Sep 22

Ten tips for USB drive data leak prevention

USB storage devices are popular because of its small size and portability. Even in the enterprises they are often used for data temporary copy and share. However, precisely because it brings convenience, it also brings many risks in the aspect of data security; especially in the field of enterprise- class, as many data and information are highly classified, once they are leaked or breached, the losses caused by them might be incomparable.

So when you are using USB storage devices, how to protect enterprise data? Here, we give you the top ten tips.

1. Manage authorized devices

Software that’s responsible for devices management can help IT staffs to track USB devices connected to the network, so as to understand what data is being transferred, when the data s used. If the IT staffs can’t monitor devices’ dynamic information, sensitive data is likely to be copied or accessed by outside unauthorized staffs.

2. Block unauthorized devices

When not dealing with official business, some staffs still use USB devices to access or copy data. If the data and information is confidential, please disable all ports of unauthorized external devices. Meanwhile, strictly prevent staffs using unauthorized devices to connect to the company computer.

3. Make up USB encryption plans

Make up and implement an encryption scheme. This plan should include how to protect flash memory devices and their data transfer process, specify who can access to the company data and make up a response plan when the device get lost.

4. Provide company-approved devices

It’s necessary to not only tell staffs that they need to use encrypted drives and set password, but also provide company-approved devices. If enterprise can’t provide secure USB device and its execution policy, staffs will often adopt unsecure practices.

5. Adopt appropriate secure level

Enterprises often need to seek balance among cost control, security and productivity. Find the right secure level according to company’s budget. If you do not need military secure level, you do not need to spend too much money.

6. User training and education

Make employees understand how to safely use a variety of devices. Companies often require using secure devices, while there are still data leak incidents, which is mainly because staffs don’t use these devices, for they feel difficult to use. It’s a must to let employees fully be aware of the consequences of not using secure devices.

7. Clarify secure policy

Making up policies is only the first step, but it’s very important. Define individuals who can download data into secure drives, and create a limitation that only allows these users to access. To clarify who to obtain these devices, and how to place these devices and which type of password should be used to protect them.

8. Encrypt data

The confidential data is sent via emails or removable storage media transmission, they should be password protected before users to use them. If data is not encrypted in advance, attackers can bypass secure control and directly access these data.

9. Protect endpoints

Even the most careful users will connect infected USB to the company computer. The latest anti-virus software is critical because it ensures access networks are secure. When the USB is connected to network, it requires scanning them as soon as possible. For older Windows computers, they need to install patches to disable autorun.

10. Disable unsecure devices

A report of Ponemon institute found that even if the company will provide approved secure devices, 72% of employees still used meeting and trade exhibition drive devices, while these drives tend to spread malicious software.

Nov 19

Master Data Leak Proof Initiative with Encryption Software

Security has always been a relative concept, data security is the same. Even though it is a relative concept, it doesn’t mean that it is not important. Data security is absolutely safe, but the secure level user can select is relative.

“Users should be free to choose secure level they need. Some users may need more Internet information exchanges, their required safety level might be a little lower, a number of special populations such as children, and they need higher secure level.

But some people who are used to use network security, data security programs for free make themselves be tied up with many software ads packages when they enjoy the free service. Such kind of security program is free, while it will grasp user’s mind and decide users secure level when they choose this free program. This is equal to give the autonomy of data secure to others, or it’s just the reason why data leakage happens so frequently.  

Currently, people are paying more and more attention to information security and personal privacy. People are gradually willing to grasp the autonomy of data leak proof, but don’t want to be controlled by others.

How can we get back our autonomy of data leak proof? Where shall we begin? The answer is the data itself, as long as you control the data itself, which is as the main body of information security, once the data has been controlled, and then the information security initiative naturally will be returned to your hands.

So what if you control data itself or ensure the security of the data itself? That is file encryption software. Choose trustworthy encryption software, use its technology to automatically choose data protection method, once you do so, you get the data defense initiative for your own data, even though you want to use other programs to further enhance the security, as long as you control the data, the data leak proof initiative is still in your hands.

