Category : Security/Compliane

VMware, LG Implement Virtualization on Android Based Phone

As smart phones are becoming the standard these days, it becomes challenging for businesses to keep track of and handle all of the personal devices that are compatible with the corporate environment. Well that quite soon could become something of the past as VMware and LG have teamed up to bring you virtualization on the smart phone.

At the Mobile World Congress in Spain, VMware and LG showed off a technology that essentially allows you to run multiple instances of the Android OS on a single phone. You immediately think of virtualization and say there is nothing new here, but I would say you are wrong. Basically what this technology presents to businesses both small and large is the ability to easily manage and control access to their corporate systems. You can run your own personal apps, check email, and make calls on your personal profile while almost instantly switching to your corporate profile. This would allow you to then access work contacts, run business applications, and connect safely to your corporate network. The best part of this is that the virtualized instance runs directly from an SD card. Check out the video below.

Personally I think this is great news for IT firms and businesses that have tried dealing with the ever so difficult task of monitoring and managing smart devices and their access to the network. It allows them to simply load the necessary applications and email accounts onto the virtual machine that resides on the SD card and put it in a user’s phone instantly allowing them secure access to the network.

Then in case of termination, losing employees, and lost devices, the IT staff can remotely lock or wipe your profile. This all can happen without affecting any of your personal data. If you leave the company, all they have to do is remove your smartcard and they are done.

This sounds like a very cost effective and easily controllable solution for a lot of businesses that are worried about mobile security. I really would love to try this hands on if the opportunity ever presented itself and I am really eager to see where they go with this.

Check out the video here!

[youtube]http://www.youtube.com/watch?v=LkUfKgsUbns[/youtube]

Cheap and Reliable Wireless Solution

Here in recent months bva has been asked by more than one client for a reliable wireless solution that can cover an internal and external office area.  There are several great products out there that are perfect but also become very expensive and can really rack up the cost after software, routers, and access points are purchased.  It really ends up being a very complex system that requires a server and management.  Of course that is one more unit to manage and patch, which can be painful.  bva‘s goal here is to make things easier and reduce management time if possible.  That being said we went out and tried to find a product that was hard-coded which was an appliance that really allows for easy management that is cost effective.  This solution is under $700 which gets you a router and two external/internal wireless access points.  This unit also comes with an easy GUI interface that allows easy management and control which is huge.  It is important to perform an assessment that addresses the following questions:

  • do you understand the architecture of the building; angles; materials (sheet-rock, block, metal, etc)?
  • needed access point frequency?
  • coverage area per square feet inside and outside areas?
  • physical limitations/other signals present?
  • what is power options for the proposed area?
  • connectivity for the AP locations needed to occupy?
  • do you have POE switches in that area or will each Access Point need it’s own power?

Mobile Security

Have you ever thought about mobile security for your business? Well you should? Mobile security is going to be a huge concern for companies in the next few years because of the masses of new smartphones and tablets coming to the market.

According to a Q4 2010 report done by McAfee, cybercriminals have a “window of opportunity” to attack multiple mobile platforms. The biggest of the threats is Nokia’s Symbian OS. The report also included the fact that there is a direct correlation between device popularity and criminal activity.

The new mobile devices are hitting the market months before security software even exists for them. The sheer amount of mobile devices without security could lead hackers to target these devices for botnet infections. According to McAfee there has been a 46 percent increase in the amount of threats than in 2009.

What can you do? Well at BVA, we believe that your network is first priority whether it be your server, workstations, or mobile devices. We suggest that you thoroughly evaluate the devices that you are allowing on your network. Don’t be afraid to do a little research and look into possible security holes that may be found, or if anyone has found issues with the devices. It is not a bad thing to standardize the devices that are allowed on your network, especially when there are so many that it is hard to keep up with them all. It is always a good idea to ask your IT vendor if devices are safe.

