CoSoSys, a leading developer of endpoint security and portable storage device applications, has just released My Endpoint Protector (MyEPP), the first Software-as-a-Service (SaaS) application to deliver Data Loss Prevention and device control “in the cloud”. MyEPP will help companies manage the internal and external security threats created by the broad availability and use of portable data storage devices, while focusing on keeping the impact on IT resources at a minimum. The new web service uses a policy-based approach to enable businesses to manage how data can be used on all endpoints – Desktops, Laptops, Netbooks and more – from a single centralized web console, no matter where those endpoints are located.
Why should you consider a MyEPP subscription?
- Your company will be able to minimize inside threats and prevend data loss and data theft
- The cloud computing approach means you don’t have to worry about servers setup, installation or management
- You can access the centralized web-based dashboard remotely, from any computer with and Internet connection and a web browser
- Real time monitoring of all devices used by your employees
- Create your own security policy without the need for additional hardware or software, without the need of having in house IT security experts
- Enforce your policies easily through customizable templates
- All for prices as low as $2 per PC per month
“Most businesses today are aware that they need to proactively protect both their own intellectual property and customer information held in trust on their systems,” said Roman Foeckl, CoSoSys CEO. “But the thought of having to hire dedicated staff or consultants to install, implement and manage this type of solution has prevented many from taking the steps needed to protect that data.
“My Endpoint Protector makes enterprise-level device control and security accessible to even the smallest organizations without the need for expensive additional equipment or staff. Whether employees work from home, on the road or from remote locations, the security of their desktops and laptops can easily be centrally managed through the cloud.”
If you need more reasons to act now, just go ahead and evaluate the costs of a real data breach!
For more details on MyEPP, click here.
Remember TJX? The company who had experienced the largest data breach in history? The one that exposed at least 45.7 million debit and credit card accounts to fraud, theft and other menaces? Yes, that TJX. This company is the perfect show case to scare off companies into implementing an effective endpoint security and data loss prevention solution. Because the amounts they kept paying since having discovered the breach simply make us a little dizzy. Ok, a lot
The latest TJX related news is of a lawsuit settlement of 9.75 million dollars reported by Search Security. The lawsuit was brought by Attorney Generals in 41 states and according to the settlement the sum will be devided as follows: 2.5 million to create a data security fund for states, a settlement amount of 5.5 million and 1.75 million to cover expenses related to the states’ investigations.
According to reports from early 2009, TJX had paid a 40.9 million dollars settlement and organized a big time sale for its customers throughout North America, to compensate for the data breach damage. The same source stated TJX had prepared a 118 million dollars fund to deal with the consequences. Well, they probably can afford it. Can your company afford 20% of that? If not, or you’d rather do something constructive with your data, take control of your confidential data now. Not later, now
It seems that the centrally managed cybersecurity plans are a catchy trend. Following White House announcement, the UK is planning to create a centrally managed cybersecurity agency. All the secret operations that are currently going down within the intelligence and security services – Ministry of Defence, Home Office, MI5, MI6 and GCHQ – will be centralized and handled by a separate institution.
The UK plan will be soon made public, sometime before the summer Parliament recess, according to the Register, and will be included in the government’s updated National Security Plan.
The idea of a cyber tsar role, initially launched by US President Barack Obama, might also be implemented by the EU.
“The European Commission is now encouraging member states to cooperate on digital wargames, to simulate attacks from outside the bloc. Commissioners have suggested a European cyber security tsar should be appointed.”
More and more employees chose to overlook data security policies put in place by the companies they work for and engage in activities that could easily lead to data breaches, according to the findings of a new Ponemon Institute survey. The risky activities include taking private records with them on unsecured storage devices, downloading personal software on company systems, turning off security settings and networking on social media sites.
Most members of a company’s staff copy classified data to USB drives or turn off security settings on their work laptops. Compared to the Institute’s 2007 findings, the numbers of those ignoring company policies has increased.