Multi-mode encryption is a kind of transparent data encryption technology that can offer a variety of usage scenarios and adopt a variety of encryption strategies. In multi-mode encryption mode, the user creating secret files ways include both active and passive methods, which contains at least the following modes: specific format encryption mode, specific directory encryption mode, specific format unencryption mode, specific user unencryption mode(able to modify and check other’s secret files), particular user unencrypted mode (able to view but can’t modify other’s files), USB flash drives and other external hard drive encryption mode , Network Neighborhood network encryption mode, manual encryption, full disk encryption, etc.; these encryption modes can be assigned to different users or user groups .

This flexible encryption technology that can be selected according to the user’s own requirements just meets people’s desire for the right of choice, so that people can master data security and information security initiative.

Oct 09

The Ban on Samsung Smartphone Import Is in Effect

According to the news, the U.S. Trade Representative’s office (USTR) said on Thursday that the ban on importing Samsung smartphones proposed by U.S. International Trade Commission (hereinafter referred to as “ITC”) will come into effect.

The earlier report said that owing to the absence of a veto by the United States President Barack Obama, the ban on imports of Samsung smartphones ruled by ITC is already in force.

However, the ITC’s ruling has to be handed over to U.S. President Barack Obama for considering, Obama has 60 days to give the final result of this ruling. If Obama does not veto the ITC ruling, the ruling will come into effect. Several media reports said, now 60 days time has passed, and Obama did not veto the decision.

ITC’s decision does not clearly indicate which devices of Samsung infringe, but has been determined that, Galaxy S 4G, Fascinate and Galaxy Tab these old models are infringing.

In sharp contrast, Apple has had a similar experience, but the result was the opposite. In June this year, ITC has ruled that some old products of Apple has infringed the patent of data transferring of Samsung’s products and ban the import or sale of AT & T version of the iPhone 4, iPhone 3GS, iPad (3G version) and iPad2 (3G version). But in August this year, the Obama government has rejected ITC’s ruling.

Nowadays, innovations in the field of IT usually rely on many small improvements involving numerous technologies, which means the patent is not always clear precisely. The open secret is that everyone infringes others’ patents in some way.

The battles of patent between companies are continuing, the fights of copyright are also continuous. If you operate a business and your company specializes in selling created videos or documents to customers, most companies tend to store the videos or documents into a USB and sell this USB to customers, but what can you do to protect your copyright from being breached by others? Here, I recommend you to use USB encryption solution to ensure the contents in your USBs will not be copied or transmitted by unauthorized users. You can use USB copy protection program to password protect the USB and configure access permissions to specific groups or individuals to allow them to access the contents in it and prevent other unauthorized access at the same time. Complete protection is the indispensable measure to ensure the security of companies’ wealth and inventions.

Sep 16

Reuters: “Prism” Scandal Propels the U.S. Technology Industry

Reuters published an article entitled “Despite fears, NSA revelations helping US tech industry” analyzing that after the exposure of monitoring project called “Prism” implemented by the National Security Agency, it’s widely believed that the scandal will have a serious impact on the image and income of U.S. technology companies in overseas markets. But it turns out, because demands of encryption and related security services rise in overseas markets, which actually allow some U.S. technology companies to benefit a lot from the “prism” scandal.


The following is parts of the article:


Prophesies of doom


Shortly after Snowden’s leaked documents detailed collaboration giving the NSA access to the accounts of tens of thousands of net companies’ users, the big Internet companies and their allies issued dire warnings, predicting that American businesses would lose tens of billions of dollars in revenue abroad as distrustful customers seek out local alternatives.


In a federal court filing last week, Google said that still-unfolding news coverage was causing “substantial harm to Google’s reputation and business”. The company said that could be mitigated if it were allowed to comment with precision about its intelligence dealings.


Likewise, last month, six technology trade groups wrote to the White House to urge reforms in the spy programs, citing what it called a “study” predicting a $35 billion cumulative shortfall by 2016 in the vital economic sector.


That number, it turns out, was extrapolated from a security trade group’s survey of 207 non-U.S. members – and the group, the Cloud Security Alliance, had explicitly cautioned that its members weren’t representative of the entire industry.


Boon for encryption sector


As for the upside, so far only a minority of people and businesses are tackling encryption on their own or moving to privacy-protecting Web browsers, but encryption is expected to get easier with more new entrants.


Snowden himself said that strong encryption, applied correctly, was still reliable, even though the NSA has cracked or circumvented most of the ordinary, built-in security around Web email and financial transactions.


Some early adopters of encryption have senior jobs inside companies, and they could bring their habits to the office and eventually change the technology habits of the whole workplace, in the same way that executive fondness for iPhones and iPads prompted more companies to allow them access to corporate networks.


