Dec 30

Please “KISS” in Information Leak Prevention

Einstein led us to have a taste of the simple beauty of the physical world; Steve Jobs was showing us the extraordinary minimalist design. At most of time, only simplicity can reach the essence of things. There is a very important principle in enterprise management-”Keep It Simple, Stupid”, because only simplicity can be accepted by majority and be more widely implemented. Enterprise information leak prevention often make people feel complicated and have no thread, which makes it need KISS principle.

So how to apply the KISS principle to corporate information leak prevention? In current enterprise information leakage protection projects, three aspects that most need simplification are security systems architecture, information using environment and security regulation.

1. Keep the system simple to realize easy operation.

If the security mechanism of enterprises is too cumbersome, employees will find any ways to circumvent them. For a suit of information leak protection system, no matter how powerful it is, it will be invalid if no one uses it.

Some companies will chose a system that stacks different brands of security systems together when purchasing the information leakage protection system. In fact, due to need to run multiple systems, administrators must log in multiple accounts, set policy on multiple platforms, and query data, which make the management more difficult. Coupled with compatibility and other issues, the company’s overall anti-phishing systems become more complex and practicability therefore becomes weaker.

2. Keep the environment clean so as to achieve an orderly control.

If compare a business to a planet, the information are lives on the planet, and the information ecological environment of the enterprise is very poor. For example, randomly placing important files, crossly using various U disks, randomly installation of various software, freely to modify the configuration of your computer, such kind of phenomenon that will harm information abound, which potentially increase the chance of data leakage. Meanwhile this chaotic environment will virtually give employees an expression that “company doesn’t attach importance to information leakage protection”, and gradually eroded employees’ security awareness.

Therefore enterprise information leak prevention can start from information using environment specification, such as to unify the registration and management of mobile storage device to ensure that admin can trace back to the owners of each device, every device usage has its operational records; such as to unify the applications installation and network configuration of external computers via desktop standardization. Clean information using environment can not only improve the enterprise anti- leak coefficient, improve safety awareness of users, but also help to shape corporate professional and trustworthy image.

3. Keep the system simple so as to achieve clear and feasibility.

At the mention of information security system, many people may come to mind is something out of a thick manual and the like, tedious, boring, soporific. Such kind of a system, although it takes a great deal of efforts, but few people like it.

Information security system should not be cold warning or even command, but a humanized communication between enterprise and users. Therefore, companies should take a variety of forms to communicate with employees, and with a reasonable incentive so as to achieve good results.

You may face core assets loss and heavy pressure from market, partners and the public if you don’t prevent information leakage; while you may feel difficult to promote, implement if you decide to prevent the information leakage. Those enterprises that worrying about information leak prevention project had better “KISS”!

For more information about data security and enterprise data leak prevention, please visit: Kakasoft.

Dec 23

The Great Loss Caused By Network Crimes

Ponemon Institute recently released a research report entitled “2013 Cybercrime cost”. The research report consecutively sponsored by HP Company for four years estimated the economic impact caused by cybercrime. The report notes that in 2013 the economic impact caused by cybercrime increases 78% compared with that of over the past four years, in the past 4 years, the time cost to solve the problem has increased 130%. Average cost for per network attacks needs more than $ 1 million.

In 2013, the frequency of attacks and damage has increased. Based on the sample of U.S. companies and the government point of view, the loss was caused by cyber attacks every year $ 11.56 million, more than four years ago, when the beginning of the study increased by 78%.

Although the level of network defense is improving, cyber crime groups also show their strong ability of adjust and adopt in front of the continuously improving protection level of network defend.

Some important data presented in this report are summarized as follows:

1) The annual average loss of every enterprise (organization) caused by cybercrime is $ 11.56 million; the loss range is from $ 1,300,000 to $ 58,000,000, which increased $ 2.6 million than that in 2012, an increase of 26%.

2) Military, financial, energy, power industry suffered the largest loss of cyber attacks

3) The major factor of loss caused by cybercrime is data loss or data theft, which accounted for 43% of the total loss, and the loss caused by the shutdown accounted for 36%.

4) The business or organization suffered 122 successful cyber attacks every week. The figure in 2012 was 102.

