Categories
Blog Device Control File Server Security

How to Prevent an Edward Snowden in Your Organization

By now, Edward Snowden is a name that has been heard all around the world. The confidential government documents that Snowden leaked have had a devastating effect on the government and the Obama administration. How Snowden had access to government documents is very blurred in the media, however, one thing is certain; once Snowden did get to the documents he stored them on a normal thumb drive and carried it out of the building.

What if Snowden was an employee at your company? If you handle confidential data that, if leaked could damage the company’s reputation of trust and security, it’s important to apply security to confidential documents on the client’s side before storing them on the server. Hypothetically, if the government or any other companies that fear internal data leakage had SECUDRIVE File Server and SECUDRIVE Device control installed, the incident could have been prevented.

SECUDRIVE provides simple, easy to use data security software that could help businesses protect themselves and their reputation. SECUDRIVE File Server provides copy protection with user authentication, which would only allow authorized and registered users to have access to the server and prevent users from copying or sending documents via email. Administrators would also be able to control which applications are authorized to open documents on the shared folder. Detailed event logs are also provided, which record details such as file activity (read, write, rename, change, create, delete, copy, paste), time, date, and user name in real-time. So if Snowden had tried to take the documents out of the server, he wouldn’t be able to because of the administrator’s security settings. With real-time event logs recorded, administrators would have been able to see when and what Snowden was trying to do with the documents on the server.

With SECUDRIVE Device Control, Snowden would not have been able to connect his thumb drive onto the server in the first place. In a government building, thumb drives are not allowed but in an office, it’s an everyday utility. SECUDRIVE Device Control provides controls of various ports and devices, which can prevent devices from connecting without authorization via USB port, Wireless LAN, CD-RW, DVD-RW, IEEE1394, Bluetooth, Parallel port, Serial port, and IrDA port. The smartphone too can be restricted to the only function as a removable storage device, or only allow it to use MTP, PTP, or tethering connections instead. It also records a detailed event log of when and which devices were connected and used and file activity. Companies can prevent the use of unauthorized devices within and outside of company grounds on employee computers.

Using SECUDRIVE File Server and SECUDRIVE Device Control together can prevent internal data leakages and possibly could have prevented the government’s documents from being leaked. Protect your company today.

Categories
Blog Data Erasure Device Control File Server Security Insider threats USB Copy Protection USB Sescurity

The Other Side of Edward Snowden Case

Thanks to the whistleblower case of Edward Snowden, the public is now aware of the level of private information gathering that has been performed by the U.S. government through agencies such as the NSA. Snowden release of top-secret NSA materials was referred to as “the most significant leak in US history according to the Daniel Ellsberg a former U.S. military analyst who is most famous for leaking the Pentagon Papers in 1971. What was most shocking was the degree of how much private information had been gathered in which case had brought back the fears and insecurities of when the Patriot Act was legislated in order to indiscriminately collect information under the banner of anti-terrorism.

Many journalists and information security specialists who have criticized the indiscriminate collection of private information have suggested that individuals should use client-side encryption solutions for private information, especially since storage solutions such as the cloud were becoming ever more popular. Since the Snowden case, however, public cloud services have been negatively impacted due to the heightened awareness of the lack of privacy of personal information.

In regards to information security, the Snowden case provides us, the public, with another large implication. Snowden worked for the NSA and its affiliated organization which has arguably one of the strongest internal information control systems in the world. Yet, he was able to gain access to highly confidential information that had the potential to impede national interests as well as the organization’s interests. Snowden was then able to copy the confidential information onto a USB flash drive and take it out of the office. For an organization such as the NSA and the affiliated organizations who are supposed to have a sound security infrastructure, this was a huge breach of their internal information security system, thus, making it clear that they had failed in managing internal information access and assessing the user’s ability to handle such information.

This case brings us to think more about the current situation of internal information security management systems of many U.S. organizations. A study conducted by Forrester stated that only 25 percent of data breach cases are from external attackers, meaning 75 percent of attacks are from within an organization. Even so, many organizations cannot easily integrate an internal information leakage prevention system because it often puts a damper on work efficiency. In some organizations, the management argues that it is almost impossible to prevent internal information leakage by utilizing a technological security solution and instead, they relieve themselves by getting employees’ to agree to a non-disclosure agreement and take some rudimentary education on information security. Though this is still needed, it is a much too passive solution.

It has become acceptable for workers to bring their own private devices such as laptops, tablets, and smartphones to their office to work. They store a lot of the organization’s confidential information onto the devices and are now taking the private information with them when they bring their laptop or tablet to a Starbucks, or pretty much everywhere when they bring around their smartphone. This is a huge security risk and it is important to be responsible for the security of the device as well as the information itself.

