SMB security

Droid does, but will IT support it?

Verizon’s first Android phones, the Droid Eris by HTC and Motorola Droid, are being released today. The commercials highlight a string of new features not currently available on some other (iPhone!) phones (”Everything iDon’t Droid does“).

Although this new generation of smartphones seems to be a tech geek’s dream, IT might actually be most resistant to new technology when it will impact the business. IT has to decide early on if it’s going to support yet another new smartphone. The BlackBerry was once the standard, and RIM paid a lot of extra attention to enterprise IT support capabilities. IT spent a lot of time getting applications to work on BlackBerry, only to be faced with the iPhone a few years down the road.

The executives (interestingly not the Gen Xers) were the big iPhone purchasers. The C-level brought these new devices in as primary work phones and expected IT support. And since IT is ultimately there to support the users, if the decision makers want Exchange on their iPhones, well, they’re going to get it. IT would have to manage iPhone support costs and risk exposure while working around hardware and OS limitations.

The problem is, IT then has to worry about a new set of security policies (last year Apple’s iPhone and Google’s Android OS both had exposed flaws). Are there remote wipe capabilities? Is there encryption available? Further, the apps the sales team needs to use — for example, Salesforce.com, CRM, etc. — have to work on these new devices.

Although Verizon is offering some Exchange support for an additional fee ($15), recent reports state this will just be a software feature and won’t actually be in the same league as corporate network integration.

Do you really want to manage four sets of the same application (one for each potential device) and four different security policies, five times over?

You have to decide where to draw the line on device support – balancing user needs with business realities.

Why cybersecurity awareness is everyone’s responsibility

October is national Cyber Security Awareness month! The campaign, sponsored by the National Cyber Security Alliance, a partnership that works with the government as well as corporate sponsors, encourages online safety and best practices to protect high-value information online.

And what better time to raise awareness than on the heels of the Gmail/Hotmail/email phishing scam that compromised thousands of accounts. On Oct. 6, news broke that at least 10,000 Hotmail addresses and passwords had been leaked online. The next day, it was revealed that 20,000 addresses and passwords for email accounts from Hotmail, Gmail, Yahoo, AOL, Gmail, EarthLink and Comcast had also shown up on the Web.

Continued »

Heartland ‘low and slow’ data breach not likely at SMBs?

Reporters hear this a lot when it comes to SMB security: The security risks facing small and medium-sized businesses (SMBs) are often identical to those at big companies, only different in scale. The spam and viruses coming through email are as much a plague on SMBs as they are on the big guys. Ditto for worms and bots.

But the malware that surreptitiously burrowed into Heartland Payments Systems Inc. months ago and was just now discovered to have stolen a massive amount of credit and debit card data?

“I don’t think that would happen at an SMB,” says Rick Caccia, a VP of product marketing at security vendor ArcSight Inc. SMBs see their share of “smash and grab” attacks, where some malware breaks through a firewall and steals a bunch of information or infects a bunch of computers. “It’s a big pain for awhile, but then you clean up afterwards.”

But the type of “low and slow” attack perpetrated on Heartland, where intruders plant a bit of malware that quietly collects information, wakes up and spits back credit card numbers to some domain, is not a top risk item for SMBs, contends Caccia, who ran the email and security products for SMBs and large companies at Symantec prior to joining ArcSight.

Never say never, says Caccia, but size matters in data breaches. “That’s a kind of attack you wouldn’t put in a law firm. You’re going to get like, 50 credit card numbers.” Where’s the criminal return on investment? In contrast, Heartland processes more than 100 million credit card transactions per month.
But there is a “low and slow” attack that SMBs do need to worry about, he says.

“The [Heartland] attack is similar to these botnet infections where users go to a bad website and pick up a new bot.” Like the low-and-slow attacks, the bots are hard to catch, says Caccia.

“They just don’t send much traffic, so the antivirus vendors can’t create signatures for them. They sort of lay there quietly, wake up and spit out some spam,” he said.

The data breaches most likely to affect SMBs, he contends, bubble up from within, from malicious or ignorant users accessing data they shouldn’t.

“Despite the flash, I am not sure all these credit card harvesting [schemes] are actually something they have to worry about,” Caccia says.

Do you agree that you don’t have to worry about the Heartland-type data breach? Do you go after bots — and if so, how is it part of your SMB security strategy?