potential insider threats. Snowden’s work with US intelligence agencies put him in the position of a highly trusted employee, providing him with everything he needed to accomplish what he set out to do. There were no measures in place to prevent what was possibly the biggest information leak in the history of the US.

The risks come from those who intentionally misuse their access to data to cause a detrimental impact on the confidentiality and integrity of sensitive information.

Although there are a number of routes to secure intellectual property, if the authorities, from whom Snowden was stealing from, had a manageable and encrypted flash drive, such as an IronKey™ Windows To Go drive, they could have tracked the information from anywhere. Any activity on the drive could have been monitored from an on-premise or cloud-based management service. This would have ensured them the ability to restrict where the device could be used, or resort to remotely locking it down, so no one could access the data.

If data isn’t encrypted, its integrity can easily and quickly be compromised, and therefore it is essential to know where, and who, is accessing information. This can be difficult across a fragmented IT environment, however, companies need to be confident that if a device is considered to be compromised, they can remotely lock it down, wipe it, or initiate a self-destruct sequence to remove the data, to protect themselves and their stakeholders.

Protecting intellectual property should be a priority for all organizations. Disabling outdated user accounts when employees exit an organization, implementing policies with privileged account passwords, updating them regularly and limiting access to corporate systems, are all crucial to keeping data secure. That’s where the Windows to Go Drive comes in:  a secure, IT-managed, Microsoft certified USB drive that contains a fully functional corporate Windows desktop. Employees insert the Microsoft certified USB drives into their home computers, hot desks, or tablets that feature USB ports, and receive a secure desktop  as well as secure access to all applications they use in an office setting.

Unlike a virtualized or online remote access solution, this portable workspace offers full host computer isolation, which means documents cannot be saved to the host machine, but are saved to the USB drive.

This way, all data will remain secure without the threat of a potential data breach ensuring safety for all!

 

IronKey Workspace W700

by

The Cost of Cybercrime

 

Hackers are holding the world to ransom with cyber-attacks costing the global economy more than £238 billion a year¹. These attacks damage the global economy almost as much as illegal drugs and piracy, with financial losses from cyber theft resulting in a potential 150,000 European job losses.¹ Cybercrime is a growing menace which is proving to be an ever growing challenge for individuals and businesses. US retailing giant Target saw its earnings drop 46% after an attack that leaked more than 40 million customer credit card details², whilst eBay and Office have also been ‘hit’ this year, with customer data compromised.

Despite these devastating implications, the public, corporates and their employees continue to be careless with their valuable and highly confidential data –residing on laptops, tablets and mobile devices. Cyber espionage and theft of individuals’ personal information is believed to have affected more than 800 million people during 2013¹, and our mobile working culture has made data security an even greater challenge.

With IDC estimating that over one million smartphones were shipped last year³, someone somewhere in your company is using a personal, mobile device to connect to a corporate network and download sensitive data – making your organization a sitting target for cybercriminals. Companies must equip their employees with the means to protect corporate data from threats such as identity theft and cyber espionage, whilst mitigating the dangers associated with unsecured devices and free Wi-Fi hotspots.

Mobile devices need to maintain the same high levels of security as office-based desktops and servers, with only IT provisioned laptops or tablets connected to corporate networks. But, the best way of ensuring hackers can’t gain access to your company data, is by storing all your data on a secure fully encrypted Windows To Go USB flash drive. It provides employees with an IT managed and provisioned Windows workspace that replicates their secure office desktop environment, on any device that the USB is plugged into. This also means IT departments do not need to deploy individual computers but rather can deploy the Windows To Go workspace on USB drives which saves time, resources and introduces vast cost savings.

Staff awareness plays a crucial role in protecting the company network against cybercrime. Often under-estimating the inherent security risks of using personal devices in the office, employees must be educated to handle these responsibly – on a proactive, ongoing basis rather than waiting until a security breach occurs, when it’s too late.

