Endpoint Protector Appliance: Stop data theft on Windows and Mac

Stidia B2B Service Suite Features Actively Managed Secure Hosting

August 31st, 2010 by Agent Smith (0) In the News

In mid-August, Luxemburg-based Stidia has added Actively Managed Secure Hosting to its business to business web hosting and e-Commerce solutions suite. With this new addition, all Stidia corporate customers’ servers are actively monitored by human engineers to guarantee the best levels of website security, network redundancy, and bandwidth performance.

The new security service has been integrated with Stidia’s previous enterprise-class DNS hosting offering and all web hosting packages are now actively managed through this new offering. Read more

Obama Administration Issues Progress Report On Cybersecurity

July 16th, 2010 by Agent Smith (0) In the News,In The Spotlight

US President Obama and cybersecurity czar Howard Schmidt have both issued statements on cybersecurity presenting very optimistic progress reports and supporting increased activity in the private sector.

Some of the points discussed in the progress reports included the recent organizational changes and new cybersecurity initiatives of the Obama administration presented as evidence that the White House is making advances on the cybersecurity front.

“President Obama appointed a Cybersecurity Coordinator to provide White House leadership on cybersecurity issues,” the progress report says. “The Cybersecurity Coordinator leads a new Cybersecurity Directorate within the National Security Staff (NSS), works closely with the economic team, and has created a close partnership with the Office of Management and Budget (OMB) and the Office of Science and Technology Policy.”

As stated before while speding a year to decide who will be the czar everyone expected, cybersecurity is considered a “key management priority” by the white house.

“Enhancing cybersecurity is a central component of the Administration’s Performance Management Agenda,” the progress report says. “The Federal Chief Performance Officer has targeted key performance strategies for improving government operations, which include moving to real time monitoring and integrating cybersecurity into system design, rather than bolting it on as an afterthought.”

I am thrilled to see things are movig along just fine and the White House is also focusing on ecouraging cybersecurity projects in the private sector as well. Let’s hope they keep it up and others start following their lead.

For more details of the two statements, visit DarkReading.

Medical diagnoses of 130,000 people lost

June 30th, 2010 by Agent Smith (0) Data Theft & Loss,In the News

New York-based Lincoln Medical and Mental Health Center is the center of attention in security news after exposing sensitive patient information. The lost data was the result of a failed FedEx delivery – CDs with unencrypted data was sent to the Center but never made it to its destination.

The lost data included medical and psychological diagnoses and procedures for over 130 000 patients, as stated in an official notification. An investigation trying to locate the missing CDs was launched back in April, but it failed to recover the data: names, addresses, social security numbers medical record numbers, dates of birth and more, enough for any half-decent identity thief to have a blast.

According to the Register, Licoln is at least note alone in this mess:

Lincoln’s notification to the US Department of Health website came the same day officials at the University of Maine said sensitive details for 4,585 individuals who sought services at the school’s counseling center have been stolen by hackers who compromised two servers. The exposed data included names, clinical information and social security numbers for people who used the service over an eight-year span ending last week.

Other medical facilities to fess up to losing patient data in the past 24 hours, according to the Department of Health website, include Silicon Valley Eyecare Optometry and Contact Lenses, with 40,000 people affected, Kentucky’s Our Lady of Peace Hospital, with 24,600 affected, and the Cincinnati Children’s Hospital Medical Center, which affected 60,000.

Mix, match and send credit details to whoever

May 31st, 2010 by Agent Smith (0) Identity Theft,In the News

That’s what HM Revenue & Customs seems to be doing these days. They have taken the credit details of over 50,000 individuals claiming tax credits and mistakenly sent them out in the post. The result was that each one of the claimants has received their annual tax credit award notice, along with the private details of someone else.

Yearly earnings, parts of bank accounts, insurance numbers and names have all been sent out randomly to claimants. Yet the HMRC claims they will apologize and no IT theft could have resulted from this!

“Unfortunately an error has occurred in one of the tax credits print runs, causing some customer information to be wrongly formatted,” said a spokeswoman.

“Investigations are under way to identify the cause of the problem and we will be contacting affected customers in writing this week, apologising and providing a corrected award notice.”

Let’s hope that all claimants are moral, law abiding citizens and that the information is indeed to little to be used in any wrongful way! Yet the apology is still in order and a thorough analysis should follow the initial one that stated there were no ID theft risks!

banner-orange-epp.jpg

UK: Information Commissioner’s Office reports that the NHS has disclosed 305 security losses, as the amount of breaches tops 1,000

May 29th, 2010 by Robert (0) Data Encryption,Data Theft & Loss,DLP,endpoint security,In the News

Over more than 1000 data losses for the NHS. This is a new record.
Of which alone 307 were as a result of stolen data or hardware and 233 due to lost data or hardware.

The Information Commissioner’s Office has warned organisations that they need to minimise the risk of mistakes, as the amount of losses reported tops 1,000.

The ICO claimed that staff need simple procedures on how to handle personal information with appropriate training to ensure the importance of securing it is fully understood. It also said that it is essential that the protection of people’s personal information is part of organisations’ culture and DNA.

An ICO report revealed that 254 breaches were as a result of information being disclosed in error, 307 were as a result of stolen data or hardware and 233 due to lost data or hardware.

A further 83 were due to a technical or procedural failure and 59 were lost in transit. A breakdown of companies revealed 305 incidents were recorded by the NHS, 288 in the private sector and 132 by local government. Only 81 incidents were the result of central government.

David Smith, deputy commissioner at the ICO, said: “We all know that mistakes can happen but, the fact is that human error is behind a high proportion of security breaches that have been reported to us. Extra vigilance is required so that people’s personal information does not end up in the wrong hands.

