Endpoint Protector Appliance: Stop data theft on Windows and Mac

Law Enforcement Agencies Find New Ways to Fight Cybercrime

February 8th, 2012 by Agent Smith (0) DLP,Research and Studies

Law enforcement agencies worldwide are getting better at catching cybercriminals, scoring some big cybercrime busts and getting better at detecting and investigating data breaches. Officials worldwide detected five times as many breaches in 2011 as in 2010, according to new data in the Trustwave’s 2012 Global Security Report. About 33% of organizations with data breaches discovered the incidents when alerted by law enforcement, up from 7% in 2010. These good results for law enforcement are mostly powered by the work of the U.S. Secret Service, Interpol, the Australian Federal Police, and the U.K.’s Serious Organised Crime Agency (SOCA).

Only 16% of victim organizations detected hacking incidents on their own in 2011, while the other 84% only discovered them when alerted by outside entities, such as law enforcement, regulatory bodies, or a public venue. When analyzing the circumstances of the hacks discovered by third parties, it’s been discovered attackers had been active within the victim organization’s network for an average of 173.5 days before being detected. Read more

Security audit reveals Department of Taxation internal breaches

December 18th, 2011 by Agent Smith (0) DLP,endpoint security

The US Department of Taxation (DOTAX) decided to take a closer look at how their systems work this year. The process of evaluation included a security audit which lead to discovering internal security breaches dating back to 2008. DOTAX celebrated the three years of undiscovered breaches by putting employees of the Hawaii DOTAX on administrative leave without pay and starting a comprehensive investigation.

Device Control for Windows and Mac

The breaches affected the Department’s computer tax database but no one knows when they occurred, it is suspected they happened at least as far back as 2008.The discovered incidents were immediately turned over to the Department of the Attorney General for review and investigation. Read more

Healthcare data breaches on the rise and costing billions

December 2nd, 2011 by Agent Smith (0) Data Theft & Loss,DLP,Research and Studies

Based on the many stories about data breaches reported by organizations in the healthcare industry, from hospitals to insurance companies and other third-party companies that deal with healthcare data, we could have guessed this is not even close to being a top sector when it comes to data security. A new report released by the Ponemon Institute now brings even further insight into the state of the healthcare industry, showing a spike in data breaches of over 30% and average annual costs of 6.5 billion US dollars.

The “2011 Benchmark Study on Patient Privacy and Data Security,” commissioned by IDExperts, idendified employee error to be one of the main cause for data breaches in hospitals and healthcare providers. These types of organizations in the healthcare industry suffered an average of four data breaches in the past year. Nearly 30 percent of healthcare companies said the breaches they suffered resulted in medical identity theft – an over 25 percent increase over 2010. Read more

British authorities experienced 1,035 data loss incidents

November 24th, 2011 by Agent Smith (0) Data Theft & Loss,DLP

Only 55 of the data loss breaches have actually been reported

If you can’t stop data breaches, at least cover them up! This seems to be the data security code British authorities go by. Too bad for them there is something called Freedom of Information Act requests… A new report issued by privacy campaign group Big Brother Watch showed that councils across the UK experienced over a thousand data loss cases over a three year period – August 2008 to August 2011.

To get the information, the group sent 433 FOIs to local authorities and councils across the Great Britain and showed s shocking discrepancy between the reported 50 something incidents and the harsh reality. Not only did BBW uncover the data mishandling cases, they also requested information on what happened to the employees of said councils – if they had been disciplined, fired or prosecuted over the data breaches -, and inquired about the council’s response to each incident.  Read more

UK’s ICO takes serious measures to enforce data protection

November 8th, 2011 by cristina (0) Data Encryption,Data Theft & Loss,DLP,endpoint security,In the News,In The Spotlight,Laws & Standards,security breach

The ICO conducted an investigation on a case of hardware loss in May at the Rochdale Metropolitan Borough Council. The incident consisted in the loss of an unencrypted memory stick by a Council’s finance department employee, stick which contained names, addresses and payment details for 18.000 residents. The missing hardware was not found to the date.

The investigation concluded that the Rochdale Council has breached the Data Protection Act by not providing employees with encrypted memory sticks (although it was a known fact that these devices would be used to transfer private information) and by not training their employees to properly use portable devices for work purposes.

Sally Anne Poole, ICO’s head of enforcement qualifies this mishap as ‘unacceptable’ and says ‘This incident could have been easily avoided if adequate security measures had been in place.’ in a quote by eWeek.

en-leaderboard.png

The measures taken by the ICO in this case consist of signing an undertaking of actions to take to implement data protection policies by 31st March 2012.

Let’s hope that more than one private data handling organization learns from this incident and encrypts their portable devices using proper solutions.

The theft of laptops doesn’t stop, organizations don’t learn their lesson

November 3rd, 2011 by cristina (0) Data Encryption,Data Theft & Loss,DLP,endpoint security,In the News,In The Spotlight

A whole lot was written on loss/theft of hardware (laptops, USB sticks, external hard drives, etc.) and we had thought that organizations would learn their lesson and encrypt sensitive data on such supports. Apparently, things aren’t quite like that and two recent incidents come to prove it.

