CSG & Cyberoam Endpoint Data Protection. Ubiquitous USBs - Leaving Millions on the Table

Transcription

1 CSG & Cyberoam Endpoint Data Protection Ubiquitous USBs - Leaving Millions on the Table

2 Contents USBs Making Data Movement Easy Yet Leaky 3 Exposing Endpoints to the Wild. 3 Data Breach a Very Expensive Affair..4 Five Best Practices for Using Flash Drives 5 Cyberoam Endpoint Data Protection.6 Conclusion. 6

3 USBs - Making Data Movement Easy Yet Leaky A USB or Universal Serial Bus, commonly called as a flash drive, has revolutionized the way business data moves. Tiny and cheap but with a storage capacity of up to 20 GB data for a few models, it is the most convenient way of transporting data - no hassles about network access, large files getting dropped by mail servers, availability of shared drives, and more. While all this implies the simplicity with which data can travel in flash drives attached to endpoints, it also brings out a serious downside - data on endpoints is exposed to leaks! With so many endpoints in an organization, it is difficult to track who is taking your data, when and where in that tiny, inconspicuous flash drive! Exposing Endpoints to the Wild Flash drives spill insecurities into the system with their ability to bypass corporate firewalls at the gateway. A user can store or download applications like VoIP; Instant Messengers; tunneling software like PingFu Iris and Surfnolimit that bypass firewall/proxy servers; unauthorized browsers; and music downloading software on his flash drive. These applications can run on his endpoint from the drive itself, enabling him to override traditional IT administrative roadblocks. Unauthorized applications enter the network in this manner, consuming bandwidth, threatening network security and affecting network performance - making the security policies protecting the network, ineffective. In some cases, unauthorized applications may also bring along viruses and spyware that siphon away data lying on the endpoints. Flash drives can bring three categories of risks to an organization: - Data Loss - Data Theft - Malicious code entry into the network Data Loss Flash drives are very easy to lose because of their small size. According to a survey by Credant Technologies, almost 9,000 forgotten USB sticks were found in people's trouser pockets by British dry cleaners in 2008 while more than 12,500 handheld devices including flash drives are left behind in cabs in London and New York every six months. These flash drives could be carrying business plans, proprietary product information, product launch plans, sensitive financial information, and more. For organizations, this could mean faltering on regulatory compliance requirements that may invite neck-breaking penalties, besides loss of customers and reputation. The UK Government was forced to order an emergency shutdown of its computer system when a USB containing confidential passcodes to the online Government Gateway system was found lying in a pub car park. Its misuse could have led to access of private details of 12 million people, including their names, addresses, wages, National Insurance numbers and credit card details.

4 Below statistics show just how frequently companies are losing confidential data in a flash drive and thereby incurring a loss of millions of dollars! 52 percent of companies surveyed have suffered data loss via USB drives and other removable media. - Forrester Research 53 percent of companies acknowledge confidential data resides on flash drives - The Ponemon Institute 53 percent of these companies would have no way of knowing what data was on the flash drive if it was lost. - The Ponemon Institute Since 2005, more than 245 million records containing sensitive personal information have been involved in security breaches in the - Privacy Rights Clearinghouse Data Theft As flash drives make data movement easy, organizations are losing gigabytes of sensitive information through employee actions like inadvertent loss or unauthorized taking away of data. A Ponemon survey revealed 90% of IT security practitioners believe portable mobile device usage will increase security risks within their companies, highlighting the threat from removable devices like flash drives to organizations. Another report by Cyber-Ark showed 41% of the 600 workers surveyed admitting to have taken sensitive information to their new job! Malicious Code Entry into the Network Flash drives are generally used without any protection against security threats. Flash drives make it easy for cyber criminals to extract sensitive data from organizations because of their extensive use in transferring massive amounts of data and their huge storage capacity. Further, ignorant users who use flash drives to install games and other software on their PCs may be innocently installing malicious payloads into the system that may wipe out a company's important data or disrupt its IT infrastructure. The US Army banned the use of USB drives after the SillyFD-AA worm, which spreads by copying itself onto thumb drives and then automatically runs or replicates when that drive is connected to a PC, infiltrated Army networks. In another incident, the TGammima.AG worm infected a computer on NASA s international Space Station and it came in through a USB drive. Both these worms help create backdoor entries into targeted organisations for the internet criminals. Data Breach through Flash Drives a Very Expensive Affair! The average organizational cost of a data breach has increased from $6.65 million in 2008 to $6.75 million in 2009, according to the Ponemon Institute. A Ponemon Institute Customer Trust Survey states that companies that suffer a breach of just 100,000 records containing personal information are set to lose almost a third of those customers and also face financial damages of around $23 million. This is excluding the indirect costs following a data breach media coverage and public exposure that may damage a brand, civil lawsuits, regulatory penalties, and more.

