Endpoint Protector Appliance: Stop data theft on Windows and Mac

Famous cases of data breaches: comercial secrets of Credit Suisse go to Goldman Sachs

May 7th, 2013 by Cristina (0) Data Theft & Loss,Default,DLP,security breach

Swiss bank Credit Suisse accused its former vice president of emerging markets Agostina Pechi, hired by the U.S. investment bank Goldman Sachs of theft of trade secrets, reports Bloomberg.

Credit Suisse has filed a complaint in a Manhattan court sustaining that the information was stolen in an attempt to win customers for Goldman Sachs.

In February and March, Pechi secretly sent e-mails with customer lists and other confidential banking information from her work account to her personal account. She also printed important documents relating to transactions, late at night,  when she was officially away on vacation, says the complaint filed by Credit Suisse  on the 3rd of May 3.

Pechi earned 950,000 dollars last year and lives in New York. She resigned from Credit Suisse on the 2nd of April, informing she accepted a job at Goldman Sachs in New York.

“Pechi decided to steal confidential information from Credit Suisse and contact details she gathered during the time spent at Credit Suisse. She plans to use the data to compete with Credit Suisse and share them with her new employer, specifically targeting the Swiss bank’s clients, “said  the complaint.

A spokesman for Goldman Sachs declined to comment, and Pechi could not be reached.

Funny thing is Goldman Sachs hasn’t been exempted from data thefts from ex-employees!

Hope for the best, but expect the worst

March 29th, 2013 by Cristina (0) Data Theft & Loss,DLP,security breach

This also goes for companies when we’re talking about protecting their most valuable capital: DATA….CONFIDENTIAL DATA. At least at one point in their business activity they thought competition or other third parties are going to find out the secret of their success…the “secret Coca-Cola ingredient”!

Think about the fact that some IT admins used to Super Glue USB ports so that employees couldn’t plug in USB sticks to copy data and infect the computers with viruses. Crazy, huh? (Yet when I think about the data breaches that occured lately, it’s understandable). Even if they don’t use Super Glue anymore, they do it through software and there are still many companies that, out of too much caution, ask their IT people to simply block all transfers of files. This is both annoying and counterproductive for users, since the business environment nowadays requires high mobility for fast response times. This doesn’t mean they should just leave confidential data and exit points unprotected and unsupervised. Don’t get me wrong! Maybe I’m just pointing out the obvious, but they should allow legitimate file transfers and block dangerous file transfers, instead of blocking the activity of all users. In one word: FILTERING.

With Data Loss Prevention solutions you can set filters at the endpoint level: filters by File Type (Word, Excel, PDF, PowerPoint, exe, jpg, etc.), filters by Personal Data (emails, phone numbers, SSNs, credit card numbers, etc.) and even filters by Custom Content (for instance I can define a filter that will prevent all my users from sending files containing the word ‘dog’ inside). You can basically control every word that goes out of the company network, whether by email, social media, instant messaging, file sharing applications, Dropbox, iCloud, USB drive, external HDD, CD/DVD, zip drive, etc., all you can think of.

My point is you have to be on the safe side without taking it to the extremes: hope for the best (security conscious, well-intended, employees) but expect the worst (be prepared to face any security threat).

We will talk more in depth about filtering and Data Loss Prevention in a future post. To Be Continued…

Not another lost USB stick?!

New victims, same old story…. An unprotected USB stick containing private information of Canadian residents went missing from an office of Human Resources and Skills Development in Gatineau, Quebec.

The drive was storing the names, social insurance numbers, dates of birth and loan balances of 583000 students who had borrowed money between 2000 and 2006.

The internal investigation on the affair started only two months after the discovery of the loss of the stick (Nov. 5th) and a notification was sent to the victims only last Friday.

So the question remains: Are we ever going to learn from others’ mistakes? Especially now that Device Control, Data Loss Prevention and USB encryption software has been around for ages and it’s virtually in everybody’s reach.

An officer of the Canadian Army sold informations to the Russians for $3000 per month

Jeffrey Paul Delisle, ex sub-lieutenant of the Navy Intelligence admitted that the spying charges against him were true. According to prosecutor Lyne Decarie, he willingly entered the Russian Embassy in 2007 to offer to sell confidential military information. Apparently, he was getting around $3000 per month for his services, but he declares he wasn’t doing it for the money, but for’ ideological reasons’.

