Prevent threats to the security of your network online backup

Error in deserializing body of reply message for operation 'Translate'. The maximum string content length quota (8192) has been exceeded while reading XML data. This quota may be increased by changing the MaxStringContentLength property on the XmlDictionaryReaderQuotas object used when creating the XML reader. Line 1, position 8701.
Error in deserializing body of reply message for operation 'Translate'. The maximum string content length quota (8192) has been exceeded while reading XML data. This quota may be increased by changing the MaxStringContentLength property on the XmlDictionaryReaderQuotas object used when creating the XML reader. Line 1, position 9095.

BACKUP AND RECOVERY

Kevin Beaver
10.25.2010
Rating: -3.33- (out of 5)




What you will learn in this tip: Online or cloud backup services are seen as a quick and easy way to back up personal files. But more and more employees are using these services to back up their personal data on work computers. Learn about how to prevent these online backup security threats in your organization.

Online computer backup services such as Carbonite, EMC Corp. Mozy and Dropbox are all the rage these days. These services are appealing because they solve the problems of having onsite backups or not having the resources to manage backups altogether.

You may be thinking that these online computer backup services don't affect your business. But you may not know that users are running these programs on their work computers to back up their "systems," including personal and business data. And until you know for sure that these programs aren't being used in your environment, there are numerous security and compliance risks as shown in "Figure 1: Security and compliance risks related to online computer backup" below.

Figure 1: Security and compliance risks related to online computer backup usage

The online data backup services themselves aren't the problem. It's the simple fact that they're being used on your network without anyone's consent. IT is often out of the loop. Ditto for internal audit. I've even spoken with backup administrators who've said they had no idea their users were performing backups on their behalf. Perhaps worst of all, management is often oblivious to the business risks that include confidential customer data mishandling, intellectual property exposure, and quite possibly contract and compliance violations.

Online computer backup services: Important questions to ask

Here are a few questions to ponder regarding the personal usage of online computer backup services in your environment:

Does your business have an acceptable usage policy that covers the installation and use of such software/services?Are your employees qualified to review the privacy policies and other terms and conditions regarding the handling of your business information that's undoubtedly shipped off-site? Is your legal team plugged into information security and privacy enough to know that business information covered under contract or compliance regulations is being handled this way?How does data labeling, data retention and data destruction play into all of this?Should you provide an alternative? Do you back up locally stored files, especially for mobile or remote workers?

I bring these issues up to point out the risks associated with users sharing sensitive business information with these third-party data backup and file sharing services. You have to consider the situation of a data breach and subsequent investigation. Good lawyers and expert witnesses will know to ask questions around how information is managed in your organization and the specific steps you've taken to keep it reasonably secure.

Gain control of online backup security

You cannot secure what you don't acknowledge. As the person in charge of managing data backups and ensuring the whereabouts and integrity of this data, you're going to have to get plugged into these cloud backup and file sharing services. Even if it's a security-centric problem, it still affects how you manage backups. Here are four things you can do right now to gain control of online backup security:

Work with your network administrator to monitor traffic patterns going to these vendor sites.Work with your desktop administrator to perform a software audit to see which of these applications are running on each of your computer systems and your mobile devices (Dropbox, for instance, runs on iPhone, iPad, Blackberry and Andriod).Work with management and legal -- ideally a formal security committee that includes these people -- and determine how you're going to handle this.Based on your risks, put the appropriate policies in place and use the necessary technologies to keep things in check.

The solution may seem obvious to just block these applications at the network perimeter or on the desktop. However, if you've ever gone down the path of blocking such applications you know how painfully difficult it is. Even if you provide backup services at the workstation level (something rarely done because of the storage requirements and the inherent difficulties of doing so with a mobile workforce) users are still going to use such backup and file sharing services. After all, in many cases they're doing this for themselves and not for the betterment of the business.

Some people may argue that many of these applications are for personal use and don't really affect the business. I believe that if these services are running on computers that store or process business information (including personal smartphones and computers at home) then it's a business problem that needs to fall under the umbrella of business oversight and control. Otherwise, you're going to have a Wild West-like environment that's treading on thin ice. As Ayn Rand said, "We can evade reality, but we cannot evade the consequences of evading reality." Something needs to be done before something bad happens.

About the author: Kevin Beaver is an information security consultant, expert witness, author and speaker with Atlanta-based Principle Logic, LLC. With over 21 years of experience in the industry, Kevin specializes in performing independent security assessments revolving around compliance and minimizing information risks. He has authored/co-authored eight books on information security including the newly updated Hacking For Dummies, 3rd edition. In addition, he's the creator of the Security On Wheels information security audio books and blog providing security learning for IT professionals on the go. You can reach Kevin through his website www.principlelogic.com and follow him on Twitter at @kevinbeaver.

