The IT Security Attaché

Good day to you,

If you are a security vendor that provides solutions for mobile devices I am interested in talking with you about being a part of our MESS in February. Please feel free to contact me directly for further discussion.

Here is more information about the summit.

The Summit will be focusing on the proliferation of mobile devices (laptops, Tablet PCs, Pocket PCs, UMPCs, Smartphone’s, media players, mass storage devices and add-on cards) and the threats they present to the consumers/businesses and the data that resides on them. We will provide the products and solutions that will allow the management and control over these devices through the endpoints.

Live hands on demos will be available. There will be test/demo systems configured and setup to facilitate the effective use of the information and products being presented and demo’d. There will be mobile devices from the industry vendors such as HTC, Palm, Motorola, Google, Samsung and more.

We are all aware of how these devices can be used to steal data/information off the target system unbeknownst to the user.

The Summit will focus on 3 key areas of mobility and security.

1. The Devices – A look at the mobile devices on the market today.

a. Netbooks, Laptops, Tablet PCs, Mini PCs, UPMCs
b. Smartphone’s/Pocket PCs – HTC’s, Motorola’s, HP Smartphone’s, Samsung, Cell phones
c. Apple’s iPhone and Google’s Nexus One
d. Media Players – iPod’s, MP3 players and more
e. Mass Storage Devices (USB Flash drives, Compact and SD cards, mobile phone memory sticks, and more)
f. Wireless capabilities – Infrared, Bluetooth, Wi-Fi, WiMax,
g. The Operating Systems – Windows Mobile, Symbian, Apple, Android

2. The Threats – A look at the threats that affects these devices and how they are targeted and attacked from internal and external sources.

a. Viruses/worms proliferation from devices to network to world.
b. Unauthorized connectivity to and from unscrupulous devices and sources (wired and wireless).
c. The use of these devices for storing critical business data and information.
d. Sharing data and information to and from the device through messaging and wireless connectivity.
e. The availability of over the air messaging and other communications tools and the problems they present.
f. Data loss/Theft of these devices and the business impact it presents.
g. Addressing the myths about over-the-air wiping of the device and why it is not effective today. The device is still a threat if lost.

3. The Protection – How to manage, protect and secure these devices from the threats.

a. How to manage the devices on and off the network.
b. How to protect and secure your endpoints from these unauthorized devices.
c. How to secure the devices against malicious codes (viruses, worms, Trojans, keyloggers, hackers) with viral protection.
d. How to secure the data/information residing on the devices local store and storage cards with data encryption.
e. How to secure the wireless connections of the device.
f. What to do in the event of a device loss or theft – the incident alert/response, damage control and alerting process.
g. How to make the over-the-air wiping feature effective and to mitigate the loss of data if device is lost.

Please feel free to share this request with any vendor that may find it of value.

Thank you and have a great day,

~Brett A. Scudder~

Good day to you,

Every day I talk with people across all vertical markets, business sizes, organizations and cultures about the IT Security issues being faced in our world today and how it impacts our everyday lives, and it is becoming one of those awakening kind of issues for many. Whether they like it or not, they know they are affected in one way or another. While most people tend to try and figure out if and where they fit into this Matrix, the recent mass media explosion of the Conficker worm created somewhat of a sense of understanding as many now saw it from a non technical aspect and as what it really is, a people problem.

As a security attaché, I have relayed this message of IT Security being a people problem and not an industry one for years but it doesn’t resonate well for many because they didn’t understand the matrix and how it worked. Now that they saw and heard of it on the TV (which is an even bigger influencer on people today), the same things we IT people have been trying to tell them now makes some kind of sense. Let us take away the fact that whether the media coverage on the TV was doing much justice or help for the issue(s), it did add a well needed visibility to the scope of the problem and that was very well needed today. It would be nice if we say a segment on the news specific to The IT Security Threats Landscape ~TITSTL~ and issues in and around it. They could bring in some professionals in the field to talk about the issues and what is going on and how people can protect themselves in it. That would be a well needed thing to see at that level today as we are going into this vast technology future of ours which we’re taking head on without looking at the real implications and effects of it.

The logic behind the issue is simple, because your system(s) are up and running and have not been wiped out nor shut down by a threat doesn’t mean it is safe, secure or threat free. In many of my health assessments I have shown the owner my findings of worms, trojans and other blended threats that are sitting on their systems because of lack of proper security solutions to protect them or the improper configuration of the solution being used. The fact that they are there is one thing, what they are doing is something else and both are critical issues to ponder.

While many will refute this fact, I have seen, worked and handled enough of these cases to state as a fact that many fall into this area of The IT Security Threats Landscape. A resident rootkit, keylogger, worm or whatever the variant may be, is actively working its way through your system and causing some form of data loss/theft or compromising the state of applications, connectivity or system stability that we security professionals deem critical. Here is another way to look at this.

If you went to the doctor for a cough that has been bugging you for a while and he says to you, you have a chest or respiratory infection would you tell him no?

