Tag Archive for: security

Got Bot?

The world of malware (literally bad software) has some interesting terminology. Botnets and Zombie networks sound like they should be different, but they are basically the same thing. The imagery of masses of robots (ala I Robot) or hordes of Zombies from Night of the Living dead is surprisingly a relatively accurate description. Botnets or Zombie Nets are collections of computers that have been infected with a specific class of malware that is managed by an external ‘Controller’. Ok, Zombie hordes are not easy to manage, but the robot masses are. I’ll use the term botnets to refer to both.

Botnets can be used for many different illegal purposes such as distributed denial of service (DDoS) attacks, mass spam mailings, illegal data collection and more. Like the domestic robots in the movie I Robot, malware bots establish themselves unobtrusively in your network through the same types of mechanisms as a virus, worm, Trojan or other malware. In fact, Trojans, malware that masquerades as legitimate software, are often used to distribute ‘Bot’ malware. That ‘swimware calendar’ program you downloaded may look nice, but underneath there may be some malware silently doing bad things to your computer. Read more

7th Phase of growth – Security of the enterprise’s IT/IS Investment

So congratulations, you were just named Chief Information Officer of your company and now moved into your new office.  Looking through the top desk drawer you find a note with three sealed envelops attached.  The note says when you have your first major crisis, open envelop one, the second one open envelop two and the third one open envelop three.  Being the type “A” personality, the one that got you here, you decide to open all three now.  The first one says this is your first crisis blame it on me, your predecessor. The second one says this crisis is yours and you will need a plan to solve it.  The third one says “Oops”, prepare three envelops and leave them in the top draw for your successor.

At this point being a Type “A”, you decide that you are going with envelop two and throw away the other ones.  Your first step is to evaluate your staff and their capabilities.  Looking at their performance records you can learn some of the basics, but you will not be satisfied with just that limited amount of information.  You know about Maslow’s hierarchy of needs.  Although this was explained in a paper by Abraham Maslow in 1943, it still applies today.  The phases are: (1) Physiological (breathing, food, water, sleep, etc.); (2) Safety (security of body, employment, resources, morality, the family, health, property, etc.); (3) Belonging (friendship, acceptance by the group, social needs, sense of belonging); (4) Esteem (self-esteem, confidence, achievement, respect of others, respect by others); (5) Self-actualization (morality, creativity, spontaneity, problem solving, acceptance of facts).  You are aware that Self-actualization is the goal, studies show that only about 2 % are performing at this level.  As people move up the hierarchy with their needs, if suddenly there is a need below, a person will revert back to that level.  (i.e. if someone is working at a self actualization level and can’t breath he would abruptly revert to the Physiological level or if threaten to safety. Read more

Strengthening the Authentication of Your Users

They say a chain is only as strong as its weakest link.  In the world of IT systems, you don’t want that weak link to be user authentication.  Once a hacker gains access to a system as a valid (potentially high level) user, the amount of damage they can do is unlimited.  There are different ways to validate a user’s identity and they have different levels of security.  Using the three little pigs as an analogy, let’s take a look at the options:

1)      The straw house – This is what we call single factor authentication.  This just involves something you know or have.  An example for physical security is a badge that is tapped on a door reader to gain access.  If someone gets hold of the badge, that’s all they need to walk into the building.  Another in the IT world is the familiar user ID and password.  It’s what a majority of users use to gain access to their computer’s OS and applications. This has the potential to be fairly secure, but often times isn’t due to poor password choice.  Users frequently pick passwords that are easy for them to remember which means they are easy for hackers to crack. Once they know the password they have total access to the system/application.  Read more

Minding your P’s and P’s

It seems that there is a constant barrage of regulations and standards that businesses must comply with. Every quarter there is a new audit; SOX, GLBA, HIPAA, PCI, and the list goes on. Businesses try to accommodate these requirements by adopting structured governance model which presents their own requirements, seldom aligning perfectly with the others. Fortunately, there is a common thread woven into all these business detractions. If managed properly, that thread can be a lifeline to save much of the time and effort required to meet regulatory requirements. So what is this thread? It’s your policies and procedures.

Policies and procedures are the foundations of your businesses activities. They are the rules that you play by. They also can make up much of the evidence required by auditors to show that you understand and intend to comply with whatever regulation or standard being applied at that moment. Policies are high level management directives. They are designed to indicate to the company’s workers that management has made a commitment to something which they expect the staff to uphold. Policies are typically general in nature. Specifics are usually in the domain of the procedure. Read more

Email Attacks and Hate Mail Response: Recognizing When You Need to Hire an Incident Response Expert

Many people who use email think that their true identity and location are anonymous. Hidden behind their supposed “cloak of anonymity,” these people may sometimes lash out at their employers, colleagues, political adversaries, ex-lovers, and so on. Thankfully, there are a number of identity management services that can help to reveal the identity of the person who sent you a threatening message.

If you receive an email that is of a threatening or illegal nature, it’s not difficult to initiate an enquiry leading directly to the person involved for appropriate actions by authorities. Here is a look at how the specialists at PathMaker Group can handle your situation:

Forensic Expertise

The key to finding out who is responsible for sending a threatening message is the technical knowledge that incident response experts have about the inner workings of electronic mail. By examining the Internet Headers of a particular email, our incident response experts can identify the exact source of the message. Read more

An Overview of Digital Forensics and Electronic Discovery

Digital forensics and electronic discovery involve the collection and analysis of electronically-stored data. Together, these two fields of electronic security cover the entire digital information spectrum. To find out more about what each one is and when or why you may want to hire an investigative team to perform digital forensics and electronic discovery procedures for your company, continue reading this article.

