 |
 |
|
Information Theft Prevention - Call PBM IT at (888) 233-6471Information theft can be costly to small and medium-sized businesses, since they rely on satisfied customers and a good reputation to help grow their business. Businesses that do not adequately protect their information could face negative publicity, government fines, or even lawsuits. For example, new consumer laws enacted in California require any business that suspects customer information has been viewed by unauthorized people must notify ALL their customers. Any security strategy must prevent theft of sensitive electronic information from both inside and outside the business. Cisco IronPort Web Security Appliances (1) Integrate industry-leading web-usage controls, reputation filtering, malware filtering, and data security, (2) Take advantage of Cisco Security Intelligence Operations (SIO) and global threat correlation technology to help optimize threat detection and mitigation, (3) Combine multiple layers of web security technology to combat complex and sophisticated web-based threats, and (4) Support built-in management capabilities to simplify administration and provide visibility into threat-related activity. Cisco TrustSec (1) Provides network access controls based on a consistent policy for users, endpoint devices, and networking devices (such as routers and switches), (2) Uses end user, device identity and other information to provide precise security policy controls both at the edge and through the network, (3) Is ideal for organizations that need to control how a user or device is granted access, what security policies endpoint devices must meet, and which resources authorized users may access, and (4) Helps secure data paths in the switching environment with IEEE 802.1AE standard encryption and, with Cisco switching infrastructure, maintains control so that critical security applications such as firewalls, intrusion prevention, and content inspection can retain visibility into data streams DoS (Denial-of-Service) attacks are probably the nastiest, and most difficult to address. These are the nastiest, because they're very easy to launch, difficult (sometimes impossible) to track, and it isn't easy to refuse the requests of the attacker, without also refusing legitimate requests for service. The premise of a DoS attack is simple: send more requests to the machine than it can handle. There are toolkits available in the underground community that make this a simple matter of running a program and telling it which host to blast with requests. The attacker's program simply makes a connection on some service port, perhaps forging the packet's header information that says where the packet came from, and then dropping the connection. If the host is able to answer 20 requests per second, and the attacker is sending 50 per second, obviously the host will be unable to service all of the attacker's requests, much less any legitimate requests (hits on the web site running there, for example). Such attacks were fairly common in late 1996 and early 1997, but are now becoming less popular. Some things that can be done to reduce the risk of being stung by a denial of service attack include (1) Not running your visible-to-the-world servers at a level too close to capacity, and (2) Using packet filtering to prevent obviously forged packets from entering into your network address space. Obviously forged packets would include those that claim to come from your own hosts, addresses reserved for private networks as defined in RFC 1918 [4], and the loopback network (127.0.0.0), and (3) Keeping up-to-date on security-related patches for your hosts' operating systems. The need for security in communication networks is not new. In the late nineteenth century an American undertaker named Almon Strowger discovered that he was losing business to his rivals because telephone operators, responsible for the manual connection of call requests, were unfairly diverting calls from the newly bereaved to his competitors. Strowger developed switching systems that led to the introduction of the first automated telephone exchanges in 1897. This enabled users to make their own connections using rotary dialling to signal the required destination. Securing and operating todays complex systems is challenging and demanding. Mission and operational requirements to deliver services and applications swiftly and securely have never been greater. Organizations, having invested precious resources and scarce skills in various necessary security efforts such as risk analysis, certification, accreditation, security architectures, policy development, and other security efforts, can be tempted to neglect or insufficiently develop a cohesive, well-though out operational security testing program. Ensure that system and network administrators are trained and capable. Security testing must be performed by capable and trained staff. Often, individuals recruited for this task are already involved in system administration. While system administration is an increasingly complex task, the numbers of trained system administrators generally has not kept pace with the increase in computing systems. Competent system administration may be the most important security measure an organization can employ, and organizations should ensure they possess a sufficient number with the required skill level to perform system administration and security testing correctly. A one-time password (OTP) is a password that is only valid for a single login session or transaction. OTPs avoid a number of shortcomings that are associated with traditional (static) passwords. The most important shortcoming that is addressed by OTPs is that, in contrast to static passwords, they are not vulnerable to replay attacks. This means that, if a potential intruder manages to record an OTP that was already used to log into a service or to conduct a transaction, he will not be able to abuse it since it will be no longer valid. Cisco ASA 5500 Series Adaptive Security Appliances also provide (1) Adaptable architecture for rapid and customized security services deployment, (2) Advanced intrusion prevention services that defend against a broad range of threats, and (3) Highly secure remote access and unified communications to enhance mobility, collaboration, and productivity. The configuration files tend to be hundreds of pages long, and full of confidential information such as passwords, and addresses. The solution here is to ask network administrators to provide output of a script or single command after removing confidential information. This way, the auditor doesn't need to read through a long printout, and can focus only on important information. |
