Keeping your company or home computer network safe from day to day threats that could lead to data theft, data loss, identity theft or malware infections has never been easier. My Endpoint Protector, software as a service device control and data security solution developed by CoSoSys, is now offering an app version available for iPads, iPhones and iPod touch devices through the iTunes store.

With a few touches, you can use the app’s centralized console to authorize new devices, monitor file transfers and access to sensitive data and block portable devices, making sure all common threats are kept at bay. In a world where the unsecured use of portable storageand lifestyle devices – smartphones, notebooks, USB sticks, digital cameras or extern HDDs – can lead to tremendous data breaches and severe losses for both companies and individuals, having a smart and effective app at your fingertips preventing it all is extremely important.

The iPhone and iPad app makes sure you can handle your security issues when being caught in a lengthy meeting, when being on the road and unable to plug in a netbook or reach a computer with an Internet connection. It saves time and works quickly, making it all easy.

“Lifestyle devices such as USB flash drives, mobile phones and portable computers started out as being smaller, portable and a lot more fun than their static predecessors, while fulfilling our need of communication. As they evolved, getting smarter and smaller, they have also changed our lifestyle. We can have business presentations on an iPad and send emails from our iPhone while keeping in touch with friends and partners, so why not go with the trend and offer the possibility of doing more important tasks from our mobile devices, such as handling the security of a business network or that of our home computers?” explained Roman Foeckl, CoSoSys CEO.

Key benefits of the My Endpoint Protector App

• Easily manage business or home computers through a centralized console available on your iPhone, iPad or iPod touch
• The My Endpoint Protector App and the cloud service powering it require no specific security expertise or complicated learning process
• Closely monitor access to your business and personal sensitive files regardless of location and available IT infrastructure; the portable and highly mobile devices you are already carrying are enough
• Allow or deny access to specific devices without needing to wait until you reach a desktop or plug in and start your notebook; for example, allow access to employee smart phones and deny access to your children’s USB sticks

More information about the My Endpoint Protector App can be found on iTunes:
http://ax.itunes.apple.com/us/app/my-endpoint-protector/id379244830

or on the Endpoint Protector website here:
http://www.endpointprotector.com/en/index.php/products/my_endpoint_protector_SaaS

If you had any doubt that security breaches cost companies a lot, it is all clear now – the damages companies have to deal with after one breach are overwhelming! According to recent reports by te Ponemon Institute, organizations get hit by at least one successful attack per week, and the annualized cost to their bottom lines from the attacks ranges from1 million to 53 million USD per year. The reports were based on the analysis of 45 U.S. organizations hit by data breaches.

Ponemon Institute’s released two separate reports,  ”The First Annual Cost of Cyber Crime Study” (PDF), which was sponsored by ArcSight, “The Leaking Vault” (PDF) released today by the Digital Forensics Association, both showing troubling findings for companies’ finances:

• a median cost of $3.8 million for an attack per year, including all costs, from detection, investigation, containment, and recovery to any post-response operations.
• out of 2,807 publicly disclosed data breaches worldwide during the past five years, the cost to the victim firms as well as those whose information was exposed reached $139 billion.
• nearly half of all of the reported breaches came from a laptop, which in 95 percent of the cases is stolen
• hacks led to the most stolen records during 2005 to 2009, with 327 million of the 721.9 million covered in the report, although hacks represent  only about 16 percent of the data breaches
• Web-borne attacks, malicious code, and malicious insiders are the most costly types of attacks, making up more than 90 percent of all cybercrime costs per organization per year
• A Web-based attack costs 143,209 USD; malicious code, 124,083 USD; and malicious insiders, 100,300 USD.

“Information theft was still the highest consequence — the type of information [stolen] ranged from a data breach of people’s [information] to intellectual property and source code,” says Larry Ponemon, CEO of the Ponemon Institute. “We found that detection and discovery are the most expensive [elements].”

Over more than 1000 data losses for the NHS. This is a new record.
Of which alone 307 were as a result of stolen data or hardware and 233 due to lost data or hardware.

The Information Commissioner’s Office has warned organisations that they need to minimise the risk of mistakes, as the amount of losses reported tops 1,000.

The ICO claimed that staff need simple procedures on how to handle personal information with appropriate training to ensure the importance of securing it is fully understood. It also said that it is essential that the protection of people’s personal information is part of organisations’ culture and DNA.