Now with cloud storage systems becoming more widely used, when companies decide to send designs for a new product, that their company spent a lot of time and money developing, through the cloud to an employee that is offsite, the company no longer has any ability to control the usage of the design. In this situation, all the organization can do is hope that nothing happens by fully trusting the non-disclosure agreement, information security education program, and their employees. Though it is good to have trust in your employees, blindly trusting them is plain idiocy. Without some sort of security system set in place, if a top-secret document is lost by employee carelessness, robbery, or even leaked by an employee with malicious intent, the organization may never find out who did it, where it happened, or even how it happened. Even if they do know the “who”, “what”, and “how”, the damage that follows often cannot simply be compensated by the dismissal of an employee or civil and criminal actions.

Ultimately, it comes down to the need for change: A need to restructure the way internal information leakage prevention systems are viewed and utilize preemptive security solutions. In order for organizations to prevent cases such as Snowden, there needs to be a push towards preemptive security solutions that can be used with existing technologies such as encryption, which only focuses on preventing leakage when the device is lost or stolen. It’s because many chose to be oblivious the fact that those that are authorized to use the data are possibly the biggest threat in terms of information leakage.

A possible solution to the prevention of internal information leakage, are storage devices that utilize features such as copy protection. Secudrive (www.secudrives.com) provides solutions that even small and medium companies can easily integrate into their security policy. They provide products that can prevent unauthorized copy of A/V files, office files and even CAD files, supporting various storage devices such as USB flash drives, file servers, and public cloud storage systems. Alongside their copy protection products, Secudrive also provides device control products that allow only registered devices, such as USB flash drives, tablets, and smartphones, to be able to access a port of a registered PC.

Categories
Blog NEWS News Letter Press Release USB Copy Protection USB Sescurity

Secudrive USB CAD released

Brainzsquare announced the release of specialized copy protection, a secure USB drive solution for design and CAD files, SECUDRIVE USB CAD, into the market. SECUDRIVE USB CAD offers copy protection for important design files and prevents unauthorized copy, print, or transfer. It also utilizes its compatibility with various CAD and design applications such as AutoCAD, OrCAD, Adobe Photoshop, Illustrator, and more. With other security features such as password protection, event logs, and validity settings, this solution is especially useful for designers who carry their designs with them.

San Jose, CA-August 19th, 2013-Brainzsquare announces the release of SECUDRIVE USB CAD, a specialized, copy- protected, secure USB solution developed especially for compatibility with design and CAD files, into the market. With other security features embedded into the solution, SECUDRIVE USB CAD is perfect for designers who carry their precious designs with them on the go.

With SECUDRIVE USB CAD, users can safely carry their important designs with them wherever they go. Whether it be on a business trip, a trip to the office, or a public PC center, it provides copy protection not only for document files, but for computer-aided design files as well. The copy protection solution is compatible with numerous CAD and design programs such as Adobe Photoshop, Adobe Illustrator, AutoCAD, OrCAD, and more. By adding specific programs to the USB’s copy protection system, important design files cannot be opened by programs other than the ones the user has specified, and cannot be copied, transferred, or saved onto the local PC. This protects the user’s copyrights on their designs and prevents unauthorized people from viewing or leaking the data.

This secure USB solution also features validity settings, Auto-lock, password protection, and print controls with watermark printing. Validity settings allow users to set a time period for the USB to be active and also set a limited number of logins. If the user has to leave the computer for a few minutes, there’s no need to worry there either. With Auto-lock, users can set a specific time a computer can go inactive before the USB automatically logs out of the device. But be aware, data not saved will be lost upon logout. SECUDRIVE USB CAD also comes with password protection. Users will be asked to input a password upon their first login. If the wrong password is entered over ten consecutive times, the data on the USB will be automatically and irreversibly erased. This is to prevent data leakage if the USB drive is ever lost or stolen. Users have a choice of turning off printing completely, which doesn’t allow any file to be printed off of the USB drive, or turn on printing with a customizable watermark.

Users can also login as read-only mode. This prevents files on the USB from being edited or overwritten. With AES 256-bit hardware encryption and an embedded anti-virus vaccination, users can rest assured that their design files are safe from virus infections and malware. Detailed event logs are also provided with information such as date, time, user name, USB serial number, and action taken.

“Conceptual drawings and designs for new product development warrant a high level of confidentiality within a company. Companies, as well as employees today, have worried about loss, theft, or leakage of their designs whenever it is taken out on a portable device to show to cooperative partners outside of company grounds. Designers can now carry their precious design files with them on SECUDRIVE USB CAD and not have to worry about the security risks of losing their flash drive, unauthorized copying, or virus-infected files. This USB solution gives the users all they need to protect their precious data in a simple and effective way,” said Simon Kang, CEO of Brainzsquare.

If you have any questions or inquiries about this article or its contents, please contact us.

Categories
Blog NEWS News Letter Press Release USB Sescurity

SECUDRIVE USB Basic Released

Brainzsquare announced the release of SECUDRIVE USB Basic, a new secure USB solution with hardware encryption which is strengthened by embedded functions such as password protection, self-destruction, auto-locking, login as read-only mode and anti-virus vaccine, designed to protect data in vulnerable situations.