He was asked to copy references about the Russians from his work PC to an USB stick, then he took the stick home and uploaded the data to an email application to share it with the people paying him.

You can find more info on this high-level spying affair here:

http://www.huffingtonpost.com/huff-wires/20121010/cn-canada-navy-spy-case/

How to steal the plans of the Elysée palace? On an USB stick!

This Sunday an incident of the most common happened at the Lyon train station in Paris: a thief disappeared an USB stick from a car. Nothing special here, this kind of things happen everyday!

What makes this incident so special is the info stored on the memory stick. The owner of the key is an entrepreneur involved in an installation of fiber optic at some important buildings in Paris. His USB stick contained the highly confidential plans of the Elysée palace, the Internal Affairs Ministry and the Paris Police. The worst is that the stick was not encrypted, so the thief has full access to all the documents!

The questions we need to ask now is: did the thief know beforehand what type of info was on the stick or did he steal that precise stick just by accident?

Endpoint Protector now provides Content Aware Protection

Endpoint Protector just announced the launch of the Content Aware Protection module as a Customer Preview. The new 4.1 version incorporates top of the line technology that enables you to eliminate risks of confidential data loss or data leakage to the Internet or the Cloud (services such as Google Drive, Dropbox, iCloud, etc.)

To read more on the new Endpoint Protector feature, visit: http://www.cososys.com/press_releases/Press_Release_Endpoint_Protector_adds_Content_Aware_Protection_to_prevent_data_leaks_to_the_cloud_15-May-2012_EN.html

Endpoint Protector 4 for Linux gets a warm welcome from the online community

The launch of the new Endpoint Protector 4 client for Linux did not pass unnoticed.

The Var Guy wrote a blog post presenting the new release and emphasizing the importance of Data Loss Prevention and Device Control solutions for mixed environments (Win, Linux, MAC).

You can read the whole article here: http://www.thevarguy.com/2012/04/10/endpoint-protector-4-adds-linux-support/

Data Loss Prevention: do we really understand it?

What is Data Loss Prevention? Is it related to technology, processes or people? Is it limited to some administrative policies and IT restrictions? These are the questions discussed in a well-documented recent article on darkreading.com.

DLP is not just an information security concern, it is not just a technical issue. DLP involves the entire organization, establishing what data is sensitive, where the sensitive data is kept, how is it accessed and used, and only after understanding these key points will they be able to define and implement a strategy for protecting and securing such data, at a level of both administrative processes and IT limitations.

In short, DLP is a business issue and it concerns technology as well as processes and people.

With the rising number of attacks and unintentional data leakage, protecting sensitive information became an essential task for any organization, regardless of its size. This is why the implementation of security controls for preventing data loss is actually the foundation for a secure business performance.

You can read more on this hot topic on darkreading.com

Do you use Linux? Endpoint Protector protects your ports also

Endpoint Protector just launched the new versions for Ubuntu and openSUSE of its Device Control and Data Loss Prevention solution, Endpoint Protector 4. With the new launched version, Endpoint Protector is virtually platfom-independent.

Endpoint Protector 4 is available as Hardware and Virtual Appliance, with support for Windows, Mac OS X and Linux Ubuntu 10.04 LTS and openSUSE 11.4. The data and device security solution ensures a complete and proactive protection against both inside and outside threats for organizations in an easy, but highly efficient manner with seamless integration and no operating system constraints. For more details, please visit: http://www.endpointprotector.com/en/index.php/products/endpoint_protector

Nuclear Plant Safety Test Details Lost by Office of Nuclear Regulation Rep

February 21st, 2012 by Agent Smith (0) Data Theft & Loss,DLP,endpoint security,security breach

A data breach caused when an Office for Nuclear Regulation official lost an USB memory containing details about safety tests at the Hartleport power plant is currently being investigated by the authorities. While the memory stick was caring only safety “stress-test” not “significantly sensitive” data, none of the files stored had been encrypted. The stress tests the lost portable device stored are currently being carried out at European nuclear power plants in an attempt to prevent future disaster, like the nuclear disaster at Fukushima power plant caused by the Japan earthquake last year.

According to an official ONR statement, the reports contained by the memory stick would have been made public after their completion, yet the office completely forbids the use of unencrypted devices for transporting documents with security classification. This means that the official responsible for the breach has broken ONR security regulations. The Hartlepool plant, operated by EDF Energy, confirmed the lost USB stick did not have important data. They also mentioned that when they would have been published, the results of the tests would have been less detailed. Read more