You can't secure what you don't acknowledge.SM

Thursday, November 4, 2010

Interesting findings from Venafi on encryption management

Information security vendor Venafi released a survey at the October Gartner show that has some interesting findings related to encryption management:
  • Organizations anticipate a 27% year-over-year certificate and key inventory growth rate
  • 85% of organizations manage encryption certificates and private keys manually via spreadsheet and reminder notes
  • 78% of organizations have experienced system downtime due to encryption failures in the past 12 months
Given what I see in my information security assessments - how many in IT often struggle to find newer ways of managing and securing their environment - none of this surprises me. It's often home-grown solutions sticking around, the general perception that policies can be enforced and processes can be followed without the right technologies in place and a general lack of leadership in/around IT.

Still interesting insight from the survey nonetheless...apparently there's still some room for improvement - even with something as niche (given the big picture) as encryption management.

Apparently Venafi is conducting an extended encryption management survey to dig even deeper on this data. Might be worth checking out to see how your organization compares

Using GFI LANguard to find open network shares

Have you see what your users are sharing up on your network? What about your server shares - are they divulging too much PII and intellectual property to any Joe Blow on the network?

Outside of mobile security (smartphone weaknesses, lack of laptop encryption, etc.) the problem of unstructured information scattered about the network is a very predictable high priority finding in any given security assessment.

The reality is you cannot secure what you don't acknowledge. How do you know what's in your environment just sitting there for the taking? You could very well have experienced an internal data breach and not know anything about it.

Enter GFI LANguard.

I've used LANguard for years to uncover open shares on networks and it works just dandy for this purpose.

Do yourself a favor and download the trial version of LANguard and run the share finder tool in your environment to see just what's being shared out - and exposed. It's as simple as the following:
  1. Select Launch Custom Scan
  2. Select Network & Software Audit
  3. Select the Share Finder profile
  4. Select Scan a range of computers or Scan a domain or workgroup and enter your network information
  5. Enter the login credentials of a basic user representative of most domain users in your environment
  6. Select Scan and let the tool do it's thing
  7. Once complete, select Analyze scan results
  8. Select Results Filtering (upper left)
  9. Select Open Shares (middle left)
  10. Scroll down and look* for shares with permissions granted to BUILTIN\Users or Everyone
  11. Login to the network with the basic user credentials from above and see what you can see. I've found both FileLocator Pro and Identity Finder to work very well for rooting out sensitive information. I also recommend manual browsing for files/content/context that automated tools may have trouble uncovering.
That's it!

I cannot stress enough that sensitive files readily-accessible on open shares is one of the greatest risks on your network. It's screaming for your attention right now. So track down your open shares, set permissions on a need to know basis or remove the shares altogether, and get your arms around this beast before it grows even larger.

*I wish LANguard had the ability to filter down into open shares even further by only showing shares that are open to specific groups or users that you specify. It's a hassle to have to manually sort through things... Hint, hint. :)

Wednesday, November 3, 2010

Let the smoke (and mirrors) clear

Finally, some hope and change we can believe in!

But not so fast...a quick note to all the Republicans out there: you didn't get voted in because people are embracing you...people are just tired of seeing the Democrats' lack of principles and leadership- not to mention their taking money (by force) from the people who earn it and giving it to those who don't deserve it - undermining and effectively destroying what our country is all about.

I still go back to the Margaret Mead quote I posted yesterday: "It may be necessary temporarily to accept a lesser evil, but one must never label a necessary evil as good."

The next two years will certainly be interesting...

Tuesday, November 2, 2010

Today is the day

Today is the day we get a chance to vote for more government or less government.

Today is the day those of us in America can begin to stop the bleeding we've been experiencing since January 20, 2009. Technically, for decades.

Today is the day we're empowered to remind the career politicians around our country that we the people are in charge. Not them.

Today is the day we stop giving up little liberties to gain a little security...otherwise, as Benjamin Franklin said: we'll "deserve neither and lose both".

We can't stop today, though...Otherwise we'll continue with the mess that power-hungry politicians (Democrats and Republicans) have left us with to this point. Like Margaret Mead said "It may be necessary temporarily to accept a lesser evil, but one must never label a necessary evil as good." Remember that today and in 2012.

Something has to change long term if we're going to continue to thrive in America as intended by our Founding Fathers. As you go out and vote today, remember what George Orwell once said: "If liberty means anything at all, it means the right to tell people what they do not want to hear."