Also, establishing a company wide mobile security policy is another great feature. When using ActiveSync, you have the option of setting certain security features on your mobile devices, such as allowing or denying the use of removable storage, cameras, Wi-Fi, internet sharing and more. You can also allow or deny the use of unprovisional devices and enforce password policies. In today’s small to medium sized businesses, these policies are often overlooked and can potentially put your network and data at risk.

MAXA Cookie Manager Pro 5.0

It always amazes me how some people create a tool that makes things easier for people and then other BAD people come along and take advantage of that tool to benefit themselves.  Browser cookies were invented to make surfing simple HTML Web sites easier. A cookie can store any personal information you’ve given to a site, so you don’t have to enter it again when you click a different page on that site. Nosy webmasters have invented methods to steal your private information using cookies.   New cookie types that aren’t easily deleted have emerged. MAXA Cookie Manager Pro 5.0 ($35, direct, for two licenses) identifies and manages all types of cookies including the self-restoring “evercookie”. It protects your privacy and security, though the implementation is a little sloppy.

Cookies can also store preferences and other information that you’ve entered on a site, so you don’t have to enter that data again. The cookie itself is a simple text file that’s stored on your computer and that, in theory, is only accessed when you revisit the corresponding Website.   For example, the site can identify what browser you’re using, tell what page you linked from, and even get a rough idea of your physical location. Combining this data with any information you’ve actively shared, a site can find out quite a bit about you.

Given the possibility of inadvertently revealing private information, some users may be tempted to disable cookies entirely. Unfortunately, many perfectly valid Web sites just won’t work without cookies. Even when standard cookie handling is disabled, Web sites can utilize non-standard technology or browser-independent cookies. One researcher has created what he calls the “evercookie,” which stores data in multiple local repositories and uses this redundant storage to rebuild any deleted components. In the modern world, you can’t thoroughly control cookies using browser settings and manual deletion.  MAXA supports seven popular browsers: Internet Explorer, Firefox, Opera, Safari, and Chrome. On installation it ensures that the supported browsers are configured correctly for cookie management. It also checks settings for Flash, Silverlight, and Skype, all of which include cookie-like technologies.

During installation, the product lists several dozen popular Web sites and invites you to check off any that you use regularly. Checked sites are whitelisted automatically, meaning the product never meddles with their cookies. Naturally, you can edit or add to the whitelist at any time.  After installation, MAXA scans the computer for cookies of all kinds. When I ran it on the system I use for e-mail and editing, it turned up over 3,600 cookies. Most were ordinary browser cookies, but it found several examples of advanced-technology cookies specific to Internet Explorer and Firefox. It also found a few Silverlight-based cookies and a slew of Flash-based ones.

Streaming Music

A number of my clients like to listen to Internet radio stations, like Pandora, at work. Why not? They have a perfectly good computer and it has a perfectly good sound card and a pair of speakers. What is the problem?
The problem is Network Performance.
What I find is that a lot of small businesses have limited amounts of available bandwidth to and from the Internet. A common pipeline is the old standby T1, which is about one and a half Megabits per second, or a Fractional T1 which can go a lot less; plenty of speed for users who need email or to browse the Web.
And hey! Pandora works GREAT! But here’s the catch: the free version of Pandora offers 64 Kilobits per second of streaming media to your desktop. And since it is streaming, that is a continual flow of data, as opposed to the short bursts of bandwidth used in surfing the Web.
OK, you say. That’s only 64K – we have a T1!
Well, that’s true, you do. But that T1 is being used for a number of other things, like your email and your web server and possibly remote access… there are a lot of services you and your co-workers use that are making use of that T1 pipeline to the Internet. Your little 64K is likely to go pretty much unnoticed. But what if you are not the only one listening in? A couple of guys in Sales, and maybe someone from the Art Department, the numbers add up. Each of these computers is using up 64K, so multiply that out – ten users is 640K, or nearly half of the total available bandwidth for your company!
Further, Pandora offers a better-sounding version, with no time limits, called Pandora One, and it’s pretty cheap. It offers 192K streaming!
I don’t mean to pick on Pandora in particular – that is just the most common name I’ve been seeing lately. Many of the radio stations in existence on the airwaves also offer Internet streaming, with varying levels of quality. The rule of thumb here is that the better the quality, the more bandwidth it is using up. And multiply that out by the number of users listening in from their computers – pretty soon you begin to see some heavy slowdowns!
I personally am a big fan of music while I work – but an MP3 player or a collection of CDs, or even a real, old-fashioned radio might be a wiser choice for the workplace!