To rate tips, you must be a member of SearchDataBackup.com.
Register now to start rating these tips. Log in if you are already a member.

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

View the original article here

A world of threats, information warfare

The modern warfare keywords are always - Web attacks, messaging attacks, botnets, rootkits, logic bombs, data theft, etc…. McAfee estimates 1 trillion USD in cybercrime activities in one year! This is the world we live today! the battles are for information such as identity theft theft and data inaccessibility as e.g. denial-of-service attacks. The most popular battlefields are social networking platforms such as Twitter, MySpace, Facebook, LinkedIn, etc.. Leave us a have a quick look at some events:

Mikeyy worm - April 09.A computer worm named the Mikeyy thousands of Tweets (messages) on Twitter.com gesendet.Die tweets promoted Michael Mooney's website (author), which maintains a website with information relating to twitters vulnerabilities!

Koobface worm - Sept 09.Koobface is a computer worm, which is aimed at users of social networking sites Facebook, MySpace, hi5, Bebo, Friendster and Twitter. The primary purpose of Koobface is users to collect personal information such as credit card numbers.

Botnet compatible - Aug 09.It was reported that stealing an information Twitter site as the most important botnet operation wurde.Ein Twitter account was used, instructions to infected computers to grant that are part of a botnet. Tweets come from the malicious account statements bots were sent to actually. Other Twitter weaknesses have been reported recently (Aug 2010) Cyber criminals were used the cross site scripting vulnerability.

If the information battlefield social networks as are, then who are the target machines. If the current Web 2.0 platform allows the distribution of botnets, then it will more captured civilians (botnets controlling our machines). Way back in 2008, the Conficker worm captures more than 7 million computers under their control! Conficker specifically uses the Microsoft Windows operating systems and deficiencies in the operating system, these machines remotely.

Another bypasses remote administration tool (backdoor) that secretly control normal safeguards a program, computer or network is known as poison ivy. Poison ivy is virtually complete control over the infected computer attackers. Backdoors is how you can rename, delete, or run files than user-based attacks for illegitimate purposes. Can also upload files and the and downloaded from the system.

Other botnets and rootkits

Srizbi botnet was torn down in one of the largest contributors of spam that, if a hosting provider identified as the main source of Srizbi suffered, was a major setback.The walk is a kernel-mode rootkit that changes kernel data structures and is one of the most frequently used Rootkits.Eine more powerful version of FU, FUTo was created to demonstrate the weaknesses in software to detect rootkits. The AFX rootkit is able to hide Windows registry keys, processes, files and folders, services, modules and other system related info. The rootkit detection can be achieved by the presence of iexplore.dll and/or explorer.dll.

DDOS attacks

Twitter DDOS attack - Aug 09.Twitter was for hours millions of users around the world are shut down.The failure was the result of a distributed denial of service attack and considered suffered during the great failure of the service.

Google attack (Aurora) - Dec 09.Gmail accounts have been under attack by a very sophisticated tool that originate from China.Google said that these attacks on e-Mail accounts of Chinese human rights activists aligned waren.Diebstahl intellectual property from Google and other large enterprises were also reported.

Data theft, disgruntled employees and logical bombs

A large bank employees had a logic bomb to plants, which was directed at about 4,000 banks production servers after he was said he was - fired the Freddie Mac Vorfall.Die never fell bomb, as was discovered in time, but had the disgruntled employees, a script to plants, when raised was able to block all monitoring systems so that no warnings would be sent, locks all data on production servers with zeros replace applications on production servers, and finally clear all failover Mechanismen.Im August 2008 were 11 men accused of hacking in TJX network and steal million credit card numbers from nine U.S. Unternehmen.Der TJK case (owner of TKMaxx) is one of the largest data theft cases.

Heartland payment systems suffered a similar incident where a malicious keystroke logging tool ausgebeuteten millions of records of this PCI (payment card industry) compliant payment Unternehmen.Diese attacks raise doubts about payment card industry (PCI)-Compliance Standards.Die datasets which incorporate the digital information stolen from Heartland on codiert.Letztes year integrated magnetic stripe in the back of credit and debit cards, Bank of America (BOA) had a call center employees steal customer information and commissioned for the bank fraud while, to steal some time later in a separate case, an internal programmer accused of trade secrets.

More comments are superfluous……

View the original article here