Time for Hotels to get tough on data security

March 4th, 2010

With the recent spate of hotel security breaches at major hotel chains, such as Wyndhams and Radisson, which exposed customers data and credit card details to hackers, it has become increasingly clear that hotel IT security needs tightening up.

Hotels have always endeavoured to keep guests personal belongings secure, even going so far as to lock valuables in a safe. They now need to take that same concern for security of belongings and apply it to the customer data that they keep.

We’ve just released a guide, Securing IT for Hotels, which highlights the major security concerns for hotels including; physical and virtual access rights, how to prevent human error, securing guest data from internal and external attacks, and details how hotels can provide a flexible system of access rights that will permit both employees and guests to use the internet securely.

We would recommend that hotel managers review their data security procedures in light of the recent attacks. Guidelines for what measures should be taken are included in the guide, which is free to download from our website.

Two new devices for medium-sized businesses

March 3rd, 2010

Threats to IT security do not discriminate. Any user can fall victim to hackers and cybercriminals if they don’t have the right security solution in place. But there is no ‘one size fits all’ solution. Medium-sized companies need a security system that will offer a good amount flexibility of capacity – which will allow the system to cope with change as the company expands – at a reasonable price.

Our latest devices, the M-255 and M-285, are specifically designed to meet this requirement, and have been developed for businesses that make heavy use of web services or file transfers. Both systems provide full unified threat management, including firewall, intrusion detection and prevention, content filtering and antivirus/anti-spam solutions. They are also fully managed and monitored from the Network Box Global Management System.

More details on the M-255 and M-285 can be found on the Network Box website.

Phishing attacks down in February, but the threat remains

March 1st, 2010

We’ve just released our February threat stats, which show that there has been a massive drop in the number of phishing attacks (17.86 per cent down from 55.59 per cent in January). It’s common for phishing to decline after the Christmas high point, but it took its time to do so this year, remaining high throughout January.

This may be an indication of the changing tactics used by phishers. Traditionally, big events such as Christmas and Valentines Day have been targeted – previously malware distributors would have sent these links in emails, now we are seeing more attacks launched via social networking sites such as Twitter and Facebook. Attackers are also using the nature of the conversation on these platforms to work in their favour. People love to share breaking celebrity news over these networks, and want to know the latest developments in the story, this is and ideal environment for malware to flourish.

What this means in practice is that rather than seeing the usual peaks and troughs over the year, we may start to see fluctuating phishing and spam levels depending on the nature and number of major news stories. This results in peak levels of malware around these stories, as well as around the more ‘traditional’ peak times. Now spammers and phishers have the ability to catch people out over many different platforms, using a variety of tactics. The most recent Twitter attack caught out politicians, Intel and a tech blogger.  It just goes to show you, anyone can be caught out by these scams if they’re not careful.

Browser Security: The Hidden Threat

February 17th, 2010

If you’re reading this blog, there’s a good chance that you know the importance of internet security, and that you take steps to ensure your systems are patched, passwords are secure and computer networks are protected against the host of malicious malware floating around on the internet that has the potential to compromise your business.

According to Eurostat, 85 per cent of UK businesses have a broadband connection, which means 85 per cent of businesses regularly use a browser of some shape or form and may be taking advantage of the free services that come with them. Our latest white paper, Browser privacy and online security: a guide for IT managers, details the implications of using these free services (like document storage and free email accounts) and looks at the compromises that we are forced to make over the privacy of our corporate data in exchange for the free service provided.

It’s important to note that whilst the most popular browsers have rigorous policies when it comes to data privacy, the amount of detailed information that they can collect about what we do and say online is immense, and a very tempting target for hackers. We may consider targeted ads relatively benign, but what if a hacker could access confidential data that had been stored by a service provider? It might be possible to use the information to tailor malware and potentially exploit the data trail that we create; or, more worryingly, to gain access to your complete operating system by exploiting a vulnerability within the browser.

