Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

1/11/2012
01:13 PM
50%
50%

Top SMB Security Worries: Intellectual Property, Mobile

An expert security researcher shares his top security concerns for SMBs in 2012 and offers advice on how smaller companies can manage risks.

10 Companies Driving Mobile Security
10 Companies Driving Mobile Security
(click image for larger view and for slideshow)
The more things change, the more they stay the same. That pretty much sums up the information security landscape for small and midsize businesses (SMBs) in the year ahead, according to the head of Blue Coat Security's research lab.

The security world is indeed ever-changing. Blue Coat, for example, shifted its protection approach in 2011 away from the point of attack to the underlying networks that enable and distribute malware and other threats. In the process, the company hopes to better identify threats before they unfold--Blue Coat likens it to the "pre-crime" conceit in Minority Report. Yet Chris Larsen, Blue Coat's head researcher, acknowledges many smaller companies don't have the resources to devote to sifting through traffic logs and similar methods. That doesn't mean SMBs are helpless. In an interview, Larsen detailed his priority concerns for SMBs to keep top of mind in 2012--and some of them should sound familiar by now.

For starters, Larsen issued a reminder: Be proactive. Even if you outsource security to a consultant or other vendor, remain engaged with what they're doing to keep you protected. Ask questions about processes, risks, and remediation. Set-it-and-forget-it deals have inherent shortcomings.

As in years past, basic security hygiene is still a must for any business, no matter how small. Every SMB has a bank account and other financial information, and banking-related fraud will remain the number one threat to smaller firms in 2012. Larsen said online criminals are usually thrilled to infiltrate an SMB network because the bank balance is almost always a multiple of the typical consumer account.

Protection is a matter of recognizing the threat and identifying which people, processes, and information inside your organization make likely targets. "If you know [bank fraud] is going on, than you can put defenses in place to watch for it," Larsen said.

The minimum safety practices that any SMB should deploy: Use strong passwords and anti-malware protection, stay current on patches and downloads, beware of fishy emails and links, and restrict account access to critical personnel. The extreme approach: Use a dedicated computer for banking--no email, no spreadsheets, nothing--and keep it offline when not in use. (Larsen said some Blue Coat employees redefine "extreme"--they boot their machines from a Linux CD any time they bank online. Larsen himself isn't so paranoid, but he still won't use a Windows PC to manage his finances online.)

There's a newer concern for some SMBs: Intellectual property (IP) theft. While it won't apply across the board, high-value data could make some companies juicy targets--even if they're not a household name or have no trophy cachet. Firms in areas such as biotech or those with government defense contracts make prime examples. While bank fraud usually involves indiscriminate, catch-all attacks, IP theft typically falls into the realm of targeted or "advanced persistent" threats. Identifying potential dangers involves taking more of a risk management approach.

"You have to do an analysis: Do we have something besides our bank account that would be of interest to somebody?" Larsen said. "If we do, we have to give some thought to how to protect it." Doing so involves indentifying where the valuable data lives, who has access to it, and knowing whether there's an audit trail to follow.

Any public company fits the bill here, no matter its size or industry, since sensitive corporate information could be used to profitably trade the firm's stock ahead of the market. Employee social media profiles and other data readily available online have made it easier than ever to orchestrate this type of planned attack, Larsen said.

"Traditionally, you might say that we're so small nobody will come after us. But if you have intellectual property that would make it worthwhile, then somebody will come after you--and if Google can get hacked, so can you," Larsen said. "The nice thing if you're a smaller organization: You have a lot more concentrated and fewer assets to keep an eye on than Google does."

Mobile, for all its business benefits, will continue to grow as the new Wild West for security. Larsen said that while large enterprises have been wringing their hands over mobile security for some time, it's now something much smaller companies need to worry about, too.

"It's very sexy and seductive to be able to have a little app for your iPhone that gets into your customer database so your sales guys can pull stuff up when they're out in the field," Larsen said. "What's to prevent a sales guy from walking out with your whole contact list? It's really easy to get seduced by how cool all the new toys are and not do the really hard work and think about all of the security implications."

