in

This Blog

Syndication

Tags

News

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Archives

AlertBoot Endpoint Security

AlertBoot offers a cloud-based full disk encryption and mobile device security service for companies of any size who want a scalable and easy-to-deploy solution. Centrally managed through a web based console, AlertBoot offers mobile device management, mobile antivirus, remote wipe & lock, device auditing, USB drive and hard disk encryption managed services.

Disk Encryption Important, USB Port Control As Important: IBM Hands Out Malware-Ridden USB Drives At Security Conference

IBM has announced that freebie USB drives handed out at this week's AusCERT conference--in Queensland, Australia--were infected with malware.  For those who are under the impression that data encryption is the be all, end all of computer security, this is another wakeup call.

Embarrassing Situation for IBM, Deja Vu

The situation is more embarrassing than usual for IBM.  Not only because people would normally think that Big Blue would have a grip on such issues, but because IBM's presence was that of a security company.

Plus, there is the fact that the malware "should be detected by the majority of current anti-virus products."  This begs the question, why did IBM not check for the presence of malware?  I guess they assumed the devices were clean, which is not so far-fetched an assumption to make, unless you're the tinfoil-hat wearing type.

However, it should be noted that at the 2008 AusCERT conference, Telstra had the exact same thing happen to them.  I'm sure everyone had a good laugh at Telstra's expense; privately, of course.  Who'd have thought that someone else would be announcing the same exact news two years later, at the same conference?

And, everyone involved with the conference knowing about the incident, why didn't IBM go ahead and check up on their freebies?

The Importance of Layered Security

One of the most basic "security weaknesses" I see when speaking with clients is their belief that encryption software is the solution to all of their data security woes.  Nothing could be further from the truth.

Encryption, for the most part, is about protecting data when a device is lost or stolen.  This is especially true of a solution like AlertBoot's hard disk encryption.  For hacking attacks, something along the lines of file encryption--aka content encryption--provides better security: while a hacker is able to see that there's an encrypted file, he can't make sense of it.

However, neither of these solutions can protect you from malware.  If a virus infects your computer with a screen-grabbing or monitoring software, or contains a keylogging element, it could very well grab your password, and encryption wouldn't provide you with as much security.

The importance of having several security products, each backing others' critical weaknesses, is key, and that's why any security professional worth his salt will recommend layered security: encryption, anti-virus, usb port control, etc.

On Antivirus Software

A final observation for the day.  I have friends who won't use antivirus software, for two reasons.  One, it slows down their computer significantly, which I've personally experienced, so I know where they're coming from.

Two, they don't visit weird sites, so they won't be getting their computers infected.

As the above story shows, though, reason number two is not necessarily a valid reason for not using AV software.  Likewise, what about drive-by infections, where a legitimate site--perhaps even IBM's own, in keeping with the story--infects your computer because the site was not properly secured?  It happens more often than one thinks, and the only way to even be alerted of it is--you guessed it--by having anti-virus software.

And, if I may extend the observation to the realm of encryption programs, similar arguments for not using laptop encryption (such as, "my laptop always stays in my office.  It doesn't need encryption") are not as valid, either.  What about someone breaking?  Or the janitor quitting and doing some damage?


Related Articles and Sites:
http://www.smh.com.au/technology/security/ibm-distributes-virusladen-usb-keys-at-security-conference-20100521-w1ks.html
http://www.sophos.com/blogs/gc/g/2010/05/21/ibm-distributes-usb-malware-cocktail-auscert-security-conference/
http://news.cnet.com/8301-27080_3-20005673-245.html

 
<Previous Next>

Full Disk Encryption: Missing Arkansas National Guard Hard Disk Found, Destroyed

Drive Encryption: Lake Ridge Middle School Loses USB Drive (Updated)

Comments

No Comments

About sang_lee

Sang Lee is a Senior Account Manager and Security Analyst with AlertBoot, Inc., the leading provider of managed endpoint security services, based in Las Vegas, NV. Mr. Lee helps with the deployment and ongoing support of the AlertBoot disk encryption managed service. Prior to working at AlertBoot, Mr. Lee served in the South Korean Navy. He holds both a B.S. and an M.S. from Tufts University in Medford, Massachusetts, U.S.A.