slide1 n.
Skip this Video
Loading SlideShow in 5 Seconds.. PowerPoint Presentation
Download Presentation

Loading in 2 Seconds...

play fullscreen
1 / 40 - PowerPoint PPT Presentation

  • Uploaded on Closing the back door. Barry E James MD The TakeWare Company Closing the back door Introduction. What door? Why we need to act? The nature of the threat - How bad is it? Who’s vulnerable? When will it become a practical problem?

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about '' - jalia

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

Closing the back door

Barry E James


The TakeWare Company


Closing the back door


  • What door? Why we need to act?
  • The nature of the threat - How bad is it?
  • Who’s vulnerable?
  • When will it become a practical problem?
  • How can it be addressed?
  • The five point action plan
  • Where can we get help?

The Threat!

Ubiquitous ‘Mass Storage’

  • Tiny outside…
  • Massive capacity inside.
  • Very Fast – comparable to hard disc
  • Easy to conceal, Unobtrusive…
  • A watch or mobile phone
  • Practically impossible to exclude from the office environment
  • Can you frisk staff and visitors?

Samsung SGH-i310 8 Gigabyte phonefeaturing an 8 gigabyte hard disc.


The Threat!

USB – FireWire ….


The Threat!

1Gb now below £15.00

Price £69.99 incVAT


The nature of the threat

The DTI Security Breaches Report 2006

  • Published 24th April 2006
  • Tracks the use and abuse of data
  • Identifies current and growing trends & threats
  • Firewalls and anti-virus
  • Large enterprises better protected than smaller firms
  • Impact of incidents much larger on smaller firms

The nature of the threat

The DTI Security Breaches Report 2006

  • Removable memory devices - Identified as the top emerging threat
  • iPods, MP3 Players, Memory sticks, Watches and even mobile phones – up to 60Gb.
  • Fast
  • Massive capacity - Gigabytes

The nature of the threat

The DTI Security Breaches Report 2006

Found that… “such devices are being used in 84 per cent of companies and, on average, a third of employees are using them in the office”.

90% of those surveyed said they were aware of the potential danger that removable media presents, and a third of organisations admitted that removable media is being used without authorisation.


The nature of the threat

The DTI Security Breaches Report 2006

"With removable media plummeting in price, soaring memory capacity and more people using them at work, companies need to be aware of how easy it is for staff to use them, lose them or take competitive information away on them, all in the palm of their hands,"

"If lost or stolen, vast amounts of valuable information could seriously expose a company to extortion, digital identity fraud, or damage to their reputation, integrity and brand."


The nature of the threat

The DTI Security Breaches Report 2006

  • Mass data theft
  • Malware and hacker tools
  • Loss of the devices
  • Insiders as well as outsiders
  • Departing and disgruntled employees
  • Coercion – some ‘mafia style’ activity

The nature of the threat


‘Opportunity makes the thief. If you give them the opportunity to access systems that they shouldn’t, then things can go wrong’

‘There seems to be a fixation on threats from the internet and external hackers but for the criminals, going the insider route is easier and there can be much more financial benefit for them’

‘In addition, organised crime gangs have been blackmailing people inside companies to obtain information ‘


The nature of the threat

Gartner Research

"Organisations are increasingly putting themselves at risk by allowing the unauthorized and uncontrolled use of portable storage devices". “These are ideal for anyone intending to steal sensitive and valuable data… The impact of this goes beyond the commercial value of the data.”


How Bad Is the Threat?

A demonstration


How Bad Is the Threat?

A demonstration

  • PodSnaffler demonstrates how easy it is for critical data to be identified and removed from an unprotected PC automatically in seconds
  • It’s tiny and works with mobile phones and other mass unobtrusive mass storage devices
  • Fast

How Bad Is the Threat?

for more information


Who’s Vulnerable

  • If you have an unprotected PC – you are!
  • If it’s happening why don’t I hear about it?
  • Who wants to admit that their security was breached?

Who’s Vulnerable

“In a recent survey 70% of employees admitted taking information from work to which they were not entitled. As Computer Weekly has commented “anyone planning to leave will remove most of the information they want well in advance.”


What’s at risk

The Crown Jewels…

  • Customer Lists (and CRM)
  • Contracts and Proposals
  • Correspondence
  • Prospects
  • Address books
  • Price Lists
  • Sales Invoices
  • Staff Records.

What’s at risk

  • Organisations that suffer massive data loss.
  • 80% are out of business within 3 Years
  • 30% are out of business within the year.

What’s at risk

Portable Hacking Tools

  • Powerful hacking tools are starting to appear on the Internet which work from a small flashdrive, freely available:
  • Showtraf - a tool that monitors network traffic on a network and displays.
  • 'John-the-Ripper' (a password cracker)
  • Netpass - a utility used to ‘recover’ network passwords
  • Nemesis (Network intrusion tool).

When will it become a practical problem?

  • Now.
  • If your data had left the building would you even know?
  • Has it already happened?
  • After the event is too late.
  • The DTI have raised the flag.
  • The possibility is ‘out there’.
  • Employee’s leaving – it happens before you know it.

Closing the back door


“A learning experience is one of those things that says,

'You know that thing you just did? Don't do that.' ”

Douglas Adams

“Human beings, who are almost unique in having the ability to learn from the experience of others, are also remarkable for their apparent disinclination to do so.”Douglas Adams


Who’s Vulnerable

In the press…

BBC 29April

Digital cameras, MP3 players and handheld computers could be the tools that disgruntled UK employees use to sabotage computer systems or steal vital data, warn security experts.The removable memory cards inside the devices could be used to bring in software that looks for vulnerabilities on a company's internal network.