5 Five Best Practices for Using Flash Drives 1.Encrypt/decrypt devices or files 2.Enforce policies for use 3.Find out who is handling sensitive files 4.Update security solutions 5.Allow only whitelisted USB Five Best Practices for Using Flash Drives Although removal or complete blocking of USB ports will be the best remedy against threat to corporate data, it will take away flexibility and productivity of employees in trade-off. Here are a few methods that organizations can employ to balance the benefits and threat of flash drives: 1.Encrypt and Decrypt flash drives or files stored in a flash drive: Encrypt flash drives or confidential files while storing them on flash drives to limit unauthorized access to corporate data. Decryption controls enable organizations to abort attempts by an outsider to read sensitive data in case a flash drive is lost or stolen, keeping their data secure. 2.Enforce Flash drive Policies for Users: Protect data against loss or theft by enforcing usage policies when employees use flash drives. This will help in controlling users while using or transferring data to flash drives. 3.Find out Who is Handling Sensitive Files: Monitor who is handling sensitive files. Any anomaly in data access patterns can be extrapolated and confirmed through audit logs to take timely preventive action before data goes out. 4.Keep Your Security Solutions up-to-date Security solutions like the firewall, IPS, Anti-Virus and Anti-Spyware protect the gateway and endpoints against entry of unauthorized applications, intrusions and threats like viruses, worms, spyware and more. Ensure that your security solutions are running up-to date to keep you secure against new and advanced security threats that may attack your sensitive data. 5. Allow only Whitelisted USB devices Keep a centrally managed database of all flash drives issued by your organization to keep track of the use of these devices within and outside the network.

6 Cyberoam Endpoint Data Protection Cyberoam's Endpoint Data Protection offers flexible identity-based controls to encrypt and decrypt files or removable devices for individual users or groups. It protects corporate data by specifying 'read' and 'write' access policies when a user reads or writes data on classified USB devices. These identity-based policies remain effective even when a user is offline - at home or traveling. With Cyberoam Endpoint Data Protection, organizations can trace and control all removable devices at their endpoints Cyberoam Endpoint Data Protection creates shadow copies of selected files at the time of their creation, modification, transfer and print and saves them on the database server. Its removable storage logs give USB device description as well as plug-in and plug-out time details for a USB device. This information helps in investigating data theft incidences. It offers centralized hardware and software management that allows organizations to keep track of their IT assets. Its Asset Management module protects them against unauthorized and illegal application deployment by users on their endpoints. Its automated Patch Management reduces malware penetration by keeping the system security up-to-date. With Cyberoam Endpoint Data Protection, organizations can trace and control all removable devices at their endpoints. It enables them to allow access only to whitelisted devices and blocks the rest. Conclusion Flash drives are the easiest and most convenient devices for carrying data. Their small size, easy affordability and simple plug and-play use have made them the most widely used device for data movement within and outside organizations. However, such easy mobility of data increases the risk of data loss and theft. Today, flash drives are being used by cyber criminals to gain entry into organizations to push viruses and worms that steal confidential data from them. Enforcing USB device policies, encrypting data stored on flash drives, creating shadow copies and using only whitelisted flash drives are a few 'best practices' that organizations should implement to keep confidential data in their flash drives secure. CSG COMPUTER SERVICES GROUP BRIDGEND BRISTOL EXETER T: E: SALES@CSGRP.CO.UK