Here are some highlights of the survey findings, as presented by PC World:
- 69 percent of the 967 IT professionals surveyed copied confidential company data to USB sticks
- those who lost said USB sticks with confidential corporate data on them failed to report it immediately
- almost 31 percent of respondents engaged in social-networking practices on the Web from work PCs
- around 53 percent said they downloaded personal software on corporate PCs
Did a data breach occur at T-Mobile USA? According to a group of hackers it did. They claimed to have gained access to all customer information of the company and posted network scans to prove it on the Full Disclosure web site. They also said they were trying to sell all the private records to T-Mobile’s competitors, who wouldn’t take them on the offer. Yet they’re still doing their best to sell all stolen info to the highest bidder.
T-Mobile has a different view on the story though. They said, and were quoted by ChannelWeb, that there is no proof whatsoever of any breach. And although the document posted online did in fact belong to T-Mobile, it contained to sensitive date, nor was it obtained while their system had been hacked into.
“The document in question has been determined to be a T-Mobile document, though there is no customer information contained in the document,” the company said in a statement. “There is no evidence to indicate that the T-Mobile security system was hacked into nor any evidence of a breach.”
While ChannelWeb seems to incline to believe T-Mobile on this one, their security experts say large mobile carriers often fall pray to hackers who harest their confidential customer records for their own benefit, mostly because the security systems they’re using are outdated. If I were T-Mobile right now, I’d make sure to check everything 100 times and find out exactly how the harmless file get posted online. Cause you can never know, can you?
The CoSoSys team attended the Provision Security Days in Brasov, Romania over the weekend. Vendor of the most innovative and effective applications for endpoint security and portable storage devices, CoSoSys was one of the event sponsors and held a presentation on critical data security, device control and linked it to the recent Obama announcement on a White House coordinated plan to prevent cyber attacks.
I’ll reproduce here one the most significant quotes CoSoSys identified in what data loss protection is involved:
“The threat to critical data systems is among ‘the most serious economic and national-security challenges’ today”
You might wonder why economic. The answer is easy: everything translates into money. Less customers, hacked bank accounts, brand trust going down the drain, it all means loss of money. A competitor getting their hands on your prototype and producing it at a faster pace means money you’ll lose (the amount you’ve already invested) and money you’ll never get.
So what does CoSoSys offer as a solution? A best of breed endpoint security, device control and DLP solution, Endpoint Protector 2009. It effectively:
- stops data loss
- prevent data theft
- stops data leakage
- keeps data safe on the road
Speaking of data theft in the office, CoSoSys also presented a video emphasizing how easily they can be prevented. Enjoy!
US President Barack Obama has recently announced a White House coordinated security plan against cyber threats and attacks. According to the New York times that discussed the presidential speech in detail, the new plan will be carried out without any intrusions in people’s privacy. Obama promised to bar the federal government from keeping a close and permanent watch over “private-sector networks” and internet traffic.
How exactly will the plan work and how will its goals be reached? This part is unclear. What we know is that the President will appoint a new “cybersecurity coordinator”, a person with direct access to Mr. Obama and who will hopefully manage to also mediate the dissensions between the several agencies dealing with cyberthreats at the moment, such as the Pentagon, the National Security Agency, or the Homeland Security Department. According to the same article in NYTimes, this coordinator will also act as “action officer” inside the White House during cyberattacks launched on the United States by both hackers or governments.
How does this new spotlight on cybersecurity affect companies? For a lot of US companies, it’s a dream come true, as they all hoped the President will do something about the growing number of attacks.
Many computer security executives had been hoping that Mr. Obama’s announcement would represent a turning point in the nation’s unsuccessful effort to turn back a growing cybercrime epidemic. On Friday, several said that while the president’s attention sounded promising, much would depend on whom he chose to fill the role.
What I think is important to note is that the Obama announcement comes after a major shrink in IT security budgets (caused by the economic downturn), when thinks are starting to look brighter. Mixed with the major security threats and data loss cases that storm in virtual and pring newspaper and magazine pages, it will all lead to an investment increase when it comes to effective security. Which will benefit both security solution developers and companies who will no longer be exposed to significant financial losses.
Another interesting aspect of the Obama speech was his revealing information on the cyberattacks his staff had to deal with during the presidential campaign. He spoke of hackers who managed to get access to emails and campaign files, such as position papers and travel plans. The White House has finally reached a conclusion all security experts have known for quite some time, very articulately put by the US President:
“in this information age, one of your greatest strengths — in our case, our ability to communicate to a wide range of supporters through the Internet — could also be one of your greatest vulnerabilities.”