Enterprise information leakage, in addition to information systems, but also through physical channels, a number of industrial espionage to be no suspicion of defrauding employees of the company confidential information. The Culture and Education How do you stop these people.
Enterprise information leakage, in addition to information systems, but also through physical channels, a number of industrial espionage to be no suspicion of defrauding employees of the company confidential information. The Culture and Education How do you stop these people.
U.S. companies each year because of hacking and illegally intruded into, physical security incidents and other criminal activities suffered the loss of up to 300 billion U.S. dollars. A company may become a target of espionage, regardless of financial data, intellectual property, or customer data, the spy who are interested. Spy physical invasion of the most common motive is to engage in industrial espionage.
Following is commonly used by spies several means, the experts on the basis of this proposed approach to stop.
Channel 1:
Employees into the company behind the spy
Spyware companies most likely to sneak into the way technology is also one of the lowest levels: the main entrance from behind the authorized staff to enter. According to statistics, 90% of the companies too easily into. In order to get mixed, with a spy may be a cup of coffee or a sandwich or wear false identity papers Taiyaodabai access. The regulations also prohibit smoking for espionage through the back door into the building to provide convenient, because smokers often gathered in the back door Tunyuntuwu. In addition, there are many people directly through the door into the delivery.
Once the spy into the company, in many ways to sensitive information. They can impersonate IT support staff, copying documents unattended. Or simply to empty conference room, with access to notebook computers, from access to data on corporate networks. In many cases, several espionage cases together, posing as a consultant, posing as another employee, if someone walked into the past, expressed regret spy on, pretend, "is scheduled to repeat the meeting room," then Shankai.
Stop approach: We can not simply the development of security policies on Wanshi, must implement: If someone is unable to prove that their employees, security personnel, reception and other staff shall not be allowed to enter the building. Many companies also report on suspicious persons formulate a clear point of order.
Two channels:
Spies posing as employees
Spyware is often disguised as IT support staff, sitting in the previous user's PC, no one would doubt their identities. Some spy waiting for opportunities to find the office empty; In other cases, spyware will be posing as cleaners, the company managed to get after work.
A company has to employ experts to find the security flaws, but asked him to avoid the use of the system CEO. However, to leave the CEO in his office, CEO's assistant asked him: "You want to update the CEO's computer» "In this way, he sat the" Fortune "Top 50 companies next to the CEO's desk. Although he avoided as far as possible to see any of the above sensitive computer information, a more sensitive information will not work if you do not see. This is indeed a Taida Yi.
Stop approach: First, to enhance staff safety awareness. Most companies rarely in strengthening the awareness of staff have input, the majority of people think that building in general be OK. Lawless elements used precisely this mentality. Companies need to provide what is appropriate and what is inappropriate, then the implementation.
The second is to use protection tools, such as a password screen protection for data encryption, and has requested access to a large number of employees (for example, IT managers and executives) use a strong password. It is regrettable, however, most networks have not taken adequate and effective protection, many companies set up a common and stupid passwords, these accounts is often a password.
Finally, the importance of the need to classify information, and the priorities for storage. Even if only to the IT managers and senior staff of the accounts implemented encryption, can also solve the problem of 70%.
Commercial spy everywhere
Three channels: spies posing as visitors
Another sneak into the company is posing as a means of legitimate visitors, such as telephone or electrical Weixiu Gong, burglar alarms or fire department inspectors sent to check the smoke alarm and other staff. Spy bought fluorescent T-shirt and work boots, and then downloaded from the Internet Hot Stamping logo, posing as a dress, as long as the package will spend the first seven U.S. dollars. But security experts posing as visitors in the building Zhuanyou company, found detailed information on customer accounts, payroll data disk, with the default voice mail guide, advertising expenditure information, bank statements, Staff Directory, and filled the company's strategy notes The whiteboard.
Stop approach: an attempt to enter the building must verify the identity of the foreigners, and not only verify identity. Employees should be required to visitors at his employer's name and then check the information online, then call the other side, to ensure the accuracy of visitors. This is very cumbersome, but it is very necessary.
Four channels: Web applications through espionage theft
Not all spies have adopted a low technology content; According to SANS Institute in 2007 released the top 20 Internet security risks report shows, more and more people in the use of Web application security vulnerabilities. Report of the existence of loopholes in the Web application as the first Dah Sing emerging risks, it can lead to strokes in the site, data theft, computer has been connected to the endangered sites. The report said, Web application attacks in 2008 will be substantially increased.
To stop: The Web scanning tools can help find application loopholes with the source code if the assessment tools and application penetration testing a combination of better results. SANS Institute proposed inspection of the targeted Web application framework, and adopt corresponding measures for reinforcement.
Channel 5: spy bribe-house staff
Engage in espionage destruction is an effective means of bribe-house staff and theft of information. This often means high-tech ride and not the top, as long as the use of existing staff access, you can download large amounts of data.
To prevent: the use of access control and should take the initiative to review technology. For example, if a 30 day visit record, but a sudden visit to 100 records every day, then this is a dangerous signal that needs attention. In addition, if employees suddenly begin to access data from home, but also attention. With anomaly detection procedures can be found in such acts.
Moreover, the use of the operating system's access control capabilities are also important. People did not spend very much time to a reasonable allocation of these features, many employees access to the actual task beyond the completion of the necessary access.
Anti-hacking technology to
Six channels: "keystroke recorders" theft
Sneaked into the building can be installed inside the spy keystroke recorders. Such equipment will be the keystrokes of computer users through the e-mail to the address specified, but also to save keystrokes in the flash memory. Many keystroke recorders were found almost impossible, such as directly connected to the keyboard connector of the keystroke recorders. There had been such a thing: spies posing as office cleaners, use of such tactics from a British bank Qiede almost 300 million pounds.
Block approach: a comprehensive examination of the physical computer equipment. If unable to fully inspect the computer, the glue can be used to connect to the computer keyboard are all Nianlao so keystrokes on the keyboard to connect.
Channel 7: theft through phishing
Phishing is a use of social engineering tricks, espionage aimed at trick people into disclosing information (such as the password) or jeopardize the implementation of the operation of confidential data, such as clicking on the link, thereby allowing others to remotely control the computer. In fact, phishing is the most important one of the Internet security risks.
Stop approach: continuously strengthen their security awareness, through the exercise to simulate phishing act. The company also should be avoided in public sites reveal too much information, including the company logo and employee's email address.
Another solution is to disable the computer USB port, or use a centralized tool to restrict the use of ports and external equipment, which will increase the difficulty of espionage export data.
Edit by: securitysofts
No comments:
Post a Comment