An ICO report revealed that 254 breaches were as a result of information being disclosed in error, 307 were as a result of stolen data or hardware and 233 due to lost data or hardware.

A further 83 were due to a technical or procedural failure and 59 were lost in transit. A breakdown of companies revealed 305 incidents were recorded by the NHS, 288 in the private sector and 132 by local government. Only 81 incidents were the result of central government.

David Smith, deputy commissioner at the ICO, said: “We all know that mistakes can happen but, the fact is that human error is behind a high proportion of security breaches that have been reported to us. Extra vigilance is required so that people’s personal information does not end up in the wrong hands.

“Organisations should have clear security and disclosure procedures that staff can understand, properly implement these and ensure that they are being followed by staff. Staff must be adequately trained not just in the value of personal information, but in how to protect it.

“We are keen to work with organisations to prevent breaches happening in the first place and to help ensure that things are put right when they do go wrong.”

Source and full article: SC Magazine

The in-the-cloud data loss prevention and endpoint security solution developed by CoSoSys has just been launched on the Japanese market by their local partner, Uptown Inc. For those new to the Security as a Service world of endpoint security, My Endpoint Protector is the world’s first software as a service application for device control and data loss prevention that helps companies manage internal and external threats effectively, thus dodging the overwhelming threats harbored by the broad use of portable storage devices and at the same time avoiding to put unnecessary pressure on IT departments and budgets.

My Endpoint Protector’ main benefits include:

• Proactive protection against data loss, data theft, data leakage and malware infection by controlling the use of portable devices
• Protection for Windows PCs (7 / Vista / XP) and Mac OS X
• Effective device management and control by defining specific usage rights for both devices and employees accessing the network
• Centralized Web-based interface for ease of management and reporting, plus real-time monitoring of devices



• Comprehensive audit trail through device activity logs
• Enforced encryption for all sensitive files in transit
• Easy policy enforcement using customizable templates
• Offline mode to protect PCs when they are disconnected from the network, even if the user has administrative rights on that machine

It is indeed an easy to set up, maintenance free and pain free data loss and endpoint security solution and its availability in the cloud also spares companies from pain inducing spendings on new hardware and software platforms. If you’d like to test it, here’s a link to the free trial. And if you’re in Japan and want to know more about Uptown Inc, here are a few details: they provide software solutions for multiple platforms and cloud solutions in Japan. The companies head office is located in Saitama, Japan. Uptown distributes products through resellers or directly to users at http://www.uptown.jp.

Endpoint Protector for Device Control explained in plain English

You can try it yourself today. Visit www.EndpointProtector.com

One year after the Conficker botnet was front-page news around the world it is still controlling approximately 6 million PCs around the world. IT Security Experts describe it like a loaded gun that can go off anytime if it is not stopped.

The Conficker worm has distributed itself throughout and across networks on portable storage devices and continues to do so on unprotected PCs.

Now the U.S. Department of Homeland Security is preparing a report looking at the worldwide effort to keep it in check.

“We said, ‘This was a very good example of the private sector, globally, working together to try to solve a cybersecurity attack, so let’s fund the creation of a lessons-learned report to just document what worked, what didn’t work,’” said Douglas Maughan, a program manager with the Department of Homeland Security’s Science & Technology Directorate.

The report could provide a template for future cyber-responses, security experts say.

Conficker began spreading in November 2008, infecting computers via a variety of means, including an attack exploiting a known flaw in Microsoft Windows.

Though it is still thought to control between 4 million and 7 million computers, Conficker was only briefly put to use, in April 2009. It’s as if the massive amount of scrutiny it generated eventually frightened away its creators — a good thing, since it controls enough computers to create a withering distributed denial-of-service attack.

Full Story on Computerworld

If you’re interested in protecting yourself against data theft, data leakage and other USB device related risks and would also like to help needy children, then you’re going to love the License to hope campaign! Powered by CoSoSys and the Romanian Foundation for Children, Community and Family, License to hope aims to create an education center with 50 properly equipped laptops and providing computer usage training to 150 marginalized children yearly.

Meet the children

To do so, CoSoSys will donate 50% from all revenue generated by Secure it Easy license sales. Secure it easy is an easy to install endpoint security software that helps protect notebooks and PCs in small and home offices as well as home users from portable storage device threats. You can use it to lock down USB Ports in seconds and control your PC’s endpoint devices.

Want to be part of this amazing campaign? Then check out Secure it Easy first and see if you need it. You can also add a badge to your website or become a fan of the License to hope campaign on Facebook.. And they’re also on Twitter. See the full press release here.