5) The average time to resolve a cyber attack is 32 days; the average cost during this period was $ 1,035,000, which is about U.S. $ 30,002 thousand a day. And in 2012, the average time to solve the each network attacks was 24 days, with an average cost of $ 591,000.

6) The loss due to DoS attacks, Web attacks and damage caused by the internal staff accounted for 55% of enterprises cybercrimes.

7) For small businesses, the loss caused by network attacks of per employee is much higher than that of large enterprises.

8) For business, the costs of finding network attacks and recovery after network attacks are the highest.

The report also reveals the importance of the necessary network protection mechanisms and establishment of network security awareness. The researchers also found that the use of Security Information and Event Management (SIEM) and big data analysis can help mitigate the loss of network attacks. For enterprise and organizations, data and information may be two of most important assets, data or information loss will lead to not only financial loss but also reputational loss. Every company should establish strong awareness of data security, what’s more, the admin of company need to improve employees’ data protection awareness. For example, admin must remind employees to password protect folder stored in PC and portable storage devices.

Dec 17

Dangers in Mobile Information Age

The development of the Internet and information technology makes people step into the information age, but with the change of the information processing terminal, people also enter the mobile information era. In this mobile era, people can use their mobile information devices to connect the network anytime and anywhere, beginning their informationalized living, office and entertainment. It’s sure that the mobile situation will continue for a long period of time, because it fit people’s hope of free.

But it is this portable mobile device that brings about information and data security issues to people. How to deal with mobile device security issues has become one of most concerned things of individuals, companies and even countries. Also due to the diversity of mobile devices and information technology, the protection solutions must keep up with them, namely is able to adapt to various possible environment and safety requirements.

Mobile Device Management (hereinafter referred to as MDM), namely management of smart phones, tablet PCs and other mobile network client. Now, MDM is an indispensable measure for enterprises, because the mobile network clients are similar to traditional computer, poor management is likely to cause a bad impact on operating safety.

Smart phones and tablet computers are developed from the PDA (Personal Digital Assistant, Pocket PC), their history is not long. They can be used as a mobile network clients, the earliest portable microcomputer appeared in the late 1990s.

Mobile + Portable= Increasing chance of stolen

Owing to the small size and portability, the stolen risk of microcomputer is significantly higher than desktop computer. Most desktop computers are larger in the volume and fixed on positions in the office, they are seldom stolen if you close the door. But because of the small size of laptops and smart phones, the stolen difficulty is sharply decreased.

Many researches show that mobile phone is now more important than our wallets for people. The reason why phones are becoming so important is that in addition to its intrinsic value, the important data stored in the phone, such as scheduling, address book, and so such private information are important.

Business people tend to store data involving many business secrets in office tablet PCs and smart phones, especially in the email. E-mail specific contents are different based on each company ‘s information infrastructure, which may include unimportant chat, and may also include customer information, corporate plans, and even the contract documents. Email possibly contains passwords of common office applications.

The most frightening thing is data. Important data may be lost due to security vulnerabilities in equipment: hackers can gain access to the device, and access the data in the device. Another way is through the phishing application. As long as you download some phishing applications, they will be able to access to the data stored in your device. Apparently, users who download these applications are insufficient of vigilance. As long as the application is free, users are willing to download; they are seldom concerned about the possibility that the data in their own equipment may therefore be compromised.

The traditional Trojan viruses can also spread on a mobile platform. Even though Apple, Google, Microsoft and other companies have considered this problem in the design of operating procedures and ensure that the factory equipment is not toxic, but it’s impossible that the program has no flaws.

As the security issues come with the development of mobile technology and IT are more and more, in order to decrease the loss caused by mobile device stolen we’d better password protect the data stored in it. If the threatening objects aim at the value of data, you can use encryption solution to protect the data.

People look for freedom, while the yearning for freedom also affects their attitudes of handling things. In the face of security issues in the information age, individuals, companies and countries need encryption technology to protect files and lock portable storage devices.

Dec 09

Encryption Solution May be the Best Solution for Data Security Management

Network Systems globalization realize the real time communication among various countries, at the same time, it brings about a series of unsafe factors, the Internet system has more or less a series of drawbacks. It will lead to the disclosure of daily information, essential information if these drawbacks are used by hackers, resulting in a great inconvenience for users. Therefore, how to enhance the security of computer network information systems has become a pressing issue in today’s society.