A week ago, Google said it had intensified encryption of internal data flows after learning about NSA practices from Snowden’s files, and consultants are urging other big businesses to do the same.


Stiennon said that after more companies encrypt, the NSA and other agencies will spend more to break through, accelerating a lucrative cycle. “They will start focusing on the encrypted data, because that’s where all the good stuff is,” Stiennon said.


Just as Snowden said, correctly applied strong encryption is still reliable. Correctly applied file encryption, folder encryption and USB encryption will useful and reliable for ordinary people and enterprise to protect their important or even confidential data. Data security isn’t a dispensable problem that we can ignore any more, for data loss and data leakage have retaliated back a bitter lesson. Complete data security management should be established in every enterprise and effective data protection should be paid more attention by individuals.

Feb 27

Google Project Glass and Advertisement Industry

Recently Google displayed some of the unreleased features and functionalities of Google Glass, which is of course excites technology enthusiasts and Glassholes all around the world. As long as the concept of Google glass was put into the market, there are thousands of guesses and predictions about this product. Things in the technology world keep changing from time to time, the popularity of smart phones, tablets and also people’s choice for the mobile devices. When Google announced that they are absorbed in testing to find a way that a piece of jewelry may replace the role of password, so that people password protect folders now may find a new way out to ensure data security in the future.

When it comes to the relationship between Google glass and the advertisement field, although Google have made sure that they will nor add any advertisement on this smart glass, the advertisers still hope to gain some development for the industry with this new technology product which may changing the models of traditional advertisement.

Google released the video to the pre-order of Google glass at the price of $1,500. Only a limited set of developers and pundits have been able to try them out up to this point.  You can imagine that one day you are on the street and when you feel hungry, you can search for the nearby restaurant instantly with your glass and then pick out the one where your friend was happen to dining there. While texting to your friend you are able to search for the discount you may get in the restaurant. What a perfect scene which may only appear in the fiction movie, now with Google glass this may be not too far away.  

In fact the future for advertising on Google glass is promising and full of possibilities. Having an unexpected meal with your friend has been realized by Facebook which offers some function may reach the same function in this kind. Some personalized ads may find their way to take off if they cooperate with Google glass. With the help of this glass people may live a life which may only exist in the game world or fiction movie, though this technology is only in the beginning steps, people are confident about the realization of it.

Before the year 1992, people are hard to imagine the possibility of putting ads on the website, but now it is universal and everywhere. Data are stored ad transferred via USB drive and computer, more and more people lock pen drive to protect their information, and all of them are remote guesses in the old days and now are realities.

Google hasn’t told customers when the complete product will come into the market and the exact price. This pioneering production is definitely a key to the door of new technology and people may enjoy the miracles it brings in the near future.

Jan 22

Google May Abandon Password in the Future with Jewelry Replacing it

It is reported that an engineer from Google explained to international famous magazine Security and privacy that they think they’ve find the solution to annoying problem of forgetting or losing passwords. This engineer will explain explicitly about the reason about why they abandon the physical password, instead they choose a piece of jewelry, saying a ring for the future authentication tool.

In the modern days, as passwords becoming longer and longer and they are hard for ordinary people to memorize and faced with threats to get stolen. All of these problems have annoyed people from all around the world in using password protection or USB encryption method to secure their data and files on computer or other kind of storage devices. Google engineers write that the current security system and authentication system are insufficient to need people’s need of data security, partly due to the constant threats that exploit new bugs, what’s more, they say that simple token tools like passwords and coolies files are not secure enough anymore with the development of hacking techniques.

Google also emphasizes threats of phishing, in which hackers cheat on account owners by revealing sensitive information enter into a fake account log-in window, as one of the biggest security threats of today’s Internet data leakage and data breach.

Out of the purpose for more secure measures for information protection, Google designed a brand new system of authentication which allows users to log in a website quickly with the help of a mini USB disk. Using this method users are not required to install any software, although users may need to use browser which is required, according to Google. Comparing to folder encryption in the recent days, the registration and authentication protocols would be open and free, and this specially made USB device you can finish the authentication easily.

Of course, Google wish to find a simple plan for registration process, and it final target is to insert the security token into a ring or a smart phone at least. As long as people can keep their ring or the other carriers, they can make sure data security of their sensitive information.