If he says to you that you need antibiotics and some cold medicine do you tell him no?

Why not?

Because, this is his field of expertise and study and as such he can make this assessment based on his knowledge of the issue and the facts he has from testing you.

Are you a medical person to dispute his statement and will you seek a second opinion from someone else?

The fact that you’re still alive and well (somewhat, depending on how you define well) does not negate the reality of the issue that you are infected with something that is causing some kind of issue/effect on the body resulting in that cough which in our field of IT we would call an early warning. So, this is the same way in which we look at the IT Security issues of today and how people tend not to look at it. They haven’t gotten that early warning of a cough because the system hasn’t picked up on it yet and when it does happen, because they have not fallen and can’t get up this is not a critical issue. The system becoming slow and unresponsive is that early warning and at that stage most people tend to seek professional help depending on the need/use of the system and how critical it may be for business or even personal use.

So here we stand dealing with people who are harvesters of thousands of people’s information and things about them (whether you know or like it) and they rest idle to this decadent behavior and mindset. Yet, unchecked, their systems sit comfortably hosting these blended threats which are sending/stealing critical private, personal, financial data/information to these hackers unbeknownst to them. The careless whisper of ignorance to these issues is the driving force behind the growing success of such threats today. A hacker have so much more to gain from you giving it to them than for them having to go through getting it from you and is why the botnet issue is such a growing one today. The use of keygens, crack files, peer to peer (P2P), unpatched applications and systems makes it so much easier to exploit what is available that one tends to wonder when and where does it end. It ends with user education and awareness on and about the threats landscape and what these issues are. It end when people start taking this seriously and realizes that you’re just as much a victim as anyone anywhere if you’re not protected properly.

It ends when you stop saying I have anti-virus protection and so i’m ok when you know you haven’ renewed that subscription over six months ago and so you’re missing all the latest and greatest signature based protection that it should provide. Anti-virus alone CANNOT protect you from the threats out there today, it has to be a layered approach where various solutions are in play to cover the needed layers.

It ends when you wake up from this illusion that my OS is more secure than the other and so I don’t have to worry about these security issues.

It ends when we stop underestimating the knowledge of your youths and start educating them much early on the proper use of the internet and the functions and features of it. IT Security must be a part of the school curriculum today as technology is our future for tomorrow and they are our next generation of professionals and leaders.

It ends when you start accepting the fact that you are as much a risk to me as I am to you if we’re not practicing basic IT Security best practices.

It ends when you stop taking the cheap way out of operating a business when hosting people’s private and confidential information which is priceless to them and they trust you to keep it secure. Have some respect for your customers and let them rest comfortable knowing that you have their best interests at heart in properly protecting your infrastructure.

It ends when you realize that these threats are released in the wild with no specific targets but the system(s) you’re using which unfortunately is in the homes, schools, workplaces and places of general interest.

The treats are not specific to government and their systems. It is not specific to the private or public sectors. It is not specific to the educational institutions and it certainly isn’t targeting the healthcare sector only. All are affected and are in the path of these threats because, they are all sharing the same interconnectivity transport medium, the internet and the internet respects no one and has no boundaries.

It is time that people take this as a basic part of their lives where one does not get consumed on questioning the validity or severity of the threat but questioning the readiness of themselves and their systems to face them. While our government may understand the real scope of these issues, their efforts to create effective management and policies to protect the country’s infrastructure are missing critical elements, the people and the roles they play in strengthening the protective layers or being a weak link and point of entry/compromise for what is being implemented. Unless we strengthen the people through education and awareness they will always be a weak link in the chain of protection.

When a company is hacked or they lose their data by whatever means there is, who suffers the most, the employees, the end users. The company suffers a data loss or has a breach but the actual data may be your private and confidential information. Even if the company loses its financial data, it has a much better recovery rate through insurance and such than an individual who now suffers from the loss of privacy and here in the US, credit ratings.

Think about the many places that have information about you that you consider to be private and confidential. Your employer has your social security info (and possibly family members who are covered by you), some financial info for direct depositing of your paychecks. Your 401K info. Health and life insurance info.

Your doctor has your private health records and, results. They have your family’s private info as well as some kind of visit may have been had over the years and that info is in the system.

Your bank has all your financial info and records. They may have your mortgage info as well (if you own a home). The car loan and all the info in it. Student loans and the works.

So think on these things and when you look at all of them, who is most affected in the event of a data loss or breach at any one of those kinds of organizations or businesses, you, the end user, consumer, employee.

IT Security is a people problem and must be dealt with accordingly. It is not about selling security, it’s about creating greater education and awareness about it so we can all contribute towards upholding the strengths of the protective security layers that are there for our protection.

Stop asking if this is real, ask yourself, how do I protect myself, my family, my business, my country from these elements and there effects. This is REAL.

When in doubt, reach out.

~Brett A. Scudder~

The IT Security Attaché