Computer management system originated very early, in 1955, the computer system achieved the innovation, realizing development of power management application. With economic progress, the development of science and technology, computer information management system now constantly update, its function is more extensive, performance is more superior. After a long time of development, the computer network management system is also gradually improved, which is transited from the previous single function and traditional model to contemporary extensive features mode.

With the development of the times, computer network systems technology is becoming increasingly popular. In order to avoid hackers or virus invading through the system loopholes, resulting in paralysis of computer network information system, affecting people’s daily economic life, resulting in the loss of the user, we need to process regular network information system safety monitoring, inspection. In order to ensure the normal operation of computer network security, we should consider computer network and information security issues as an important part of the computer information technology research.

Network information management technology we usually refer to is basic network information, and some extensive network information. The former is IP address information that is used to confirm a user’s identity; it prevents unauthorized access and bad information into the system.

Generally speaking, computer network and information security has dynamic adaptability. With updated computer systems, the development of computer technology, relevant network and information security will also update, its function has been extended, performance has been enhanced, which is more useful to guard against hackers, viruses , ensuring vital interests of users, and avoiding the disclosure of private information. The complete establishment of network information security system is inseparable from cooperation of every aspect.

From a security management perspective: we need to use three main means of protection to establish a complete security system.

First, strengthening the security measures of the operating system

Generally, in order to ensure the security of computer information technology networks, you need to sweep the computer system for vulnerabilities, in this process, we need to use a series of scanning software for troubleshooting system vulnerabilities, and then provide effective security operating solutions and remedial solutions to strengthen user authentication and improve relevant laws and regulations.

Second, the specific application of information encryption algorithm

In order to ensure the stable operation of computer security information systems, we have to be positive to use cryptographic algorithms to encrypt information, so as to effectively avoid the occurrence of information insecurity. Cryptographic algorithm is one of the important aspects to ensure information security. With the rapid update of science and technology, traditional encryption system is outdated and no longer meets the needs of the times, which means we need to be proactive to make confidential approaches innovation.

It is worth mentioning that when using data encryption to secure information and data, you should also consider the flexibility of the encryption protection. Because at the information age, information security issues become more and more complex, countermeasures must also be flexible. For individuals and enterprises, choose flexible and suitable file encryption solution is very essential.

Finally, establish complete regulations and rules of computer IT network security management

To ensure network security, you also need to make up and improve relevant systems regulations, establish a professional team of computer information and technology security management team, and improve regulations of staff daily Internet access. At the same time, in order to actively prevent hackers, viruses, you need to install effective anti-virus programs to build a sound anti-virus system, regularly scanning and regularly updating to ensure system security. Timely replace outdated computers, realizing standard configuration of computer. According to the approach of unified management and sub-sectors custody, you should strengthen computer application management, designate computer responsible persons, and set power-on password and network password based on permissions.

With the development of the times, the computer information management technology is increasingly popular. It’s imperative to enhance network information security establishment to effectively prevent network insecure factors. As for the origin defense of data security, in order to cope with diverse security crisis, targeted and flexible encryption software is undoubtedly the best “solution”.

Dec 02

Data Disaster Backup Comes Ahead of Data Encryption

Data disaster recovery data is an important premise as well as an important part of the enterprise information leakage protection. The so-called data disaster recovery, in simple terms is to backup and store the same information in different places. If companies centrally store all the data in the one place, once the crisis occurs, the damage and loss will be immeasurable.

When the data has been destroyed, then there is no need to protect it. The so-called data disaster recovery, in simple terms is to copy the data and store them in different places, so that even if data in one place is accidently damaged, the data stored in other places can also be used, which will not affect the normal business operations. But if companies centrally store all the data in the same place, once the crisis occurs, the damage will be immeasurable.

In fact, many companies have risks of data loss or data damage in many places, which can be divided in following four types:

The first type is that some companies have low awareness of information security, paying less attention to data classification and archiving of documents, randomly storing documentation in any place, when you want to use, you cannot find them in anywhere.

The second is the false -style loss. In the office process, employees will randomly delete those data that they think it’s temporarily useless, while later on they need these data, but can’t retrieve them.