The innocent-looking devices could also be used to smuggle out confidential or sensitive information.

The dangers disgruntled employees posed was highlighted by a survey showing that almost half of the most serious security incidents businesses suffered last year were caused by company workers.


In the press…

Inside job

Computing Magazine 14 April

While companies guard against external hacks, it is easy to overlook threats closer to home

Last year, more than a dozen employees who had worked for Citibank’s Indian call centre partner Mphasis were arrested for allegedly stealing $350,000 (£199,842) from the bank’s American customers.

…Similar threats can occur inside many organisations, warns Floris Van Den Dool, head of consultant Accenture’s European security practice. ‘There seems to be a fixation on threats from the internet and external hackers but for the criminals, going the insider route is easier and there can be much more financial benefit for them,’ he says…

The UK’s former National Hi-Tech Crime Unit produced similar research that suggests 38% of financial fraud results from internal security breaches and collusion. ‘Accessing unsecure business applications from within the organisation is much easier than hacking through the corporate firewall and the potential for fraud is far greater, according to Van Den Dool.

But according to a recent survey by the Department of Trade and Industry (DTI), 99%of UK companies are failing to implement all the safeguards available to them to help prevent internal security breaches.


Who’s Vulnerable

In the press…

insiders infiltrating firms, U.K. cops warn

April 25, 2006, / CNET

Employees are still one of the greatest threats to corporate security, as "new-age" mafia gangs infiltrate companies, the U.K.'s crime-fighting agency has said.

Speaking on Tuesday Tony Neate, e-crime liaison for the Serious Organised Crime Agency (SOCA), said insider "plants" are causing significant damage to companies.

"We have fraud and ID theft, but one of the big threats still comes from the trusted insiders. That is, people inside the company who are attacking the systems," he said.

"(Organized crime) has changed. You still have traditional organized crime, but now they have learned to compromise employees and contractors. (They are) new-age, maybe have computer degrees and are enterprising themselves. They have a wide circle of associates and new structures," he added.


Who’s Vulnerable

In the press…

Beware the enemy withinNews, Data Theft

Almost half the security experts who attended the recent E-Crime Congress inLondon agreed that internal users were the greatest risk to their ITsecurity. Only 11% of respondents thought that external hackers were moredangerous, while 44% rated external and internal threats equally.The survey also established that only eight percent of respondents felt the“average” company takes a proactive approach to security - with over half(59%) reporting that companies were only reactive.


In the press…

A Spy Downloads on China

… He claims to have downloaded some of these documents from his police computer into his MP3 player and given a sample of them to Australian immigration officials as proof of his claims.

The Sydney Mercury Herald



In the press…

  • Some other stories related to data theft in the news
  • Workplace data theft runs rampant - BBC On-Line
  • Suspect in SJ Medical Data Theft to be in Court - CBS
  • Laptop Security - Full Disclosure
  • iPods Open Backdoor for Data Theft - VUnet
  • Healthcare Security Incidents: Summary Incidents list on - SecurityFocus
  • 50 million identities stolen in US - Washington Post
  • Ford discloses employee data theft - UPI
  • Data breaches worst ever last year - Seattle Times
  • Portable storage devices: the curse of convenience - InfoWorld
  • Data Theft grew 650% over past three years - US Department of the Interior
  • Wave of Data Theft Causes Corporations to Consider Network Risks - Aon Focus
  • Time to Get Physical (Physical Security and Data Theft) - Redmond Magazine
  • Sacked Staff Turn to Sabotage - InfoSec News

How Can it Be Addressed?

The easy way and the hard way

  • Public hangings and floggings?
  • Close the ports?
  • Physical security?
  • Frisk the staff?
  • Rely on tekkies and tekky tools?
  • Sysadmin solutions?
  • Prevention is better than cure!

How Can it Be Addressed?

The easy way and the hard way

  • Consult, train, confer - support your staff…
  • Inform staff – develop your AUP (Acceptable Use Policy) collaboratively.
  • Supportive technology: prevent abuse – not merely report it.
  • Solution…

How Can it Be Addressed?

The easy way and the hard way

  • The solution should
  • Police the use of devices – actively.
  • Police the use of content.
  • Audit trail.
  • Fit and Forget – on a day to day basis
  • Allow full use of USB and devices etc

Five Point Action Plan

1. Be aware of the threats & plan an appropriate and proportionate response.

2. Consider threats from insider as well as outside.

3. Ensure you have an appropriate AUP (acceptable use policy) in place and that all staff are aware of it and agree it.

4. Adopt supportive technology to automatically monitor and control use of devices and data…

5. Conduct a security risk assessment- Ensure that this, and your AUP, also covers the use of removable devices - as well as Internet and Email use etc.

… (and don’t panic!)


Where can we get help?

Links and Resources


How Can it Be Addressed?

TakeWare Gatekeeper

  • The unique solution
  • Polices the use of devices – actively – allows only devices authorised by you.
  • Police the use of content – allows only authorised content.
  • Identified the user
  • Audit trail.
  • Fit and Forget – on a day to day basis
  • Allows full use of USB and devices etc

An Announcement

Gatekeeper AntiTheft for Small businesses

  • Free for smaller SMEs – up to five seats
  • Low cost maintenance - recommended but optional
  • Networked
  • Enterprise, Education and other editions also available
  • See



Closing the back door

Thank you

Please visit

for more information.