A resident student at Vancouver Coastal Health lost a laptop and a USB stick (there is a high probability that the hardware was stolen) at the Toronto Airport. The information stored on the drives was password protected but it wasn’t encrypted.

A Vancouver Coastal Health official calls the incident ‘unfortunate’ and says that ‘This is the way physicians and other health care workers need to do their job. They need to use these devices.’ He admits that many professionals use laptops and that the agency has some issues handling mobile technologies.

Another mishap took place in the United Kingdom and the theft of a laptop that stored personal information of 100 young people who participated in inclusion programs. This laptop was in the house of a contractor of the Newcastle Youth Offending Team organization. The ICO (Information Commissioner’s Office) has established a fine for this organization for not encrypting the data. According to Sally-Anne Poole ‘Encryption is a basic procedure and an inexpensive way to ensure that information is kept secure.’ She underlines the fact that organizations working with contractors must make sure that the latter ones align to their security policies.

It’s so simple and cheap to track the use of portable devices and encrypt sensitive data stored on them, that we really ask ourselves why don’t organizations do it?

Let’s hope that at least legal constraints will force private data handlers to implement solutions and politics to maintain their data safe and secure.

CoSoSys Releases Endpoint Protector 4 – New Device Control Hardware and Virtual Appliance

October 27th, 2011 by Agent Smith (0) Data Encryption,DLP,endpoint security,In The Spotlight

Endpoint security developer CoSoSys has released a new version of their data loss prevention, device control and endpoint security solution for Windows and Mac OS, Endpoint Protector. Offering enhanced protection, increased effectiveness and the fastest implementation time in its segment, the out-of-the-box Hardware and Virtual Appliance is now available for small, medium and large companies and organizations.

en-banner.png

Coming with a long list of new features targeting better security, reliability, ease of use and better adapting to company structures and organization charts, Endpoint Protector 4 is designed to protect networks ranging from 20 computers (endpoints) to more than 5.000 endpoints.

Some of the top benefits of this latest Endpoint Protector solution are:

  • Seamless integration in business processes
  • Saving time and money when the solution is installed
  • Increased security through enhanced protection
  • Reducing allotted resources of the security staff
  • Optimum security through enhanced stability
  • Enhanced protection through complex, adaptable end efficient security
  • Reliable security through enhanced monitoring and policy control
To find out more about the Endpoint Protector 4 Hardware and Virtual Appliance and see the detailed list of features, visit the product page and the official press release.

A virus exposes private data of 3000 patients of an american clinic

September 2nd, 2011 by cristina (0) Data Theft & Loss,DLP,In the News,Malware Infections,security breach

An investigation inside the Living Healthy Clinic of Wisconsin, US has revealed the existence of a virus on a computer in the network that exposed 3000 patient records.

The experts have concluded that the attack was not targeted, as it was reported that the same type of virus was found on other computers in the US that had nothing to do with the clinic.

The information exposed after the attack included names, addresses, social security numbers and medical records of some patients.

The officials will announce the affected persons on the security breach and they will inform them on the measures to take to protect themselves.

Access to Company Data: Why Employees Are Not All Equal

August 26th, 2011 by Agent Smith (0) Data Theft & Loss,DLP,endpoint security

Here’s a good piece of news for companies around the world: when it comes to access to your important and confidential data, you don’t need to treat all employees as equals. In fact, it is highly recommended to make sure not anyone can access all your files, and if they can see them, you should prevent everyone from copying or transferring the information you need to keep private.

en-banner.png

Ongoing projects, customer data bases, inventions, strategies, private records of employees, credit card and bank account information, all these must remain confidential. So if you store them, how can you make sure an employee that is unaware of the harm they are doing or who knowingly wants to harm you, fails at their attempt to expose the files in question? Read more

A recruitment company reveals the salaries of RBS contractors

August 25th, 2011 by cristina (0) Data Theft & Loss,DLP,In the News,In The Spotlight,security breach

An unauthorized email sent by the recruitment company Hays to 800 RBS (Royal Bank of Scotland) employees has uncovered the amounts paid to contractors working temporarily for the bank.

Even though the people who received the email are employees of the bank and therefore obliged to keep the confidentiality of the information they have found out, RBS says they are ‘extremely disappointed’ and they are collaborating with Hays to recover the exposed data. The recruitment company has already started an investigation on this breach.

After this incident, discussions on the big salaries offered to contractors by a bank that is majority-owned by the state were started.

More information on this insider data leak here.

« Previous Entries
© Endpoint Security Info 2012. Wordpress Theme by Arcsin

blogarama - the blog directory Technology Blogs - BlogCatalog Blog Directory Blog Directory Find Blogs in the Blog Directory
valid CSS valid XHTML