The third one is misconduct lost. We may take wrong operations owing to various factors at work; we may inadvertently delete important documents.

The last one is malicious destruction. If the members in companies want to vent discontent, commercial espionage deliberately implement to combat competitors, all those will cause data and information malicious destruction. If there is no perfect disaster recovery mechanism, these issues are likely to become a nightmare of enterprise.

How to build an effective data backup mechanism to deal with unexpected accidents?

First, the enterprise should track and backup the important documents in internal network, including document printing, IM transfer documents, files attached in send e-mail, a copy of the document in removable storage devices, etc. It’s able to not only prevent document being loss, but also completely control document to prevent illegal leaks.

Second, enterprise should audit and backup some operations of important documents, such as modify, delete, etc., to prevent accidental deletion or malicious deletion.

Third, enterprise should backup the document server, if the company adopts the information leakage protection system, the supplier should provide server backup solution, so even if a server fails, it will not interfere with the system running.

Fourth, the enterprise should also make plaintext backup if the company uses the file encryption system. Because no matter how stable the encryption system is, the event of earthquakes, fires, power outages and other accidents may have effect on the integrity of the document.

Only with a sound data disaster recovery mechanism, the enterprise information leakage protection system is considered complete.

Nov 25

Information Leakage Protection Also Needs Service Awareness

Enterprises always make a common mistake when constructing information leakage protection, namely: IT managers simply implement the superiors’ control strategy, but in spite of the majority of users. As everyone knows, the latter is the most important part of information leakage protection.

Many enterprises’ IT managers often complain during the process of building information leakage protection that other departments do not work with them. In fact, in this age where issues of information disclosure frequently happen, the enterprise takes some anti-phishing measures in order to protect their information assets, which is understandable.

However, the problem is that many companies do not spend enough time and effort to understand the demands of themselves and the changes of status caused by protection. And they seldom provide reasonable protection measures to decrease the impacts. If just anxiously deploying strategy, to take coercive measures and adopting coercive measures that cause inconvenience to some routine work, users absolutely can’t provide understanding and supports, so that the protection strategy won’t be formed and effective.

It’s not that Information leakage protection constructing itself is hard, but the companies’ attitudes to information leakage protection obstruct the effects. I believes that security matters requires all members to participate in, that the information leakage protection can achieve good results. If IT management staffs and application strategy staffs form a opposite relationship, the information leakage protection will become a internal friction battle.

How to ensure security and don’t affect efficiency at the same time? In the face of severe information security situation, companies should recognize that information leakage protection is a protracted war, which needs to establish a comprehensive anti-phishing front inside the enterprise, especially needs the main part, namely the non-IY departments to take part in the action. Enterprises must start from real working process, completely account of use experience to provide intimate “service” and find a balance between security and convenience, so as to win everyone’s understanding and cooperation. Only by this way, can information leakage protection be sustained effectively.

Enterprise should try best to ensure everyone in the company takes part in the information leakage protection action when establishing information protection team, so that all departments’ needs can be effectively conveyed.

Second, when deploying information leakage protection, enterprises must take different secure level on different departments, such as deploy the basic foundation of audit and control to the low level of classified departments; as for core departments, expect the detailed audit and control, enterprises may consider the file encryption to protect deeply the secrets of company..

Once again, every department should designate an authority management staff, letting him/her to be in charge of the department information security. If it’s possible, enterprise can provide direct feedback channel for average user to executives, in order to prevent the abuse of authority management staff.

Of course, such united front of information leakage protection can’t be established in a short time, or it can be said that it can’t be done only by the enterprises themselves; it also requires security vendors and national relevant departments to assist. However, after all, the enterprise is the leader of this action, the information leakage protection can be effective only when enterprise has a deep understanding of own security needs, and take active defense and the flexibility adjustment in this action.

Nov 19

Master Data Leak Proof Initiative with Encryption Software

Security has always been a relative concept, data security is the same. Even though it is a relative concept, it doesn’t mean that it is not important. Data security is absolutely safe, but the secure level user can select is relative.

“Users should be free to choose secure level they need. Some users may need more Internet information exchanges, their required safety level might be a little lower, a number of special populations such as children, and they need higher secure level.