The guide, which is free to download from the Network Box website, offers the following advice on how IT managers can keep company data secure online:

1.    Select a browser and keep up to date with all vulnerabilities, updates and functionality associated with that browser so the correct risk assessment of threats can be made.
2.    Only allow approved browsers to be used on any work computer, whether in the office or at home.
3.    Make sure users understand what they’re signing up to when they use Internet services.
4.    If you have a free email or document storage provider, you may be sacrificing some privacy rights. If you feel uncomfortable about this, find out whether you can opt out of targeted advertising; or avoid these services.
5.    Be careful about what data you store on these services as some countries have regulations about where data may be stored geographically (Germany is an example)
6.    Set work computers to disable third party cookies (note: most browsers will accept all cookies as the default option).
7.    Ensure security systems are up to date and you have a layered security approach.
8.    Check applications for vulnerabilities (such as SQL injection)
9.    Ensure employees don’t use personal email accounts for work purposes.
10.    Ensure employees delete browsing history regularly and clear cached information stored on computers.
11.    Send out reminders to employees to change passwords regularly, and make sure they are robust. Recommend that they don’t use the ‘remember me’ feature when logging in to secure sites.
12.    Be aware: make sure employees understand security risks, and avoid becoming victims of phishing attacks.

Unified Threat Management becomes affordable for small businesses

February 17th, 2010

Internet threats are impartial. Trojans and viruses don’t have a preference for large multi-national corporations; they will exploit and infect any and all systems that allow them to penetrate their defenses. In fact, because of their limited budgets and smaller IT departments, it’s small businesses that should be the most on guard.

With this in mind, we have been developing systems that will provide maximum protection to SMEs, at an affordable cost. Yesterday we released our new range of S-Series UTM devices specially designed for SMEs and branch offices.

The S-35: designed for small offices providing a firewall, full VPN functionality and intrusion detection, as well as full support/managed service by security experts to ensure complete protection.

The S-85: aimed at the slightly larger SMEs that require UTM+ services, content filtering and protection against malware. It also includes full support and management, and is an affordable solution for effective managed internet threat protection.

Both models carry the following features:

o    Gigabit Ethernet ports
o    Intel processors
o    No moving parts
o   Five Ethernet ports – four 10/100/1000baseTX and one 10/100baseTX

We’re providing full support on, for example, load balancing, quality of service, and advanced policy based routing – and the units are fully managed and monitored from the Network Box Global Management System.

You can find more details on the S-35 and S-85 over at the Network Box website.

From Phishers with Love

February 10th, 2010

Valentine’s Day should be a day for chocolate, flowers and romantic getaways, but IT departments could find themselves working overtime as unsentimental cyber-criminals fire-up the botnets and prepare to bombard our inboxes with the annual round of malware cunningly disguised as pledges of undying love, links to e-cards and romance-themed applications.

As the day approaches, levels of spam begin to climb. As usual, the best way for businesses to tackle this influx of malware is to be prepared. Ensure that all operating systems are up-to-date, all patches are installed and employees are on guard and warned not to open suspicious email, click on shortened links or download new applications without company authorisation.

For many businesses, the weak link in the computer security chain is the employee behind the computer. Fraudsters know this and love to take advantage of people’s innate need to interact, share and be in on the latest trend. Human nature will never change, and so the security systems and procedures that defend your network have to be as robust and flexible as possible.

Public Sector needs to re-evaluate data security systems

January 29th, 2010

Our latest free guide – Securing the Public Sector – discusses the issues that the public sector face when dealing with IT security, and makes key recommendations on how these issues can be tackled.

It won’t surprise you to know that the biggest cause of security breaches is human error. After all, people are not perfect and mistakes will happen. However, with the right procedures in place many of these errors can be discovered before they become a security issue. Other major issues facing the public sector are budgetary pressures (on IT departments as much as anyone), increased use of remote working and a higher number of web-based applications. These are all areas where the traditionally closed public sector work environment becomes open and in turn opens itself up to more areas where security can be compromised.

The guide, which is available from the Network Box site, covers areas of best practice that all areas of the public sector should be implementing. These recommendations include:

o    Ensuring that systems are updated and patched.
o    Remembering that security is about more than just email.
o    Regularly reviewing what applications and systems are used across the organisation as part of ISO9001 or about once per quarter.
o    Ensuring that all data is routed through the appropriate channels and that nothing bypasses security systems (this is one of the most common causes of vulnerabilities).
o    Educating employees – keep them informed about their role in keeping data secure and limit access rights.

Phishing levels still high

January 29th, 2010

We’ve just released our January threat stats, and they make sobering reading. This month, more than half of all malware sent via email was an attempted phishing attack. At Network Box, we’re used to seeing threat stats leap before Christmas, and they did again last year, but they have stayed consistently high throughout January, which is not something that we see that often.