Larsen said cloud security platforms will be the way to manage a vast array of devices. "You can't carry around your data center defenses with you," Larsen said. "You want to have that iPad or iPhone talking to a cloud portal that has those kinds of defenses in place." The good news: that cloud infrastructure continues to grow and make those kinds of protections available.

He also advised SMBs that embrace a bring-your-own-device approach do so in a security-conscious manner. In particular, consider a device-restrictive plan for protecting key assets. If your banking information is your most valuable data, for example, don't let employees access it with their personal mobile devices--even if they're encouraged to use them in other areas of the business.

That fits Larsen's general thesis for SMBs: If time, money, and staff all run in short supply, don't worry about protecting everything--worry about protecting what's actually valuable.

"It boils downs to for a smaller operation: Play the priorities. What am I going to prioritize protecting? And I'm going to make darn sure adequate protection on that, and everything else I'm just going to free-wheel because I can't deal with it," Larsen said. "That's a reasonable security compromise posture." InformationWeek is conducting our third annual State of Enterprise Storage survey on data management technologies and strategies. Upon completion, you will be eligible to enter a drawing to receive an Apple iPad 2. Take our Enterprise Storage Survey now. Survey ends Jan. 13.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
JABADI000
50%
50%
JABADI000,
User Rank: Apprentice
1/14/2012 | 9:58:34 AM
re: Top SMB Security Worries: Intellectual Property, Mobile
File Secure Pro provides cloud protection for PDF files. File Secure Pro- is a moderately priced solution for intellectual property security. FSP's digital rights management (DRM) technologies offer dynamic remote control for usage and storage of digital property. Please visit http://www.file-secure.com/faq... for service plan details.
Mobile Banking Malware Up 50% in First Half of 2019
Kelly Sheridan, Staff Editor, Dark Reading,  1/17/2020
Exploits Released for As-Yet Unpatched Critical Citrix Flaw
Jai Vijayan, Contributing Writer,  1/13/2020
Microsoft to Officially End Support for Windows 7, Server 2008
Kelly Sheridan, Staff Editor, Dark Reading,  1/13/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
The Year in Security: 2019
This Tech Digest provides a wrap up and overview of the year's top cybersecurity news stories. It was a year of new twists on old threats, with fears of another WannaCry-type worm and of a possible botnet army of Wi-Fi routers. But 2019 also underscored the risk of firmware and trusted security tools harboring dangerous holes that cybercriminals and nation-state hackers could readily abuse. Read more.
Flash Poll
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
[Just Released] How Enterprises are Attacking the Cybersecurity Problem
Organizations have invested in a sweeping array of security technologies to address challenges associated with the growing number of cybersecurity attacks. However, the complexity involved in managing these technologies is emerging as a major problem. Read this report to find out what your peers biggest security challenges are and the technologies they are using to address them.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7227
PUBLISHED: 2020-01-18
Westermo MRD-315 1.7.3 and 1.7.4 devices have an information disclosure vulnerability that allows an authenticated remote attacker to retrieve the source code of different functions of the web application via requests that lack certain mandatory parameters. This affects ifaces-diag.asp, system.asp, ...
CVE-2019-15625
PUBLISHED: 2020-01-18
A memory usage vulnerability exists in Trend Micro Password Manager 3.8 that could allow an attacker with access and permissions to the victim's memory processes to extract sensitive information.
CVE-2019-19696
PUBLISHED: 2020-01-18
A RootCA vulnerability found in Trend Micro Password Manager for Windows and macOS exists where the localhost.key of RootCA.crt might be improperly accessed by an unauthorized party and could be used to create malicious self-signed SSL certificates, allowing an attacker to misdirect a user to phishi...
CVE-2019-19697
PUBLISHED: 2020-01-18
An arbitrary code execution vulnerability exists in the Trend Micro Security 2019 (v15) consumer family of products which could allow an attacker to gain elevated privileges and tamper with protected services by disabling or otherwise preventing them to start. An attacker must already have administr...
CVE-2019-20357
PUBLISHED: 2020-01-18
A Persistent Arbitrary Code Execution vulnerability exists in the Trend Micro Security 2020 (v160 and 2019 (v15) consumer familiy of products which could potentially allow an attacker the ability to create a malicious program to escalate privileges and attain persistence on a vulnerable system.