Usually it is nice to receive gifts. But sometimes free is not what you want if it comes with a catch. As reported by the Sunday Times, the MI5 is warning executives of gifts received.

It warns that British executives are being targeted in China and in other countries. “During conferences or visits to Chinese companies you may be given gifts such as USB devices or cameras. There have been cases where these ‘gifts’ have contained Trojan devices and other types of malware.”

If such a prapared Flash Drives is connected to a PC without proper endpoint protection in place such es Endpoint Protector 2009, the Trojan will infect the PC and open a backdoor to the PC that will make remote data theft possible within seconds. Until the infection through a customized Trojan will occur through a standard anti-virus solution can take from minutes to weeks. The only protection is to pre-emptively lockdown the use of USB devices the network should not trust.

Read the entire story that sounds more like a Ian Fleming novel than a real life story.
Enjoy.

The USB ports leading to the computers in your network are somewhat of a hell hole, opening up the way to scary security breaches. It all comes down to the use of portable devices that can store large amounts of data that employees and visitors carry around, plug in and use, regardless of all the security red alerts popping up each step of the way.

But completely cutting access to USB ports, although still used, is not a smart move if you’re trying to protect your data against accidental loss or theft. Lawsuits, fines and seeing your customers drop like flies are all scary scenarios, but fear should never prevent you from playing it smart.

Thinking about it for a while, cutting USB access also means printers. So your employees cannot get their laptop connected to any office printer and start printing reports, contracts and offers. They need to only use some authorized printers, through the network, causing long queues, angry comments and general discomfort. Their way of working might be affected, rendering them less productive.

And almost always, all prohibitions turn people against the person making the decision and encourage attempts to circumvent them. I am sure you’ve all worked in companies where some people could circumvent the firewall to download movies and play online games! And I am sure you’ve heard all the nasty comments when some random policy was enforced causing more harm then good.

Plus, the data security you dream of is just an illusion. People can still email sensitive documents, use the very printers you have authorized to print out all your client list and take it to the competition. You might monitor such activity, but if you think you’re safe, why would you?

Why upset your employees with don’ts and forbiddens for a false sense of security when you can allow them to use authorized devices and monitor file activity and transfers instead? Why worry when you can use a file whitelisting system to make sure they can’t really access sensitive information? Why not use a data loss prevention and device control solution to allow the to use the latest technology and stay safe at the same time?

As many as 37 percent of German companies were the victim of economic crime in the last three years, a new study has found. Internet fraud and the theft of business secrets have become a particular problem.
The use of USB Flash Drive in high capacity has made it easy to steal even the most complex business or construction plans in just a few seconds.

A USB Thumbdrive is all that’s required to steal valuable information.

A new study carried out by the German research institute Emnid for the financial services firm KPMG has found that criminal methods are being used more and more often in the ruthless and competitive world of business.

The survey, which took in 375 companies of all sizes, found that around one in three companies had been the victim of business crime. Two thirds of the companies surveyed also expected the level of criminality to rise.

The biggest economic crimes remain fraud, theft, embezzlement and breach of trust, but money-laundering and the forgery of accounts and financial information have all risen since the last survey was carried out in 2006.

Ignorance breeds carelessness

According to KPMG spokesman Frank M. Huelsberg, companies still need to be more aware of how crimes operate. “Despite these alarming results, small and medium-sized companies are particularly prone to underestimate the danger of falling victim to crime,” he said.

Fifty-six percent of the employees surveyed said that their company was less likely to be a victim of economic crime than a major corporation, while 76 percent believe they have made adequate security arrangements.

“Privately- or family-owned companies like to put their trust in their employees. But that makes them vulnerable,” Huelsberg said, “Experience shows that basic security mechanisms are often neglected in such companies.”

Third-party threat

In 62 percent of economic crimes involving small and medium-sized companies, employees conspired with an external third party. This figure is only 40 percent with large companies.

The theft of business or operational secrets is a growing threat, according to the study. A third of small and medium-sized companies have been a victim of such theft, the study said.

“The sale of sensitive information to competitors or criminals is particularly strong in times of economic crisis,” Huelsberg says, “Nowadays even the most complex construction plans fit on a USB stick. Data theft and industrial espionage can be child’s play if security fails, and the loss of sensitive designs or formulas can be fatal for a small, innovation-based company.”

Read the enitre article here on DW.