The Vital Importance of Completing Your Data Security Perimeter
It has been called “The Perfect Weapon,” above and beyond the research studies we’ve mentioned before, the studies proving that even the most disciplined associates are quick to plug in a USB flash drive. There is real-world history already in the books that the physical compromise of your data system – through connectors and data ports – is as great a threat as the most ingenious hacker or cyber-warfare specialist. And human nature is what elevates that threat. The stakes for using data, server, and network security tools and products could not be higher, and yet the access for compromise could not be simpler.
Even the smartest people are susceptible. And even the most disciplined military and security personnel are not immune to this impulse to use a stray thumb drive. So, data, server, and network security tools and products should be a basic part of your cyber-defense plan, because, without them, your security perimeter is open at the front gate. Despite all the policy manuals, warnings, signs, and security cameras that can be directed against it, the impulse for a person to add to his or her personal storage and transfer tool kit is somehow more powerful.
An operation was conducted recently by the national security service of a fellow NATO country recently in which anonymous flash drives were deposited on desks and floors and in coffee rooms and conference rooms at the offices and work facilities of several defense suppliers and military installations. All of the Trojan horse flash drives were not only picked up and plugged in – to systems unprotected by data, server, and network security tools and products – but also used more than once, at more than one data port. Yes, the usage rate of the planted thumb drives was greater than 100% in this research study. Fortunately, the stray flash drives contained nothing more damaging than a program that enabled researchers to trace their use.
In a less dramatic study that further underlines the need for data, server, and network security tools and products, a controlled experiment at the University of Illinois concluded that a flash drive attack is not only effective, with an estimated 45% to 98% of dropped drives connected, but also expeditious, with the first drive connected in under six minutes. More than half of thumb drives that were left in parking lots were picked up and plugged into PCs within hours of being found.
The Highest of Stakes
In a landmark book, “The Perfect Weapon – War, Sabotage, and Fear in the Cyber Age,” reviewed on NPR, New York Times national security correspondent David Sanger reveals that experiments are not the only projects in which “found” thumb drives were the weapons of choice.
In 2008, Sanger writes, a National Security Agency employee found evidence that Russia had deeply penetrated a critical U.S. data network called SIPRNet, used to communicate among the Defense Department, State Department, and some of the intelligence agencies. How did they get access into such a well-guarded cyber-asset? Thumb drives.
Some USB flash drives had been distributed to unknowing people, and some had even been scattered in parking lots in the Middle East. In the absence of data, server, and network security tools and products, all the training and discipline and security indoctrination that we can well imagine the DoD could muster did not prevent military, intelligence, and diplomatic personnel from plugging the little memory sticks into their work devices. Rather than malware, these particular devices contained “beacon” programs that enabled Russian intelligence to simply read our classified mail, access our analysis, and know what we know, all without revealing themselves.
And they got in through the USB ports.
These stakes might be the highest we can imagine, and yet it took no genius to get in the system. Without data, server, and network security tools and products, all it took was just human nature.
The Importance of Data, Server, and Network Security Tools and Products
Whether the threat is a vicious, ingenious attack, or just casual carelessness – and it seems that both hazards are of at least equal importance today – the solutions to the physical network access threat are, fortunately, just as visible as the threat. The Connectivity Center deploys dozens of devices that overcome these threats of attack or infection. We offer you an evolving array of USB port blockers, network port locks, and fiber optic port locks.
To keep your operations running smoothly by allowing access only to authorized personnel, the Smart Keeper series offers port blocking with the additional feature of serialized keys. With Smart Keeper, you can make sure that access goes only to those persons with “need to know” and “need to use” authority within your organization, without the expense and complication of Network Access Controls. Users report, too, that the presence of a Smart Keeper port blocker effectively reminds those authorized users of the importance of that access, and their own responsibility for not running the risk of attaching an unknown or personal device there.
The visible circulatory system of your data network, the cables that connect computers in your network, are another point of vulnerability that can be protected by data, server, and network security tools and products. A malicious user can simply unplug a device from the opposite end of a tethered cable. This other way into your network can be effectively secured with Link Lock connectors from The Connectivity Center. Still another layer of computer network and information security can be added with the Link Lock Hub, which not only serves as a secure USB hub for your attached USB device, but also locks your devices so that they cannot be removed without authorized access.
The Connectivity Center reminds you that your cyber-security profile cannot come close the 360-degree computer network and information security protection demanded by today’s environment until you secure the ports and connectors within your computer network through the use of data, server, and network security tools and products. The product portfolio and the programs we offer include many other options to suit your system, your goals, and your threat profile.