* Posts by RykE

3 publicly visible posts • joined 22 Aug 2012

REVEALED: The gizmo leaker Snowden used to smuggle out NSA files

RykE
Go

Re: Root password, sure, but why wasn't the data encrypted?

Data should be encrypted at the file level with user access rights assigned to only those who require access... a la PGP NetShare, as an example.

RykE
WTF?

FEDELST

The practice of disabling USB, although an effective countermeasure for the protection of the casual removal of information, is merely part of the equation, and should not be the sole mode of protection from such threat. More evolved systems including data and resource access controls according to user rights and information classification levels, and intelligent data loss prevention technologies afford visibility and control to the protection of confidential data.

Eliminating the USB service reduces valuable functionality which the USB interface affords system users and admins. Technologies such as those developed by companies such as SafeEnd and Unatech afford security administrators the ability to implement USB firewalls where only registered devices, and actions can be permitted, and logged. All other actions on the USB channel are restricted and attempts are reported.

The actions of Snowden and Manning were due to a seachange in policy in US Government internal computing environment where after 9/11 everything went from 'need to know' to a 'need to share'. The US Government had determined that it was more important to have access to tools and information which could aid employees is their ability to identify threat, than lose this visibility due to restricted information access.

The failure here was clearly due to the lack of any visibility to anomalous behavior, the failure to identify and report access and downloads of volumes of data, access to information not specific to the users job function, and any reasonable level of accountability for security practices.

It is my opinion that the old 'restrict USB' ethic is dated, and by doing so complicates system administration by eliminating a valuable system resource. I say better management and monitoring is the key here. Besides, no user, with access to any secure environment should be permitted to carry any personal device capable of storing, encrypting, obfuscating or redirecting data.

McAfee puts Barnaby Jack on car-jacking hackers' case

RykE

When Gadgets Betray Us

A good read on the topic is 'When Gadgets Betray us' by Robert Vamosi... truly informative and entertaining

http://whengadgetsbetrayus.com/