But some people who are used to use network security, data security programs for free make themselves be tied up with many software ads packages when they enjoy the free service. Such kind of security program is free, while it will grasp user’s mind and decide users secure level when they choose this free program. This is equal to give the autonomy of data secure to others, or it’s just the reason why data leakage happens so frequently.  

Currently, people are paying more and more attention to information security and personal privacy. People are gradually willing to grasp the autonomy of data leak proof, but don’t want to be controlled by others.

How can we get back our autonomy of data leak proof? Where shall we begin? The answer is the data itself, as long as you control the data itself, which is as the main body of information security, once the data has been controlled, and then the information security initiative naturally will be returned to your hands.

So what if you control data itself or ensure the security of the data itself? That is file encryption software. Choose trustworthy encryption software, use its technology to automatically choose data protection method, once you do so, you get the data defense initiative for your own data, even though you want to use other programs to further enhance the security, as long as you control the data, the data leak proof initiative is still in your hands.

Multi-mode encryption is a kind of transparent data encryption technology that can offer a variety of usage scenarios and adopt a variety of encryption strategies. In multi-mode encryption mode, the user creating secret files ways include both active and passive methods, which contains at least the following modes: specific format encryption mode, specific directory encryption mode, specific format unencryption mode, specific user unencryption mode(able to modify and check other’s secret files), particular user unencrypted mode (able to view but can’t modify other’s files), USB flash drives and other external hard drive encryption mode , Network Neighborhood network encryption mode, manual encryption, full disk encryption, etc.; these encryption modes can be assigned to different users or user groups .

This flexible encryption technology that can be selected according to the user’s own requirements just meets people’s desire for the right of choice, so that people can master data security and information security initiative.

Nov 11

Information Security Attacks are coming

In information age, two kinds of power of data and network have become a strong force to push the big wave of the times. We may say that information age is a symbol that little strength forms great strength.

But the biggest threat to the information age, data, and information security is an action that transforms small threat to big threat-DDOS. Confront the overwhelming DDOS attacks, comprehensive defense is apparently “time-consuming”, the effect is not ideal. What we can do is only focusing on breakthroughs.

What is DDOS?

DDoS is tributed Denial of Service means that utilize client/server technology to collect multiple computers as a attack platform to launch DoS attacks on one or more targets, thus exponentially increase the attack power of service denial. Typically, the attacker uses a stolen account to install DDoS master program on a computer, the master program will communicate with a large number of agents at a set time. Agents will launch attacks when receiving instruction. Using client / server technology, the master program can activate hundreds of times of agents operations.

Although nowadays, the bandwidth and the kernel are more and more powerful, it seems that resisting large flow of attacks is no longer a problem. But we must also know that for the hackers , the applicable network resources are more and more abundant, while the cost is getting lower and lower. If we say that the a conventional attack only aims at large site, or come from malicious competitions, now we can say that an attacker may randomly choose target, and  every site will be the attack object.

Currently, to resolve DDOS of DNS, such as flows attacks, the query type of attack, we can only rely on high anti -type DNS. Now defensive DNS don’t defense relying on checking attack source, but directly dependent on the strong machine room to accept this kind of attack traffic so as to ensure normal access to site.

Although DDoS seems to be overwhelming, as long as we understand its true purpose, we can take an effective defense or even counterattack. The targets of DDOS attacks are just the data and information that are increasingly improving their own value. So long as we can find a flexible defense method to prevent the origin of attacks, we can achieve the goal of defense and even counterattack. And now the security technology that can be capable of performing the daunting task is none other than non-multi -mode encryption technology.

Multi-mode encryption uses symmetric algorithms combining asymmetric algorithms technology, using a strong algorithm to ensure the protection quality of data origin, so as to greatly improve data’s resistance ability to attacks. And because of the flexibility of multi-mode encryption, users can choose encryption mode, this flexible feature is just the power of individual, enterprise or even nation to respond to DDOS.

Although the development of information technology and the Internet promotes the development of the times, the dark side of them also makes individuals, companies and even countries suffer from a variety of information security threats, DDOS is one of them. But as long as we can find a secure technology that have powerful defensive affects on origin of information and data.

For more information and solution about data security and file encryption, please visit www.kakasoft.com.