The threat stats also reveal that the number of viruses originating from the UK has increased slightly from December 2009. With that, and Germany’s first appearance in the top ten spam and virus sources list, perhaps we are seeing the start of a new trend of European produced malware?

It could be that the difficult economic climate and the popularity of online shopping have combined to create the perfect environment for hackers, phishes and fraudsters to ply their illegal trade. Clearly, we all need to remember to keep our systems updated with the latest patches and security updates. Yes, this is common sense, but cyber-crime would not exist if people were not profiting from vulnerabilities in our computer security and our networks.

BETT 2010: Don’t forget about security when you embrace new technology

January 20th, 2010

Recently I attended the BETT show at London Olympia, where we had a presence on the stand with our customer, award-winning Learning Possibilities. The show, billed as the world’s largest educational technology event, seemed to me to be somewhat less security-focused than it has been in recent years. There was, however, a great deal of interest in Virtual Learning Environments – or VLE’s – (systems which take education out of the classroom and allow students and teachers to log on to submit or check work from anywhere where they have PC access). When you consider the popularity and convenience of virtual working and the increased use of collaborative software and technologies to aid this, the popularity of virtual learning does make sense.

However, the increasing popularity of VLE’s could present a problem. Some have been known to have their security flaws, with older versions of some systems being exploited by spammers. In one case, this involved linking the name of the effected school to porn sites in web searches. Children carrying out searches while at school were protected from this attack by their school’s firewall, but did the children who searched from outside school premises have the same level of protection?

One thing that is abundantly clear is that whatever the new technology of the day is, it will come with its own security flaws. The systems will need to be patched and updated regularly; and organisations will need to have rigorous security measures and guidelines in place to defend both the network, and the people using it – particularly when those people are children. Popular trends in technology, whether a passing fad or not, must be monitored by security companies, and the people and organisations that use the systems, if we want to enjoy using the new technology, and not expose ourselves to greater security threats.

Behavioural based email security: Time to make the change

January 19th, 2010

There needs to be a change to email security if we want to stop seeing high profile security breeches such as the ones that hit Hotmail and Google in 2009, and the America law firm Gipson Hoffman & Pancione over the weekend.

The pattern of the attacks is simple enough. The attacker sends you an email which looks like it’s from a contact, someone you trust, which prompts you to open the email which contains a link, which, when clicked on, will lead you to a malicious program which could infect your computer or network and steal your personal or corporate data. The problem is, most email filtering systems will trust the email address and therefore allow it through.

What’s needed is a new approach to preventing spam. We need intelligent systems that can learn the behavior of the sender and the recipient and predict behavior. In short, as the attacks get more sophisticated, so must the defense.

In 2009 Network Box released a system called ‘eMail Relationship Manager’, which tracks the features of the sender by envelope analysis to provide additional identifers like source IP address and country of origin. So, a fake email would be automatically blocked because the IP address of the sender would not be the same as the one stored in the system.

eMail Relationship Manager analyses and learns from the behaviour of the sender and recipient of an email, and gives a score to the email which is applied in addition to traditional anti-spam filter analysis. It works by:

1.    Maintaining a central database to store existing email accounts managed by Network Box on behalf of the email recipient (so genuine email from addresses kept in a users address book will be white-listed, assuming their content passes the traditional filter analysis which naturally includes the reputation of the sender). This records and analyses historical information about the relationship in order to judge the likelihood of that email containing malware or unwanted content. The database can be queried and adjusted at any time by Network Box, the organisation’s administrator, or the user. It’s continually updated with every email passing through the system, and will challenge new behaviour, flagging up when a white-listed email address changes its shape – e.g. if a contact in Hong Kong suddenly starts sending emails from Russia.

2.    All relationships are defined using a score based on sender + recipient + type analysis, and given a score based on the trust and strength of the relationship.

3.    The system learns from user behaviour. For example, if the email user A sends an email to email user B, then the system understands that user A trusts user B, and therefore will strengthen the score of trust in that relationship.

4.    If an email relationship is scored as low, then there are number of options open to the system, depending on its configuration. It can quarantine the email and notify the recipient (it can be released with a single click from the recipient if required); challenge the sender to confirm their identity; or defer the email.

To discover more about ‘eMail Relationship Manager’ or for more information about other Network Box products and services, please visit the Network Box website.