Expand Your Anti-Malware Toolkit

When dealing with malware and viruses on Windows systems, often one tool is not sufficient.  You may need to expand your tool set to include multiple applications in order to effectively clean off an infection or threat.

  • Turn off System Restore. This can be done in the System control panel. Don’t forget to turn it back on when you’re finished!
  • Clear temporary internet files (IE cache) for all profiles.  If you’re only dealing with a single-user computer, this is easily accomplished with the Internet Options control panel. If multiple users login to the infected computer, rather than manually deleting for each user, you can use ICSweep to view and delete the IE cache for all users.  Originally designed for terminal server environments, ICSweep works well on desktop operating systems, too.  You can download it here:  http://www.ctrl-alt-del.com.au/CAD_TSUtils.htm
  • CCleaner is also effective at cleaning out the IE cache, but only for the currently logged in user. http://www.piriform.com/
  • Boot the computer into Safe Mode with Networking, if possible, and launch your anti-spyware application. Safe Mode prevents many unwanted services & processes from running, but if you use the networking version, you can still update the definitions for your apps.  However, this isn’t always possible, depending on the nature of the infection, so you may need to boot to Safe Mode (with no networking) and manually update from another source (eg. USB drive).
  • I have had success using Malwarebytes’ quick scan for basic infection & removal. http://www.malwarebytes.org/.  Recently, I’ve found Hitman Pro to be very effective in detecting and removing root kits and boot sector viruses, such as Alureon.  http://www.surfright.nl/en/hitmanpro
  • You may need to boot to a CD, or use another method to scan externally, if you’ve got something that’s really entrenched.  There are many Linux-based “Live” CD images available for free download: http://www.knoppix.net/ or you can manually create your own Windows Preinstallation Environment (PE) CD http://technet.microsoft.com/en-us/library/cc766093%28WS.10%29.aspx Microsoft’s Diagnostic & Recovery Toolset (DaRT) includes ERD Commander disc images, and also includes Microsoft Security Essentials for offline scanning.

Securing Your Network

With the proliferation of Information Technology (Companies) and the efficiency it gives businesses today, securing your network against SPAM, viruses, Malware and Hackers  has become vital to survival.  The very technology that has allowed businesses to become so efficient and productive also brings the risk of catastrophe, if that technology fails or is compromised.  Therefore, it is vital that any business that relies on IT for its productivity make sure that they have taken practical steps to secure their network infrastructure.

There are several areas of concern when considering securing any IT network, including user access control, data backup and protection, firewalls, etc., but for the purpose of this article the focus will be limited to protecting a network from viruses, SPAM, and other Malware.

Most computer users are familiar with the need to protect their computers from viruses and most companies have antivirus software installed on their servers and workstations.  However, one of the biggest threats to network functionality comes from email.  Emails are delivered directly to the user’s desktop and can go through firewalls as well as virus scans, depending upon the nature of the Malware they may contain.  Then, if a user inadvertently opens the infected  email and perhaps clicks on the links it contains, they can infect their workstation and alow it to spread to the entire network.