It is said that Google now are testing YubiKey encryption card, which is much like a minimized USB disk. And in the future abandoning the current password is not very far away. Of course, all new technology need to experience thousands of testing before it really enter into the market and for sure it will crash the existing USB copy protection and folder protection method. Let’s just anticipate new technology will improve the authentication system and bring us more convenience in the future.   

Jan 18

Phishing and Virus Attack are the Main Root of Private Information Losing

According to the report of a certain anti-virus service provider, in the year of 2012 their “cloud security” system has intercepted more than 11 million new virus samples, which experienced an increase of 28.1% comparing to the previous year. Among these viruses, there are 8.86 million Trojan viruses which amount to 75.06% of the total number and they are the biggest virus type in the research. People now have to attach more importance in USB encryption and file encryption when they are using a computer that is connected to the network.

It is also from the report that hackers are making use of banding malicious programs to software which are released by legal companies to spread viruses and breach private information from PC users or from the database system of a company. Meanwhile, using phishing methods to defraud people’s confidential details of bank account or private information is not rare on the Internet at all, or even become the major attack on website.

If you analyze the fraud incidences happen on Internet in 2012, you can draw the conclusion that phishing on the Internet gradually abandon the traditional attacking and spreading means which refer to relying on ads and text links, while it tempts ordinary users with low price bait, and limit them on the platform of network then persuade people to make transaction offline.  These phishing nets are aim to get people’s personal information like ID number, phone number or even the address.

As the occurrence of large number of affairs of leakage of private information, there are two main ways to defraud personal identical information: APT attack and phishing on Internet. If possible people can use folder locker or other files encryption applications to guard their confidential files with private information on their computer. While, when people surfing some of the major sites, they are required to submit some necessary identical information to use some extended services. Therefore, the server that store such information are easily become the target of the hackers or cyber criminals.

With the constant changes of the globalized international economy pattern, information battle between countries are escalating as well, however, the internal structure of information security construction is the main competing, companies and enterprises now value USB copy protection very much as well as the internal data security. Among the data security which damage people’s information online, virus attack is the major cause, and some of the worm viruses hazards people’s data security with extremely fast propagation speed once a computer is infected your files in it may be damaged soon.  

Referring to the report we know that, in the recent years, hackers concern more about confidential and classified documents. Therefore, computer users need to be more cautious, and take necessary measures to password protect folders or lock dir on the files to prevent data breach and data leakage. For some confidential business files, the supervisors can turn to some professional security solution to protect their internal files and e-mails or event the whole network.

Dec 21

Should Google Encrypt Users’ E-mail for Information Security?

It has long been a dispute issue that users are crying for protecting private information contained in the e-mail, while the Google seemed reluctant to do so for some reason. E-mail is an important way of data transmission and communication for the fast-paced modern world, and with the development of e-commerce people from different field incline to send vital e-version of contract and other document via e-mails. Now people gradually realize the importance of data security in their e-mails and require Google ensure security of their private data in e-mail by encrypting them.

Comparing to the increasing need for USB encryption and folder encryption, e-mail encryption should arouse people attention and attach equal importance to some extent. Some people think that if Google value users’ using experience and respect their privacy, it is responsible to encrypt users’ e-mail.

As all we know, Google’s Gmail service which is one of the most widely used e-mail services is adopted by people who have the need to change information and news among working groups and family members and relatives. What’s more, Gmail has a entering interface where you can login easily and the Gmail account is also the passport which provide universal identity verification to other Google services and relevant account. So that if Google do not encrypt users’ e-mail there is a great possibility of data breach and data losing.

Another reason that Google are reluctant to get your e-mail locked is if they encrypt the e-mail they will lose large amount of income from advertisement send you by Google with the contextual content from the e-mail. On the other side if you are an enterprise user you may have some of the real classified data in e-mail, if Google do not encrypt them you are facing the possibility of losing the data and information.

Actually, Google should exert more efforts in protection privacy and confidential data in e-mail. Similar to folder encryption for protecting files and folders on Yoruba computer data in e-mail needs protection. Encryption can be a particularly attracting feature for Google’s paying enterprise users with information that is not only a matter of privacy but also of great value. More or less, it’s necessary to see whether offering strong encryption might now be a beneficial action to the company’s bottom line.

