Secure USB Drive

We’ve made some key updates to our solution range, and introduced an enhanced version of our CMC management software, which we are featuring at the Infosecurity show in London from 28th – 30th April.

All of our Cruzer Enterprise models now shipping are FIPS certified, offering corporate and government IT departments a valuable tool in securing and managing data.  The drives carry FIPS (Federal Information Processing Standard) 140-2 Level 2 certification for encryption.

The Cruzer Enterprise now comes in two versions: standard, and Cruzer Enterprise with McAfee Malware Protection.  The McAfee version helps protect users from infection with an automatic anti-malware scan prohibiting file transfers to the secure USB drive when it detects infection on a host PC.

Also, CMC version 3.0 is now available, giving more tools for distributing, protecting and recovering critical data.  The CMC agent resides on a company-issued Cruzer Enterprise drive, enabling corporate IT departments to manage the entire drive lifecycle from deployment, central back-up and restore, and central usage tracking to remote termination of lost drives.

If you’re attending Infosecurity, visit us on Stand E26.

Have you ever looked at all the data breaches that have occurred in the past 18 months, and thought “that couldn’t happen to me”?  The truth is, it can happen to anyone, and at more or less any time.

All it takes is a moment’s inattention to lose a thumb drive or disk.  And if the data on that device is not protected in any way, congratulations:  it’s your own data breach. 

To highlight that it can indeed happen to anyone, this article on Enrique Salem, president and CEO of security giant Symantec is revealing.  In it, he admits that he has personally lost a USB flash drive containing confidential information.

He also points out that certain data security features need to be automated – such as mandatory encryption, alerts to administrators in the event of protected data being accessed, and more.  This security best practice helps to ensure confidential data stays confidential. 

So if you’ve ever lost a flash drive in the past, don’t worry:  it can even happen to CEOs of security companies.  But if you think it cannot happen to you, you might want to think again.

Everyone knows that the “insider threat” – company employees – are a major security risk, right?  Well, according to a recent report by computer forensics specialist Verizon Business, the biggest IT security risk to business is still external parties.

The report found that 74% of breaches resulted from external sources, and just 20% were caused by insiders.  And worryingly, most of the security issues found could be traced directly to bad decisions or poor security practice within IT departments, not end users.
 
As mentioned in our earlier post, ‘Why the blame game doesn’t work’, individuals are frequently blamed for security lapses, and this diverts attention away from the real problem.

With cybercrime exploding and a rising wave of malware already seen this year, companies need to be more vigilant than ever before.  That means taking a long, hard look at all aspects of security, and ensuring that policies are enforced by solutions at all stages.

So perimeter security should be leakproof.  Data should be encrypted, wherever it is.  Staff should be issued with secure USB flash drives, that feature mandatory encryption.  Only by delivering security at all levels, can companies really start to take control, instead of wasting time looking for people to blame for breaches.

The number of malware attacks rose by more than 200% in 2008, according to the latest EMEA Internet Security Threat Report from security vendor, Symantec.

During the course of the year, the company reported over 1.6 million new threats, making 2008 one of the worst ever in the anti-virus sector.  Trojan horses were the most common form of malware, accounting for 66% of the top potential infections in EMEA, as malware authors attempted to steal financial and other confidential data.

And one of the key attack vectors that the company warns will be used increasingly in 2009 and 2010 is USB memory sticks and other USB storage devices.  This follows the recent Conficker outbreak, which successfully exploited USB media to spread itself.  Malware experts agree that further worms will be found that can use USB drives to infect PCs and networks.

Yet again, the message is clear:  ensure your USB thumb drives are secured against malware risks.  Or use secure flash drives with onboard antivirus scanning, such as our Cruzer Enterprise drives, to stop USB-borne infections in their tracks.

It looks like USB flash drives are becoming a popular vector for spreading malware.  A 4 year old worm has been reactivated and is now spreading through the use of thumb drives, according to Microsoft’s Malware Protection Center (MMPC).

According to the MMPC, the ‘Neeris’ worm is copying some of the infection strategies of Conficker.  The timing of its reappearance is also unusual, as it appeared a day before Conficker’s ‘activation’ date of 1st April.

Neeris’ makers have recently added an exploit for the MS08-067 vulnerability that Microsoft patched in October last year.  Conficker also exploits this vulnerability and became one of the biggest malware outbreaks ever, early in 2009. 

Although Neeris is not yet widespread, and its purpose and effect seems to be relatively benign at this point, it’s worth making sure that all systems are patched against the MS08-067 vulnerability, as detailed in the link above.

Hay Group, a global management consultancy, is deploying Cruzer Enterprise secure USB flash drives and Central Management & Control (CMC) software to help protect confidential business and client data.

The company’s UK operation wanted to extend data security to cover USB flash drives, and add further protection for third-party data and internal files against loss or theft while its consultants are away from the office.  The company also plans to deploy SanDisk’s Central Management & Control (CMC) software to manage the lifecycle of the drives.
 
Gary Spokes, Hay Group’s data protection officer said:  “Intellectual property is our business – and clients rely on our confidentiality.  As part of our ongoing drive to improve data security, we identified the increasing use of USB memory sticks by our consultants.  We wanted a solution that kept the convenience of the drives, while ensuring data was fully protected.”
 
Hay Group UK IT manager Parminder Bharj added:  “The CMC software was a key factor for us, as it synchronizes with Active Directory to ensure adherence to our data security policies.  For example, we can ensure users can only set complex passwords, and terminate drives that are lost or stolen.  It lets users get on with their work without having to worry about data being secured.”

Here is a final reminder that on April 1st, the Conficker worm (also known as Downadup or Kido) will change the way it updates itself, moving to a system that is much harder to remove.

However, malware experts predict that it is unlikely to affect the majority of computer users.  April 1 is what’s called a trigger date, when the worm will switch the way it looks for software updates.  It has already had several such trigger dates, including January 1, which did not directly impact on IT operations.

However, researchers do warn against complacency.  Last Friday, leaked documents from the UK Government showed that the UK parliamentary IT system was hit by the Conficker virus.  A memo sent to MPs, Lords and their staff claims that the worm was causing the network to slow down and locking some users out of their accounts.

MPs were requested not to connect “USB memory sticks or any other portable storage devices” on to the Parliament Network for the time being, as the worm is known to spread through such devices.

So it’s worth using the next couple of days to clean up any lingering Conficker infections by applying the Microsoft patch that closes the vulnerability exploited by the worm, and updating antivirus software.  There are also free Downadup-removal tools available on the web.