To secure the multiple points of potential infection it is recommended that email be scanned by a third-party SPAM filtering, Malware, and virus protection vendor before being delivered to the company’s Exchange or mail server.  The company’s firewall should also be configured to only accept eamil from the third party scanning servers.   This will vastly reduce the SPAM  getting to the company Mail server, and stop known Malware.   Finally, the Exchange or mail server should also have virus and Malware software running on it.  Why, since the mail is supposedly checked before delivery by the third party scanning service?  Because users can bring in infected laptops and connect to the network behind the firewall, users can also access webmail from their personal accounts  and bring Malware into their computers directly.  Also, users can get Malware from websites they visit.    When this happens the virus or Malware must be stopped on the network side of the firewall and to do that requires that the proper software be installed directly on the Exchange or Mail server.  A recommended antivirus anti-malware solution for a typical small business network is illustrated below in figure 1.

Figure 1

iPads Usage Up – Businesses have bought 2 Million Units

I was at a conference last week and saw a funny thing that I did not think would ensue so quickly in the technology and business environment.  Sitting in the meeting with 25 other people, both business and technical folks, about 80% of them had iPads which was shocking really.  More and more with our client base, iPads are starting to take over as the presentation tool and fun toy for the “c” level executives.  Several of my own team member here at BVA own and leverage iPads in business activity, but for the most part it’s not adding value in my humble view in a business perceptive.  It’s definitely moved into the benefit category as opposed to the NEED one.  That being said it is a nice product that has it’s place in the residential side as well as the educational sector.  The unit is not very secure and has alot of the security risks associated with the iPhone.  ??The iPad can be used to access networks via RDP session (remote session) and actually works very well and quick on the 3G network but that still raises the question of security and access points for your network.  I read an article here recently, that talked about how popular the iPad is with business and that a research company estimates that 2 million iPads have already been bought by companies with 1-99 employees. That is hard to believe but its a fact, the adoption rate is higher for companies with at least 20 employees.

The research article surfaced that the common uses for the device include demos, presentations, email, and Internet browsing. Larger businesses also use them as a tool when speaking with customers. Most of the businesses are using the iPad as a new gadget; it is not replacing PCs or other devices.  The research company believes that notebooks, netbooks, tablets, and smartphones will continue to coexist in the future as data moves into the cloud. Technically does not provide further statistics from its survey or the number of people and type of survey it conducted. Having said that, it is encouraging to see small businesses adopting a device like the iPad.

It will be interesting what Apple decides to do with their new market share in the business segment.  Will they decide to alter their OS code to be more desktop centric?  It’s a great way to penetrate a market that Apple quite frankly has ignored.

Social Viruses

The other day, an acquaintance had sent me an email with the following content:

How to protect your e-mail address book

A computer repairman says this is like having gold.

This is a good thing.
I learned a computer trick today that’s really ingenious in its simplicity.

As you may know, when/if a worm virus gets into your computer

It heads straight for your email address book,

And sends itself to everyone in there,

Thus infecting all your friends and associates…

It went on from there, detailing a scheme to foil malware through the creation of a fake email address in the very beginning of your address book.

The sender, in all fairness, sent this to me to vet before he passed it on to everyone he knew – that was the unusual part.  Normally I receive these emails as a part of a mass-mailing, delivered as Gospel Truth by some well-meaning friend.

First of all, I NEVER forward ANYTHING that was sent to me in a mailing list – especially if it says “Send this to everyone you know!”, even if it threatens me with bad luck!  I know that the purpose of these messages is to cause well-meaning but gullible people to clog up email systems and bring mail servers to their knees. They play on one’s sense of guilt, sympathy, or sense of humor to encourage you to do their dirty work. They NEVER have any other purpose.

On those rare occasions that some new message actually tempts me to pass it on (and this can happen to anyone who is not paying attention – these are designed for it!), I know I can Google the subject or the first line of the message to see what’s REALLY going on.

One of my favorite resources is SNOPES.COM. A Google search of a message like the sample above will almost always turn up a hit from Snopes.  Read what they have to say – it’ll generally cure your momentary weakness. And if the sender is a friend, you might want to send the URL for their particular message back to them.

If you are interested, the information on the above message is right here.