San Jose, CA – August 27th, 2013 – Brainzsquare announced the release of SECUDRIVE USB Basic, a secure USB solution with hardware encryption, strengthened by embedded functions designed to keep important data secure in vulnerable situations.

With SECUDRIVE USB Basic, users can safely carry their important data without having to worry about the consequences of losing it because it provides security features designed to protect your data in everyday vulnerable situations. The flash drive comes with AES-256 bit hardware encryption which automatically encrypts all stored files in a secure zone of the drive. Users are asked to set up password protection upon their first login. If the wrong password is entered in excess of ten times, the contents of the USB drive will be permanently erased by its self-destruction function, keeping the data stored inside from being seen by prying eyes even if the flash drive is lost or stolen.

Auto-lock is also a feature of SECUDRIVE USB Basic which automatically closes all files currently open on the computer and logs you out of the USB drive secure zone if the user has been inactive for a specific amount of time. So whether you’re at your computer or away from the keyboard, you can relax, knowing your flash drive automatically logs you out after a certain amount of time. Users can also login as “read-only,” which allows users to only be able to access the data stored on the USB in a Read-Only format. This helps users avoid certain malware.

SECUDRIVE USB Basic comes with an embedded Trend Micro™ Antivirus program to prevent files stored on your flash drive from being compromised by virus infections. All files stored onto the flash drive will automatically be scanned and protected from viruses by Trend Micro’s program. Pattern analysis and engine updates are provided for one year from the date of purchase. Users can renew their subscription license annually through the SECUDRIVE website.

“If you don’t want anyone to access your files on your USB flash drive, you should use a hardware encrypted, secure USB. This has become essential over the last few years. SECUDRIVE USB Basic is one of the most effective hardware encrypted USB flash drives designed to keep valuable and confidential information secure in vulnerable situations. It’s simple but very effective in securing data for everyone,” said Simon Kang, CEO of Brainzsquare.

SECUDRIVE is the registered trademark of Brainzsquare.

TREND MICRO and Trend Micro USB Security are trademarks or registered trademarks of Trend Micro, Inc. Specifications of the product may change without prior notice.

If you have any questions or inquiries about this article or its contents, please contact us.

Categories
Blog Device Control NEWS News Letter Press Release

SECUDRIVE Device Control Released

Brainzsquare announced its release of SECUDRIVE Device Control, a new device access control solution for data leakage prevention for SMBs, into the market. SECUDRIVE Device Control makes it possible to allow or block devices such as USB flash drives, external HDDs, Smartphones and tablets from being connected to the USB ports of a corporate PC. The logs related to file activity in the allowed media are gathered and arranged for auditing.

San Jose, CA-August 1st, 2013-Brainzsquare announced its release of SECUDRIVE Device Control, a new device access control solution for data leakage prevention targeted for SMBs, into the market.

SECUDRIVE Device Control makes it possible to allow or block devices such as USB flash drives, external HDDs, Smartphones and tablets from being connected to the USB ports of a corporate PC. Even the allowed devices can be restricted to “read-only.” The logs relating to file activity in the allowed media are gathered and arranged for auditing purposes. For situations where the PC is carried out of the office, a separate security policy can be set and a log of all the activity that occurred will be gathered once the PC is returned to the office and reconnected with the manager program through the network. Once it has been installed on the PC, the security policy can be set to block prohibited devices which could help keep stop the infection of common USB viruses such as the Stuxnet virus.

Also, since smartphones are so versatile with its capabilities, SECUDRIVE Device Control provides multiple blocking options. The phone can be restricted to the only function as a removable storage device, or only allow it to use MTP, PTP, or tethering connections instead, thus allowing complete control over smartphone connections.

SECUDRIVE Device Control has the ability to deny or allow access to devices using the following ports in addition to the USB port: Serial/parallel, Bluetooth, network, WiFi, Printing, IrDA, CD/DVD, IEEE 1394, and even floppy.

SECUDRIVE Device Control comes in two versions, Basic and Enterprise. SECUDRIVE Device Control Basic is installed on a PC or server and is managed independently, therefore it is intended for smaller companies that have fewer than 20 PCs and industrial PCs which are not connected to the network. SECUDRIVE Device Control Enterprise allows the administrator to control device access and manage security policy by PC or by groups remotely, through the network. The administrator has a full view of all device access activity and can gather logs on files that have been transferred using the USB port.

“It doesn’t require any dedicated DB. It is easy to use, even for those of us who are not the most computer literate, meaning an IT specialist is not necessary. After installing it on a PC, a user cannot remove it unless the administrator allows it on the program. SECUDRIVE Device Control is targeted for SMBs. It is a must-have tool for SMBs to prevent internal data leakage and could be used along with our H/W encrypted and copy-protected USB products such as SECUDRIVE USB Basic, Office, CAD.” – Simon Kang, CEO of Brainzsquare.

If you have any questions or inquiries about this article or its contents, please contact us.