What is digital forensics?

Digital forensics entails the thorough examination of electronic storage devices. In the process, electronic systems investigators identify, collect, maintain, and analyze the data stored on an electronic device. After doing so, they produce results based on their analyses that are defensible enough to be upheld in a court of law. Deleted, damaged, and encrypted files are all included in the analysis and the data explained in the results.

What is electronic discovery?

Electronic discovery, or e-discovery, is the process of gathering electronic data so that it is readily available and can be stored on a variety of electronic storage devices. This data is gathered and stored via:

  • Information and identity management.
  • Collection and preservation of all data.

When good e-discovery practices are employed at a company, e-discovery records can be sent to a team of digital forensics investigators for:

  • Processing, analysis, review, and presentation of results.

When are these processes necessary?

Electronic discovery should be practiced by any company that stores sensitive data and records that are crucial to future business. Digital forensics should be employed when a company needs to draw on its performance history to justify a decision made in the present, as well as whenever a company is facing legal action. A forensics team can ensure the files and digital history stored on your computer that support your case will provide you with valid courtroom evidence.

Are you a Dallas-based business owner who is looking for services in the field of electronic security and identity? If so, call PathMaker Group at (817) 704-3644 and ask about our electronic discovery, digital forensics, and identity management services today!

 

Using IBM DataPower XI50 Appliance to Secure XML-based Web Services

Congratulations!!! Your IT organization, and more importantly your company, now enjoys the benefits of Service Oriented Architecture (SOA). These benefits include return on investment, code mobility and maintenance, agility, improved scalability and high availability.  But along with these rewards come some disadvantages.  These include degradation of application server performance and increased security concerns and risks.  The XML-based Web Services in use in your enterprise easily expose back-end systems to customers and partners.  Your Web Services pass through your enterprise network firewall and are based upon SOAP, XML and HTTP.  These all combine to introduce new threats and security exposures within your enterprise infrastructure.  These new type of threats can consist of some of the following below:

  • XML Denial of Service
    • Slowing down or disabling a Web Service so that service requests are hampered or denied
  • Unauthorized Access
    • Gaining unauthorized access to a Web Service or its data
  • Data Integrity and Confidentiality
    • Data integrity attacks of Web Service requests, responses or underlying databases
  • System Compromise
    • Corrupting the Web Service itself or the servers that host its Read more

IBM Pulse 2012

Business Without Limits!

Pathaker Group is an IBM Premier Partner with the sales and technical certifications required to sell and implement an ever expanding array of best in class security solutions from IBM. Be sure to put Pulse 2012 on your calendar and stop by the Solution Expo and visit our booth. Business partners and customers will learn how IBM is shaping the IT Security Landscape with newly acquired technologies and integrated solutions to meet the growing challenges that we face.

Check out some info from IBM about Pulse!

Pulse 2012 returns to the MGM Grand in Las Vegas March 4-7, 2012 and we invite you to take part in the action! Experience first-hand how organizations in every industry are using Visibility Control Automation to improve the economics of their business infrastructures and speed the delivery of innovative products and services.

With over 7,000 attendees including industry-renowned speakers, Pulse 2012 is your ticket to hundreds of technology leadership sessions, industry-focused breakouts, and technical skill-building workshops. At this year’s conference you’ll have an opportunity to network with colleagues, participate in hands-on labs, and attend our largest-ever Solution Expo. Don’t miss this significant event!

The Pulse conference is now accepting session submissions! Visit the IBM Speakers page for the timeline, benefits and guidelines, or to answer the Call for Speakers today!” (IBM) Read more

Security and Identity Management Solutions for the Healthcare Industry

Do you work in the medical or healthcare industry? Is your company in need of security or identity management solutions? If so, here are some of the key ways in which PathMaker Group can provide value in this field.

Enterprise Single Sign-on Doctors and nurses have a lot of passwords to manage as well as using shared workstations creating potential issues around people sharing a user ID to an account and people leaving an application or patient information open on a shared workstation. With ESSO, PathMaker Group can give the users a secure way to store all their passwords and automating the login and logoff process.

  • ESSO can be paired with an RFID badge – a quick tap of the badge can log a user on or off from the workstation, saving the time of entering the user ID and password over and over again as they switch between machines all day. A proximity sensor can be added to workstations to automatically lock them when a user forgets to tap out as they walk away from the machine.
  • Shared Workstation Management – Shared machines can be configured to be locked when an ESSO user leaves the workstation. When the next user comes in, any apps left open by the prior user can be gracefully closed to prevent the new user from having patient access under the prior user’s account.
  • Context Management ESSO can further streamline the process of accessing patient records across multiple applications. Tools, such as CareFX Fusion Context Management, provide the ability to script the sharing of patient identification across applications, removing the need for constant searches and patient lookups. Read more

Addressing NIST’s New Risk Management Framework

The National Institute of Standards and Technology (NIST) created a series of publications that provide guidance for federal agencies on the implementation, certification and accreditation of federal information system security. The same guidelines hold true for all commercial agencies/companies as well.

So the question that comes to our mind What is NIST’s New Risk Management Framework? NIST describes the RMF model as a series of six repeating steps designed to identify the security mechanisms necessary for an IT system, implement those protections, and validate their proper operation over the systems lifecycle.

 

 

 

 

 

 

 

Read more