Google can use this to take a real stand against efforts by law enforcement to build wiretapping into e-mail. Those efforts have been going on for a long time, and Google has fought against them in the past and now continuously. The call of encrypting e-mail for the users seems to be attached more and more importance in protecting their privacy and sensitive data. Comparing to lock file with program by user themselves Google has the responsibility to secure users’ data and content.


Dec 14

Say No to Data Leakage from Internet Explorer

According to a survey recently conducted by a data collection company we find that among the major explorers Internet Explorer got a basically satisfied evaluation results. With the rising of some other explorers with good functionality and excellent user experience Internet Explorer seems be not competitive as they used to be. While it has been used for so many years and accumulate a large amount of users, so we still hope to hear some good news from it.

If you are still using Internet Explorer, hopefully you’ve already applied the updates from Patch Tuesday earlier this week. But, even if you did it seems your browser might still be vulnerable to a potentially serious issue which means you are still facing the threat of losing private information when you browse the Internet, and you need to prevent data leakage caused by this reason which is quite different from folder encryption and USB security issues.

Some data security companies that is specialized in helping users tell actual Internet user from automatic bot activity, announced that they’ve discovered a flaw that influence Internet Explorer the recent good browser from Microsoft, from 6 to 10. The flaw is that the mouse pointer can track everything on the screen, even on the condition that the window in minimized to the tray.

This definitely will cause data leakage when people are using the IE to explorer the Internet, so that you need to be carefully when you are using IE. There is no effective measure to solve this problem yet. And what you can do is to do something from your own side. Do not leave your personal information on the net that may be easily reached by the cyber criminals. What’s more, your online shopping records and bank account details admissible also be protected from the illegal use.

There is no complete ways to ensure a 100% data security when you are using the Internet, what you can do is be cautious as much as you can and pay attention your data security from time to time.

On the other hand, of you are a person who has the need to transfer data through USB devices or storing sensitive data on your computer you have to be careful and guard data security of them. To ensure USB files security you can use USB locker software to protect data and statistics in USB devices, therefore, when using a USB drive to transfer data on Internet you can feel at ease.

When it comes to protecting files and folders on the computer, you can refer to folder lock applications which using password to lock files and folders and prevent any data leakage from your computer.

Dec 13

Android-based YotaPhone Features Dual-screen

Now with the development of the technology on smart phone field people can enjoy the newest and interesting experience from newly releases smart phones. After we witness the release and take-off of new generation of Windows phone, iPhone and Android phone we may not have much surprise to see a new snart phone.

Russia’s Yota Device has turned the idea of equipping the phone with two screens into reality and let slip of some details about the phone on their release schedule: the Android-based phone with both front LCD and rear E Ink screens.

Yota Device announced that featuring two screens on a phone allows the smart phone users receive messages and phone calls in any time without pressing on the power button and then sliding to unlock the screen. Customers can view news, SNS, agenda or other things on E Ink displayed conveniently. Even the E Ink is lighted all the day it will not consume much of the electricity in the battery of the smart phone because this kind of display are low power consuming products. And the two screens also function separately, which means the LCD screen is an ordinary smart phone screen while the E Ink on rear is more or less a display.

As far as specs, the LCD portion of the device is rated at 720p resolution and measures in at 4.3 inches. The E Ink screen matches the size of the “front” display and is rated at 200dpi. Both are constructed with Gorilla Glass for extra toughness. Internally, the phone will rock a 1.5GHz dual-core Snapdragon S4, 2GB RAM, and 32GB of storage. The LTE-enabled YotaPhone also sports a 12MP camera with complimentary HD front-facing camera.

YotaPhone is good attempt for the development of smart phone, while at least it make us to  expect new user experience from it as we’ve use the phone again and again. However no matter how the phone’s appearance changed its storage device will not change rapidly and greatly. Phones are using memory card and other USB storage devices to expand the storage of them. So you’d better notice that when you keep secret files or data in these devices you need to lock usb or memory card and ensure data security in the phone.  

Right now the YotaPhone is pegged for a tentative Q3 2013 release in Russia, with a potential for European and US release as well. By the time Q3 rolls around, however, we doubt two screens will be enough to keep the handset afloat given its decidedly mid-range spec sheet.

When you are cheering about the birth of new telecommunication devices you also need to pay attention to memory card protection and related USB encryption issue. Only in this way can you live a secure and joyful life on the go.