“Organisations should have clear security and disclosure procedures that staff can understand, properly implement these and ensure that they are being followed by staff. Staff must be adequately trained not just in the value of personal information, but in how to protect it.

“We are keen to work with organisations to prevent breaches happening in the first place and to help ensure that things are put right when they do go wrong.”

Source and full article: SC Magazine

Edmonton travel agency investigated for credit card fraud

May 28th, 2010 by Agent Smith (0) Data Theft & Loss,In the News,security breach

An Edmonton travel agency is currently investigated for credit card fraud after complaints of foul play totalling over 50,000 US dollars have been reported by former customers. According to the ongoing police investigation of the Canadian travel company, a former employee has been charged in the case, but other charges might still be pending, involving other prople related to the agency.

While the information is still foggy, it is clear that there have been about 11 reports from ex-customers who have used the agency’s services and then noticed unauthorized usage of their credit cards. The initial complaint came from a customer who had found out that almost 20,000 USD had been charged to his card. Subsequent complaints raised the total abount to 50,000 USD.

It is unclear how many credit card accounts had been stolen, as the agency personnel had access to all this data. The police investigation might be able to reveal who’s to blame and how many people were affected by this data theft.

My Endpoint Protector makes its way into Japan

May 27th, 2010 by Agent Smith (0) Data Theft & Loss,DLP,endpoint security,In the News

The in-the-cloud data loss prevention and endpoint security solution developed by CoSoSys has just been launched on the Japanese market by their local partner, Uptown Inc. For those new to the Security as a Service world of endpoint security, My Endpoint Protector is the world’s first software as a service application for device control and data loss prevention that helps companies manage internal and external threats effectively, thus dodging the overwhelming threats harbored by the broad use of portable storage devices and at the same time avoiding to put unnecessary pressure on IT departments and budgets.

My Endpoint Protector’ main benefits include:

  • Proactive protection against data loss, data theft, data leakage and malware infection by controlling the use of portable devices
  • Protection for Windows PCs (7 / Vista / XP) and Mac OS X
  • Effective device management and control by defining specific usage rights for both devices and employees accessing the network
  • Centralized Web-based interface for ease of management and reporting, plus real-time monitoring of devices

    • banner-sky.jpg Read more

Customer forms thrown in the dumpster

April 14th, 2010 by Agent Smith (0) Data Theft & Loss,Identity Theft,In the News

While we worry about security flaws and poor company policies that could lead to our data being exposed to all that’s worst in the IT world, theft and fraud, we might be overlooking one important aspect that could very well harm us: the companies that just couldn’t care less about what happens to our data!

Think of this scenario: company XYZ decides business used to be way better years ago and it’s time to cut their losses and close their doors. Over the years, they have collected interesting private details from their customers which need to be disposed of somehow. No, they won’t just delete it from their computers, cause it’s kind of printed on paper. So why go to the trouble of shoving the paper trails down a shredder when they could just dump it at the nearby garbage bin?

This was the case of a Hollywood Video store in the Baring Village Shopping Center. Like many others in their chain, they had to be closed. So they took hundreds of filled out membership forms and threw them in the garbage bin in the back. Unknowing customers were thus exposed to ID theft and fraud. Most forms cotained names, addresses, birthdates, ID numbers and signatures, but some of them also contained credit card details.

Luckily enough, some of the forms were found and returned to those who submitted them, while the rest will soon be destroyed by the local police. The question is who to blame in such a case? Former employees or the company? I’d say both and home some action is taken against them.

License to hope – Protect your data and help marginalized children

March 18th, 2010 by Agent Smith (0) DLP,endpoint security,In the News,In The Spotlight

If you’re interested in protecting yourself against data theft, data leakage and other USB device related risks and would also like to help needy children, then you’re going to love the License to hope campaign! Powered by CoSoSys and the Romanian Foundation for Children, Community and Family, License to hope aims to create an education center with 50 properly equipped laptops and providing computer usage training to 150 marginalized children yearly.

Meet the children

To do so, CoSoSys will donate 50% from all revenue generated by Secure it Easy license sales. Secure it easy is an easy to install endpoint security software that helps protect notebooks and PCs in small and home offices as well as home users from portable storage device threats. You can use it to lock down USB Ports in seconds and control your PC’s endpoint devices. Read more

Denmark: Storage media with 9500 private records accidentally exposed

March 15th, 2010 by Agent Smith (0) Data Theft & Loss,DLP,In the News,security breach

Mistakes happen everywhere. Some lead to lots and lots of private data being exposed. This is the case of Danish group ISS whose representatives accidentally mail a storage device containing 9500 employee records instead of holiday cards. The bad news is that the information exposed included names, addresses and social security numbers. The good news is at least it wasn’t their whole employee database, about 2000 managed not to be exposed to the risk of identity theft and fraud!

The company has announced those affected by this new breach but it’s not giving too many details, as there’s an ongoing investigation. Read more on the incident here.

Endpoint Security and Device Control Solutions with low TCO and great ROI.

As far as we’re concerned, the conclusion is very simple. Be careful where you store private details of your employees! Try to do it on a safe computer network. And if you need to save all that info on a storage device, make sure it’s encrypted, because such little gadgets are misplaced all the time!

« Previous Entries
Next Entries »
© Endpoint Security Info 2012. Wordpress Theme by Arcsin

blogarama - the blog directory Technology Blogs - BlogCatalog Blog Directory Blog Directory Find Blogs in the Blog Directory
valid CSS valid XHTML