Nov 06

Privacy Leakage Bursts, Self-protection is in Need

Recently, many issues about information leakage have burst on the Internet, such as Paypal password hacking and the Prism. In these incidents, the consumer’s personal information was intentionally or unintentionally leaked and led to great loss to consumers, such as privacy theft, unauthorized use of funds. Due to network services still has many security risks, consumers must be aware of the importance of personal information in network service process and shall use privacy protection function in information security products to ensure personal information secure.

Privacy disclosure event arises one after another in recent years, in January 2012, e-commerce site Zappos was hacked, 24 million users’ e-mail, password and other information have been stolen. In July 2012, accumulated over 8,000,000 users’ information of Jingdong, Yahoo and many other sites have been leaked. With more and more people’s personal information was transferred to the Internet, the risk of information leakage is still expanding.

Because a lot of network services connected to each other, a single information leakage may produce ‘ chain reaction ‘, which leads to other more important information can be leaked. For example, in Paypal funds theft incident, the criminals will be able to get Paypal password by stealing customers’ phone. And criminals can also obtain access permissions to relevant network system by stealing the victims’ identity information, which allows the criminals to cause worse damage.

Even though consumers can not directly improve the level of safety and security of the network service provider, but you can take more prudent measures to prevent personal information from being disclosed, which includes:

  1.  Lower the relevance between various network services account, try not to set the same password for several account, or do not set one single verification method for many accounts. When your relevant information is leaked, you must move quickly to change passwords and other remedial measures to prevent harm to further expand. 
  2. When you use network services, consumers need to pay more attention to security of personal information, in particular, try your best to minimize the spread scale of identity information to prevent criminals’ targeted attacks. 
  3. Use file or folder encryption program to enhance the security of personal information stored in PC or cell phone. You can never ensure your PC will not be invaded by unauthorized access, or your portable storage flash drives won’t lose. Once you conduct mistakes as above, you will also confront great loss, including data loss and financial loss. In order to prevent the data and information stored in your PC or other flash drives falling into wrong hands, you had better lock the files in it with password, so that others who have no correct password can’t access to your data.access to your data.
Oct 28

HP: Cyber Crime Attacks Lead to Rising Costs and Increasing Defense Time

Hewlett-Packard Company recently released results of a global survey conducted by the Ponemon Institute; it shows that the costs frequency and defense time incurred by cyber attacks have been upward for four consecutive years.

Actual costs incurred for network attacks

The cyber crime that cause highest costs includes denial of service, malicious insiders and internal network attacks, which account for more than 55% of the total cost generated from cybercrime of average annual per enterprise.

Information theft is still the highest external costs, followed by business interruption. In 2013, information loss accounts for 43% of total external costs that is less than that of 2012 by 2%. Business interruption or loss of production capacity accounted for 36% of external costs, compared with 2012 increased by 18%.

Recovery and detection are the most costly internal activities. Last year, the costs of recovery and detection of internal activities account for 49% of total costs, most of which is in cash and labor expenses.

Cybercrime generated costs are different due to company size, but per capital cost in small companies per capita is much higher than that of large companies.

The costs caused by cybercrime in financial services, defense, energy and utilities companies are much higher than the costs incurred in the retail, hospitality and consumer products industry enterprises.

Security intelligence solutions and governance practices are essential

Using secure intelligence technology will be more effective in the detection and containment of network attacks, the average annual cost savings is of nearly $ 4 million, rate of return on investment is higher than that of other types of technical by 21%.

Adoption of enterprise security governance practices can reduce cybercrime incurred costs, including investment of appropriate resources, the appointment of executives and hiring security staff and certified experts, which can help companies to save nearly average $ 1.5 million every year.

“Information is a powerful weapon for enterprise to ensure network security.” the chairman and founder of Ponemon Institute, Dr. Larry Ponemon said: “Through practical experience and in-depth interview to more than 1,000 worldwide security professionals, the survey of cybercrime incurred costs provides us with valuable information about the causes and costs of network attacks. This survey is designed to help companies make low-cost, high-yield decisions to minimize the company’s risk as far as possible. ”

For individual and groups that want to defend against cybercrimes, password protection for files and folders is an extra security solution for data security. Comprehensive protection for confidential data and information is necessary for individuals and groups to decrease the cybercrime incurred costs.