With so many high profile security breaches making the headlines, organizations want to know that corporate data is secure at all times, regardless of where it resides, whilst employees need the flexibility to work remotely. Cybercrime can have a devastating impact on your business in terms of cost and reputation. Your organization can’t afford to be tomorrow’s headline…

 

Sources:

¹McAfee report, June 2014 – Net Losses: Estimating the Global Cost of Cybercrime

² http://www.businessweek.com/articles/2014-03-13/target-missed-alarms-in-epic-hack-of-credit-card-data

³ International Data Corporation (IDC)Worldwide Quarterly Mobile Phone Tracker, Jan 2014

 

 

 


 

 

 

by

Sochi Games and Windows To Go – BYOB — Bring Your Own Burner

With reporters just starting to show up at the Sochi Games, their horror stories are emerging on everything from yellow drinking water, poisoned dogs and roofless hotel rooms to a hacker heaven. Digital connectivity and security are going to be hot topics and major issues during the Games. The IronKey Workspace™ for Windows to Go, a PC on a Stick™, is a great solution for anyone traveling to Russia. Here’s why:

Russia has LAWFUL interception of ALL communications. There is ONE network, completely government controlled. What this means is, if you want to be online — unless you are working on a highly classified government network from your country of origin — you WILL be monitored and almost certainly hacked.

Even if you have a VPN, the Russian network will own your PC, your credentials, your certificates, etc. So you’re toast.

But you have to be connected and get work done. What do you do?

Take three things on your trip:

  • IronKey Workspace W500™ for Windows To Go, with your needed applications and public files. You can plug the Windows To Go drive into almost any computer, work solely from the USB stick and not leave a trace behind.
  • Laptop, with the hard drive either disabled or removed (just to be safe)
  • Burner cell phone – buy with cash.

The good news is you can be connected this way without digital harm. The bad news is that, while you’re in Russia, you’ll have to assume all of your communications are public and not secure.  But you can stay completely connected, be productive, and still be safe when you return home.

While in Russia, you can use Windows To Go in your laptop, do all your work with your regular applications and stay connected to home base. The Windows 8.1 operating system you load on Windows To Go must contain applications and files that are not sensitive, because once you log on to the network, you need to assume anyone can see them and know it’s you. Same thing with when you use your cell. Even burner cells can be traced and triangulated. Just ask the DEA.

Once you get home, have IT re-provision your Windows To Go device. Or do it yourself. Load up all your applications and files, including all the sensitive ones. Windows To Go can be used again, completely securely in other countries. You can use it with your regular laptop or the drive-less one you got for the trip. Destroy the cell just like in cop shows.

Bon voyage!

 

w500-sidebar

by

3 Tips For Enabling Data Security and Mobility at Government Agencies

October marks the end of the US federal government’s fiscal year, and Imation’s mobile security experts are very busy discussing the benefit of our solutions with IT staffs at various agencies. We typically see an increase in interest near the end of the fiscal year, but there are a couple of reasons why our IronKey secure USB solutions are more top-of mind this year than in the past.

There is an increased focus from government agencies on enabling computer mobility. Like many other sectors, government agencies understand that mobile devices make employees more productive, a fact which was backed up as recently as May in an 1105 Government Information Group report. IronKey secure USB data storage devices and IronKey Workspace Windows To Go solutions enable end user mobility, as government employees can take their data and desktop environments with them wherever they go securely.

Microsoft Windows 8 spotlights how USB devices can serve as a secure, mobile computing alternative for BYOD. Microsoft cites Windows To Go, which enables a fully functioning Windows desktop to be booted from a USB device, as a key enterprise feature of Windows 8. Government agencies are taking notice.

At the same time, government IT staffs are justifiably concerned about security. The same 1105 Government Information Group report cited earlier notes that agencies are providing their employees with agency-issued devices, primarily because they are worried about the lack of control. A government mobility policy in these situations shifts away from BYOD, since employees cannot bring their own devices.

Any solution involving mobile devices (whether through employee devices or agency-provided devices) must include policies and technology to protect against data leakage or misused data.

In general, we offer these tips as part of such policies:

1) Access control: Agencies must establish and enforce strict methods for granting device access.

2) Auditing: IT departments should schedule frequent audits to make sure that devices are in the right hands and are being used appropriately.

3) Remote kill: Government agencies should deploy mobile solutions that enable remote kill capabilities, so that devices can be erased or destroyed if they fall into the wrong hands.